aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/lua/ratelimit.lua
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2018-11-13 12:02:41 +0000
committerVsevolod Stakhov <vsevolod@highsecure.ru>2018-11-13 12:02:41 +0000
commitb630489b65c7a9e70ed615fa07b0450f7f7f9278 (patch)
tree07273c8ee52eac6e3bd36266f09c9409a234168d /src/plugins/lua/ratelimit.lua
parentd098c244063982ae5f2eb370a9d344a609431cde (diff)
downloadrspamd-b630489b65c7a9e70ed615fa07b0450f7f7f9278.tar.gz
rspamd-b630489b65c7a9e70ed615fa07b0450f7f7f9278.zip
[Fix] Furhter fixes to ratelimits logic
Diffstat (limited to 'src/plugins/lua/ratelimit.lua')
-rw-r--r--src/plugins/lua/ratelimit.lua17
1 files changed, 10 insertions, 7 deletions
diff --git a/src/plugins/lua/ratelimit.lua b/src/plugins/lua/ratelimit.lua
index 1dd28db08..d7eb9bb6c 100644
--- a/src/plugins/lua/ratelimit.lua
+++ b/src/plugins/lua/ratelimit.lua
@@ -88,22 +88,23 @@ local bucket_check_script = [[
if dynr == 0 then dynr = 0.0001 end
rate = rate * dynr
leaked = ((now - last) * rate)
+ if leaked > burst then leaked = burst end
burst = burst - leaked
redis.call('HINCRBYFLOAT', KEYS[1], 'b', -(leaked))
redis.call('HSET', KEYS[1], 'l', KEYS[2])
end
+
+ dynb = tonumber(redis.call('HGET', KEYS[1], 'db')) / 10000.0
+ if dynb == 0 then dynb = 0.0001 end
+
+ if burst > 0 and (burst + 1) > tonumber(KEYS[4]) * dynb then
+ return {1, tostring(burst), tostring(dynr), tostring(dynb), tostring(leaked)}
+ end
else
burst = 0
redis.call('HSET', KEYS[1], 'b', '0')
end
- dynb = tonumber(redis.call('HGET', KEYS[1], 'db')) / 10000.0
- if dynb == 0 then dynb = 0.0001 end
-
- if (burst + 1) > tonumber(KEYS[4]) * dynb then
- return {1, tostring(burst), tostring(dynr), tostring(dynb), tostring(leaked)}
- end
-
return {0, tostring(burst), tostring(dynr), tostring(dynb), tostring(leaked)}
]]
local bucket_check_id
@@ -182,6 +183,8 @@ local bucket_update_script = [[
end
local burst = tonumber(redis.call('HGET', KEYS[1], 'b'))
+ if burst < 0 then burst = 0 end
+
redis.call('HINCRBYFLOAT', KEYS[1], 'b', 1)
redis.call('HSET', KEYS[1], 'l', KEYS[2])
redis.call('EXPIRE', KEYS[1], KEYS[7])