Add rate limit on receive of DIRECT_PATH_PUSH to prevent DOS exploitation.

This commit is contained in:
Adam Ierymenko 2015-10-16 10:28:09 -07:00
parent 2229e91b57
commit 5ce3aac929
4 changed files with 39 additions and 14 deletions

View file

@ -322,7 +322,12 @@
/**
* Interval between direct path pushes in milliseconds
*/
#define ZT_DIRECT_PATH_PUSH_INTERVAL 300000
#define ZT_DIRECT_PATH_PUSH_INTERVAL 120000
/**
* Minimum interval between direct path pushes from a given peer or we will ignore them
*/
#define ZT_DIRECT_PATH_PUSH_MIN_RECEIVE_INTERVAL 2500
/**
* How long (max) to remember network certificates of membership?