PPSRATECHECK(9) BSD Kernel Developer's Manual PPSRATECHECK(9)NAMEppsratecheck — function to help implement rate-limited actions
SYNOPSIS
#include <sys/time.h>
int
ppsratecheck(struct timeval *lasttime, int *curpps, int maxpps);
DESCRIPTION
The ppsratecheck() function provides easy way to perform packet-per-sec,
or event-per-sec, rate limitation. The motivation for implementing
ppsratecheck() was to provide a mechanism that could be used to add rate
limitation to network packet output. For certain network packets, we may
want to impose rate limitation, to avoid denial-of-service attack possi‐
bilities.
maxpps specifies maximum permitted packets, or events, per second. If
ppsratecheck() is called more than maxpps times in a given one second
period, the function will return 0, indicating that we exceeded the
limit. If we are below the limit, the function will return 1. If maxpps
is set to 0, the function will always return 0 (no packets/events are
permitted). Negative maxpps indicates that rate limitation is disabled,
and ppsratecheck will always return 1.
curpps and lasttime are used to maintain the number of recent calls.
curpps will be incremented every time ppsratecheck() is called, and will
be reset whenever necessary.
SEE ALSOlog(9), printf(9), ratecheck(9), time_second(9)HISTORY
The ppsratecheck() function appeared in NetBSD 1.5.
BSD August 3, 2000 BSD