diff options
| author | Lukáš Ondráček <lukas.ondracek@nic.cz> | 2024-10-31 17:28:01 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vladimir.cunat@nic.cz> | 2024-11-04 14:39:46 +0100 |
| commit | 555afe84b34ca715ab7049b5adda579276bcace2 (patch) | |
| tree | 1d3e5c1c20b7625e2e3d2a96232aad52176a3454 /python | |
| parent | lib/kru: improve code formatting (diff) | |
| download | knot-resolver-555afe84b34ca715ab7049b5adda579276bcace2.tar.xz knot-resolver-555afe84b34ca715ab7049b5adda579276bcace2.zip | |
daemon/ratelimiting: add log-period and dry-run
Diffstat (limited to 'python')
| -rw-r--r-- | python/knot_resolver/datamodel/rate_limiting_schema.py | 6 | ||||
| -rw-r--r-- | python/knot_resolver/datamodel/templates/rate_limiting.lua.j2 | 4 |
2 files changed, 9 insertions, 1 deletions
diff --git a/python/knot_resolver/datamodel/rate_limiting_schema.py b/python/knot_resolver/datamodel/rate_limiting_schema.py index 1b6b46f2..d93272da 100644 --- a/python/knot_resolver/datamodel/rate_limiting_schema.py +++ b/python/knot_resolver/datamodel/rate_limiting_schema.py @@ -10,12 +10,16 @@ class RateLimitingSchema(ConfigSchema): rate_limit: Maximal number of allowed queries per second from a single host. instant_limit: Maximal number of allowed queries at a single point in time from a single host. slip: Number of restricted responses out of which one is sent as truncated, the others are dropped. + log_period: Minimal time in msec between two log messages, or zero to disable. + dry_run: Perform only classification and logging but no restrictions. """ capacity: int = 524288 rate_limit: int instant_limit: int = 50 slip: int = 2 + log_period: int = 0 + dry_run: bool = False def _validate(self) -> None: max_instant_limit = int(2**32 / 768 - 1) @@ -27,3 +31,5 @@ class RateLimitingSchema(ConfigSchema): raise ValueError("'capacity' has to be positive") if not 0 <= self.slip <= 100: raise ValueError("'slip' has to be in range 0..100") + if not 0 <= self.log_period: + raise ValueError("'log-period' has to be non-negative") diff --git a/python/knot_resolver/datamodel/templates/rate_limiting.lua.j2 b/python/knot_resolver/datamodel/templates/rate_limiting.lua.j2 index c25b5bb1..4f9547f5 100644 --- a/python/knot_resolver/datamodel/templates/rate_limiting.lua.j2 +++ b/python/knot_resolver/datamodel/templates/rate_limiting.lua.j2 @@ -6,5 +6,7 @@ assert(C.ratelimiting_init( {{ cfg.rate_limiting.capacity }}, {{ cfg.rate_limiting.instant_limit }}, {{ cfg.rate_limiting.rate_limit }}, - {{ cfg.rate_limiting.slip }}) == 0) + {{ cfg.rate_limiting.slip }}, + {{ cfg.rate_limiting.log_period }}, + {{ boolean(cfg.rate_limiting.dry_run) }}) == 0) {%- endif %} |