mirror of
https://github.com/getnamingo/registry.git
synced 2025-08-05 01:01:30 +02:00
Added optional rate limiting for services
This commit is contained in:
parent
b0f63ffb25
commit
b3113da4f4
15 changed files with 110 additions and 13 deletions
|
@ -20,6 +20,7 @@ use Swoole\Table;
|
|||
use Swoole\Timer;
|
||||
use Swoole\Coroutine\Server;
|
||||
use Swoole\Coroutine\Server\Connection;
|
||||
use Namingo\Rately\Rately;
|
||||
|
||||
$table = new Table(1024);
|
||||
$table->column('clid', Table::TYPE_STRING, 64);
|
||||
|
@ -64,9 +65,11 @@ $server->set([
|
|||
'ssl_protocols' => SWOOLE_SSL_TLSv1_2 | SWOOLE_SSL_TLSv1_3,
|
||||
'ssl_ciphers' => 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384',
|
||||
]);
|
||||
|
||||
$rateLimiter = new Rately();
|
||||
$log->info('Namingo EPP server started');
|
||||
|
||||
$server->handle(function (Connection $conn) use ($table, $pool, $c, $log, $permittedIPsTable) {
|
||||
$server->handle(function (Connection $conn) use ($table, $pool, $c, $log, $permittedIPsTable, $rateLimiter) {
|
||||
// Get the client information
|
||||
$clientInfo = $conn->exportSocket()->getpeername();
|
||||
$clientIP = $clientInfo['address'] ?? '';
|
||||
|
@ -77,7 +80,13 @@ $server->handle(function (Connection $conn) use ($table, $pool, $c, $log, $permi
|
|||
$conn->close();
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
if (($c['rately'] == true) && ($rateLimiter->isRateLimited('epp', $clientIP, $c['limit'], $c['period']))) {
|
||||
$log->error('rate limit exceeded for ' . $clientIP);
|
||||
$conn->close();
|
||||
return;
|
||||
}
|
||||
|
||||
$log->info('new client from ' . $clientIP . ' connected');
|
||||
sendGreeting($conn);
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue