Limit the number of log records for security events

[krizhanovsky]

Motivation

Nearly everyone of our team already complained about and was confused by the number of messages, which can be printed on various rate limits, e.g. #1649 (comment) . We use net_warn_ratelimited(), so the system wont go out of service, but other important messages can be rate limited.

Also this behavior is confusing and doesn't make the system user friendly, e.g. this makes issues for our test development.

Scope

http_limits must be extended with a ratelimit option for the maximum number of messages printed for a client per second (0 - unlimited, minimum - 1, maximum 1000). TfwClient must be extended with

unsigned long sec_ev_n  :16,
              sec_ev_ts :48;

, where sec_ev_n is the events counter and sec_ev_ts are the 48 less significant bits of jiffies (assume that we never wrap up the 48 bits).

Once a client hits the limit, we still need to account sec_ev_n and stop on 0xffff meaning overflow. When one second passes and we can zero the counter and print the next bunch of records, we should print how many records was suppressed for the client. We do not do sliding window to minimize the memory requirements to handle each client.

The task must make a step in #537: security log must have a separate API and implemented in a new files log_security.c (also please rename access_log.c to log_access.c and move the function declarations from access_log.h to log.h).

Testing

Probably no special tests are required, just making the current tests more explicit about the number of expected log messages.

[krizhanovsky]

The recent merge of tempesta-tech/tempesta-test#265 causes the log overflow on -R option, so the task is crucial since the current master in https://github.com/tempesta-tech/tempesta-test probably will break the CI