-
Notifications
You must be signed in to change notification settings - Fork 209
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: PRT - Websocket limited per ip (#1738)
* feat: PRT - websocket limited per ip * feature complete. * adding websocket limiter * remove logs * lintush * add rate limit header allowing us to set rate limit using the first connection request from ngnix without limiting everyone the same. * fix lintushiush * feat: added new websocket connection limit from ngnix headers * v4 lint * fixed * add user agent * setting user agent and better disconnection limit * increasing protocol version * adding unitest * max idle duration for ws connections * Fix lint * CR Fix: Close the go routine on connection close * CR Fix: Update the idleFor after we get a message from subscription * CR Fix: Rename function * combine the go routines in websocket checks --------- Co-authored-by: Elad Gildnur <[email protected]> Co-authored-by: omerlavanet <[email protected]>
- Loading branch information
1 parent
34d7c4e
commit 098c7a7
Showing
10 changed files
with
425 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,117 @@ | ||
package chainlib | ||
|
||
import ( | ||
"net" | ||
"testing" | ||
|
||
"github.com/golang/mock/gomock" | ||
"github.com/lavanet/lava/v4/protocol/common" | ||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func TestWebsocketConnectionLimiter(t *testing.T) { | ||
tests := []struct { | ||
name string | ||
connectionLimit int64 | ||
headerLimit int64 | ||
ipAddress string | ||
forwardedIP string | ||
userAgent string | ||
expectSuccess []bool | ||
}{ | ||
{ | ||
name: "Single connection allowed", | ||
connectionLimit: 1, | ||
headerLimit: 0, | ||
ipAddress: "127.0.0.1", | ||
forwardedIP: "", | ||
userAgent: "test-agent", | ||
expectSuccess: []bool{true}, | ||
}, | ||
{ | ||
name: "Single connection allowed", | ||
connectionLimit: 1, | ||
headerLimit: 0, | ||
ipAddress: "127.0.0.1", | ||
forwardedIP: "", | ||
userAgent: "test-agent", | ||
expectSuccess: []bool{true, false}, | ||
}, | ||
{ | ||
name: "Multiple connections allowed", | ||
connectionLimit: 2, | ||
headerLimit: 0, | ||
ipAddress: "127.0.0.1", | ||
forwardedIP: "", | ||
userAgent: "test-agent", | ||
expectSuccess: []bool{true, true}, | ||
}, | ||
{ | ||
name: "Multiple connections allowed", | ||
connectionLimit: 2, | ||
headerLimit: 0, | ||
ipAddress: "127.0.0.1", | ||
forwardedIP: "", | ||
userAgent: "test-agent", | ||
expectSuccess: []bool{true, true, false}, | ||
}, | ||
{ | ||
name: "Header limit overrides global limit succeed", | ||
connectionLimit: 3, | ||
headerLimit: 2, | ||
ipAddress: "127.0.0.1", | ||
forwardedIP: "", | ||
userAgent: "test-agent", | ||
expectSuccess: []bool{true, true}, | ||
}, | ||
{ | ||
name: "Header limit overrides global limit fail", | ||
connectionLimit: 0, | ||
headerLimit: 2, | ||
ipAddress: "127.0.0.1", | ||
forwardedIP: "", | ||
userAgent: "test-agent", | ||
expectSuccess: []bool{true, true, false}, | ||
}, | ||
} | ||
|
||
for _, tt := range tests { | ||
t.Run(tt.name, func(t *testing.T) { | ||
ctrl := gomock.NewController(t) | ||
defer ctrl.Finish() | ||
|
||
// Create a new connection limiter | ||
wcl := &WebsocketConnectionLimiter{ | ||
ipToNumberOfActiveConnections: make(map[string]int64), | ||
} | ||
|
||
// Set global connection limit for testing | ||
MaximumNumberOfParallelWebsocketConnectionsPerIp = tt.connectionLimit | ||
|
||
// Create mock websocket connection | ||
mockWsConn := NewMockWebsocketConnection(ctrl) | ||
|
||
// Set up expectations | ||
mockWsConn.EXPECT().Locals(WebSocketOpenConnectionsLimitHeader).Return(tt.headerLimit).AnyTimes() | ||
mockWsConn.EXPECT().Locals(common.IP_FORWARDING_HEADER_NAME).Return(tt.forwardedIP).AnyTimes() | ||
mockWsConn.EXPECT().Locals("User-Agent").Return(tt.userAgent).AnyTimes() | ||
mockWsConn.EXPECT().RemoteAddr().Return(&net.TCPAddr{ | ||
IP: net.ParseIP(tt.ipAddress), | ||
Port: 8080, | ||
}).AnyTimes() | ||
mockWsConn.EXPECT().WriteMessage(gomock.Any(), gomock.Any()).Do(func(messageType int, data []byte) { | ||
t.Logf("WriteMessage called with messageType: %d, data: %s", messageType, string(data)) | ||
}).AnyTimes() | ||
|
||
// Test the connection | ||
for _, expectSuccess := range tt.expectSuccess { | ||
canOpen, _ := wcl.CanOpenConnection(mockWsConn) | ||
if expectSuccess { | ||
assert.True(t, canOpen, "Expected connection to be allowed") | ||
} else { | ||
assert.False(t, canOpen, "Expected connection to be denied") | ||
} | ||
} | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.