mirror of
https://github.com/KusakabeShi/EtherGuard-VPN.git
synced 2025-01-14 00:18:15 +01:00
device: add debug logs describing handshake rejection
Useful in testing when bad network stacks repeat or batch large numbers of packets. Signed-off-by: Avery Pennarun <apenwarr@tailscale.com>
This commit is contained in:
parent
2fb0a712f0
commit
d60857e1a7
@ -314,11 +314,15 @@ func (device *Device) ConsumeMessageInitiation(msg *MessageInitiation) *Peer {
|
||||
|
||||
// protect against replay & flood
|
||||
|
||||
var ok bool
|
||||
ok = timestamp.After(handshake.lastTimestamp)
|
||||
ok = ok && time.Since(handshake.lastInitiationConsumption) > HandshakeInitationRate
|
||||
replay := !timestamp.After(handshake.lastTimestamp)
|
||||
flood := time.Since(handshake.lastInitiationConsumption) <= HandshakeInitationRate
|
||||
handshake.mutex.RUnlock()
|
||||
if !ok {
|
||||
if replay {
|
||||
device.log.Debug.Printf("%v - ConsumeMessageInitiation: handshake replay @ %v\n", peer, timestamp)
|
||||
return nil
|
||||
}
|
||||
if flood {
|
||||
device.log.Debug.Printf("%v - ConsumeMessageInitiation: handshake flood\n", peer)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user