Mercurial > prosody-modules
annotate mod_c2s_limit_sessions/mod_c2s_limit_sessions.lua @ 4877:adc6241e5d16
mod_measure_process: Report the enforced limit
The soft limit is what the kernel actually enforces, while the hard
limit is is how far you can change the soft limit without privileges.
Unless the process dynamically adjusts the soft limit, knowing the hard
limit is not as useful as knowing the soft limit.
Reporting the soft limit and the number of in-use FDs allows placing
alerts on expressions like 'process_open_fds / process_max_fds >= 0.95'
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 18 Jan 2022 18:55:20 +0100 |
parents | f581210093a7 |
children |
rev | line source |
---|---|
1365
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
1 -- mod_c2s_limit_sessions |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
2 |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
3 local next, count = next, require "util.iterators".count; |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
4 |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
5 local max_resources = module:get_option_number("max_resources", 10); |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
6 |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
7 local sessions = hosts[module.host].sessions; |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
8 module:hook("resource-bind", function(event) |
1366
f581210093a7
mod_c2s_limit_sessions: Fix global access
Kim Alvefur <zash@zash.se>
parents:
1365
diff
changeset
|
9 local session = event.session; |
f581210093a7
mod_c2s_limit_sessions: Fix global access
Kim Alvefur <zash@zash.se>
parents:
1365
diff
changeset
|
10 if count(next, sessions[session.username].sessions) > max_resources then |
1365
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
11 session:close{ condition = "policy-violation", text = "Too many resources" }; |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
12 return false |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
13 end |
ecc948f8d47d
mod_c2s_limit_sessions: Limit number of resources a user may connect
Kim Alvefur <zash@zash.se>
parents:
diff
changeset
|
14 end, -1); |