1、使用map记录每个ip的请求连接数,当超过一定值时,限制连接。并定时将连接数清空
2、数据包的频率限制:
构建一个过滤容器,由多个桶组成,每个桶对应一个map数据指针。如:map<ClientKey, unsigned char> *client_map[128];
map中第二个参数为计数值,当计数达到一定值,则加入黑名单,利用map中记录时间来封禁黑名单设备一定时间
利用client的ip和port找到对应的桶
int ip_port = client_ip; ip_port = (ip_port << 16 | client_port)%128; ClientKey client_key(c) map<ClientKey, unsigned char>::iterator iter; iter = client_map[ip_port]->find(client_key); if (iter == client_map[ip_port]->end()) { client_map[ip_port]->insert(pair<ClientKey, unsigned char>(client_key, 1)); } struct ClientKey { unsigned int client_ip; unsigned short client_port; ClientKey() { client_ip = 0; client_port = 0; } ClientKey(unsigned int ip, unsigned short port) { client_ip = ip; client_port = port; } ClientKey(ClientKey& client_key) { client_ip = client_key.ip; client_port = client_key.port; } ClientKey& operator=(ClientKey& client_key) { client_ip = client_key.ip; client_port = client_key.port; return *this; } bool operator==(const ClientKey& client_key) const { if (client_ip != client_key.client_ip)return false; if (client_port != client_key.client_port)return false; return true; } bool operator<(const ClientKey& client_key) const { if (client_ip < client_key.client_ip)return true; if (client_ip > client_key.client_ip)return false; if (client_port < client_key.client_port)return true; return false; } }