Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add per IP rate limitting #17

Merged
merged 3 commits into from
Jun 3, 2024
Merged

Conversation

vpavlin
Copy link
Member

@vpavlin vpavlin commented May 29, 2024

Since we don't have any authentication (and don't realyl want to), we should at least have ability to rate limit the requests towards the Telemetry service.

This is a first minimalist attempt to do this - it adds per IP (based on RemoteAddr) rate limiters - currently set to 10 requests per second per IP.

It also cleans up existing rate limiters after not being used for an hour

WDYT @richard-ramos ?

Copy link
Member

@richard-ramos richard-ramos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀

rl.lock.Lock()
defer rl.lock.Unlock()

delete(rl.limiters, ip)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As described in golang/go#20135 , maps do not shrink when deleting elements, so we might possible run into a slow memleak here. Consider using something like https://github.com/go-auxiliaries/shrinking-map

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, good to know:) I'll switch to that implementation

@vpavlin
Copy link
Member Author

vpavlin commented May 30, 2024

Switched to the shrinking-map - notice I had to bump the golang version in go.mod as the package uses generics.

It would be probably best to first merge #18, so that I can lean on the logger added there

@vpavlin vpavlin force-pushed the feat/add-ratelimiter branch from bc48b30 to 443814e Compare May 30, 2024 05:03
@vpavlin vpavlin force-pushed the feat/add-ratelimiter branch 2 times, most recently from 5e42c90 to a8fcc7d Compare June 3, 2024 13:01
@vpavlin vpavlin force-pushed the feat/add-ratelimiter branch from a8fcc7d to 296d312 Compare June 3, 2024 13:02
@vpavlin vpavlin merged commit 1ca9526 into status-im:master Jun 3, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants