faraphel/chrony
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Limit rate of syslog messages

Browse source 
Error messages caused by incoming packets need to be rate limited
to avoid filling up disk space.
This commit is contained in:
Miroslav Lichvar 2010-01-13 19:02:07 +01:00
parent 7864c7a70c
commit 0b710499f9
5 changed files with 38 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
cmdmon.c
View file

@ -654,7 +654,7 @@ transmit_reply(CMD_Reply *msg, struct sockaddr_in *where_to)
status = sendto(sock_fd, (void *) msg, tx_message_length, 0, status = sendto(sock_fd, (void *) msg, tx_message_length, 0,
(struct sockaddr *) where_to, sizeof(struct sockaddr_in)); (struct sockaddr *) where_to, sizeof(struct sockaddr_in));
if (status < 0) { if (status < 0 && !LOG_RateLimited()) {
remote_ip = ntohl(where_to->sin_addr.s_addr); remote_ip = ntohl(where_to->sin_addr.s_addr);
remote_port = ntohs(where_to->sin_port); remote_port = ntohs(where_to->sin_port);
LOG(LOGS_WARN, LOGF_CmdMon, "Could not send response to %s:%hu", UTI_IPToDottedQuad(remote_ip), remote_port); LOG(LOGS_WARN, LOGF_CmdMon, "Could not send response to %s:%hu", UTI_IPToDottedQuad(remote_ip), remote_port);
@ -1659,7 +1659,9 @@ read_from_cmd_socket(void *anything)
} }
if (read_length != expected_length) { if (read_length != expected_length) {
LOG(LOGS_WARN, LOGF_CmdMon, "Read incorrectly sized packet from %s:%hu", UTI_IPToDottedQuad(remote_ip), remote_port); if (!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_CmdMon, "Read incorrectly sized packet from %s:%hu", UTI_IPToDottedQuad(remote_ip), remote_port);
}
if (allowed) if (allowed)
CLG_LogCommandAccess(remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec); CLG_LogCommandAccess(remote_ip, CLG_CMD_BAD_PKT, cooked_now.tv_sec);
/* For now, just ignore the packet. We may want to send a reply /* For now, just ignore the packet. We may want to send a reply
@ -1673,13 +1675,11 @@ read_from_cmd_socket(void *anything)
regardless of the defined access rules - otherwise, we could regardless of the defined access rules - otherwise, we could
shut ourselves out completely! */ shut ourselves out completely! */
/* We ought to find another way to log this, there is an attack if (!LOG_RateLimited()) {
here against the host because an adversary can just keep LOG(LOGS_WARN, LOGF_CmdMon, "Command packet received from unauthorised host %s port %d",
hitting us with bad packets until our log file(s) fill up. */ UTI_IPToDottedQuad(remote_ip),
remote_port);
LOG(LOGS_WARN, LOGF_CmdMon, "Command packet received from unauthorised host %s port %d", }
UTI_IPToDottedQuad(remote_ip),
remote_port);
tx_message.status = htons(STT_NOHOSTACCESS); tx_message.status = htons(STT_NOHOSTACCESS);
transmit_reply(&tx_message, &where_from); transmit_reply(&tx_message, &where_from);
@ -1764,7 +1764,7 @@ read_from_cmd_socket(void *anything)
tx_message_length = PKL_ReplyLength(prev_tx_message); tx_message_length = PKL_ReplyLength(prev_tx_message);
status = sendto(sock_fd, (void *) prev_tx_message, tx_message_length, 0, status = sendto(sock_fd, (void *) prev_tx_message, tx_message_length, 0,
(struct sockaddr *) &where_from, sizeof(where_from)); (struct sockaddr *) &where_from, sizeof(where_from));
if (status < 0) { if (status < 0 && !LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_CmdMon, "Could not send response to %s:%hu", UTI_IPToDottedQuad(remote_ip), remote_port); LOG(LOGS_WARN, LOGF_CmdMon, "Could not send response to %s:%hu", UTI_IPToDottedQuad(remote_ip), remote_port);
} }
return; return;
@ -1884,7 +1884,7 @@ read_from_cmd_socket(void *anything)
case REQ_LOGON: case REQ_LOGON:
/* If the log-on fails, record the reason why */ /* If the log-on fails, record the reason why */
if (!issue_token) { if (!issue_token && !LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_CmdMon, LOG(LOGS_WARN, LOGF_CmdMon,
"Bad command logon from %s port %d (md5_ok=%d valid_ts=%d)\n", "Bad command logon from %s port %d (md5_ok=%d valid_ts=%d)\n",
UTI_IPToDottedQuad(remote_ip), UTI_IPToDottedQuad(remote_ip),

