Rename rate limiting to packet rate limiting
This commit is contained in:
parent
20f45a7c1c
commit
2d12ac4fbb
|
@ -576,10 +576,10 @@ func wakuRateLimiter(wakuCfg *params.WakuConfig, clusterCfg *params.ClusterConfi
|
||||||
}
|
}
|
||||||
return wakucommon.NewPeerRateLimiter(
|
return wakucommon.NewPeerRateLimiter(
|
||||||
&wakucommon.PeerRateLimiterConfig{
|
&wakucommon.PeerRateLimiterConfig{
|
||||||
LimitPerSecIP: wakuCfg.RateLimitIP,
|
PacketLimitPerSecIP: wakuCfg.PacketRateLimitIP,
|
||||||
LimitPerSecPeerID: wakuCfg.RateLimitPeerID,
|
PacketLimitPerSecPeerID: wakuCfg.PacketRateLimitPeerID,
|
||||||
WhitelistedIPs: ips,
|
WhitelistedIPs: ips,
|
||||||
WhitelistedPeerIDs: peerIDs,
|
WhitelistedPeerIDs: peerIDs,
|
||||||
},
|
},
|
||||||
&whisper.MetricsRateLimiterHandler{},
|
&whisper.MetricsRateLimiterHandler{},
|
||||||
&whisper.DropPeerRateLimiterHandler{
|
&whisper.DropPeerRateLimiterHandler{
|
||||||
|
|
|
@ -177,13 +177,13 @@ type WakuConfig struct {
|
||||||
// EnableRateLimiter set to true enables IP and peer ID rate limiting.
|
// EnableRateLimiter set to true enables IP and peer ID rate limiting.
|
||||||
EnableRateLimiter bool
|
EnableRateLimiter bool
|
||||||
|
|
||||||
// RateLimitIP sets the limit on the number of messages per second
|
// PacketRateLimitIP sets the limit on the number of messages per second
|
||||||
// from a given IP.
|
// from a given IP.
|
||||||
RateLimitIP int64
|
PacketRateLimitIP int64
|
||||||
|
|
||||||
// RateLimitPeerID sets the limit on the number of messages per second
|
// PacketRateLimitPeerID sets the limit on the number of messages per second
|
||||||
// from a given peer ID.
|
// from a given peer ID.
|
||||||
RateLimitPeerID int64
|
PacketRateLimitPeerID int64
|
||||||
|
|
||||||
// RateLimitTolerance is a number of how many a limit must be exceeded
|
// RateLimitTolerance is a number of how many a limit must be exceeded
|
||||||
// in order to drop a peer.
|
// in order to drop a peer.
|
||||||
|
|
|
@ -64,9 +64,13 @@ func (MetricsRateLimiterHandler) ExceedIPLimit() error {
|
||||||
// RateLimits contains information about rate limit settings.
|
// RateLimits contains information about rate limit settings.
|
||||||
// It is exchanged using rateLimitingCode packet or in the handshake.
|
// It is exchanged using rateLimitingCode packet or in the handshake.
|
||||||
type RateLimits struct {
|
type RateLimits struct {
|
||||||
IPLimits uint64 // messages per second from a single IP (default 0, no limits)
|
PacketIPLimits uint64 // packets per second from a single IP (default 0, no limits)
|
||||||
PeerIDLimits uint64 // messages per second from a single peer ID (default 0, no limits)
|
PacketPeerIDLimits uint64 // packets per second from a single peer ID (default 0, no limits)
|
||||||
TopicLimits uint64 // messages per second from a single topic (default 0, no limits)
|
PacketTopicLimits uint64 // packets per second from a single topic (default 0, no limits)
|
||||||
|
|
||||||
|
SizeIPLimits uint64 // bytes per second from a single IP (default 0, no limits)
|
||||||
|
SizePeerIDLimits uint64 // bytes per second from a single peer ID (default 0, no limits)
|
||||||
|
SizeTopicLimits uint64 // bytes per second from a single topic (default 0, no limits)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r RateLimits) IsZero() bool {
|
func (r RateLimits) IsZero() bool {
|
||||||
|
@ -101,26 +105,26 @@ func (h *DropPeerRateLimiterHandler) ExceedIPLimit() error {
|
||||||
|
|
||||||
// PeerRateLimiterConfig represents configurations for initialising a PeerRateLimiter
|
// PeerRateLimiterConfig represents configurations for initialising a PeerRateLimiter
|
||||||
type PeerRateLimiterConfig struct {
|
type PeerRateLimiterConfig struct {
|
||||||
LimitPerSecIP int64
|
PacketLimitPerSecIP int64
|
||||||
LimitPerSecPeerID int64
|
PacketLimitPerSecPeerID int64
|
||||||
WhitelistedIPs []string
|
WhitelistedIPs []string
|
||||||
WhitelistedPeerIDs []enode.ID
|
WhitelistedPeerIDs []enode.ID
|
||||||
}
|
}
|
||||||
|
|
||||||
var defaultPeerRateLimiterConfig = PeerRateLimiterConfig{
|
var defaultPeerRateLimiterConfig = PeerRateLimiterConfig{
|
||||||
LimitPerSecIP: 10,
|
PacketLimitPerSecIP: 10,
|
||||||
LimitPerSecPeerID: 5,
|
PacketLimitPerSecPeerID: 5,
|
||||||
