comparison src/http/v3/ngx_http_v3.h @ 8881:72b304f6207c quic

HTTP/3: traffic-based flood detection. With this patch, all traffic over HTTP/3 bidi and uni streams is counted in the h3c->total_bytes field, and payload traffic is counted in the h3c->payload_bytes field. As long as total traffic is many times larger than payload traffic, we consider this to be a flood. Request header traffic is counted as if all fields are literal. Response header traffic is counted as is.
author Roman Arutyunyan <arut@nginx.com>
date Thu, 07 Oct 2021 13:22:42 +0300
parents 4f922f611135
children 0d3bf08eaac0
comparison
equal deleted inserted replaced
8880:a09bcc304eef 8881:72b304f6207c
126 ngx_uint_t npushing; 126 ngx_uint_t npushing;
127 uint64_t next_push_id; 127 uint64_t next_push_id;
128 uint64_t max_push_id; 128 uint64_t max_push_id;
129 uint64_t goaway_push_id; 129 uint64_t goaway_push_id;
130 130
131 off_t total_bytes;
132 off_t payload_bytes;
133
131 ngx_uint_t goaway; /* unsigned goaway:1; */ 134 ngx_uint_t goaway; /* unsigned goaway:1; */
132 135
133 ngx_connection_t *known_streams[NGX_HTTP_V3_MAX_KNOWN_STREAM]; 136 ngx_connection_t *known_streams[NGX_HTTP_V3_MAX_KNOWN_STREAM];
134 }; 137 };
135 138
136 139
137 void ngx_http_v3_init(ngx_connection_t *c); 140 void ngx_http_v3_init(ngx_connection_t *c);
138 ngx_int_t ngx_http_v3_init_session(ngx_connection_t *c); 141 ngx_int_t ngx_http_v3_init_session(ngx_connection_t *c);
142 ngx_int_t ngx_http_v3_check_flood(ngx_connection_t *c);
139 143
140 ngx_int_t ngx_http_v3_read_request_body(ngx_http_request_t *r); 144 ngx_int_t ngx_http_v3_read_request_body(ngx_http_request_t *r);
141 ngx_int_t ngx_http_v3_read_unbuffered_request_body(ngx_http_request_t *r); 145 ngx_int_t ngx_http_v3_read_unbuffered_request_body(ngx_http_request_t *r);
142 146
143 147