prosody/plugins/mod_limits.lua

-- Because we deal with pre-authed sessions and streams we can't be host-specific
module:set_global();

local filters = require "prosody.util.filters";
local throttle = require "prosody.util.throttle";
local timer = require "prosody.util.timer";
local ceil = math.ceil;

local limits_cfg = module:get_option("limits", {});
local limits_resolution = module:get_option_period("limits_resolution", 1);

local default_bytes_per_second = 3000;
local default_burst = 2;

local rate_units = { b = 1, k = 3, m = 6, g = 9, t = 12 } -- Plan for the future.
local function parse_rate(rate, sess_type)
	local quantity, unit, exp;
	if rate then
		quantity, unit = rate:match("^(%d+) ?([^/]+)/s$");
		exp = quantity and rate_units[unit:sub(1,1):lower()];
	end
	if not exp then
		module:log("error", "Error parsing rate for %s: %q, using default rate (%d bytes/s)", sess_type, rate, default_bytes_per_second);
		return default_bytes_per_second;
	end
	return quantity*(10^exp);
end

local function parse_burst(burst, sess_type)
	if type(burst) == "string" then
		burst = burst:match("^(%d+) ?s$");
	end
	local n_burst = tonumber(burst);
	if burst and not n_burst then
		module:log("error", "Unable to parse burst for %s: %q, using default burst interval (%ds)", sess_type, burst, default_burst);
	end
	return n_burst or default_burst;
end

-- Process config option into limits table:
-- limits = { c2s = { bytes_per_second = X, burst_seconds = Y } }
local limits = {
	c2s = {
		bytes_per_second = 10 * 1024;
		burst_seconds = 2;
	};
	s2sin = {
		bytes_per_second = 30 * 1024;
		burst_seconds = 2;
	};
};

for sess_type, sess_limits in pairs(limits_cfg) do
	limits[sess_type] = {
		bytes_per_second = parse_rate(sess_limits.rate, sess_type);
		burst_seconds = parse_burst(sess_limits.burst, sess_type);
	};
end

local default_filter_set = {};

function default_filter_set.bytes_in(bytes, session)
	local sess_throttle = session.throttle;
	if sess_throttle then
		local ok, _, outstanding = sess_throttle:poll(#bytes, true);
		if not ok then
			session.log("debug", "Session over rate limit (%d) with %d (by %d), pausing", sess_throttle.max, #bytes, outstanding);
			outstanding = ceil(outstanding);
			session.conn:pause(); -- Read no more data from the connection until there is no outstanding data
			local outstanding_data = bytes:sub(-outstanding);
			bytes = bytes:sub(1, #bytes-outstanding);
			timer.add_task(limits_resolution, function ()
				if not session.conn then return; end
				if sess_throttle:peek(#outstanding_data) then
					session.log("debug", "Resuming paused session");
					session.conn:resume();
				end
				-- Handle what we can of the outstanding data
				session.data(outstanding_data);
			end);
		end
	end
	return bytes;
end

local type_filters = {
	c2s = default_filter_set;
	s2sin = default_filter_set;
	s2sout = default_filter_set;
};

local function filter_hook(session)
	local session_type = session.type:match("^[^_]+");
	local filter_set, opts = type_filters[session_type], limits[session_type];
	if opts then
		if session.conn and session.conn.setlimit then
			session.conn:setlimit(opts.bytes_per_second);
			-- Currently no burst support
		else
			session.throttle = throttle.create(opts.bytes_per_second * opts.burst_seconds, opts.burst_seconds);
			filters.add_filter(session, "bytes/in", filter_set.bytes_in, 1000);
		end
	end
end

function module.load()
	filters.add_filter_hook(filter_hook);
end

function module.unload()
	filters.remove_filter_hook(filter_hook);
end

function unlimited(session)
	local session_type = session.type:match("^[^_]+");
	if session.conn and session.conn.setlimit then
		session.conn:setlimit(0);
		-- Currently no burst support
	else
		local filter_set = type_filters[session_type];
		filters.remove_filter(session, "bytes/in", filter_set.bytes_in);
		session.throttle = nil;
	end
end

function module.add_host(module)
	local unlimited_jids = module:get_option_inherited_set("unlimited_jids", {});

