From 09e08f5567c9b15467f319b804da536dabf53d9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Cichowski?= Date: Fri, 29 Jul 2022 10:12:15 +0200 Subject: [PATCH 1/9] restServer/restServer.go: add rate limiting --- pkg/restServer/restServer.go | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/pkg/restServer/restServer.go b/pkg/restServer/restServer.go index b618b98..745b3f7 100644 --- a/pkg/restServer/restServer.go +++ b/pkg/restServer/restServer.go @@ -19,6 +19,8 @@ import ( "time" "github.com/gorilla/mux" + "github.com/throttled/throttled/v2" + "github.com/throttled/throttled/v2/store/memstore" ) const restPrefix = "/api/v1" @@ -422,6 +424,23 @@ func Start(address, webDir string, g *gpioControl.Gpio, f *flashromControl.Flash log.Fatal(err) } + store, err := memstore.New(65536) + if err != nil { + log.Fatal(err) + } + quota := throttled.RateQuota{ + MaxRate: throttled.PerSec(10), + MaxBurst: 5, + } + rateLimiter, err := throttled.NewGCRARateLimiter(store, quota) + if err != nil { + log.Fatal(err) + } + httpRateLimiter := throttled.HTTPRateLimiter{ + RateLimiter: rateLimiter, + VaryBy: &throttled.VaryBy{Path: true}, + } + router := mux.NewRouter() router.Handle("/", fs).Methods("GET") for _, file := range files { @@ -441,5 +460,5 @@ func Start(address, webDir string, g *gpioControl.Gpio, f *flashromControl.Flash router.HandleFunc(restPrefix+"/flash", logFunc(startFlashing)).Methods("PUT") router.HandleFunc(restPrefix+"/flash", logFunc(getFlashingState)).Methods("GET") - http.ListenAndServe(address, router) + http.ListenAndServe(address, httpRateLimiter.RateLimit(router)) } From 33683523aafcf0adcad50a7a2909c2a170befdaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Cichowski?= Date: Mon, 1 Aug 2022 11:46:26 +0200 Subject: [PATCH 2/9] restServer/restServer.go: change throttled dependency path --- pkg/restServer/restServer.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/restServer/restServer.go b/pkg/restServer/restServer.go index 745b3f7..a403258 100644 --- a/pkg/restServer/restServer.go +++ b/pkg/restServer/restServer.go @@ -19,8 +19,8 @@ import ( "time" "github.com/gorilla/mux" - "github.com/throttled/throttled/v2" - "github.com/throttled/throttled/v2/store/memstore" + "github.com/throttled/throttled" + "github.com/throttled/throttled/store/memstore" ) const restPrefix = "/api/v1" From ee17509fb4c2f0fe4c69d986f05309e08ee15a1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Cichowski?= Date: Mon, 1 Aug 2022 11:59:26 +0200 Subject: [PATCH 3/9] restServer/restServer.go: add hashicorp golang-lru dependency --- pkg/restServer/restServer.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkg/restServer/restServer.go b/pkg/restServer/restServer.go index a403258..7e5ee32 100644 --- a/pkg/restServer/restServer.go +++ b/pkg/restServer/restServer.go @@ -19,8 +19,9 @@ import ( "time" "github.com/gorilla/mux" - "github.com/throttled/throttled" - "github.com/throttled/throttled/store/memstore" + "github.com/throttled/throttled/v2" + "github.com/throttled/throttled/v2/store/memstore" + "github.com/hashicorp/golang-lru" ) const restPrefix = "/api/v1" From 100ca5c15bc802320511b4a923a0c8a0e94c4807 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Cichowski?= Date: Mon, 1 Aug 2022 12:14:39 +0200 Subject: [PATCH 4/9] restServer/restServer.go: remove unused import --- pkg/restServer/restServer.