::xotcl::THREAD ::throttle

Methods: All Methods Documented Methods Hide Methods
Source: Display Source Hide Source
Variables: Show Variables Hide Variables

This is a small request-throttle application that handles simple DoS-attacks on the server. A user (request key) is identified via ipAddr or some other key, such as an authenticated userid.

XOTcl Parameters for Class Throttle:

timeWindow:Time window for computing detailed statistics; can be configured via OpenACS package parameter time-window
timeoutMs: Time window to keep statistics for a user
startThrottle: If user requests more than this #, her requests are delayed. When larger than toMuch, the parameter is ignored
toMuch: If user requests more than this #, she is kicked out

The throttler is defined as a class running in a detached thread. See XOTcl API for Thread management for more details. It can be subclassed to define e.g. different kinds of throttling policies for different kind of request keys. Note that the throttle thread itself does not block, only the connection thread blocks if necessary (on throttles).

The controlling thread contains the classes Users, Throttle, Counter, MaxCounter, ...

Author:: Gustaf Neumann
CVS Identification:: $Id: throttle_mod-procs.tcl,v 1.72 2024/10/28 14:58:41 antoniop Exp $

Defined in /var/www/openacs.org/packages/xotcl-request-monitor/tcl/throttle_mod-procs.tcl

Class Relations

class: ::xotcl::THREAD

Methods (to be applied on the object)

add_statistics (forward)
add_url_stat (forward)
check (scripted, public)
```
 throttle check
```
This method should be called once per request that is monitored. It should be called after authentication such we have already the userid if the user is authenticated.

Testcases:
xotcl_core_tutorial_1, xotcl_core_tutorial_2, test_xo_db_object, test_cr_items
community_access (scripted)
destroy (scripted)
flush_url_stats (forward)
get_context (scripted)
last100 (forward)
max_values (forward)
ms (scripted)
nr_running (forward)
off (forward)
on (forward)
partialtimes (scripted)
postauth (scripted)
purge_access_stats (forward)
report_url_stats (forward)
running (forward)
server_threads (forward)
statistics (forward)
thread_avgs (forward)
throttle_check (forward)
trace (scripted)
trend (forward)
url_statistics (forward)
user_is_active (forward)
users (forward)
views_per_minute (forward)

Methods: All Methods Documented Methods Hide Methods
Source: Display Source Hide Source
Variables: Show Variables Hide Variables

Class Relations

Methods (to be applied on the object)

add_statistics (forward)

add_url_stat (forward)

check (scripted, public)

community_access (scripted)

destroy (scripted)

flush_url_stats (forward)

get_context (scripted)

last100 (forward)

max_values (forward)

ms (scripted)

nr_running (forward)

off (forward)

on (forward)

partialtimes (scripted)

postauth (scripted)

purge_access_stats (forward)

report_url_stats (forward)

running (forward)

server_threads (forward)

statistics (forward)

thread_avgs (forward)

throttle_check (forward)

trace (scripted)

trend (forward)

url_statistics (forward)

user_is_active (forward)

users (forward)

views_per_minute (forward)