WhitelistedIPs: nil,
|
WhitelistedIPs: nil,
|
||||||
WhitelistedPeerIDs: nil,
|
WhitelistedPeerIDs: nil,
|
||||||
}
|
}
|
||||||
|
|
||||||
// PeerRateLimiter represents a rate limiter that limits communication between Peers
|
// PeerRateLimiter represents a rate limiter that limits communication between Peers
|
||||||
type PeerRateLimiter struct {
|
type PeerRateLimiter struct {
|
||||||
peerIDThrottler *tb.Throttler
|
packetPeerIDThrottler *tb.Throttler
|
||||||
ipThrottler *tb.Throttler
|
packetIpThrottler *tb.Throttler
|
||||||
|
|
||||||
LimitPerSecIP int64
|
PacketLimitPerSecIP int64
|
||||||
LimitPerSecPeerID int64
|
PacketLimitPerSecPeerID int64
|
||||||
|
|
||||||
whitelistedPeerIDs []enode.ID
|
whitelistedPeerIDs []enode.ID
|
||||||
whitelistedIPs []string
|
whitelistedIPs []string
|
||||||
|
@ -135,13 +139,13 @@ func NewPeerRateLimiter(cfg *PeerRateLimiterConfig, handlers ...RateLimiterHandl
|
||||||
}
|
}
|
||||||
|
|
||||||
return &PeerRateLimiter{
|
return &PeerRateLimiter{
|
||||||
peerIDThrottler: tb.NewThrottler(time.Millisecond * 100),
|
packetPeerIDThrottler: tb.NewThrottler(time.Millisecond * 100),
|
||||||
ipThrottler: tb.NewThrottler(time.Millisecond * 100),
|
packetIpThrottler: tb.NewThrottler(time.Millisecond * 100),
|
||||||
LimitPerSecIP: cfg.LimitPerSecIP,
|
PacketLimitPerSecIP: cfg.PacketLimitPerSecIP,
|
||||||
LimitPerSecPeerID: cfg.LimitPerSecPeerID,
|
PacketLimitPerSecPeerID: cfg.PacketLimitPerSecPeerID,
|
||||||
whitelistedPeerIDs: cfg.WhitelistedPeerIDs,
|
whitelistedPeerIDs: cfg.WhitelistedPeerIDs,
|
||||||
whitelistedIPs: cfg.WhitelistedIPs,
|
whitelistedIPs: cfg.WhitelistedIPs,
|
||||||
handlers: handlers,
|
handlers: handlers,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -228,22 +232,22 @@ func (r *PeerRateLimiter) Decorate(p RateLimiterPeer, rw p2p.MsgReadWriter, runL
|
||||||
return <-errC
|
return <-errC
|
||||||
}
|
}
|
||||||
|
|
||||||
// throttleIP throttles a number of messages incoming from a given IP.
|
// throttleIP throttles a number of packets incoming from a given IP.
|
||||||
// It allows 10 packets per second.
|
// It allows 10 packets per second.
|
||||||
func (r *PeerRateLimiter) throttleIP(ip string) bool {
|
func (r *PeerRateLimiter) throttleIP(ip string) bool {
|
||||||
if r.LimitPerSecIP == 0 {
|
if r.PacketLimitPerSecIP == 0 {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
if stringSliceContains(r.whitelistedIPs, ip) {
|
if stringSliceContains(r.whitelistedIPs, ip) {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
return r.ipThrottler.Halt(ip, 1, r.LimitPerSecIP)
|
return r.packetIpThrottler.Halt(ip, 1, r.PacketLimitPerSecIP)
|
||||||
}
|
}
|
||||||
|
|
||||||
// throttlePeer throttles a number of messages incoming from a peer.
|
// throttlePeer throttles a number of packets incoming from a peer.
|
||||||
// It allows 3 packets per second.
|
// It allows 3 packets per second.
|
||||||
func (r *PeerRateLimiter) throttlePeer(peerID []byte) bool {
|
func (r *PeerRateLimiter) throttlePeer(peerID []byte) bool {
|
||||||
if r.LimitPerSecIP == 0 {
|
if r.PacketLimitPerSecIP == 0 {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
var id enode.ID
|
var id enode.ID
|
||||||
|
@ -251,7 +255,7 @@ func (r *PeerRateLimiter) throttlePeer(peerID []byte) bool {
|
||||||
if enodeIDSliceContains(r.whitelistedPeerIDs, id) {
|
if enodeIDSliceContains(r.whitelistedPeerIDs, id) {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
return r.peerIDThrottler.Halt(id.String(), 1, r.LimitPerSecPeerID)
|
return r.packetPeerIDThrottler.Halt(id.String(), 1, r.PacketLimitPerSecPeerID)
|
||||||
}
|
}
|
||||||
|
|
||||||
func stringSliceContains(s []string, searched string) bool {
|
func stringSliceContains(s []string, searched string) bool {
|
||||||
|
|
|
@ -400,8 +400,8 @@ func (w *Waku) RateLimits() common.RateLimits {
|
||||||
return common.RateLimits{}
|
return common.RateLimits{}
|
||||||
}
|
}
|
||||||
return common.RateLimits{
|
return common.RateLimits{
|
||||||
IPLimits: uint64(w.rateLimiter.LimitPerSecIP),
|
PacketIPLimits: uint64(w.rateLimiter.PacketLimitPerSecIP),
|
||||||
PeerIDLimits: uint64(w.rateLimiter.LimitPerSecPeerID),
|
PacketPeerIDLimits: uint64(w.rateLimiter.PacketLimitPerSecPeerID),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue