diff options
author | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2018-11-13 12:02:41 +0000 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@highsecure.ru> | 2018-11-13 12:02:41 +0000 |
commit | b630489b65c7a9e70ed615fa07b0450f7f7f9278 (patch) | |
tree | 07273c8ee52eac6e3bd36266f09c9409a234168d /src/plugins/lua/ratelimit.lua | |
parent | d098c244063982ae5f2eb370a9d344a609431cde (diff) | |
download | rspamd-b630489b65c7a9e70ed615fa07b0450f7f7f9278.tar.gz rspamd-b630489b65c7a9e70ed615fa07b0450f7f7f9278.zip |
[Fix] Furhter fixes to ratelimits logic
Diffstat (limited to 'src/plugins/lua/ratelimit.lua')
-rw-r--r-- | src/plugins/lua/ratelimit.lua | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/src/plugins/lua/ratelimit.lua b/src/plugins/lua/ratelimit.lua index 1dd28db08..d7eb9bb6c 100644 --- a/src/plugins/lua/ratelimit.lua +++ b/src/plugins/lua/ratelimit.lua @@ -88,22 +88,23 @@ local bucket_check_script = [[ if dynr == 0 then dynr = 0.0001 end rate = rate * dynr leaked = ((now - last) * rate) + if leaked > burst then leaked = burst end burst = burst - leaked redis.call('HINCRBYFLOAT', KEYS[1], 'b', -(leaked)) redis.call('HSET', KEYS[1], 'l', KEYS[2]) end + + dynb = tonumber(redis.call('HGET', KEYS[1], 'db')) / 10000.0 + if dynb == 0 then dynb = 0.0001 end + + if burst > 0 and (burst + 1) > tonumber(KEYS[4]) * dynb then + return {1, tostring(burst), tostring(dynr), tostring(dynb), tostring(leaked)} + end else burst = 0 redis.call('HSET', KEYS[1], 'b', '0') end - dynb = tonumber(redis.call('HGET', KEYS[1], 'db')) / 10000.0 - if dynb == 0 then dynb = 0.0001 end - - if (burst + 1) > tonumber(KEYS[4]) * dynb then - return {1, tostring(burst), tostring(dynr), tostring(dynb), tostring(leaked)} - end - return {0, tostring(burst), tostring(dynr), tostring(dynb), tostring(leaked)} ]] local bucket_check_id @@ -182,6 +183,8 @@ local bucket_update_script = [[ end local burst = tonumber(redis.call('HGET', KEYS[1], 'b')) + if burst < 0 then burst = 0 end + redis.call('HINCRBYFLOAT', KEYS[1], 'b', 1) redis.call('HSET', KEYS[1], 'l', KEYS[2]) redis.call('EXPIRE', KEYS[1], KEYS[7]) |