upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-02-28 12:31:29 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/lib
History
Artem Boldariev 590e8e0b86 Make max number of HTTP/2 streams configurable 
This commit makes number of concurrent HTTP/2 streams per connection
configurable as a mean to fight DDoS attacks. As soon as the limit is
reached, BIND terminates the whole session.

The commit adds a global configuration
option (http-streams-per-connection) which can be overridden in an
http <name> {...} statement like follows:

http local-http-server {
    ...
    streams-per-connection 100;
    ...
};

For now the default value is 100, which should be enough (e.g. NGINX
uses 128, but it is a full-featured WEB-server). When using lower
numbers (e.g. ~70), it is possible to hit the limit with
e.g. flamethrower.
2021-07-16 11:50:22 +03:00
..
bind9 Add (http-)listener-clients option (DoH quota mechanism) 2021-07-16 11:50:20 +03:00
dns zone->requeststats_on was not being set at the correct point 2021-07-16 13:49:22 +10:00
irs Move the include Makefile.tests to the bottom of Makefile.am(s) 2021-06-24 15:33:52 +02:00
isc Make max number of HTTP/2 streams configurable 2021-07-16 11:50:22 +03:00
isccc Move the include Makefile.tests to the bottom of Makefile.am(s) 2021-06-24 15:33:52 +02:00
isccfg Make max number of HTTP/2 streams configurable 2021-07-16 11:50:22 +03:00
ns Make max number of HTTP/2 streams configurable 2021-07-16 11:50:22 +03:00
.gitignore The isc/platform.h header has been completely removed 2021-07-06 05:33:48 +00:00
Makefile.am move samples/resolve.c to bin/tests/system 2021-04-16 14:29:43 +02:00
unit-test-driver.sh.in Enforce a run time limit on unit test binaries 2021-04-07 11:41:45 +02:00