Rate-limit the warnings as a client when asked to connect a private addr

Partial fix for ticket 2822.
author: Nick Mathewson <nickm@torproject.org> 2012-03-28 03:06:25 -0400
committer: Nick Mathewson <nickm@torproject.org> 2012-03-28 03:06:25 -0400
commit: 70c17134c79d9de05408748329c0918158d7deb0 (patch)
tree: 1cba0ca8dc336500642cbf4ac7b5793c5f5360ea /src/or/connection_edge.c
parent: 86f1630b36ec58ffd3a193ac4333ac572d4a8dca (diff)
download: tor-70c17134c79d9de05408748329c0918158d7deb0.tar.gz
tor-70c17134c79d9de05408748329c0918158d7deb0.zip
1 files changed, 21 insertions, 7 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index dd772b22c6..e19d7f0774 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2006,14 +2006,28 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
            * then we really don't want to try to connect to it.  That's
            * probably an error. */
           if (conn->is_transparent_ap) {
-            log_warn(LD_NET,
-                     "Rejecting request for anonymous connection to private "
-                     "address %s on a TransPort or NATDPort.  Possible loop "
-                     "in your NAT rules?", safe_str_client(socks->address));
+#define WARN_INTERVAL_LOOP 300
+            static ratelim_t loop_warn_limit = RATELIM_INIT(WARN_INTERVAL_LOOP);
+            char *m;
+            if ((m = rate_limit_log(&loop_warn_limit, approx_time()))) {
+              log_warn(LD_NET,
+                       "Rejecting request for anonymous connection to private "
+                       "address %s on a TransPort or NATDPort.  Possible loop "
+                       "in your NAT rules?%s", safe_str_client(socks->address),
+                       m);
+              tor_free(m);
+            }
           } else {
-            log_warn(LD_NET,
-                     "Rejecting SOCKS request for anonymous connection to "
-                     "private address %s", safe_str_client(socks->address));
+#define WARN_INTERVAL_PRIV 300
+            static ratelim_t priv_warn_limit = RATELIM_INIT(WARN_INTERVAL_PRIV);
+            char *m;
+            if ((m = rate_limit_log(&priv_warn_limit, approx_time()))) {
+              log_warn(LD_NET,
+                       "Rejecting SOCKS request for anonymous connection to "
+                       "private address %s.%s",
+                       safe_str_client(socks->address),m);
+              tor_free(m);
+            }
           }
           connection_mark_unattached_ap(conn, END_STREAM_REASON_PRIVATE_ADDR);
           return -1;
author	Nick Mathewson <nickm@torproject.org>	2012-03-28 03:06:25 -0400
committer	Nick Mathewson <nickm@torproject.org>	2012-03-28 03:06:25 -0400
commit	70c17134c79d9de05408748329c0918158d7deb0 (patch)
tree	1cba0ca8dc336500642cbf4ac7b5793c5f5360ea /src/or/connection_edge.c
parent	86f1630b36ec58ffd3a193ac4333ac572d4a8dca (diff)
download	tor-70c17134c79d9de05408748329c0918158d7deb0.tar.gz tor-70c17134c79d9de05408748329c0918158d7deb0.zip