cmdmon: limit rate of all responses

Include responses to invalid requests in the rate limiting enabled by
the cmdratelimit directive.

diff --git a/cmdmon.c b/cmdmon.c
index 79b77aa5ab4ed0e2712a78e73a35d986f8fdb985..f8f30e2e0f757497e52c4b8dd7947ff71a602cfb 100644 (file)
--- a/cmdmon.c
+++ b/cmdmon.c
@@ -1341,6 +1341,15 @@ read_from_cmd_socket(int sock_fd, int event, void *anything)
     return;
   }
 
+  log_index = CLG_LogCommandAccess(&remote_ip, &cooked_now);
+
+  /* Don't reply to all requests from hosts other than localhost if the rate
+     is excessive */
+  if (!localhost && log_index >= 0 && CLG_LimitCommandResponseRate(log_index)) {
+      DEBUG_LOG("Command packet discarded to limit response rate");
+      return;
+  }
+
   expected_length = PKL_CommandLength(&rx_message);
   rx_command = ntohs(rx_message.command);
 
@@ -1384,15 +1393,6 @@ read_from_cmd_socket(int sock_fd, int event, void *anything)
 
   /* OK, we have a valid message.  Now dispatch on message type and process it. */
 
-  log_index = CLG_LogCommandAccess(&remote_ip, &cooked_now);
-
-  /* Don't reply to all requests from hosts other than localhost if the rate
-     is excessive */
-  if (!localhost && log_index >= 0 && CLG_LimitCommandResponseRate(log_index)) {
-      DEBUG_LOG("Command packet discarded to limit response rate");
-      return;
-  }
-
   if (rx_command >= N_REQUEST_TYPES) {
     /* This should be already handled */
     assert(0);