ratelimit

package
v0.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 6, 2025 License: MIT Imports: 16 Imported by: 0

Documentation

Overview

Package ratelimit - Memory backend implementation

Package ratelimit provides rate limiting functionality for Hockeypuck

Package ratelimit - Redis backend implementation

Package ratelimit - Tor exit node updater implementation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ValidateConfig 

func ValidateConfig(config TorConfig) error

ValidateConfig validates the Tor configuration

Types

type Backend 

type Backend interface {
	// Connection tracking
	GetConnectionCount(ip string) (int, error)
	IncrementConnectionCount(ip string, ttl time.Duration) error
	DecrementConnectionCount(ip string) error

	// Request rate tracking
	GetRequestCount(ip string, window time.Duration) (int, error)
	IncrementRequestCount(ip string, window time.Duration) error

	// Error rate tracking
	GetErrorCount(ip string, window time.Duration) (int, error)
	IncrementErrorCount(ip string, window time.Duration) error

	// Ban management
	IsBanned(ip string) (bool, time.Time, string, error)
	BanIP(ip string, duration time.Duration, reason string) error
	UnbanIP(ip string) error

	// Tor exit node management
	IsTorExit(ip string) (bool, error)
	SetTorExits(ips []string, ttl time.Duration) error
	GetTorExitCount() (int, error)

	// Global Tor rate limiting
	GetGlobalTorRequestCount(window time.Duration) (int, error)
	IncrementGlobalTorRequestCount(window time.Duration) error

	// Statistics
	GetStats() (BackendStats, error)

	// Cleanup
	Cleanup(ctx context.Context) error

	// Close
	Close() error
}

Backend interface for rate limiting storage

type BackendConfig 

type BackendConfig struct {
	Type   string       `toml:"type"`
	Memory MemoryConfig `toml:"memory"`
	Redis  RedisConfig  `toml:"redis"`
}

BackendConfig represents backend configuration

type BackendStats 

type BackendStats struct {
	TrackedIPs    int       `json:"tracked_ips"`
	BannedIPs     int       `json:"banned_ips"`
	TorBanned     int       `json:"tor_banned"`
	BackendType   string    `json:"backend_type"`
	TorExitCount  int       `json:"tor_exits_count"`
	TorLastUpdate time.Time `json:"tor_last_updated"`
}

BackendStats represents backend statistics

type BanRecord 

type BanRecord struct {
	ExpiresAt time.Time
	Reason    string
	BanType   string
}

BanRecord represents a banned IP record

type CacheInfo 

type CacheInfo struct {
	Exists  bool      `json:"exists"`
	Path    string    `json:"path"`
	Size    int64     `json:"size"`
	ModTime time.Time `json:"mod_time"`
	Count   int       `json:"count"`
	IsStale bool      `json:"is_stale"`
}

CacheInfo provides information about the cache file

type Config 

type Config struct {
	Enabled                  bool          `toml:"enabled"`
	MaxConcurrentConnections int           `toml:"maxConcurrentConnections"`
	ConnectionRate           int           `toml:"connectionRate"`
	HTTPRequestRate          int           `toml:"httpRequestRate"`
	HTTPErrorRate            int           `toml:"httpErrorRate"`
	CrawlerBlockDuration     time.Duration `toml:"crawlerBlockDuration"`
	TrustProxyHeaders        bool          `toml:"trustProxyHeaders"`

	// Backend configuration
	Backend BackendConfig `toml:"backend"`

	// Tor configuration
	Tor TorConfig `toml:"tor"`

	// Whitelist configuration
	Whitelist WhitelistConfig `toml:"whitelist"`

	// Keyserver sync configuration
	KeyserverSync KeyserverSyncConfig `toml:"keyserverSync"`

	// Header configuration
	Headers HeaderConfig `toml:"headers"`
}

Config represents rate limiting configuration

func DefaultConfig 

func DefaultConfig() Config

Default configuration values

type HeaderConfig 

type HeaderConfig struct {
	Enabled   bool   `toml:"enabled"`
	TorHeader string `toml:"torHeader"`
	BanHeader string `toml:"banHeader"`
}

HeaderConfig represents header configuration

type KeyserverSyncConfig 

type KeyserverSyncConfig struct {
	Enabled bool `toml:"enabled"`
}

KeyserverSyncConfig represents keyserver sync configuration

type MemoryBackend 

type MemoryBackend struct {
	// contains filtered or unexported fields
}

MemoryBackend implements the Backend interface using in-memory storage

func NewMemoryBackend 

func NewMemoryBackend() *MemoryBackend

NewMemoryBackend creates a new memory backend

func (*MemoryBackend) BanIP 

func (m *MemoryBackend) BanIP(ip string, duration time.Duration, reason string) error

func (*MemoryBackend) Cleanup 

func (m *MemoryBackend) Cleanup(ctx context.Context) error

func (*MemoryBackend) Close 

func (m *MemoryBackend) Close() error

func (*MemoryBackend) DecrementConnectionCount 

func (m *MemoryBackend) DecrementConnectionCount(ip string) error

func (*MemoryBackend) GetConnectionCount 

func (m *MemoryBackend) GetConnectionCount(ip string) (int, error)

func (*MemoryBackend) GetErrorCount 

func (m *MemoryBackend) GetErrorCount(ip string, window time.Duration) (int, error)

func (*MemoryBackend) GetGlobalTorRequestCount 

func (m *MemoryBackend) GetGlobalTorRequestCount(window time.Duration) (int, error)

func (*MemoryBackend) GetRequestCount 

func (m *MemoryBackend) GetRequestCount(ip string, window time.Duration) (int, error)

func (*MemoryBackend) GetStats 

func (m *MemoryBackend) GetStats() (BackendStats, error)

func (*MemoryBackend) GetTorExitCount 

func (m *MemoryBackend) GetTorExitCount() (int, error)

func (*MemoryBackend) IncrementConnectionCount 

func (m *MemoryBackend) IncrementConnectionCount(ip string, ttl time.Duration) error

func (*MemoryBackend) IncrementErrorCount 

func (m *MemoryBackend) IncrementErrorCount(ip string, window time.Duration) error

func (*MemoryBackend) IncrementGlobalTorRequestCount 

func (m *MemoryBackend) IncrementGlobalTorRequestCount(window time.Duration) error

func (*MemoryBackend) IncrementRequestCount 

func (m *MemoryBackend) IncrementRequestCount(ip string, window time.Duration) error

func (*MemoryBackend) IsBanned 

func (m *MemoryBackend) IsBanned(ip string) (bool, time.Time, string, error)

func (*MemoryBackend) IsTorExit 

func (m *MemoryBackend) IsTorExit(ip string) (bool, error)

func (*MemoryBackend) SetTorExits 

func (m *MemoryBackend) SetTorExits(ips []string, ttl time.Duration) error

func (*MemoryBackend) UnbanIP 

func (m *MemoryBackend) UnbanIP(ip string) error

type MemoryConfig 

type MemoryConfig struct {
}

MemoryConfig represents memory backend configuration

type RateLimitMetrics 

type RateLimitMetrics struct {
	ViolationsTotal *prometheus.CounterVec
	BannedIPs       *prometheus.GaugeVec
	TrackedIPs      prometheus.Gauge
	TorExitCount    prometheus.Gauge
	BackendDuration *prometheus.HistogramVec
}

RateLimitMetrics represents Prometheus metrics for rate limiting

type RateLimiter 

type RateLimiter struct {
	// contains filtered or unexported fields
}

RateLimiter represents the main rate limiting system

func New 

func New(config Config) (*RateLimiter, error)

New creates a new rate limiter

func (*RateLimiter) CheckConnectionLimit 

func (rl *RateLimiter) CheckConnectionLimit(ip string) (bool, string)

CheckConnectionLimit checks if a connection should be allowed

func (*RateLimiter) CheckRequestLimit 

func (rl *RateLimiter) CheckRequestLimit(ip string, r *http.Request) (bool, string)

CheckRequestLimit checks if a request should be allowed

func (*RateLimiter) GetStats 

func (rl *RateLimiter) GetStats() (BackendStats, error)

GetStats returns current rate limiting statistics

func (*RateLimiter) IsWhitelisted 

func (rl *RateLimiter) IsWhitelisted(ip string) bool

IsWhitelisted checks if an IP is whitelisted

func (*RateLimiter) Middleware 

func (rl *RateLimiter) Middleware() func(http.Handler) http.Handler

Middleware creates an HTTP middleware for rate limiting

func (*RateLimiter) OnConnection 

func (rl *RateLimiter) OnConnection(ip string)

OnConnection tracks a new connection

func (*RateLimiter) OnConnectionClose 

func (rl *RateLimiter) OnConnectionClose(ip string)

OnConnectionClose tracks a closed connection

func (*RateLimiter) OnHTTPError 

func (rl *RateLimiter) OnHTTPError(ip string, statusCode int)

OnHTTPError tracks an HTTP error

func (*RateLimiter) SetResponseHeaders 

func (rl *RateLimiter) SetResponseHeaders(w http.ResponseWriter, ip string, banned bool, banReason string, banDuration time.Duration)

SetResponseHeaders sets rate limiting headers on HTTP responses

func (*RateLimiter) Start 

func (rl *RateLimiter) Start()

Start starts the rate limiter background tasks

func (*RateLimiter) Stop 

func (rl *RateLimiter) Stop()

Stop stops the rate limiter background tasks

type RedisBackend 

type RedisBackend struct {
	// contains filtered or unexported fields
}

RedisBackend implements the Backend interface using Redis storage

func NewRedisBackend 

func NewRedisBackend(config RedisConfig) (*RedisBackend, error)

