ip-ratelimit not change in ip_ratelimit_list - after reload

Luiz Fernando Softov fernando at softov.com.br
Tue Jul 17 15:57:34 UTC 2018 

​Thanks a lot...

I have read the code, there is a 'global' to store the ip-ratelimit.

There is a plan to implement ip-ratelimit filtered by IP/network?
Something like:
ip-ratelimit: 192.168.1.0/24 200
ip-ratelimit: 192.168.2.0/24 300
ip-ratelimit: 0.0.0.0/0 50

​That way, we
 can have
​clients
 with different limitations
​.​
​


2018-07-17 10:29 GMT-04:00 Wouter Wijngaards via Unbound-users <
unbound-users at unbound.net>:

> Hi Luiz,
>
> On 07/11/2018 06:38 AM, Luiz Fernando Softov via Unbound-users wrote:
>
> Hi,
>
> After my application changes unbound configuration, i call a reload to put
> thing in order.
>
> After calling reload, I figure out that ip-ratelimit was not changed in
> ip_ratelimit_list
>
>
> Yes that is a bug!  Fixed it (also for the ratelimit and ratelimits per
> domain).  It did not reapply the changed values after a reload of the
> config file.  If you changed other infra cache parameters (like infra cache
> size), then it did work, but not if it didn't.  Fixed code is in the code
> repository.
>
> Best regards, Wouter
>
>>
> ip-ratelimit: 350
> ip-ratelimit-size: 4m
> ip-ratelimit-slabs: 2
> ip-ratelimit-factor: 10
> ​​
>
> ​$ unbound-control get_option ip-ratelimit
> 350
>
> $ unbound-control ip_ratelimit_list +a
> 192.168.0.1 5 limit 350
>
> # change ip-ratelimit to 400 in unbound conf file and calls reload
>
> ​$ unbound-control reload​
>
> ​$ unbound-control get_option ip-ratelimit
> 400
>
> # even new users get the old ip-ratelimit
>
> $ unbound-control ip_ratelimit_list +a
> 192.168.0.1 7 limit 350
>
> $ unbound-control ip_ratelimit_list +a
> 192.168.0.1 7 limit 350
> 192.168.0.2 15 limit 350
>
> # then I call set_option, and everything is fine
> $ unbound-control
> set_option ip-ratelimit: 400
> ok
> ​$ unbound-control get_option ip-ratelimit
> 400
>
> $ unbound-control ip_ratelimit_list +a
> 192.168.0.1 8 limit 400
> 192.168.0.2 9 limit 400
>
> This is suppose to work that way? There is a problem/BUG? Or I'm missing
> something?
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20180717/b709b9c8/attachment.htm>

More information about the Unbound-users mailing list