Mercurial > hg > nginx
comparison src/http/v3/ngx_http_v3.h @ 8881:72b304f6207c quic
HTTP/3: traffic-based flood detection.
With this patch, all traffic over HTTP/3 bidi and uni streams is counted in
the h3c->total_bytes field, and payload traffic is counted in the
h3c->payload_bytes field. As long as total traffic is many times larger than
payload traffic, we consider this to be a flood.
Request header traffic is counted as if all fields are literal. Response
header traffic is counted as is.
| author | Roman Arutyunyan <arut@nginx.com> |
|---|---|
| date | Thu, 07 Oct 2021 13:22:42 +0300 |
| parents | 4f922f611135 |
| children | 0d3bf08eaac0 |
comparison
equal
deleted
inserted
replaced
| 8880:a09bcc304eef | 8881:72b304f6207c |
|---|---|
| 126 ngx_uint_t npushing; | 126 ngx_uint_t npushing; |
| 127 uint64_t next_push_id; | 127 uint64_t next_push_id; |
| 128 uint64_t max_push_id; | 128 uint64_t max_push_id; |
| 129 uint64_t goaway_push_id; | 129 uint64_t goaway_push_id; |
| 130 | 130 |
| 131 off_t total_bytes; | |
| 132 off_t payload_bytes; | |
| 133 | |
| 131 ngx_uint_t goaway; /* unsigned goaway:1; */ | 134 ngx_uint_t goaway; /* unsigned goaway:1; */ |
| 132 | 135 |
| 133 ngx_connection_t *known_streams[NGX_HTTP_V3_MAX_KNOWN_STREAM]; | 136 ngx_connection_t *known_streams[NGX_HTTP_V3_MAX_KNOWN_STREAM]; |
| 134 }; | 137 }; |
| 135 | 138 |
| 136 | 139 |
| 137 void ngx_http_v3_init(ngx_connection_t *c); | 140 void ngx_http_v3_init(ngx_connection_t *c); |
| 138 ngx_int_t ngx_http_v3_init_session(ngx_connection_t *c); | 141 ngx_int_t ngx_http_v3_init_session(ngx_connection_t *c); |
| 142 ngx_int_t ngx_http_v3_check_flood(ngx_connection_t *c); | |
| 139 | 143 |
| 140 ngx_int_t ngx_http_v3_read_request_body(ngx_http_request_t *r); | 144 ngx_int_t ngx_http_v3_read_request_body(ngx_http_request_t *r); |
| 141 ngx_int_t ngx_http_v3_read_unbuffered_request_body(ngx_http_request_t *r); | 145 ngx_int_t ngx_http_v3_read_unbuffered_request_body(ngx_http_request_t *r); |
| 142 | 146 |
| 143 | 147 |