2016-01-07 05:26:29 +01:00
|
|
|
# Copyright 2014-2016 OpenMarket Ltd
|
2014-09-03 10:43:11 +02:00
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
|
2014-09-02 19:00:15 +02:00
|
|
|
from ._base import Config
|
|
|
|
|
2014-10-30 12:10:17 +01:00
|
|
|
|
2019-03-15 18:46:16 +01:00
|
|
|
class RateLimitConfig(object):
|
|
|
|
def __init__(self, config):
|
|
|
|
self.per_second = config.get("per_second", 0.17)
|
|
|
|
self.burst_count = config.get("burst_count", 3.0)
|
|
|
|
|
|
|
|
|
2014-09-02 19:00:15 +02:00
|
|
|
class RatelimitConfig(Config):
|
|
|
|
|
2015-04-30 05:24:44 +02:00
|
|
|
def read_config(self, config):
|
2019-03-19 11:06:40 +01:00
|
|
|
self.rc_messages_per_second = config.get("rc_messages_per_second", 0.2)
|
|
|
|
self.rc_message_burst_count = config.get("rc_message_burst_count", 10.0)
|
2014-09-02 19:00:15 +02:00
|
|
|
|
2019-03-15 18:46:16 +01:00
|
|
|
self.rc_registration = RateLimitConfig(config.get("rc_registration", {}))
|
|
|
|
|
|
|
|
rc_login_config = config.get("rc_login", {})
|
|
|
|
self.rc_login_address = RateLimitConfig(rc_login_config.get("address", {}))
|
|
|
|
self.rc_login_account = RateLimitConfig(rc_login_config.get("account", {}))
|
2019-03-18 13:57:20 +01:00
|
|
|
self.rc_login_failed_attempts = RateLimitConfig(
|
|
|
|
rc_login_config.get("failed_attempts", {}),
|
|
|
|
)
|
2019-03-15 18:46:16 +01:00
|
|
|
|
2019-03-19 11:06:40 +01:00
|
|
|
self.federation_rc_window_size = config.get("federation_rc_window_size", 1000)
|
|
|
|
self.federation_rc_sleep_limit = config.get("federation_rc_sleep_limit", 10)
|
|
|
|
self.federation_rc_sleep_delay = config.get("federation_rc_sleep_delay", 500)
|
|
|
|
self.federation_rc_reject_limit = config.get("federation_rc_reject_limit", 50)
|
|
|
|
self.federation_rc_concurrent = config.get("federation_rc_concurrent", 3)
|
2015-03-02 12:33:45 +01:00
|
|
|
|
2019-03-20 17:02:25 +01:00
|
|
|
self.federation_rr_transactions_per_room_per_second = config.get(
|
|
|
|
"federation_rr_transactions_per_room_per_second", 50,
|
|
|
|
)
|
|
|
|
|
2015-09-22 13:57:40 +02:00
|
|
|
def default_config(self, **kwargs):