	if not unlimited_jids:empty() then
		module:hook("authentication-success", function (event)
			local session = event.session;
			local jid = session.username .. "@" .. session.host;
			if unlimited_jids:contains(jid) then
				unlimited(session);
			end
		end);

		module:hook("s2sout-established", function (event)
			local session = event.session;
			if unlimited_jids:contains(session.to_host) then
				unlimited(session);
			end
		end);

		module:hook("s2sin-established", function (event)
			local session = event.session;
			if session.from_host and unlimited_jids:contains(session.from_host) then
				unlimited(session);
			end
		end);

	end
end
mod_limits: Fix typo in comment 8 years ago			`-- Because we deal with pre-authed sessions and streams we can't be host-specific`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago			`module:set_global();`

plugins: Prefix module imports with prosody namespace 3 years ago			`local filters = require "prosody.util.filters";`
			`local throttle = require "prosody.util.throttle";`
			`local timer = require "prosody.util.timer";`
mod_limits: Handle fractional outstanding balance values (caused by e3f7b6fa46ba) Fractional values were passed to string.sub() when doing buffer manipulations, and caused random bytes to be skipped in the stream. 8 years ago			`local ceil = math.ceil;`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago
			`local limits_cfg = module:get_option("limits", {});`
plugins: Switch to :get_option_period() for time range options Improves readability ("1 day" vs 86400) and centralizes validation. 2 years ago			`local limits_resolution = module:get_option_period("limits_resolution", 1);`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago
			`local default_bytes_per_second = 3000;`
			`local default_burst = 2;`

			`local rate_units = { b = 1, k = 3, m = 6, g = 9, t = 12 } -- Plan for the future.`
			`local function parse_rate(rate, sess_type)`
			`local quantity, unit, exp;`
			`if rate then`
			`quantity, unit = rate:match("^(%d+) ?([^/]+)/s$");`
			`exp = quantity and rate_units[unit:sub(1,1):lower()];`
			`end`
			`if not exp then`
			`module:log("error", "Error parsing rate for %s: %q, using default rate (%d bytes/s)", sess_type, rate, default_bytes_per_second);`
			`return default_bytes_per_second;`
			`end`
			`return quantity*(10^exp);`
			`end`

			`local function parse_burst(burst, sess_type)`
			`if type(burst) == "string" then`
			`burst = burst:match("^(%d+) ?s$");`
			`end`
			`local n_burst = tonumber(burst);`
mod_limits: Don't emit error when no burst period is configured 5 years ago			`if burst and not n_burst then`
plugins: Remove tostring call from logging Taken care of by loggingmanager now Mass-rewrite using lua pattern like `tostring%b()` 7 years ago			`module:log("error", "Unable to parse burst for %s: %q, using default burst interval (%ds)", sess_type, burst, default_burst);`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago			`end`
			`return n_burst or default_burst;`
			`end`

			`-- Process config option into limits table:`
			`-- limits = { c2s = { bytes_per_second = X, burst_seconds = Y } }`
mod_limits: Use default limits if none configured 5 years ago			`local limits = {`
			`c2s = {`
			`bytes_per_second = 10 * 1024;`
			`burst_seconds = 2;`
			`};`
			`s2sin = {`
			`bytes_per_second = 30 * 1024;`
			`burst_seconds = 2;`
			`};`
			`};`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago
			`for sess_type, sess_limits in pairs(limits_cfg) do`
			`limits[sess_type] = {`
			`bytes_per_second = parse_rate(sess_limits.rate, sess_type);`
			`burst_seconds = parse_burst(sess_limits.burst, sess_type);`
			`};`
			`end`