NewRedisBackend creates a new Redis backend

func (*RedisBackend) BanIP 

func (r *RedisBackend) BanIP(ip string, duration time.Duration, reason string) error

func (*RedisBackend) Cleanup 

func (r *RedisBackend) Cleanup(ctx context.Context) error

func (*RedisBackend) Close 

func (r *RedisBackend) Close() error

func (*RedisBackend) DecrementConnectionCount 

func (r *RedisBackend) DecrementConnectionCount(ip string) error

func (*RedisBackend) GetConnectionCount 

func (r *RedisBackend) GetConnectionCount(ip string) (int, error)

func (*RedisBackend) GetErrorCount 

func (r *RedisBackend) GetErrorCount(ip string, window time.Duration) (int, error)

func (*RedisBackend) GetGlobalTorRequestCount 

func (r *RedisBackend) GetGlobalTorRequestCount(window time.Duration) (int, error)

func (*RedisBackend) GetRequestCount 

func (r *RedisBackend) GetRequestCount(ip string, window time.Duration) (int, error)

func (*RedisBackend) GetStats 

func (r *RedisBackend) GetStats() (BackendStats, error)

func (*RedisBackend) GetTorExitCount 

func (r *RedisBackend) GetTorExitCount() (int, error)

func (*RedisBackend) IncrementConnectionCount 

func (r *RedisBackend) IncrementConnectionCount(ip string, ttl time.Duration) error

func (*RedisBackend) IncrementErrorCount 

func (r *RedisBackend) IncrementErrorCount(ip string, window time.Duration) error

func (*RedisBackend) IncrementGlobalTorRequestCount 

func (r *RedisBackend) IncrementGlobalTorRequestCount(window time.Duration) error

func (*RedisBackend) IncrementRequestCount 

func (r *RedisBackend) IncrementRequestCount(ip string, window time.Duration) error

func (*RedisBackend) IsBanned 

func (r *RedisBackend) IsBanned(ip string) (bool, time.Time, string, error)

func (*RedisBackend) IsTorExit 

func (r *RedisBackend) IsTorExit(ip string) (bool, error)

func (*RedisBackend) SetTorExits 

func (r *RedisBackend) SetTorExits(ips []string, ttl time.Duration) error

func (*RedisBackend) UnbanIP 

func (r *RedisBackend) UnbanIP(ip string) error

type RedisConfig 

type RedisConfig struct {
	Addr         string        `toml:"addr"`
	Password     string        `toml:"password"`
	DB           int           `toml:"db"`
	PoolSize     int           `toml:"poolSize"`
	DialTimeout  time.Duration `toml:"dialTimeout"`
	ReadTimeout  time.Duration `toml:"readTimeout"`
	WriteTimeout time.Duration `toml:"writeTimeout"`
	KeyPrefix    string        `toml:"keyPrefix"`
	TTL          time.Duration `toml:"ttl"`
	MaxRetries   int           `toml:"maxRetries"`
}

RedisConfig represents Redis backend configuration

type TorConfig 

type TorConfig struct {
	Enabled                   bool          `toml:"enabled"`
	MaxRequestsPerConnection  int           `toml:"maxRequestsPerConnection"`
	MaxConcurrentConnections  int           `toml:"maxConcurrentConnections"`
	ConnectionRate            int           `toml:"connectionRate"`
	ConnectionRateWindow      time.Duration `toml:"connectionRateWindow"`
	BanDuration               time.Duration `toml:"banDuration"`
	RepeatOffenderBanDuration time.Duration `toml:"repeatOffenderBanDuration"`
	ExitNodeListURL           string        `toml:"exitNodeListURL"`
	UpdateInterval            time.Duration `toml:"updateInterval"`
	CacheFilePath             string        `toml:"cacheFilePath"`
	UserAgent                 string        `toml:"userAgent"`

	// Global Tor rate limiting
	GlobalRateLimit   bool          `toml:"globalRateLimit"`
	GlobalRequestRate int           `toml:"globalRequestRate"`
	GlobalRateWindow  time.Duration `toml:"globalRateWindow"`
	GlobalBanDuration time.Duration `toml:"globalBanDuration"`
}

TorConfig represents Tor-specific configuration

type TorExitUpdater 

type TorExitUpdater struct {
	// contains filtered or unexported fields
}

TorExitUpdater manages Tor exit node list updates

func NewTorExitUpdater 

func NewTorExitUpdater(config TorConfig, backend Backend) *TorExitUpdater

NewTorExitUpdater creates a new Tor exit updater

func (*TorExitUpdater) ClearCache 

func (t *TorExitUpdater) ClearCache() error

ClearCache removes the cache file

func (*TorExitUpdater) ForceUpdate 

func (t *TorExitUpdater) ForceUpdate() error

ForceUpdate forces an immediate update of the Tor exit list

func (*TorExitUpdater) GetCacheInfo 

func (t *TorExitUpdater) GetCacheInfo() (*CacheInfo, error)

GetCacheInfo returns information about the cache file

func (*TorExitUpdater) Run 

func (t *TorExitUpdater) Run() error

Run starts the Tor exit updater background task

func (*TorExitUpdater) SetDataDir 

func (t *TorExitUpdater) SetDataDir(dataDir string)

SetDataDir sets the data directory for cache files

func (*TorExitUpdater) Stop 

func (t *TorExitUpdater) Stop()

Stop stops the Tor exit updater

type WhitelistConfig 

type WhitelistConfig struct {
	IPs []string `toml:"ips"`
}

WhitelistConfig represents whitelist configuration

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.