+ // Check if we get many connections from the same host
+
+ static sockaddr_t prev_sa;
+ static int tarpit = -1;
+
+ if(tarpit >= 0) {
+ closesocket(tarpit);
+ tarpit = -1;
+ }
+
+ if(!sockaddrcmp_noport(&sa, &prev_sa)) {
+ static int samehost_burst;
+ static int samehost_burst_time;
+
+ if(mesh->loop.now.tv_sec - samehost_burst_time > samehost_burst)
+ samehost_burst = 0;
+ else
+ samehost_burst -= mesh->loop.now.tv_sec - samehost_burst_time;
+
+ samehost_burst_time = mesh->loop.now.tv_sec;
+ samehost_burst++;
+
+ if(samehost_burst > max_connection_burst) {
+ tarpit = fd;
+ return;
+ }
+ }
+
+ memcpy(&prev_sa, &sa, sizeof sa);
+
+ // Check if we get many connections from different hosts
+
+ static int connection_burst;
+ static int connection_burst_time;
+
+ if(mesh->loop.now.tv_sec - connection_burst_time > connection_burst)
+ connection_burst = 0;
+ else
+ connection_burst -= mesh->loop.now.tv_sec - connection_burst_time;
+
+ connection_burst_time = mesh->loop.now.tv_sec;
+ connection_burst++;
+
+ if(connection_burst >= max_connection_burst) {
+ connection_burst = max_connection_burst;
+ tarpit = fd;
+ return;
+ }
+
+ // Accept the new connection
+