OpenVPN
Functions
reflect_filter.c File Reference
#include "syshead.h"
#include <stdint.h>
#include <stddef.h>
#include <stdlib.h>
#include <string.h>
#include <stdbool.h>
#include <memory.h>
#include "crypto.h"
#include "reflect_filter.h"
Include dependency graph for reflect_filter.c:

Go to the source code of this file.

Functions

bool reflect_filter_rate_limit_check (struct initial_packet_rate_limit *irl)
 checks if the connection is still allowed to connect under the rate limit. More...
 
void reflect_filter_rate_limit_decrease (struct initial_packet_rate_limit *irl)
 decreases the counter of initial packets seen, so connections that successfully completed the three-way handshake do not count against the counter of initial connection attempts More...
 
struct initial_packet_rate_limitinitial_rate_limit_init (int max_per_period, int period_length)
 allocate and initialize the initial-packet rate limiter structure More...
 
void initial_rate_limit_free (struct initial_packet_rate_limit *irl)
 free the initial-packet rate limiter structure More...
 

Function Documentation

◆ initial_rate_limit_free()

void initial_rate_limit_free ( struct initial_packet_rate_limit irl)

free the initial-packet rate limiter structure

Definition at line 102 of file reflect_filter.c.

Referenced by multi_uninit().

◆ initial_rate_limit_init()

struct initial_packet_rate_limit* initial_rate_limit_init ( int  max_per_period,
int  period_length 
)

◆ reflect_filter_rate_limit_check()

bool reflect_filter_rate_limit_check ( struct initial_packet_rate_limit irl)

checks if the connection is still allowed to connect under the rate limit.

This also increases the internal counter at the same time

Definition at line 43 of file reflect_filter.c.

References initial_packet_rate_limit::curr_period_counter, D_TLS_DEBUG_LOW, initial_packet_rate_limit::last_period_reset, M_WARN, initial_packet_rate_limit::max_per_period, msg, now, initial_packet_rate_limit::period_length, and initial_packet_rate_limit::warning_displayed.

Referenced by do_pre_decrypt_check().

◆ reflect_filter_rate_limit_decrease()

void reflect_filter_rate_limit_decrease ( struct initial_packet_rate_limit irl)

decreases the counter of initial packets seen, so connections that successfully completed the three-way handshake do not count against the counter of initial connection attempts

Definition at line 76 of file reflect_filter.c.

References initial_packet_rate_limit::curr_period_counter.

Referenced by multi_get_create_instance_udp().