src/sbbs3/ratelimit.hppsr - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  src/sbbs3/ratelimit.hppsr
De:       Rob Swindell (on Windows
Data:     Thu, 5 Feb 2026 20:57:00 -0800
-----------------------------------------------------------
https://gitlab.synchro.net/main/sbbs/-/commit/bd375c1e4077420ff7f9148e
Added Files:
	src/sbbs3/ratelimit.hpp
Modified Files:
	src/sbbs3/sbbs_ini.c websrvr.cpp websrvr.h
Log Message:
Add a basic and optional rate limiter, initially just for HTTP[S] requests

This is experimental - I'm a little uneasy about the threadsafety and may need
to add some mutex protection, but testing will help to know.

I'm also a little uneasy about the memory usage. My original idea was to use
an array or vector with a element for every second in the rate limit period,
each element would be an unordered_map with the IP address as the key and the
count (of requests) in that second as the value. This would limit the memory
usage to period * IPs. The process of trimming or wrapping array to
automatically "throw out" seconds beyond the rate limit period wasn't clear
to me yet.

However, as I started to type the implementation, Co-pilot recommended this
approach which simplier: it uses an unordered_map with the IP for the key, but
the value is an array of times of each request from each client. So the
memory requirements are IPs * max_requests_per_period * period. It's still
bounded, but a larger possible total amount of memory required. The cleanup
operation is now clear though and Co-pilot implemented that for me as well.

Enable this feature by setting in the following keys in the [Web] section of
ctrl/sbbs.ini:
 - MaxRequestPerPeriod
 - RequestRateLimitPeriod

e.g. setting MaxRequestPerPeriod to 1000 and RequestRateLimitPeriod to 600
would set the maximum request rate to 1000 requests per 10 minutes.

If this works well, we can use this same rate limiter for other actions
(e.g. connections) and servers and could have separate rate limits for
authenticated versus unauthenticated users, apply whitelists, etc.
n
---
  mSynchronetn  hgVertrauen n hHome of Synchronet n gh[vert/cvs/bbs].synchro.net

-----------------------------------------------------------
[Voltar]