mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 04:13:28 +01:00
relay: Add DoS subsystem stats to MetricsPort
Related to #40194 Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
parent
a1c40c8511
commit
cd7be492d1
@ -581,6 +581,48 @@ dos_is_enabled(void)
|
|||||||
|
|
||||||
/* Circuit creation public API. */
|
/* Circuit creation public API. */
|
||||||
|
|
||||||
|
/** Return the number of rejected circuits. */
|
||||||
|
uint64_t
|
||||||
|
dos_get_num_cc_rejected(void)
|
||||||
|
{
|
||||||
|
return cc_num_rejected_cells;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Return the number of marked addresses. */
|
||||||
|
uint32_t
|
||||||
|
dos_get_num_cc_marked_addr(void)
|
||||||
|
{
|
||||||
|
return cc_num_marked_addrs;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Return the number of marked addresses due to max queue limit reached. */
|
||||||
|
uint32_t
|
||||||
|
dos_get_num_cc_marked_addr_maxq(void)
|
||||||
|
{
|
||||||
|
return cc_num_marked_addrs_max_queue;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Return number of concurrent connections rejected. */
|
||||||
|
uint64_t
|
||||||
|
dos_get_num_conn_addr_rejected(void)
|
||||||
|
{
|
||||||
|
return conn_num_addr_rejected;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Return the number of connection rejected. */
|
||||||
|
uint64_t
|
||||||
|
dos_get_num_conn_addr_connect_rejected(void)
|
||||||
|
{
|
||||||
|
return conn_num_addr_connect_rejected;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Return the number of single hop refused. */
|
||||||
|
uint64_t
|
||||||
|
dos_get_num_single_hop_refused(void)
|
||||||
|
{
|
||||||
|
return num_single_hop_client_refused;
|
||||||
|
}
|
||||||
|
|
||||||
/* Called when a CREATE cell is received from the given channel. */
|
/* Called when a CREATE cell is received from the given channel. */
|
||||||
void
|
void
|
||||||
dos_cc_new_create_cell(channel_t *chan)
|
dos_cc_new_create_cell(channel_t *chan)
|
||||||
|
@ -84,6 +84,13 @@ int dos_should_refuse_single_hop_client(void);
|
|||||||
void dos_note_refuse_single_hop_client(void);
|
void dos_note_refuse_single_hop_client(void);
|
||||||
void dos_note_circ_max_outq(const channel_t *chan);
|
void dos_note_circ_max_outq(const channel_t *chan);
|
||||||
|
|
||||||
|
uint32_t dos_get_num_cc_marked_addr(void);
|
||||||
|
uint32_t dos_get_num_cc_marked_addr_maxq(void);
|
||||||
|
uint64_t dos_get_num_cc_rejected(void);
|
||||||
|
uint64_t dos_get_num_conn_addr_rejected(void);
|
||||||
|
uint64_t dos_get_num_conn_addr_connect_rejected(void);
|
||||||
|
uint64_t dos_get_num_single_hop_refused(void);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Circuit creation DoS mitigation subsystemn interface.
|
* Circuit creation DoS mitigation subsystemn interface.
|
||||||
*/
|
*/
|
||||||
|
@ -13,6 +13,7 @@
|
|||||||
#include "core/or/or.h"
|
#include "core/or/or.h"
|
||||||
#include "core/mainloop/connection.h"
|
#include "core/mainloop/connection.h"
|
||||||
#include "core/or/congestion_control_common.h"
|
#include "core/or/congestion_control_common.h"
|
||||||
|
#include "core/or/dos.h"
|
||||||
#include "core/or/relay.h"
|
#include "core/or/relay.h"
|
||||||
|
|
||||||
#include "lib/malloc/malloc.h"
|
#include "lib/malloc/malloc.h"
|
||||||
@ -20,6 +21,7 @@
|
|||||||
#include "lib/metrics/metrics_store.h"
|
#include "lib/metrics/metrics_store.h"
|
||||||
#include "lib/log/util_bug.h"
|
#include "lib/log/util_bug.h"
|
||||||
|
|
||||||
|
#include "feature/hs/hs_dos.h"
|
||||||
#include "feature/relay/relay_metrics.h"
|
#include "feature/relay/relay_metrics.h"
|
||||||
#include "feature/stats/rephist.h"
|
#include "feature/stats/rephist.h"
|
||||||
|
|
||||||
@ -30,6 +32,7 @@ static void fill_cc_values(void);
|
|||||||
static void fill_connections_values(void);
|
static void fill_connections_values(void);
|
||||||
static void fill_dns_error_values(void);
|
static void fill_dns_error_values(void);
|
||||||
static void fill_dns_query_values(void);
|
static void fill_dns_query_values(void);
|
||||||
|
static void fill_dos_values(void);
|
||||||
static void fill_global_bw_limit_values(void);
|
static void fill_global_bw_limit_values(void);
|
||||||
static void fill_socket_values(void);
|
static void fill_socket_values(void);
|
||||||
static void fill_onionskins_values(void);
|
static void fill_onionskins_values(void);