			`local default_filter_set = {};`

			`function default_filter_set.bytes_in(bytes, session)`
mod_limits: Fix indentation Appears to have been messed up in 60e113f3682f 7 years ago			`local sess_throttle = session.throttle;`
			`if sess_throttle then`
mod_limits: Remove an unused variable Hope this isn't meant to be used. 'outstanding' seems to be the more useful value anyways? 6 years ago			`local ok, _, outstanding = sess_throttle:poll(#bytes, true);`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago			`if not ok then`
mod_limits: Fix indentation Appears to have been messed up in 60e113f3682f 7 years ago			`session.log("debug", "Session over rate limit (%d) with %d (by %d), pausing", sess_throttle.max, #bytes, outstanding);`
mod_limits: Handle fractional outstanding balance values (caused by e3f7b6fa46ba) Fractional values were passed to string.sub() when doing buffer manipulations, and caused random bytes to be skipped in the stream. 8 years ago			`outstanding = ceil(outstanding);`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago			`session.conn:pause(); -- Read no more data from the connection until there is no outstanding data`
			`local outstanding_data = bytes:sub(-outstanding);`
			`bytes = bytes:sub(1, #bytes-outstanding);`
			`timer.add_task(limits_resolution, function ()`
			`if not session.conn then return; end`
mod_limits: Fix indentation Appears to have been messed up in 60e113f3682f 7 years ago			`if sess_throttle:peek(#outstanding_data) then`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago			`session.log("debug", "Resuming paused session");`
			`session.conn:resume();`
			`end`
			`-- Handle what we can of the outstanding data`
			`session.data(outstanding_data);`
			`end);`
			`end`
			`end`
			`return bytes;`
			`end`

			`local type_filters = {`
			`c2s = default_filter_set;`
			`s2sin = default_filter_set;`
			`s2sout = default_filter_set;`
			`};`

			`local function filter_hook(session)`
			`local session_type = session.type:match("^[^_]+");`
			`local filter_set, opts = type_filters[session_type], limits[session_type];`
			`if opts then`
mod_limits: Use rate limiting in net.server if provided This should be simpler and more efficient, as well avoid problems caused by using filters. 7 years ago			`if session.conn and session.conn.setlimit then`
			`session.conn:setlimit(opts.bytes_per_second);`
			`-- Currently no burst support`
			`else`
			`session.throttle = throttle.create(opts.bytes_per_second * opts.burst_seconds, opts.burst_seconds);`
			`filters.add_filter(session, "bytes/in", filter_set.bytes_in, 1000);`
			`end`
mod_limits: Import from prosody-modules 2c59f2f0c37d (fixes #129) 8 years ago			`end`
			`end`

			`function module.load()`
			`filters.add_filter_hook(filter_hook);`
			`end`

			`function module.unload()`
			`filters.remove_filter_hook(filter_hook);`
			`end`
mod_limits: Allow configuring a list of unrestricted JIDs (fixes #1323) 7 years ago
mod_limits: Factor out function for disabling limits allowing use from shell Also enables reuse for s2s, which we will add next. 4 years ago			`function unlimited(session)`
			`local session_type = session.type:match("^[^_]+");`
			`if session.conn and session.conn.setlimit then`
			`session.conn:setlimit(0);`
			`-- Currently no burst support`
			`else`
			`local filter_set = type_filters[session_type];`
			`filters.remove_filter(session, "bytes/in", filter_set.bytes_in);`
			`session.throttle = nil;`
			`end`
			`end`

mod_limits: Allow configuring a list of unrestricted JIDs (fixes #1323) 7 years ago			`function module.add_host(module)`
			`local unlimited_jids = module:get_option_inherited_set("unlimited_jids", {});`

mod_limits: Fix typo 7 years ago			`if not unlimited_jids:empty() then`
mod_limits: Allow configuring a list of unrestricted JIDs (fixes #1323) 7 years ago			`module:hook("authentication-success", function (event)`
			`local session = event.session;`
			`local jid = session.username .. "@" .. session.host;`
			`if unlimited_jids:contains(jid) then`
mod_limits: Factor out function for disabling limits allowing use from shell Also enables reuse for s2s, which we will add next. 4 years ago			`unlimited(session);`
mod_limits: Allow configuring a list of unrestricted JIDs (fixes #1323) 7 years ago			`end`
			`end);`
mod_limits: Extend unlimited_jids to s2s sessions (for Ge0rG) This makes unlimited_jids also work for s2s connections, assuming the remote server has been identified. 4 years ago
			`module:hook("s2sout-established", function (event)`
			`local session = event.session;`
			`if unlimited_jids:contains(session.to_host) then`
			`unlimited(session);`
			`end`
			`end);`

			`module:hook("s2sin-established", function (event)`
			`local session = event.session;`
			`if session.from_host and unlimited_jids:contains(session.from_host) then`
			`unlimited(session);`
			`end`
			`end);`

mod_limits: Allow configuring a list of unrestricted JIDs (fixes #1323) 7 years ago			`end`
			`end`