marek/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity

define thresholds in seconds, not minutes

Browse Source
This commit is contained in:
zab2
2019-04-04 07:31:54 +00:00
parent d809b592c9
commit 3498ab05f4
5 changed files with 26 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/access/AccessCounter.java
View File

@@ -38,7 +38,7 @@ class AccessCounter {
for (int i = 0; i <= accesses.size() - threshold.getConnections(); i++) {
long start = accesses.get(i);
long end = start + threshold.getMinutes() * 60000;
long end = start + threshold.getSeconds() * 1000;
if (accesses.get(i + threshold.getConnections() -1) <= end)
return true;
}

2
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/access/AccessFilter.java
View File

@@ -156,7 +156,7 @@ class AccessFilter implements StatefulConnectionFilter {
}
private void purge() {
long olderThan = context.clock().now() - definition.getPurgeMinutes() * 60000;
long olderThan = context.clock().now() - definition.getPurgeSeconds() * 1000;
synchronized(knownDests) {
for (DestTracker tracker : knownDests.values()) {

18
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/access/DefinitionParser.java
View File

@@ -43,16 +43,16 @@ class DefinitionParser {
* </p>
* <p>
* A threshold is defined by the number of connection attempts a remote destination is
* permitted to perform over a specified number of minutes before a "breach" occurs.
* permitted to perform over a specified number of seconds before a "breach" occurs.
* For example the following threshold definition "15/5" means that the same remote
* destination is allowed to make 14 connection attempts over a 5 minute period, If
* destination is allowed to make 14 connection attempts over a 5 second period, If
* it makes one more attempt within the same period, the threshold will be breached.
* </p>
* <p>
* The threshold format can be one of the following:
* </p>
* <ul>
* <li>Numeric definition of number of connections over number minutes - "15/5",
* <li>Numeric definition of number of connections over number seconds - "15/5",
* "30/60", and so on. Note that if the number of connections is 1 (as for
* example in "1/1") the first connection attempt will result in a breach.</li>
* <li>The word "allow". This threshold is never breached, i.e. infinite number of
@@ -100,8 +100,8 @@ class DefinitionParser {
* It is possible to use a recorder to record aggressive destinations to a given file,
* and then use that same file to throttle them. For example, the following snippet will
* define a filter that initially allows all connection attempts, but if any single
* destination exceeds 30 attempts per 5 minutes it gets throttled down to 15 attempts per
* 5 minutes:
* destination exceeds 30 attempts per 5 seconds it gets throttled down to 15 attempts per
* 5 seconds:
* </p>
* <pre>
* # by default there are no limits
@@ -176,12 +176,12 @@ class DefinitionParser {
try {
int connections = Integer.parseInt(split[0]);
int minutes = Integer.parseInt(split[1]);
int seconds = Integer.parseInt(split[1]);
if (connections < 0)
throw new InvalidDefinitionException("Number of connections cannot be negative " + s);
if (minutes < 1)
throw new InvalidDefinitionException("Number of minutes must be at least 1 " + s);
return new Threshold(connections, minutes);
if (seconds < 1)
throw new InvalidDefinitionException("Number of seconds must be at least 1 " + s);
return new Threshold(connections, seconds);
} catch (NumberFormatException bad) {
throw new InvalidDefinitionException("Invalid threshold", bad);
}

14
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/access/FilterDefinition.java
View File

@@ -12,7 +12,7 @@ class FilterDefinition {
private final Threshold defaultThreshold;
private final FilterDefinitionElement[] elements;
private final Recorder[] recorders;
private final int purgeMinutes;
private final int purgeSeconds;
/**
* @param defaultThreshold threshold to apply to unknown remote destinations
@@ -26,13 +26,13 @@ class FilterDefinition {
this.elements = elements;
this.recorders = recorders;
int maxMinutes = defaultThreshold.getMinutes();
int maxSeconds = defaultThreshold.getSeconds();
for (FilterDefinitionElement element : elements)
maxMinutes = Math.max(maxMinutes, element.getThreshold().getMinutes());
maxSeconds = Math.max(maxSeconds, element.getThreshold().getSeconds());
for (Recorder recorder : recorders)
maxMinutes = Math.max(maxMinutes, recorder.getThreshold().getMinutes());
maxSeconds = Math.max(maxSeconds, recorder.getThreshold().getSeconds());
this.purgeMinutes = maxMinutes;
this.purgeSeconds = maxSeconds;
}
Threshold getDefaultThreshold() {
@@ -47,7 +47,7 @@ class FilterDefinition {
return recorders;
}
int getPurgeMinutes() {
return purgeMinutes;
int getPurgeSeconds() {
return purgeSeconds;
}
}

16
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/access/Threshold.java
View File

@@ -3,7 +3,7 @@ package net.i2p.i2ptunnel.access;
/**
* Definition of a Threshold.
*
* A Threshold is defined by a number of connections over a period of minutes
* A Threshold is defined by a number of connections over a period of seconds
*
* @since 0.9.40
*/
@@ -15,22 +15,22 @@ class Threshold {
static final Threshold DENY = new Threshold(0, 1);
private final int connections;
private final int minutes;
private final int seconds;
Threshold(int connections, int minutes) {
if (minutes < 1)
throw new IllegalArgumentException("Threshold must be defined over at least 1 minute");
Threshold(int connections, int seconds) {
if (seconds < 1)
throw new IllegalArgumentException("Threshold must be defined over at least 1 second");
if (connections < 0)
throw new IllegalArgumentException("Accesses cannot be negative");
this.connections = connections;
this.minutes = minutes;
this.seconds = seconds;
}
int getConnections() {
return connections;
}
int getMinutes() {
return minutes;
int getSeconds() {
return seconds;
}
}