[Pdns-dev] [dns-operations] dns response rate limiting (DNS RRL) patch available for testing
abang
abang at t-ipnet.net
Mon Jun 25 09:47:44 CEST 2012
Hello Peter,
>> ips can be deleted at the end of prequery if it gets too large. I think that would have no major negative effect.
>>
>> ...
>> maxips = 10000
>>
>> function prequery ( dnspacket )
>> ...
>> ...
>> if #ips > maxips
>> then
>> ips = {}
>> end
>> end
>
> Because ips is being used as a dictionary (Perl would call it a hash), #ips is always zero, and there is no cheap way to ask a table how many entries it has.. Keeping a running total separately is feasible, of course.
Oops, yes that's right, of course. I mistaken hashes for arrays.
Btw.
Do you think it is doable and make sense to implement rate limiting
inside the Recursor? The Lua hook should be in front of the packetcache
therefor.
Regards,
Winfried
More information about the Pdns-dev
mailing list