From: Dave Hart <hart@ntp.org>
Date: Mon, 20 Feb 2023 18:53:27 +0000 (-0500)
Subject: [Bug 3640] document "discard monitor" and fix the code. <hart@ntp.org>
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ae6e0538d9ebfe491c972831d1b1e132b8bd81e5;p=thirdparty%2Fntp.git

[Bug 3640] document "discard monitor" and fix the code. <hart@ntp.org>
 - fixed bug identified by Edward McGuire <perlinger@ntp.org>

bk: 63f3c1a72UZ8CCGSpqGqBQdNHn-uZA
---

diff --git a/ChangeLog b/ChangeLog
index eeceaa9f1..b4b01f488 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+* [Bug 3640] document "discard monitor" and fix the code. <hart@ntp.org>
+  - fixed bug identified by Edward McGuire <perlinger@ntp.org>
+
 ---
 (4.2.8p15) 2020/06/23 Released by Harlan Stenn <stenn@ntp.org>
 
diff --git a/ntpd/ntp.conf.def b/ntpd/ntp.conf.def
index c1e472276..e01fd019c 100644
--- a/ntpd/ntp.conf.def
+++ b/ntpd/ntp.conf.def
@@ -1528,17 +1528,27 @@ client abuse.
 The
 .Cm average
 subcommand specifies the minimum average packet
-spacing, while the
+spacing in log2 seconds, defaulting to 3 (8s), while the
 .Cm minimum
-subcommand specifies the minimum packet spacing.
+subcommand specifies the minimum packet spacing
+in seconds, defaulting to 2.
 Packets that violate these minima are discarded
 and a kiss-o'-death packet returned if enabled.
-The default
-minimum average and minimum are 5 and 2, respectively.
 The
 .Ic monitor
-subcommand specifies the probability of discard
-for packets that overflow the rate-control window.
+subcommand indirectly specifies the probability of
+replacing the oldest entry from the monitor (MRU)
+list of recent requests used to enforce rate controls,
+when that list is at its maximum size. The probability
+of replacing the oldest entry is the age of that entry
+in seconds divided by the
+.Ic monitor
+value, default 3000. For example, if the oldest entry
+in the MRU list represents a request 300 seconds ago,
+by default the probability of replacing it with an
+entry representing the client request being processed
+now is 10%. Conversely, if the oldest entry is more
+than 3000 seconds old, the probability is 100%.
 .It Xo Ic restrict address
 .Op Cm mask Ar mask
 .Op Cm ippeerlimit Ar int
diff --git a/ntpd/ntp_monitor.c b/ntpd/ntp_monitor.c
index a07a1aaef..8c63cf6f3 100644
--- a/ntpd/ntp_monitor.c
+++ b/ntpd/ntp_monitor.c
@@ -82,8 +82,10 @@ static	u_int mon_mem_increments;	/* times called malloc() */
  * headway is less than the minimum, as well as if the average headway
  * is less than eight times the increment.
  */
-int	ntp_minpkt = NTP_MINPKT;	/* minimum (log 2 s) */
-u_char	ntp_minpoll = NTP_MINPOLL;	/* increment (log 2 s) */
+int	ntp_minpkt = NTP_MINPKT;	/* minimum seconds between */
+					/* requests from a client */
+u_char	ntp_minpoll = NTP_MINPOLL;	/* minimum average log2 seconds */
+					/* between client requests */
 
 /*
  * Initialization state.  We may be monitoring, we may not.  If
@@ -459,7 +461,7 @@ ntp_monitor(
 				mon_getmoremem();
 			UNLINK_HEAD_SLIST(mon, mon_free, hash_next);
 		/* Preempt from the MRU list if old enough. */
-		} else if (ntp_random() / (2. * FRAC) >
+		} else if (ntp_random() * 2. / FRAC >
 			   (double)oldest_age / mon_age) {
 			return ~(RES_LIMITED | RES_KOD) & flags;
 		} else {