Software /
code /
prosody-modules
File
mod_c2s_conn_throttle/mod_c2s_conn_throttle.lua @ 5025:fd154db7c8fc
mod_sasl2: Fix handling of various failure/error cases
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Mon, 29 Aug 2022 16:35:19 +0100 |
parent | 1343:7dbde05b48a9 |
child | 5810:e79f9dec35c0 |
line wrap: on
line source
-- Clients Connection Throttler. -- (C) 2012-2013, Marco Cirillo (LW.Org) local time = os.time local in_count = {} local logins_count = module:get_option_number("cthrottler_logins_count", 3) local throttle_time = module:get_option_number("cthrottler_time", 60) local function handle_sessions(event) local session = event.origin if not in_count[session.ip] and session.type == "c2s_unauthed" then in_count[session.ip] = { t = time(), c = 1 } elseif in_count[session.ip] and session.type == "c2s_unauthed" then if in_count[session.ip].starttls_c then in_count[session.ip].c = in_count[session.ip].starttls_c else in_count[session.ip].c = in_count[session.ip].c + 1 end if in_count[session.ip].c > logins_count and time() - in_count[session.ip].t < throttle_time then module:log("error", "Exceeded login count for %s, closing connection", session.ip) session:close{ condition = "policy-violation", text = "You exceeded the number of connections/logins allowed in "..throttle_time.." seconds, good bye." } return true elseif time() - in_count[session.ip].t > throttle_time then in_count[session.ip] = nil ; return end end end local function check_starttls(event) local session = event.origin if in_count[session.ip] and type(in_count[session.ip].starttls_c) ~= "number" and session.type == "c2s_unauthed" then in_count[session.ip].starttls_c = 1 elseif in_count[session.ip] and type(in_count[session.ip].starttls_c) == "number" and session.type == "c2s_unauthed" then in_count[session.ip].starttls_c = in_count[session.ip].starttls_c + 1 end end module:hook("stream-features", handle_sessions, 100) module:hook("stanza/urn:ietf:params:xml:ns:xmpp-tls:starttls", check_starttls, 100)