mirror of
https://github.com/netbirdio/netbird.git
synced 2025-06-21 18:22:37 +02:00
added reset for meta with different fields
This commit is contained in:
parent
660388889a
commit
6d9cbd5831
@ -14,7 +14,7 @@ const (
|
|||||||
reconnThreshold = 5 * time.Minute
|
reconnThreshold = 5 * time.Minute
|
||||||
blockDuration = 10 * time.Minute // Duration for which a peer is banned after exceeding the reconnection limit
|
blockDuration = 10 * time.Minute // Duration for which a peer is banned after exceeding the reconnection limit
|
||||||
reconnLimitForBan = 30 // Number of reconnections within the reconnTreshold that triggers a ban
|
reconnLimitForBan = 30 // Number of reconnections within the reconnTreshold that triggers a ban
|
||||||
differentMetaReconnects = 3 // Number of reconnections with different metadata that triggers a ban of one peer
|
metaChangeLim = 3 // Number of reconnections with different metadata that triggers a ban of one peer
|
||||||
)
|
)
|
||||||
|
|
||||||
type config struct {
|
type config struct {
|
||||||
@ -22,7 +22,7 @@ type config struct {
|
|||||||
reconnThreshold time.Duration
|
reconnThreshold time.Duration
|
||||||
blockDuration time.Duration
|
blockDuration time.Duration
|
||||||
reconnLimitForBan int
|
reconnLimitForBan int
|
||||||
differentMetaReconnects int
|
metaChangeLim int
|
||||||
}
|
}
|
||||||
|
|
||||||
type loginFilter struct {
|
type loginFilter struct {
|
||||||
@ -45,7 +45,7 @@ func initCfg() *config {
|
|||||||
reconnThreshold: reconnThreshold,
|
reconnThreshold: reconnThreshold,
|
||||||
blockDuration: blockDuration,
|
blockDuration: blockDuration,
|
||||||
reconnLimitForBan: reconnLimitForBan,
|
reconnLimitForBan: reconnLimitForBan,
|
||||||
differentMetaReconnects: differentMetaReconnects,
|
metaChangeLim: metaChangeLim,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -64,7 +64,7 @@ func (l *loginFilter) addLogin(wgPubKey string, metaHash uint64) {
|
|||||||
l.mu.Lock()
|
l.mu.Lock()
|
||||||
defer l.mu.Unlock()
|
defer l.mu.Unlock()
|
||||||
mh, ok := l.logged[wgPubKey]
|
mh, ok := l.logged[wgPubKey]
|
||||||
if !ok || mh.banned {
|
if !ok || mh.banned || (mh.hash != metaHash && mh.counter > l.cfg.metaChangeLim) {
|
||||||
mh = metahash{
|
mh = metahash{
|
||||||
hash: metaHash,
|
hash: metaHash,
|
||||||
firstLogin: time.Now(),
|
firstLogin: time.Now(),
|
||||||
@ -89,7 +89,7 @@ func (l *loginFilter) allowLogin(wgPubKey string, metaHash uint64) bool {
|
|||||||
if mh.banned && time.Since(mh.lastSeen) < l.cfg.blockDuration {
|
if mh.banned && time.Since(mh.lastSeen) < l.cfg.blockDuration {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
if mh.hash != metaHash && time.Since(mh.lastSeen) < l.cfg.filterTimeout && mh.counter > l.cfg.differentMetaReconnects {
|
if mh.hash != metaHash && time.Since(mh.lastSeen) < l.cfg.filterTimeout && mh.counter > l.cfg.metaChangeLim {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
return true
|
return true
|
||||||
|
@ -18,7 +18,7 @@ func testCfg() *config {
|
|||||||
reconnThreshold: 50 * time.Millisecond,
|
reconnThreshold: 50 * time.Millisecond,
|
||||||
blockDuration: 100 * time.Millisecond,
|
blockDuration: 100 * time.Millisecond,
|
||||||
reconnLimitForBan: 3,
|
reconnLimitForBan: 3,
|
||||||
differentMetaReconnects: 1,
|
metaChangeLim: 1,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -100,7 +100,7 @@ func (s *LoginFilterTestSuite) TestDifferentHashIsBlockedWhenActive() {
|
|||||||
meta1 := uint64(23424223423)
|
meta1 := uint64(23424223423)
|
||||||
meta2 := uint64(99878798987987)
|
meta2 := uint64(99878798987987)
|
||||||
|
|
||||||
for range s.filter.cfg.differentMetaReconnects {
|
for range s.filter.cfg.metaChangeLim {
|
||||||
s.filter.addLogin(pubKey, meta1)
|
s.filter.addLogin(pubKey, meta1)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user