- Publicity: Public Only All
throttle_mod-procs.tcl
This file defines the following Objects and Classes: ::throttle, ::Counter, ::Users
- Location:
- packages/xotcl-request-monitor/tcl/throttle_mod-procs.tcl
Procedures in this file
- Object ::throttle (public)
- ::throttle ::Counter proc set_in_all_instances (public)
- ::throttle ::Users proc active (public)
- ::throttle ::Users proc hits (public)
- ::throttle ::Users proc last_pa (public)
- ::throttle ::Users proc nr_active (public)
- ::throttle ::Users proc nr_authenticated (public)
- ::throttle ::Users proc nr_users_time_window (public)
- ::throttle ::Users proc user_is_active (public)
- ::throttle Class ::Counter (public)
- ::throttle Class ::Users (public)
- throttle proc check (public)
Detailed information
Object ::throttle (public)
Object ::throttle
This is a small request-throttle application that handles simple DoS-attacks on the server. A user (request key) is identified via ipAddr or some other key, such as an authenticated userid.
XOTcl Parameters for Class Throttle:
The throttler is defined as a class running in a detached thread. See XOTcl API for Thread management for more details. It can be subclassed to define e.g. different kinds of throttling policies for different kind of request keys. Note that the throttle thread itself does not block, only the connection thread blocks if necessary (on throttles).
- timeWindow:Time window for computing detailed statistics; can be configured via OpenACS package parameter
time-window
- timeoutMs: Time window to keep statistics for a user
- startThrottle: If user requests more than this #, her requests are delayed. When larger than toMuch, the parameter is ignored
- toMuch: If user requests more than this #, she is kicked out
The controlling thread contains the classes Users, Throttle, Counter, MaxCounter, ...
- Author:
- Gustaf Neumann
- CVS ID:
$Id: throttle_mod-procs.tcl,v 1.67.2.57 2023/07/10 08:54:49 gustafn Exp $
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::Counter proc set_in_all_instances (public)
::Counter set_in_all_instances var value
A helper function to set in all (direct or indirect) instances an instance variable to the same value. This is used here in combination with changing parameters
- Parameters:
- var
value
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::Users proc active (public)
::Users active [ -full ]
Return a list of lists containing information about current users. If the switch 'full' is used this list contains these users who have used the server within the monitoring time window (per default: 10 minutes). Otherwise, just a list of requesters (user_ids or peer addresses for unauthenticated requests) is returned. If "-full" is used for each requester the last peer address, the last timestamp, the number of hits, a list of values for the activity calculations and the number of ip-switches the user is returned. The activity calculations are performed on base of an exponential smoothing algorithm which is calculated through an aggregated value, a timestamp (in minutes) and the number of hits in the monitored time window.
- Switches:
- -full
(optional)- Returns:
- list with detailed user info
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::Users proc hits (public)
::Users hits uid
- Parameters:
- uid - request key
- Returns:
- Number of hits by this user (in time window)
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::Users proc last_pa (public)
::Users last_pa uid
- Parameters:
- uid - request key
- Returns:
- last peer address of the specified users
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::Users proc nr_active (public)
::Users nr_active
- Returns:
- number of active users (in time window)
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::Users proc nr_authenticated (public)
::Users nr_authenticated
- Returns:
- number of authenticated users (in time window)
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::Users proc nr_users_time_window (public)
::Users nr_users_time_window
- Returns:
- number of different IP addresses and authenticated users (in time window)
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::Users proc user_is_active (public)
::Users user_is_active uid
- Parameters:
- uid
- Returns:
- boolean value whether user is active
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::throttle Class ::Counter (public)
::xotcl::Class Class [ -report report ] [ -timeoutMS timeoutMS ] \ [ -stats stats ] [ -trend trend ] [ -c c ] [ -logging logging ] \ [ -nr_trend_elements nr_trend_elements ] \ [ -nr_stats_elements nr_stats_elements ]
This class holds the counted statistics so they do not have to be computed all the time from the list of requests. The statistics holding objects are instances of this class and initialized and called after the timeoutMS
- Switches:
- -report
(optional)- Report type of the instance. This could e.g. be hours and minutes
- -timeoutMS
(optional)- How often are the statistics for this report computed
- -stats
(optional)- stats keeps nr_stats_elements highest values with timestamp. These hold a list of lists of the actual stats in the form {time value}. Time is given like "Thu Sep 13 09:17:30 CEST 2007". This is used for displaying the maximum values
- -trend
(optional)- trend keeps nr_trend_elements most recent values. This is used for displaying the graphics
- -c
(optional)- counter
- -logging
(optional)- If set to 1 the instance current value is logged to the counter.log file
- -nr_trend_elements
(optional)- Number of data points that are used for the trend calculation. The default of 48 translates into "48 minutes" for the Views per minute or 48 hours for the views per hour.
- -nr_stats_elements
(optional)- Number of data points for the stats values. The default of 5 will give you the highest datapoints over the whole period.
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
::throttle Class ::Users (public)
::xotcl::Class Class
This class is responsible for the user tracking and is defined only in a separate Tcl thread named
throttle
. For each minute within the specifiedtime-window
an instance of this class exists keeping various statistics. When a minute ends the instance dropping out of the time window is destroyed. The procs of this class can be used to obtain various kinds of information.
- Author:
- Gustaf Neumann
- CVS ID:
$Id: throttle_mod-procs.tcl,v 1.67.2.57 2023/07/10 08:54:49 gustafn Exp $
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- No testcase defined.
throttle proc check (public)
throttle check
This method should be called once per request that is monitored. It should be called after authentication such we have already the userid if the user is authenticated.
- Partial Call Graph (max 5 caller/called nodes):
- Testcases:
- xotcl_core_tutorial_1, xotcl_core_tutorial_2, test_xo_db_object, test_cr_items