18
logging.c
View file

@ -40,6 +40,8 @@ static int initialised = 0;
static int is_detached = 0; static int is_detached = 0;
static time_t last_limited = 0;
#ifdef WINNT #ifdef WINNT
static FILE *logfile; static FILE *logfile;
#endif #endif
@ -214,3 +216,19 @@ LOG_GoDaemon(void)
} }
/* ================================================== */ /* ================================================== */
int
LOG_RateLimited(void)
{
time_t now;
now = time(NULL);
if (last_limited + 10 > now && last_limited <= now)
return 1;
last_limited = now;
return 0;
}
/* ================================================== */

3
logging.h
View file

@ -84,6 +84,9 @@ extern void LOG_Position(const char *filename, int line_number, const char *func
extern void LOG_GoDaemon(void); extern void LOG_GoDaemon(void);
/* Return zero once per 10 seconds */
extern int LOG_RateLimited(void);
/* Line logging macro. If the compiler is GNU C, we take advantage of /* Line logging macro. If the compiler is GNU C, we take advantage of
being able to get the function name also. */ being able to get the function name also. */
#if defined(__GNUC__) #if defined(__GNUC__)

4
ntp_core.c
View file

@ -1358,7 +1358,7 @@ process_known
&inst->local_ntp_tx, &inst->local_ntp_tx,
&inst->remote_addr); &inst->remote_addr);
} else { } else if (!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_NtpCore, "NTP packet received from unauthorised host %s port %d", LOG(LOGS_WARN, LOGF_NtpCore, "NTP packet received from unauthorised host %s port %d",
UTI_IPToDottedQuad(inst->remote_addr.ip_addr), UTI_IPToDottedQuad(inst->remote_addr.ip_addr),
inst->remote_addr.port); inst->remote_addr.port);
@ -1526,7 +1526,7 @@ NCR_ProcessNoauthUnknown(NTP_Packet *message, struct timeval *now, NTP_Remote_Ad
remote_addr); remote_addr);
} }
} else { } else if (!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_NtpCore, "NTP packet received from unauthorised host %s port %d", LOG(LOGS_WARN, LOGF_NtpCore, "NTP packet received from unauthorised host %s port %d",
UTI_IPToDottedQuad(remote_addr->ip_addr), UTI_IPToDottedQuad(remote_addr->ip_addr),
remote_addr->port); remote_addr->port);

6
ntp_io.c
View file

@ -243,7 +243,8 @@ NIO_SendNormalPacket(NTP_Packet *packet, NTP_Remote_Address *remote_addr)
remote.sin_addr.s_addr = htonl(remote_addr->ip_addr); remote.sin_addr.s_addr = htonl(remote_addr->ip_addr);
if (sendto(sock_fd, (void *) packet, NTP_NORMAL_PACKET_SIZE, 0, if (sendto(sock_fd, (void *) packet, NTP_NORMAL_PACKET_SIZE, 0,
(struct sockaddr *) &remote, sizeof(remote)) < 0) { (struct sockaddr *) &remote, sizeof(remote)) < 0 &&
!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_NtpIO, "Could not send to %s:%d : %s", LOG(LOGS_WARN, LOGF_NtpIO, "Could not send to %s:%d : %s",
UTI_IPToDottedQuad(remote_addr->ip_addr), remote_addr->port, strerror(errno)); UTI_IPToDottedQuad(remote_addr->ip_addr), remote_addr->port, strerror(errno));
} }
@ -266,7 +267,8 @@ NIO_SendAuthenticatedPacket(NTP_Packet *packet, NTP_Remote_Address *remote_addr)
remote.sin_addr.s_addr = htonl(remote_addr->ip_addr); remote.sin_addr.s_addr = htonl(remote_addr->ip_addr);
if (sendto(sock_fd, (void *) packet, sizeof(NTP_Packet), 0, if (sendto(sock_fd, (void *) packet, sizeof(NTP_Packet), 0,
(struct sockaddr *) &remote, sizeof(remote)) < 0) { (struct sockaddr *) &remote, sizeof(remote)) < 0 &&
!LOG_RateLimited()) {
LOG(LOGS_WARN, LOGF_NtpIO, "Could not send to %s:%d : %s", LOG(LOGS_WARN, LOGF_NtpIO, "Could not send to %s:%d : %s",
UTI_IPToDottedQuad(remote_addr->ip_addr), remote_addr->port, strerror(errno)); UTI_IPToDottedQuad(remote_addr->ip_addr), remote_addr->port, strerror(errno));
} }