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/restServer/restServer.go b/pkg/restServer/restServer.go index 7e5ee32..c0c3d79 100644 --- a/pkg/restServer/restServer.go +++ b/pkg/restServer/restServer.go @@ -21,7 +21,7 @@ import ( "github.com/gorilla/mux" "github.com/throttled/throttled/v2" "github.com/throttled/throttled/v2/store/memstore" - "github.com/hashicorp/golang-lru" + _ "github.com/hashicorp/golang-lru" ) const restPrefix = "/api/v1" From 3fdbd32906d49d571854ea8604266f18b2795dd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Cichowski?= Date: Mon, 1 Aug 2022 12:17:19 +0200 Subject: [PATCH 5/9] restServer/restServer.go: remove meta-rte build dependency from imports --- pkg/restServer/restServer.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/restServer/restServer.go b/pkg/restServer/restServer.go index c0c3d79..745b3f7 100644 --- a/pkg/restServer/restServer.go +++ b/pkg/restServer/restServer.go @@ -21,7 +21,6 @@ import ( "github.com/gorilla/mux" "github.com/throttled/throttled/v2" "github.com/throttled/throttled/v2/store/memstore" - _ "github.com/hashicorp/golang-lru" ) const restPrefix = "/api/v1" From 8d462fd48da013412d0e280668afe3e0bdf15980 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Cichowski?= Date: Mon, 1 Aug 2022 14:31:37 +0200 Subject: [PATCH 6/9] main.go: bump to 0.5.3 --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index 8d6f511..fe62233 100644 --- a/main.go +++ b/main.go @@ -10,7 +10,7 @@ import ( "time" ) -var version = "0.5.2" +var version = "0.5.3" // Flags var ( From 130fd54247bc526bd0d780c50caa48edfa7f081a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Cichowski?= Date: Mon, 1 Aug 2022 14:39:31 +0200 Subject: [PATCH 7/9] CHANGELOG.md: bump to 0.5.3 --- CHANGELOG.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e98c825..fa86a54 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/). ## [Unreleased] +## [0.5.3] - 2022-08-01 + +## Added + +- Limiting HTTP request rate + ## [0.5.2] - 2022-07-08 ### Added @@ -28,7 +34,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/). - introduced Makefile - first public release -[Unreleased]: https://github.com/3mdeb/RteCtrl/compare/0.5.2...HEAD +[Unreleased]: https://github.com/3mdeb/RteCtrl/compare/0.5.3...HEAD +[0.5.3]: https://github.com/3mdeb/RteCtrl/compare/0.5.2...0.5.3 [0.5.2]: https://github.com/3mdeb/RteCtrl/compare/0.5.1...0.5.2 [0.5.1]: https://github.com/3mdeb/RteCtrl/compare/0.5.0...0.5.1 [0.5.0]: https://github.com/3mdeb/RteCtrl/compare/5a814faf0c2a588c5a7ff42b849147c0cbacff1e...0.5.1 From 1ffea75450bc4dde1606dc954221e61c9712c47e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tomasz=20=C5=BByjewski?= Date: Tue, 16 Aug 2022 11:57:27 +0200 Subject: [PATCH 8/9] restServer: restServer.go: set MaxRate to 5 per second MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomasz Żyjewski --- pkg/restServer/restServer.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/restServer/restServer.go b/pkg/restServer/restServer.go index 745b3f7..4bf56ed 100644 --- a/pkg/restServer/restServer.go +++ b/pkg/restServer/restServer.go @@ -429,7 +429,7 @@ func Start(address, webDir string, g *gpioControl.Gpio, f *flashromControl.Flash log.Fatal(err) } quota := throttled.RateQuota{ - MaxRate: throttled.PerSec(10), + MaxRate: throttled.PerSec(5), MaxBurst: 5, } rateLimiter, err := throttled.NewGCRARateLimiter(store, quota) From 1df61ecd830561953a7d7bf633c6b24519453911 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tomasz=20=C5=BByjewski?= Date: Tue, 16 Aug 2022 11:57:33 +0200 Subject: [PATCH 9/9] main.go: bump to 0.5.3-rc2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tomasz Żyjewski --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index fe62233..b96492e 100644 --- a/main.go +++ b/main.go @@ -10,7 +10,7 @@ import ( "time" ) -var version = "0.5.3" +var version = "0.5.3-rc2" // Flags var (