Merge pull request #2258 from pi-hole/tweak/rate_limit_ntp

Rate-limit internal NTP server
pi-hole · Feb 23, 2025 · 4e66f43 · 4e66f43
2 parents af775e5 + 5bdbde0
commit 4e66f43
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/src/ntp/server.c b/src/ntp/server.c
@@ -42,6 +42,8 @@
 #include "enums.h"
 // threads
 #include "signals.h"
+// sleepms()
+#include "timers.h"
 
 uint64_t ntp_last_sync = 0u;
 uint32_t ntp_root_delay = 0u;
@@ -269,6 +271,10 @@ static void request_process_loop(const int fd, const char *ipstr, const int prot
 		// Handle the request
 		ntp_reply(fd, &src_addr, src_addrlen, buf, &recv_time);
 		log_debug(DEBUG_NTP, "NTP reply sent");
+
+		// Sleep for 100 msec, this allows no more than 10 requests per
+		// second
+		sleepms(100);
 	}
 }
 
@@ -303,6 +309,11 @@ static void *ntp_bind_and_listen(void *param)
 	setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &optval, sizeof(optval));
 #endif
 
+	// Set socket receive buffer to 1 KB to avoid (near) endless queueing of
+	// NTP requests
+	const int recvbuf = 1024;
+	setsockopt(s, SOL_SOCKET, SO_RCVBUF, &recvbuf, sizeof(recvbuf));
+
 	// Bind the socket to the NTP port
 	char ipstr[INET6_ADDRSTRLEN + 1];
 	memset(ipstr, 0, sizeof(ipstr));