HTTP FLOOD check config

2025-06-20 06:01:24 +08:00 · 2025-03-31 21:01:09 -04:00
parent 9f218a45bb
commit 50ce7d0e45
5 changed files with 104 additions and 0 deletions
--- a/config_example/rules/HTTPFlood.yml
+++ b/config_example/rules/HTTPFlood.yml
@ -0,0 +1,4 @@
+HTTPFloodSpeedLimit:
+  - "150/10s"
+HTTPFloodSameURILimit:
+  - "50/10s"
--- a/internal/config/config.go
+++ b/internal/config/config.go
@ -8,6 +8,7 @@ import (
 	"path/filepath"
 	"regexp"
 	"server_torii/internal/dataType"
+	"server_torii/internal/utils"
 	"strings"
 )

@ -56,6 +57,7 @@ type RuleSet struct {
 	URLBlockList  *dataType.URLRuleList
 	CAPTCHARule   *dataType.CaptchaRule
 	VerifyBotRule *dataType.VerifyBotRule
+	HTTPFloodRule *dataType.HTTPFloodRule
 }

 // LoadRules Load all rules from the specified path
@ -67,6 +69,7 @@ func LoadRules(rulePath string) (*RuleSet, error) {
 		URLBlockList:  &dataType.URLRuleList{},
 		CAPTCHARule:   &dataType.CaptchaRule{},
 		VerifyBotRule: &dataType.VerifyBotRule{},
+		HTTPFloodRule: &dataType.HTTPFloodRule{},
 	}

 	// Load IP Allow List
@ -105,6 +108,12 @@ func LoadRules(rulePath string) (*RuleSet, error) {
 		return nil, err
 	}

+	// Load HTTP Flood Rule
+	httpFloodFile := rulePath + "/HTTPFlood.yml"
+	if err := loadHTTPFloodRule(httpFloodFile, rs.HTTPFloodRule); err != nil {
+		return nil, err
+	}
+
 	return &rs, nil
 }

@ -208,3 +217,43 @@ func loadURLRules(filePath string, list *dataType.URLRuleList) error {

 	return scanner.Err()
 }
+
+func loadHTTPFloodRule(file string, rule *dataType.HTTPFloodRule) error {
+	data, err := os.ReadFile(file)
+	if err != nil {
+		return err
+	}
+
+	type httpFloodRuleYAML struct {
+		HTTPFloodSpeedLimit   []string `yaml:"HTTPFloodSpeedLimit"`
+		HTTPFloodSameURILimit []string `yaml:"HTTPFloodSameURILimit"`
+	}
+
+	var ymlRule httpFloodRuleYAML
+	err = yaml.Unmarshal(data, &ymlRule)
+	if err != nil {
+		return err
+	}
+
+	rule.HTTPFloodSpeedLimit = make(map[int]int)
+	rule.HTTPFloodSameURILimit = make(map[int]int)
+
+	for _, s := range ymlRule.HTTPFloodSpeedLimit {
+		limit, seconds, err := utils.ParseRate(s)
+		if err != nil {
+			return err
+		}
+		rule.HTTPFloodSpeedLimit[seconds] = limit
+	}
+
+	for _, s := range ymlRule.HTTPFloodSameURILimit {
+		limit, seconds, err := utils.ParseRate(s)
+		if err != nil {
+			return err
+		}
+		rule.HTTPFloodSameURILimit[seconds] = limit
+	}
+
+	return nil
+
+}
--- a/internal/dataType/type.go
+++ b/internal/dataType/type.go
@ -25,3 +25,11 @@ type VerifyBotRule struct {
 	VerifySogouBot  bool `yaml:"verify_sogou_bot"`
 	VerifyAppleBot  bool `yaml:"verify_apple_bot"`
 }
+
+type HTTPFloodRule struct {
+	HTTPFloodSpeedLimit   map[int]int
+	HTTPFloodSameURILimit map[int]int
+}
+
+type SharedMemory struct {
+}
--- a/internal/utils/RateParser.go
+++ b/internal/utils/RateParser.go
@ -0,0 +1,41 @@
+package utils
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+)
+
+func ParseRate(s string) (int, int, error) {
+	parts := strings.Split(s, "/")
+	if len(parts) != 2 {
+		return 0, 0, fmt.Errorf("unexpected rate format: %s", s)
+	}
+	limit, err := strconv.Atoi(parts[0])
+	if err != nil {
+		return 0, 0, fmt.Errorf("unexpected rate format: %s", s)
+	}
+
+	timeStr := parts[1]
+	if len(timeStr) < 2 {
+		return 0, 0, fmt.Errorf("unexpected time format: %s", timeStr)
+	}
+	unit := timeStr[len(timeStr)-1]
+	numPart := timeStr[:len(timeStr)-1]
+	value, err := strconv.Atoi(numPart)
+	if err != nil {
+		return 0, 0, fmt.Errorf("unexpected time format: %s", timeStr)
+	}
+	var seconds int
+	switch unit {
+	case 's':
+		seconds = value
+	case 'm':
+		seconds = value * 60
+	case 'h':
+		seconds = value * 3600
+	default:
+		return 0, 0, fmt.Errorf("unexpected time unit: %s", string(unit))
+	}
+	return limit, seconds, nil
+}
--- a/main.go
+++ b/main.go
@ -46,6 +46,8 @@ func main() {
 	}(logFile)
 	log.SetOutput(logFile)

+	//allocate shared memory
+
 	// Start server
 	stop := make(chan os.Signal, 1)
 	signal.Notify(stop, syscall.SIGINT, syscall.SIGTERM)