public ServiceRateLimiter(MetricRegistry metrics, ServerLimits config) { this.reqs = metrics.meter(name("requests", "Rate")); this.timer = metrics.timer("Request Latency"); this.config = config; this.globalHardLimiter = RateLimiter.create(config.globalHardReqPerSec()); this.globalSoftLimiter = RateLimiter.create(config.globalSoftReqPerSec()); softRateLimitHasher = buildHasher(softLimiterMap, config.rateLimiterPoolSize(), config.softReqPerSec()); hardRateLimitHasher = buildHasher(hardLimiterMap, config.rateLimiterPoolSize(), config.hardReqPerSec()); }
@Test public void testBlackListedIpAllow() throws UnknownHostException { // given a black listed ip ImmutableSet<InetAddress> blackList = ImmutableSet.<InetAddress>builder().add(InetAddress.getByName("172.22.10.1")).build(); ImmutableSet<InetAddress> whiteList = ImmutableSet.of(); // and given a black list filter and firewall in the pipeline IpFilterConfig ipFilterConfig = new IpFilterConfig(blackList, whiteList); BlackListFilter ipFilter = new BlackListFilter(ipFilterConfig); Firewall firewall = new Firewall(new MetricRegistry()); // when the an ip connects that is NOT black listed MyEmbeddedChannel channel = new MyEmbeddedChannel("172.22.10.5", ipFilter, firewall); channel.runPendingTasks(); // then the channel is NOT closed assertTrue(channel.isActive()); assertTrue(channel.isOpen()); }
@Test public void testWhiteListedIpDeny() throws UnknownHostException { // given a white listed ip ImmutableSet<InetAddress> whiteList = ImmutableSet.<InetAddress>builder().add(InetAddress.getByName("172.22.10.1")).build(); ImmutableSet<InetAddress> blackList = ImmutableSet.of(); // and given a white list filter and firewall in the pipeline IpFilterConfig ipFilterConfig = new IpFilterConfig(blackList, whiteList); WhiteListFilter ipFilter = new WhiteListFilter(ipFilterConfig); Firewall firewall = new Firewall(new MetricRegistry()); // when the an ip connects that is NOT white-listed MyEmbeddedChannel chDeny = new MyEmbeddedChannel("172.22.10.5", ipFilter, firewall); chDeny.runPendingTasks(); // then the channel is closed assertFalse(chDeny.isActive()); assertFalse(chDeny.isOpen()); }
pipeline.addLast( "l4ConnectionLimiter", new ConnectionLimiter(appState.getMetricRegistry(), config.getLimits())); pipeline.addLast("l4WhiteListFilter", new WhiteListFilter(appState.getIpFilterConfig())); } else if (config.isBlackListEnabled()) { pipeline.addLast("l4BlackListFilter", new BlackListFilter(appState.getIpFilterConfig())); pipeline.addLast("l4Firewall", new Firewall(appState.getMetricRegistry())); pipeline.addLast("connectionContext", new ConnectionContextHandler()); pipeline.addLast("globalChannelStatistics", state.getChannelStatistics());
@Test public void testBlackListedIpDeny() throws UnknownHostException { // given a black listed ip ImmutableSet<InetAddress> blackList = ImmutableSet.<InetAddress>builder().add(InetAddress.getByName("172.22.10.1")).build(); ImmutableSet<InetAddress> whiteList = ImmutableSet.of(); // and given a black list filter and firewall in the pipeline IpFilterConfig ipFilterConfig = new IpFilterConfig(blackList, whiteList); BlackListFilter ipFilter = new BlackListFilter(ipFilterConfig); Firewall firewall = new Firewall(new MetricRegistry()); // when the black listed ip connects MyEmbeddedChannel channel = new MyEmbeddedChannel("172.22.10.1", ipFilter, firewall); channel.runPendingTasks(); // then the channel is closed assertFalse(channel.isActive()); assertFalse(channel.isOpen()); }
@Test public void testWhiteListedIpAllow() throws UnknownHostException { // given a white listed ip ImmutableSet<InetAddress> whiteList = ImmutableSet.<InetAddress>builder().add(InetAddress.getByName("172.22.10.1")).build(); ImmutableSet<InetAddress> blackList = ImmutableSet.of(); // and given a white list filter and firewall in the pipeline IpFilterConfig ipFilterConfig = new IpFilterConfig(blackList, whiteList); WhiteListFilter ipFilter = new WhiteListFilter(ipFilterConfig); Firewall firewall = new Firewall(new MetricRegistry()); // when the white listed ip connects MyEmbeddedChannel channel = new MyEmbeddedChannel("172.22.10.1", ipFilter, firewall); channel.runPendingTasks(); // then the channel is NOT closed assertTrue(channel.isActive()); assertTrue(channel.isOpen()); }