Mercurial > hg > nginx
comparison src/http/v3/ngx_http_v3.h @ 8881:72b304f6207c quic
HTTP/3: traffic-based flood detection.
With this patch, all traffic over HTTP/3 bidi and uni streams is counted in
the h3c->total_bytes field, and payload traffic is counted in the
h3c->payload_bytes field. As long as total traffic is many times larger than
payload traffic, we consider this to be a flood.
Request header traffic is counted as if all fields are literal. Response
header traffic is counted as is.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Thu, 07 Oct 2021 13:22:42 +0300 |
parents | 4f922f611135 |
children | 0d3bf08eaac0 |
comparison
equal
deleted
inserted
replaced
8880:a09bcc304eef | 8881:72b304f6207c |
---|---|
126 ngx_uint_t npushing; | 126 ngx_uint_t npushing; |
127 uint64_t next_push_id; | 127 uint64_t next_push_id; |
128 uint64_t max_push_id; | 128 uint64_t max_push_id; |
129 uint64_t goaway_push_id; | 129 uint64_t goaway_push_id; |
130 | 130 |
131 off_t total_bytes; | |
132 off_t payload_bytes; | |
133 | |
131 ngx_uint_t goaway; /* unsigned goaway:1; */ | 134 ngx_uint_t goaway; /* unsigned goaway:1; */ |
132 | 135 |
133 ngx_connection_t *known_streams[NGX_HTTP_V3_MAX_KNOWN_STREAM]; | 136 ngx_connection_t *known_streams[NGX_HTTP_V3_MAX_KNOWN_STREAM]; |
134 }; | 137 }; |
135 | 138 |
136 | 139 |
137 void ngx_http_v3_init(ngx_connection_t *c); | 140 void ngx_http_v3_init(ngx_connection_t *c); |
138 ngx_int_t ngx_http_v3_init_session(ngx_connection_t *c); | 141 ngx_int_t ngx_http_v3_init_session(ngx_connection_t *c); |
142 ngx_int_t ngx_http_v3_check_flood(ngx_connection_t *c); | |
139 | 143 |
140 ngx_int_t ngx_http_v3_read_request_body(ngx_http_request_t *r); | 144 ngx_int_t ngx_http_v3_read_request_body(ngx_http_request_t *r); |
141 ngx_int_t ngx_http_v3_read_unbuffered_request_body(ngx_http_request_t *r); | 145 ngx_int_t ngx_http_v3_read_unbuffered_request_body(ngx_http_request_t *r); |
142 | 146 |
143 | 147 |