X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_socket.c;h=75b20ec9ccb12d4ba7b05d8b222b95d0134b12df;hb=a6448291834ca7419553a807ee367c719c2956d0;hp=2da6253ee3a3dc6c8d62dd669629ce1fbcc90c8d;hpb=7ee885a1f6776be85e5397eda04f75d98ff0b631;p=tinc

diff --git a/src/net_socket.c b/src/net_socket.c
index 2da6253e..75b20ec9 100644
--- a/src/net_socket.c
+++ b/src/net_socket.c
@@ -41,7 +41,7 @@ int maxtimeout = 900;
 int seconds_till_retry = 5;
 int udp_rcvbuf = 1024 * 1024;
 int udp_sndbuf = 1024 * 1024;
-int max_connection_burst = 100;
+int max_connection_burst = 10;
 int fwmark;
 
 listen_socket_t listen_socket[MAXSOCKETS];
@@ -210,6 +210,7 @@ int setup_listen_socket(const sockaddr_t *sa) {
 
 		memset(&ifr, 0, sizeof(ifr));
 		strncpy(ifr.ifr_ifrn.ifrn_name, iface, IFNAMSIZ);
+		ifr.ifr_ifrn.ifrn_name[IFNAMSIZ - 1] = 0;
 
 		if(setsockopt(nfd, SOL_SOCKET, SO_BINDTODEVICE, (void *)&ifr, sizeof(ifr))) {
 			closesocket(nfd);
@@ -672,12 +673,6 @@ void handle_new_meta_connection(void *data, int flags) {
 	// Check if we get many connections from the same host
 
 	static sockaddr_t prev_sa;
-	static int tarpit = -1;
-
-	if(tarpit >= 0) {
-		closesocket(tarpit);
-		tarpit = -1;
-	}
 
 	if(!sockaddrcmp_noport(&sa, &prev_sa)) {
 		static int samehost_burst;
@@ -693,7 +688,7 @@ void handle_new_meta_connection(void *data, int flags) {
 		samehost_burst++;
 
 		if(samehost_burst > max_connection_burst) {
-			tarpit = fd;
+			tarpit(fd);
 			return;
 		}
 	}
@@ -716,7 +711,7 @@ void handle_new_meta_connection(void *data, int flags) {
 
 	if(connection_burst >= max_connection_burst) {
 		connection_burst = max_connection_burst;
-		tarpit = fd;
+		tarpit(fd);
 		return;
 	}
 
@@ -745,7 +740,6 @@ void handle_new_meta_connection(void *data, int flags) {
 	connection_add(c);
 
 	c->allow_request = ID;
-	send_id(c);
 }
 
 #ifndef HAVE_MINGW
@@ -782,8 +776,6 @@ void handle_new_unix_connection(void *data, int flags) {
 	connection_add(c);
 
 	c->allow_request = ID;
-
-	send_id(c);
 }
 #endif