summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/doc-txt/ChangeLog4
-rw-r--r--doc/doc-txt/NewStuff6
-rw-r--r--src/util/README9
-rw-r--r--src/util/ratelimit.pl137
4 files changed, 153 insertions, 3 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 5ac7397a8..2fc2eefa6 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.229 2005/09/13 15:40:07 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.230 2005/09/13 17:51:05 fanf2 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
@@ -188,6 +188,8 @@ PH/47 Added an interface to a fake DNS resolver for use by the new test suite,
backwards compatible; if it can't find the fake resolver, it drops back.
Thus, both old and new test suites can be run.
+TF/02 Added util/ratelimit.pl
+
Exim version 4.52
-----------------
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 3d3c1d8e1..82a239230 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.69 2005/09/13 11:13:27 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.70 2005/09/13 17:51:05 fanf2 Exp $
New Features in Exim
--------------------
@@ -151,6 +151,10 @@ PH/12 There is a new variable called $smtp_command which contains the full SMTP
possible to distinguish between HELO and EHLO, and also between things
like "MAIL FROM:<>" and "MAIL FROM: <>".
+TF/01 There's a new script in util/ratelimit.pl which extracts sending
+ rates from log files, to assist with choosing appropriate settings
+ when deploying the ratelimit ACL condition.
+
Exim version 4.52
-----------------
diff --git a/src/util/README b/src/util/README
index 7fd04f2dc..655fef2fb 100644
--- a/src/util/README
+++ b/src/util/README
@@ -1,4 +1,4 @@
-$Cambridge: exim/src/util/README,v 1.1 2005/05/24 11:20:40 ph10 Exp $
+$Cambridge: exim/src/util/README,v 1.2 2005/09/13 17:51:06 fanf2 Exp $
The "util" directory in the Exim distribution
---------------------------------------------
@@ -25,6 +25,13 @@ A Perl script for a converting flat file into a format that is suitable for
processing by cdbmake into a cdb file. It has some advantages over the
cdbmake-12 awk script.
+ratelimit.pl
+------------
+
+A Perl script for computing peak sending rates from a log file. This is for
+use with the ratelimit ACL condition, so that you can get some idea of what a
+reasonable limit would be before deploying the feature.
+
unknownuser.sh
--------------
diff --git a/src/util/ratelimit.pl b/src/util/ratelimit.pl
new file mode 100644
index 000000000..a30cfb60a
--- /dev/null
+++ b/src/util/ratelimit.pl
@@ -0,0 +1,137 @@
+#!/usr/bin/perl -wT
+#
+# $Cambridge: exim/src/util/ratelimit.pl,v 1.1 2005/09/13 17:51:06 fanf2 Exp $
+
+use strict;
+
+sub usage () {
+ print <<END;
+usage: ratelimit.pl <period> <regex> logfile
+
+The aim of this script is to compute clients' peak sending rates
+from an Exim log file, using the same formula as Exim's ratelimit
+ACL condition. This is so that you can get an idea of a reasonable
+limit setting before you deploy the restrictions.
+
+This script isn't perfectly accurate, because the time stamps in
+Exim's log files are only accurate to a seond whereas internally Exim
+computes sender rates to the accuracy of your computer's clock
+(typically 10ms).
+
+The log files to be processed can be specified on the command line
+after the other arguments; if no filenames are specified the script
+will read from stdin.
+
+The first command line argument is the smoothing period, as defined by
+the documentation for the ratelimit ACL condition. The second argumetn
+is a regular expression.
+
+Each line is matched against the regular expression. Lines that do not
+match are ignored. The regex may contain 0, 1, or 2 () capturing
+sub-expressions.
+
+If there are no () sub-expressions, then every line that matches is
+used to compute a single rate. Its maximum value is reported when the
+script finishes.
+
+If there is one () sub-expression, then the text matched by the
+sub-expression is used to identify a rate lookup key, similar to the
+lookup key used by the ratelimit ACL condition. For example, you might
+write a regex to match the client IP address, or the authenticated
+username. Separate rates are computed for each different client and
+the maximum rate for each client is reported when the script finishes.
+
+If there are two () sub-expressions, then the text matched by the
+first sub-expression is used to identify a rate lookup key as above,
+and the second is used to match the message size recorded in the log
+line, e.g. " S=(\\d+) ". In this case the byte rate is computed instead
+of the message rate, similar to the per_byte option of the ratelimit
+ACL condition.
+END
+ exit 1;
+}
+
+sub iso2unix (@) {
+ my ($y,$m,$d,$H,$M,$S,$zs,$zh,$zm) = @_;
+ use integer;
+ $y -= $m < 3;
+ $m += $m < 3 ? 10 : -2;
+ my $z = defined $zs ? "${zs}1" * ($zh * 60 + $zm) : 0;
+ my $t = $y/400 - $y/100 + $y/4 + $y*365
+ + $m*367/12 + $d - 719499;
+ return $t * 86400
+ + $H * 3600
+ + $M * 60
+ + $S
+ - $z;
+}
+
+my $debug = 0;
+my $progress = 0;
+while (@ARGV && $ARGV[0] =~ /^-\w+$/) {
+ $debug = 1 if $ARGV[0] =~ s/(-\w*)d(\w*)/$1$2/;
+ $progress = 1 if $ARGV[0] =~ s/(-\w*)p(\w*)/$1$2/;
+ shift if $ARGV[0] eq "-";
+}
+
+usage if @ARGV < 2;
+
+my $progtime = "";
+
+my $period = shift;
+
+my $re_txt = shift;
+my $re = qr{$re_txt}o;
+
+my %time;
+my %rate;
+my %max;
+
+sub debug ($) {
+ my $key = shift;
+ printf "%s\t%12d %8s %5.2f %5.2f\n",
+ $_, $time{$key}, $key, $max{$key}, $rate{$key};
+}
+
+while (<>) {
+ next unless $_ =~ $re;
+ my $key = $1 || "";
+ my $size = $2 || 1.0;
+ my $time = iso2unix
+ ($_ =~ m{^(\d{4})-(\d\d)-(\d\d)[ ]
+ (\d\d):(\d\d):(\d\d)[ ]
+ (?:([+-])(\d\d)(\d\d)[ ])?
+ }x);
+ if ($progress) {
+ my $prog_now = substr $_, 0, 14;
+ if ($progtime ne $prog_now) {
+ $progtime = $prog_now;
+ print "$progtime\n";
+ }
+ }
+ if (not defined $time{$key}) {
+ $time{$key} = $time;
+ $rate{$key} = 0.0;
+ $max{$key} = 0.0;
+ debug $key if $debug;
+ next;
+ }
+ # see acl_ratelimit() for details of the following
+ my $interval = $time - $time{$key};
+ my $i_over_p = $interval / $period;
+ my $a = exp(-$i_over_p);
+ $i_over_p = 1e-9 if $i_over_p <= 0.0;
+ $time{$key} = $time;
+ $rate{$key} = $size * (1.0 - $a) / $i_over_p + $a * $rate{$key};
+ $max{$key} = $rate{$key} if $rate{$key} > $max{$key};
+ debug $key if $debug;
+}
+
+print map {
+ " " x (20 - length) .
+ "$_ : $max{$_}\n"
+} sort {
+ $max{$a} <=> $max{$b}
+} keys %max;
+
+# eof