|
||||||
@ -113,6 +116,13 @@ static const relay_metrics_entry_t base_metrics[] =
|
|||||||
.help = "Congestion control related counters",
|
.help = "Congestion control related counters",
|
||||||
.fill_fn = fill_cc_values,
|
.fill_fn = fill_cc_values,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
.key = RELAY_METRICS_NUM_DOS,
|
||||||
|
.type = METRICS_TYPE_COUNTER,
|
||||||
|
.name = METRICS_NAME(relay_dos_total),
|
||||||
|
.help = "Denial of Service defenses related counters",
|
||||||
|
.fill_fn = fill_dos_values,
|
||||||
|
},
|
||||||
};
|
};
|
||||||
static const size_t num_base_metrics = ARRAY_LENGTH(base_metrics);
|
static const size_t num_base_metrics = ARRAY_LENGTH(base_metrics);
|
||||||
|
|
||||||
@ -139,6 +149,61 @@ handshake_type_to_str(const uint16_t type)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Fill function for the RELAY_METRICS_NUM_DOS metric. */
|
||||||
|
static void
|
||||||
|
fill_dos_values(void)
|
||||||
|
{
|
||||||
|
const relay_metrics_entry_t *rentry = &base_metrics[RELAY_METRICS_NUM_DOS];
|
||||||
|
metrics_store_entry_t *sentry =
|
||||||
|
metrics_store_add(the_store, rentry->type, rentry->name, rentry->help);
|
||||||
|
|
||||||
|
metrics_store_entry_add_label(sentry,
|
||||||
|
metrics_format_label("type", "circuit_rejected"));
|
||||||
|
metrics_store_entry_update(sentry, dos_get_num_cc_rejected());
|
||||||
|
|
||||||
|
sentry = metrics_store_add(the_store, rentry->type, rentry->name,
|
||||||
|
rentry->help);
|
||||||
|
metrics_store_entry_add_label(sentry,
|
||||||
|
metrics_format_label("type", "circuit_killed_max_cell"));
|
||||||
|
metrics_store_entry_update(sentry, stats_n_circ_max_cell_reached);
|
||||||
|
|
||||||
|
sentry = metrics_store_add(the_store, rentry->type, rentry->name,
|
||||||
|
rentry->help);
|
||||||
|
metrics_store_entry_add_label(sentry,
|
||||||
|
metrics_format_label("type", "marked_address"));
|
||||||
|
metrics_store_entry_update(sentry, dos_get_num_cc_marked_addr());
|
||||||
|
|
||||||
|
sentry = metrics_store_add(the_store, rentry->type, rentry->name,
|
||||||
|
rentry->help);
|
||||||
|
metrics_store_entry_add_label(sentry,
|
||||||
|
metrics_format_label("type", "marked_address_maxq"));
|
||||||
|
metrics_store_entry_update(sentry, dos_get_num_cc_marked_addr_maxq());
|
||||||
|
|
||||||
|
sentry = metrics_store_add(the_store, rentry->type, rentry->name,
|
||||||
|
rentry->help);
|
||||||
|
metrics_store_entry_add_label(sentry,
|
||||||
|
metrics_format_label("type", "conn_rejected"));
|
||||||
|
metrics_store_entry_update(sentry, dos_get_num_conn_addr_connect_rejected());
|
||||||
|
|
||||||
|
sentry = metrics_store_add(the_store, rentry->type, rentry->name,
|
||||||
|
rentry->help);
|
||||||
|
metrics_store_entry_add_label(sentry,
|
||||||
|
metrics_format_label("type", "concurrent_conn_rejected"));
|
||||||
|
metrics_store_entry_update(sentry, dos_get_num_conn_addr_rejected());
|
||||||
|
|
||||||
|
sentry = metrics_store_add(the_store, rentry->type, rentry->name,
|
||||||
|
rentry->help);
|
||||||
|
metrics_store_entry_add_label(sentry,
|
||||||
|
metrics_format_label("type", "single_hop_refused"));
|
||||||
|
metrics_store_entry_update(sentry, dos_get_num_single_hop_refused());
|
||||||
|
|
||||||
|
sentry = metrics_store_add(the_store, rentry->type, rentry->name,
|
||||||
|
rentry->help);
|
||||||
|
metrics_store_entry_add_label(sentry,
|
||||||
|
metrics_format_label("type", "introduce2_rejected"));
|
||||||
|
metrics_store_entry_update(sentry, hs_dos_get_intro2_rejected_count());
|
||||||
|
}
|
||||||
|
|
||||||
/** Fill function for the RELAY_METRICS_NUM_CC metric. */
|
/** Fill function for the RELAY_METRICS_NUM_CC metric. */
|
||||||
static void
|
static void
|
||||||
fill_cc_values(void)
|
fill_cc_values(void)
|
||||||
|
@ -35,6 +35,8 @@ typedef enum {
|
|||||||
RELAY_METRICS_NUM_STREAMS = 8,
|
RELAY_METRICS_NUM_STREAMS = 8,
|
||||||
/** Congestion control counters. */
|
/** Congestion control counters. */
|
||||||
RELAY_METRICS_NUM_CC = 9,
|
RELAY_METRICS_NUM_CC = 9,
|
||||||
|
/** Denial of Service defenses subsystem. */
|
||||||
|
RELAY_METRICS_NUM_DOS = 10,
|
||||||
} relay_metrics_key_t;
|
} relay_metrics_key_t;
|
||||||
|
|
||||||
/** The metadata of a relay metric. */
|
/** The metadata of a relay metric. */
|
||||||
|
Loading…
Reference in New Issue
Block a user