You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

49 lines
2.2 KiB

// swad_firewall.h: firewall to mitigate denial of service attacks
#ifndef _SWAD_FW
#define _SWAD_FW
SWAD (Shared Workspace At a Distance in Spanish),
is a web platform developed at the University of Granada (Spain),
and used to support university teaching.
This file is part of SWAD core.
Copyright (C) 1999-2023 Antonio Cañas Vargas
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <>.
/************************** Public types and constants ***********************/
/* The maximum number of clicks from the same IP-user in the interval
should be large enough to prevent an IP from being banned
due to automatic refresh when the user is viewing the last clicks. */
#define Fw_CHECK_INTERVAL ((time_t)(30UL)) // Check clicks in the last 30 seconds
#define Fw_MAX_CLICKS_IN_INTERVAL 150 // Maximum of 150 clicks allowed in 30 seconds
// (5 clicks/s sustained for 30 s)
#define Fw_TIME_BANNED ((time_t)(60UL*60UL)) // Ban IP for 1 hour
#define Fw_TIME_TO_DELETE_OLD_CLICKS Fw_CHECK_INTERVAL // Remove clicks older than these seconds
/***************************** Public prototypes *****************************/
void Fir_CheckFirewallAndExitIfBanned (void);
void Fir_CheckFirewallAndExitIfTooManyRequests (void);