Limits traffic from a IP address to partially mitigate attacks.
Kvarn’s limiting is smart; when a client first makes to many requests,
429 Too Many Requests is sent back.
It the spam continues, the current connection and all future streams are blocked,
until the limit resets.
The thresholds are configurable and have sensible defaults.
reset_time is elapsed, all stored request counts are cleared.
reset_times and higher
max_requests can be less forgiving for clients,
but safer for the server, and vise versa.
429 Too Many Requestsresponse.