|
2015-04-30 05:24:44 +02:00
|
|
|
return """\
|
|
|
|
## Ratelimiting ##
|
2015-03-02 12:33:45 +01:00
|
|
|
|
2015-04-30 05:24:44 +02:00
|
|
|
# Number of messages a client can send per second
|
2019-02-19 14:54:29 +01:00
|
|
|
#
|
2019-03-19 11:06:40 +01:00
|
|
|
#rc_messages_per_second: 0.2
|
2015-03-02 12:33:45 +01:00
|
|
|
|
2015-04-30 05:24:44 +02:00
|
|
|
# Number of message a client can send before being throttled
|
2019-02-19 14:54:29 +01:00
|
|
|
#
|
2019-03-19 11:06:40 +01:00
|
|
|
#rc_message_burst_count: 10.0
|
2015-03-02 12:33:45 +01:00
|
|
|
|
2019-03-15 18:46:16 +01:00
|
|
|
# Ratelimiting settings for registration and login.
|
|
|
|
#
|
|
|
|
# Each ratelimiting configuration is made of two parameters:
|
|
|
|
# - per_second: number of requests a client can send per second.
|
|
|
|
# - burst_count: number of requests a client can send before being throttled.
|
|
|
|
#
|
|
|
|
# Synapse currently uses the following configurations:
|
|
|
|
# - one for registration that ratelimits registration requests based on the
|
|
|
|
# client's IP address.
|
|
|
|
# - one for login that ratelimits login requests based on the client's IP
|
|
|
|
# address.
|
|
|
|
# - one for login that ratelimits login requests based on the account the
|
|
|
|
# client is attempting to log into.
|
2019-03-18 13:57:20 +01:00
|
|
|
# - one for login that ratelimits login requests based on the account the
|
|
|
|
# client is attempting to log into, based on the amount of failed login
|
|
|
|
# attempts for this account.
|
2019-03-15 18:46:16 +01:00
|
|
|
#
|
|
|
|
# The defaults are as shown below.
|
|
|
|
#
|
|
|
|
#rc_registration:
|
|
|
|
# per_second: 0.17
|
|
|
|
# burst_count: 3
|
|
|
|
#
|
|
|
|
#rc_login:
|
|
|
|
# address:
|
|
|
|
# per_second: 0.17
|
|
|
|
# burst_count: 3
|
|
|
|
# account:
|
|
|
|
# per_second: 0.17
|
|
|
|
# burst_count: 3
|
2019-03-18 13:57:20 +01:00
|
|
|
# failed_attempts:
|
|
|
|
# per_second: 0.17
|
|
|
|
# burst_count: 3
|
2019-03-15 18:46:16 +01:00
|
|
|
|
2015-04-30 05:24:44 +02:00
|
|
|
# The federation window size in milliseconds
|
2019-02-19 14:54:29 +01:00
|
|
|
#
|
2019-03-19 11:06:40 +01:00
|
|
|
#federation_rc_window_size: 1000
|
2015-03-02 12:33:45 +01:00
|
|
|
|
2015-04-30 05:24:44 +02:00
|
|
|
# The number of federation requests from a single server in a window
|
|
|
|
# before the server will delay processing the request.
|
2019-02-19 14:54:29 +01:00
|
|
|
#
|
2019-03-19 11:06:40 +01:00
|
|
|
#federation_rc_sleep_limit: 10
|
2015-03-02 12:33:45 +01:00
|
|
|
|
2015-04-30 05:24:44 +02:00
|
|
|
# The duration in milliseconds to delay processing events from
|
|
|
|
# remote servers by if they go over the sleep limit.
|
2019-02-19 14:54:29 +01:00
|
|
|
#
|
2019-03-19 11:06:40 +01:00
|
|
|
#federation_rc_sleep_delay: 500
|
2015-04-30 05:24:44 +02:00
|
|
|
|
|
|
|
# The maximum number of concurrent federation requests allowed
|
|
|
|
# from a single server
|
2019-02-19 14:54:29 +01:00
|
|
|
#
|
2019-03-19 11:06:40 +01:00
|
|
|
#federation_rc_reject_limit: 50
|
2015-04-30 05:24:44 +02:00
|
|
|
|
|
|
|
# The number of federation requests to concurrently process from a
|
|
|
|
# single server
|
2019-02-19 14:54:29 +01:00
|
|
|
#
|
2019-03-19 11:06:40 +01:00
|
|
|
#federation_rc_concurrent: 3
|
2019-03-20 17:02:25 +01:00
|
|
|
|
|
|
|
# Target outgoing federation transaction frequency for sending read-receipts,
|
|
|
|
# per-room.
|
|
|
|
#
|
|
|
|
# If we end up trying to send out more read-receipts, they will get buffered up
|
|
|
|
# into fewer transactions.
|
|
|
|
#
|
|
|
|
#federation_rr_transactions_per_room_per_second: 50
|
2015-04-30 05:24:44 +02:00
|
|
|
"""
|