summaryrefslogtreecommitdiff
path: root/src/server/sv_client.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/server/sv_client.c')
-rw-r--r--src/server/sv_client.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/server/sv_client.c b/src/server/sv_client.c
index 6199c01f..a895879f 100644
--- a/src/server/sv_client.c
+++ b/src/server/sv_client.c
@@ -63,6 +63,20 @@ void SV_GetChallenge(netadr_t from)
char *gameName;
qboolean gameMismatch;
+ // Prevent using getchallenge as an amplifier
+ if ( SVC_RateLimitAddress( from, 10, 1000 ) ) {
+ Com_DPrintf( "SV_GetChallenge: rate limit from %s exceeded, dropping request\n",
+ NET_AdrToString( from ) );
+ return;
+ }
+
+ // Allow getchallenge to be DoSed relatively easily, but prevent
+ // excess outbound bandwidth usage when being flooded inbound
+ if ( SVC_RateLimit( &outboundLeakyBucket, 10, 100 ) ) {
+ Com_DPrintf( "SV_GetChallenge: rate limit exceeded, dropping request\n" );
+ return;
+ }
+
gameName = Cmd_Argv(2);
gameMismatch = !*gameName || strcmp(gameName, com_gamename->string) != 0;
generated by cgit (git 2.34.1) at 2024-11-14 23:05:53 +0000