|
@@ -28,6 +28,7 @@ type CustomLimitConfig struct {
|
28
|
28
|
// tuples the key-value pair of a CIDR and its custom limit/throttle values
|
29
|
29
|
type customLimit struct {
|
30
|
30
|
name [16]byte
|
|
31
|
+ customID string // operator-configured identifier for a custom net
|
31
|
32
|
maxConcurrent int
|
32
|
33
|
maxPerWindow int
|
33
|
34
|
nets []flatip.IPNet
|
|
@@ -103,6 +104,7 @@ func (config *LimiterConfig) postprocess() (err error) {
|
103
|
104
|
maxConcurrent: customLimitConf.MaxConcurrent,
|
104
|
105
|
maxPerWindow: customLimitConf.MaxPerWindow,
|
105
|
106
|
name: md5.Sum([]byte(identifier)),
|
|
107
|
+ customID: identifier,
|
106
|
108
|
nets: nets,
|
107
|
109
|
})
|
108
|
110
|
}
|
|
@@ -124,11 +126,11 @@ type Limiter struct {
|
124
|
126
|
|
125
|
127
|
// addrToKey canonicalizes `addr` to a string key, and returns
|
126
|
128
|
// the relevant connection limit and throttle max-per-window values
|
127
|
|
-func (cl *Limiter) addrToKey(addr flatip.IP) (key limiterKey, limit int, throttle int) {
|
|
129
|
+func (cl *Limiter) addrToKey(addr flatip.IP) (key limiterKey, customID string, limit int, throttle int) {
|
128
|
130
|
for _, custom := range cl.config.customLimits {
|
129
|
131
|
for _, net := range custom.nets {
|
130
|
132
|
if net.Contains(addr) {
|
131
|
|
- return limiterKey{maskedIP: custom.name, prefixLen: 0}, custom.maxConcurrent, custom.maxPerWindow
|
|
133
|
+ return limiterKey{maskedIP: custom.name, prefixLen: 0}, custom.customID, custom.maxConcurrent, custom.maxPerWindow
|
132
|
134
|
}
|
133
|
135
|
}
|
134
|
136
|
}
|
|
@@ -143,7 +145,7 @@ func (cl *Limiter) addrToKey(addr flatip.IP) (key limiterKey, limit int, throttl
|
143
|
145
|
addr = addr.Mask(prefixLen, 128)
|
144
|
146
|
}
|
145
|
147
|
|
146
|
|
- return limiterKey{maskedIP: addr, prefixLen: uint8(prefixLen)}, cl.config.MaxConcurrent, cl.config.MaxPerWindow
|
|
148
|
+ return limiterKey{maskedIP: addr, prefixLen: uint8(prefixLen)}, "", cl.config.MaxConcurrent, cl.config.MaxPerWindow
|
147
|
149
|
}
|
148
|
150
|
|
149
|
151
|
// AddClient adds a client to our population if possible. If we can't, throws an error instead.
|
|
@@ -156,7 +158,7 @@ func (cl *Limiter) AddClient(addr flatip.IP) error {
|
156
|
158
|
return nil
|
157
|
159
|
}
|
158
|
160
|
|
159
|
|
- addrString, maxConcurrent, maxPerWindow := cl.addrToKey(addr)
|
|
161
|
+ addrString, _, maxConcurrent, maxPerWindow := cl.addrToKey(addr)
|
160
|
162
|
|
161
|
163
|
// check limiter
|
162
|
164
|
var count int
|
|
@@ -200,7 +202,7 @@ func (cl *Limiter) RemoveClient(addr flatip.IP) {
|
200
|
202
|
return
|
201
|
203
|
}
|
202
|
204
|
|
203
|
|
- addrString, _, _ := cl.addrToKey(addr)
|
|
205
|
+ addrString, _, _, _ := cl.addrToKey(addr)
|
204
|
206
|
count := cl.limiter[addrString]
|
205
|
207
|
count -= 1
|
206
|
208
|
if count < 0 {
|
|
@@ -220,7 +222,7 @@ type LimiterStatus struct {
|
220
|
222
|
ThrottleDuration time.Duration
|
221
|
223
|
}
|
222
|
224
|
|
223
|
|
-func (cl *Limiter) Status(addr flatip.IP) (status LimiterStatus) {
|
|
225
|
+func (cl *Limiter) Status(addr flatip.IP) (netName string, status LimiterStatus) {
|
224
|
226
|
cl.Lock()
|
225
|
227
|
defer cl.Unlock()
|
226
|
228
|
|
|
@@ -231,12 +233,20 @@ func (cl *Limiter) Status(addr flatip.IP) (status LimiterStatus) {
|
231
|
233
|
|
232
|
234
|
status.ThrottleDuration = cl.config.Window
|
233
|
235
|
|
234
|
|
- addrString, maxConcurrent, maxPerWindow := cl.addrToKey(addr)
|
|
236
|
+ limiterKey, customID, maxConcurrent, maxPerWindow := cl.addrToKey(addr)
|
235
|
237
|
status.MaxCount = maxConcurrent
|
236
|
238
|
status.MaxPerWindow = maxPerWindow
|
237
|
239
|
|
238
|
|
- status.Count = cl.limiter[addrString]
|
239
|
|
- status.Throttle = cl.throttler[addrString].Count
|
|
240
|
+ status.Count = cl.limiter[limiterKey]
|
|
241
|
+ status.Throttle = cl.throttler[limiterKey].Count
|
|
242
|
+
|
|
243
|
+ netName = customID
|
|
244
|
+ if netName == "" {
|
|
245
|
+ netName = flatip.IPNet{
|
|
246
|
+ IP: limiterKey.maskedIP,
|
|
247
|
+ PrefixLen: limiterKey.prefixLen,
|
|
248
|
+ }.String()
|
|
249
|
+ }
|
240
|
250
|
|
241
|
251
|
return
|
242
|
252
|
}
|
|
@@ -250,7 +260,7 @@ func (cl *Limiter) ResetThrottle(addr flatip.IP) {
|
250
|
260
|
return
|
251
|
261
|
}
|
252
|
262
|
|
253
|
|
- addrString, _, _ := cl.addrToKey(addr)
|
|
263
|
+ addrString, _, _, _ := cl.addrToKey(addr)
|
254
|
264
|
delete(cl.throttler, addrString)
|
255
|
265
|
}
|
256
|
266
|
|