4 files changed, 24 insertions, 97 deletions
diff --git a/plugins/imfile/imfile.c b/plugins/imfile/imfile.c
index 99210b76..9a8a0373 100644
--- a/plugins/imfile/imfile.c
+++ b/plugins/imfile/imfile.c
@@ -412,7 +412,7 @@ addListner(instanceConf_t *inst)
 		pThis->lenTag = ustrlen(pThis->pszTag);
 		pThis->pszStateFile = (uchar*) strdup((char*) inst->pszStateFile);
 
-		CHKiRet(ratelimitNew(&pThis->ratelimiter));
+		CHKiRet(ratelimitNew(&pThis->ratelimiter, "imfile", inst->pszFileName));
 		CHKmalloc(pThis->multiSub.ppMsgs = MALLOC(inst->nMultiSub * sizeof(msg_t*)));
 		pThis->multiSub.maxElem = inst->nMultiSub;
 		pThis->multiSub.nElem = 0;
diff --git a/plugins/imptcp/imptcp.c b/plugins/imptcp/imptcp.c
index 8495b293..aba4c439 100644
--- a/plugins/imptcp/imptcp.c
+++ b/plugins/imptcp/imptcp.c
@@ -1121,7 +1121,8 @@ addListner(modConfData_t __attribute__((unused)) *modConf, instanceConf_t *inst)
 	pSrv->iKeepAliveProbes = inst->iKeepAliveProbes;
 	pSrv->iKeepAliveTime = inst->iKeepAliveTime;
 	pSrv->bEmitMsgOnClose = inst->bEmitMsgOnClose;
-	CHKiRet(ratelimitNew(&pSrv->ratelimiter));
+	CHKiRet(ratelimitNew(&pSrv->ratelimiter, "imtcp", (char*)inst->pszBindPort));
+//TODO: add!ratelimitSetLinuxLike(pSrv->ratelimiter, 3, 2);
 	ratelimitSetThreadSafe(pSrv->ratelimiter);
 	CHKmalloc(pSrv->port = ustrdup(inst->pszBindPort));
 	pSrv->iAddtlFrameDelim = inst->iAddtlFrameDelim;
diff --git a/plugins/imudp/imudp.c b/plugins/imudp/imudp.c
index 7f9e00dc..aba7d69d 100644
--- a/plugins/imudp/imudp.c
+++ b/plugins/imudp/imudp.c
@@ -223,7 +223,7 @@ addListner(instanceConf_t *inst)
 	struct lstn_s *newlcnfinfo;
 	uchar *bindName;
 	uchar *port;
-	uchar statname[64];
+	uchar dispname[64];
 
 	/* check which address to bind to. We could do this more compact, but have not
 	 * done so in order to make the code more readable. -- rgerhards, 2007-12-27
@@ -248,12 +248,12 @@ addListner(instanceConf_t *inst)
 			newlcnfinfo->next = NULL;
 			newlcnfinfo->sock = newSocks[iSrc];
 			newlcnfinfo->pRuleset = inst->pBindRuleset;
-			CHKiRet(ratelimitNew(&newlcnfinfo->ratelimiter));
+			snprintf((char*)dispname, sizeof(dispname), "imudp(%s:%s)", bindName, port);
+			dispname[sizeof(dispname)-1] = '\0'; /* just to be on the save side... */
+			CHKiRet(ratelimitNew(&newlcnfinfo->ratelimiter, dispname, NULL));
 			/* support statistics gathering */
 			CHKiRet(statsobj.Construct(&(newlcnfinfo->stats)));
-			snprintf((char*)statname, sizeof(statname), "imudp(%s:%s)", bindName, port);
-			statname[sizeof(statname)-1] = '\0'; /* just to be on the save side... */
-			CHKiRet(statsobj.SetName(newlcnfinfo->stats, statname));
+			CHKiRet(statsobj.SetName(newlcnfinfo->stats, dispname));
 			STATSCOUNTER_INIT(newlcnfinfo->ctrSubmit, newlcnfinfo->mutCtrSubmit);
 			CHKiRet(statsobj.AddCounter(newlcnfinfo->stats, UCHAR_CONSTANT("submitted"),
 				ctrType_IntCtr, &(newlcnfinfo->ctrSubmit)));
diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c
index 6aa2b1e8..c871391c 100644
--- a/plugins/imuxsock/imuxsock.c
+++ b/plugins/imuxsock/imuxsock.c
@@ -106,15 +106,6 @@ STATSCOUNTER_DEF(ctrSubmit, mutCtrSubmit)
 STATSCOUNTER_DEF(ctrLostRatelimit, mutCtrLostRatelimit)
 STATSCOUNTER_DEF(ctrNumRatelimiters, mutCtrNumRatelimiters)
 
-struct rs_ratelimit_state {
-	unsigned short interval;
-	unsigned short burst;
-	unsigned done;
-	unsigned missed;
-	time_t begin;
-};
-typedef struct rs_ratelimit_state rs_ratelimit_state_t;
-
 
 /* a very simple "hash function" for process IDs - we simply use the
  * pid itself: it is quite expected that all pids may log some time, but
@@ -272,74 +263,9 @@ static struct cnfparamblk inppblk =
 /* we do not use this, because we do not bind to a ruleset so far
  * enable when this is changed: #include "im-helper.h" */ /* must be included AFTER the type definitions! */
 
-static void 
-initRatelimitState(struct rs_ratelimit_state *rs, unsigned short interval, unsigned short burst)
-{
-	rs->interval = interval;
-	rs->burst = burst;
-	rs->done = 0;
-	rs->missed = 0;
-	rs->begin = 0;
-}
-
 static int bLegacyCnfModGlobalsPermitted;/* are legacy module-global config parameters permitted? */
 
 
-/* ratelimiting support, modelled after the linux kernel
- * returns 1 if message is within rate limit and shall be 
- * processed, 0 otherwise.
- * This implementation is NOT THREAD-SAFE and must not 
- * be called concurrently.
- */
-static inline int
-withinRatelimit(struct rs_ratelimit_state *rs, time_t tt, pid_t pid)
-{
-	int ret;
-	uchar msgbuf[1024];
-
-	if(rs->interval == 0) {
-		ret = 1;
-		goto finalize_it;
-	}
-
-	assert(rs->burst != 0);
-
-	if(rs->begin == 0)
-		rs->begin = tt;
-
-	/* resume if we go out of out time window */
-	if(tt > rs->begin + rs->interval) {
-		if(rs->missed) {
-			snprintf((char*)msgbuf, sizeof(msgbuf),
-			         "imuxsock lost %u messages from pid %lu due to rate-limiting",
-				 rs->missed, (unsigned long) pid);
-			logmsgInternal(RS_RET_RATE_LIMITED, LOG_SYSLOG|LOG_INFO, msgbuf, 0);
-			rs->missed = 0;
-		}
-		rs->begin = 0;
-		rs->done = 0;
-	}
-
-	/* do actual limit check */
-	if(rs->burst > rs->done) {
-		rs->done++;
-		ret = 1;
-	} else {
-		if(rs->missed == 0) {
-			snprintf((char*)msgbuf, sizeof(msgbuf),
-			         "imuxsock begins to drop messages from pid %lu due to rate-limiting",
-				 (unsigned long) pid);
-			logmsgInternal(RS_RET_RATE_LIMITED, LOG_SYSLOG|LOG_INFO, msgbuf, 0);
-		}
-		rs->missed++;
-		ret = 0;
-	}
-
-finalize_it:
-	return ret;
-}
-
-
 /* create input instance, set default paramters, and
  * add it to the list of instances.
  */
@@ -446,7 +372,8 @@ addListner(instanceConf_t *inst)
 			CHKiRet(prop.ConstructFinalize(listeners[nfd].hostName));
 		}
 		if(inst->ratelimitInterval > 0) {
-			if((listeners[nfd].ht = create_hashtable(100, hash_from_key_fn, key_equals_fn, NULL)) == NULL) {
+			if((listeners[nfd].ht = create_hashtable(100, hash_from_key_fn, key_equals_fn,
+				(void(*)(void*))ratelimitDestruct)) == NULL) {
 				/* in this case, we simply turn off rate-limiting */
 				DBGPRINTF("imuxsock: turning off rate limiting because we could not "
 					  "create hash table\n");
@@ -605,19 +532,22 @@ finalize_it:
  * listener (the latter being a performance enhancement).
  */
 static inline rsRetVal
-findRatelimiter(lstn_t *pLstn, struct ucred *cred, rs_ratelimit_state_t **prl)
+findRatelimiter(lstn_t *pLstn, struct ucred *cred, ratelimit_t **prl)
 {
-	rs_ratelimit_state_t *rl;
+	ratelimit_t *rl;
 	int r;
 	pid_t *keybuf;
+	char pidbuf[256];
 	DEFiRet;
 
 	if(cred == NULL)
 		FINALIZE;
+#if 0 // TODO: check deactivated?
 	if(pLstn->ratelimitInterval == 0) {
 		*prl = NULL;
 		FINALIZE;
 	}
+#endif
 
 	rl = hashtable_search(pLstn->ht, &cred->pid);
 	if(rl == NULL) {
@@ -625,10 +555,13 @@ findRatelimiter(lstn_t *pLstn, struct ucred *cred, rs_ratelimit_state_t **prl)
 		DBGPRINTF("imuxsock: no ratelimiter for pid %lu, creating one\n",
 			  (unsigned long) cred->pid);
 		STATSCOUNTER_INC(ctrNumRatelimiters, mutCtrNumRatelimiters);
-		CHKmalloc(rl = malloc(sizeof(rs_ratelimit_state_t)));
+		snprintf(pidbuf, sizeof(pidbuf), "pid %lu",
+			(unsigned long) cred->pid);
+		pidbuf[sizeof(pidbuf)-1] = '\0'; /* to be on safe side */
+		CHKiRet(ratelimitNew(&rl, "imuxsock", pidbuf));
+		ratelimitSetLinuxLike(rl, pLstn->ratelimitInterval, pLstn->ratelimitBurst);
 		CHKmalloc(keybuf = malloc(sizeof(pid_t)));
 		*keybuf = cred->pid;
-		initRatelimitState(rl, pLstn->ratelimitInterval, pLstn->ratelimitBurst);
 		r = hashtable_insert(pLstn->ht, keybuf, rl);
 		if(r == 0)
 			ABORT_FINALIZE(RS_RET_OUT_OF_MEMORY);
@@ -781,8 +714,8 @@ SubmitMsg(uchar *pRcv, int lenRcv, lstn_t *pLstn, struct ucred *cred, struct tim
 	uchar bufParseTAG[CONF_TAG_MAXSIZE];
 	struct syslogTime st;
 	time_t tt;
-	rs_ratelimit_state_t *ratelimiter = NULL;
 	int lenProp;
+	ratelimit_t *ratelimiter = NULL;
 	uchar propBuf[1024];
 	uchar msgbuf[8192];
 	uchar *pmsgbuf;
@@ -790,14 +723,6 @@ SubmitMsg(uchar *pRcv, int lenRcv, lstn_t *pLstn, struct ucred *cred, struct tim
 	struct syslogTime dummyTS;
 	struct json_object *json = NULL, *jval;
 	DEFiRet;
-#warning experimental code needs to be made production-ready!
-/* we need to decide how many ratelimiters we use --> hashtable
-   also remove current homegrown ratelimiting functionality and
-   replace it with the new one.
- */
-static ratelimit_t *ratelimit = NULL;
-if(ratelimit == NULL)
-	ratelimitNew(&ratelimit);
 
 	/* TODO: handle format errors?? */
 	/* we need to parse the pri first, because we need the severity for
@@ -829,10 +754,12 @@ if(ratelimit == NULL)
 		tt = ts->tv_sec;
 	}
 
+#if 0 // TODO: think about stats counters (or wait for request...?)
 	if(ratelimiter != NULL && !withinRatelimit(ratelimiter, tt, cred->pid)) {
 		STATSCOUNTER_INC(ctrLostRatelimit, mutCtrLostRatelimit);
 		FINALIZE;
 	}
+#endif
 
 	/* created trusted properties */
 	if(cred != NULL && pLstn->bAnnotate) {
@@ -939,7 +866,6 @@ if(ratelimit == NULL)
 			parse[15] = ' '; /* re-write \0 from fromatTimestamp3164 by SP */
 			/* update "counters" to reflect processed timestamp */
 			parse += 16;
-			lenMsg -= 16;
 		}
 	}
 
@@ -969,7 +895,7 @@ if(ratelimit == NULL)
 
 	MsgSetRcvFrom(pMsg, pLstn->hostName == NULL ? glbl.GetLocalHostNameProp() : pLstn->hostName);
 	CHKiRet(MsgSetRcvFromIP(pMsg, pLocalHostIP));
-	ratelimitAddMsg(ratelimit, NULL, pMsg);
+	ratelimitAddMsg(ratelimiter, NULL, pMsg);
 	STATSCOUNTER_INC(ctrSubmit, mutCtrSubmit);
 finalize_it:
 	RETiRet;