add metrics for rejected BEGIN/RESOLVE

This commit is contained in:
trinity-1686a 2023-09-10 13:18:34 +02:00 committed by David Goulet
parent 1b907d13bb
commit f8b259c2fe
5 changed files with 18 additions and 1 deletions

View File

@ -4247,7 +4247,8 @@ connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ)
dns_send_resolved_error_cell(dummy_conn, RESOLVED_TYPE_ERROR_TRANSIENT);
return 0;
case DOS_STREAM_DEFENSE_CLOSE_CIRCUIT:
/* TODO maybe use REASON_RESOURCELIMIT? See connection_exit_begin_conn() */
/* TODO maybe use REASON_RESOURCELIMIT?
* See connection_exit_begin_conn() */
return -END_CIRC_REASON_NONE;
}

View File

@ -839,6 +839,13 @@ dos_conn_addr_get_defense_type(const tor_addr_t *addr)
/* Stream creation public API. */
/** Return the number of rejected stream and resolve. */
uint64_t
dos_get_num_stream_rejected(void)
{
return stream_num_rejected;
}
/* Return the action to take against a BEGIN or RESOLVE cell. Return
* DOS_STREAM_DEFENSE_NONE when no action should be taken.
* Increment the appropriate counter when the cell was found to go over a

View File

@ -90,6 +90,7 @@ uint64_t dos_get_num_cc_rejected(void);
uint64_t dos_get_num_conn_addr_rejected(void);
uint64_t dos_get_num_conn_addr_connect_rejected(void);
uint64_t dos_get_num_single_hop_refused(void);
uint64_t dos_get_num_stream_rejected(void);
/*
* Circuit creation DoS mitigation subsystemn interface.

View File

@ -38,6 +38,8 @@ void dns_launch_correctness_checks(void);
#else /* !defined(HAVE_MODULE_RELAY) */
#define dns_init() (0)
#define dns_send_resolved_error_cell(conn, answer_type) \
((void)(conn), (void)(answer_type))
#define dns_seems_to_be_broken() (0)
#define has_dns_init_failed() (0)
#define dns_cache_total_allocation() (0)

View File

@ -433,6 +433,12 @@ fill_dos_values(void)
metrics_store_entry_add_label(sentry,
metrics_format_label("type", "introduce2_rejected"));
metrics_store_entry_update(sentry, hs_dos_get_intro2_rejected_count());
sentry = metrics_store_add(the_store, rentry->type, rentry->name,
rentry->help, 0, NULL);
metrics_store_entry_add_label(sentry,
metrics_format_label("type", "stream_rejected"));
metrics_store_entry_update(sentry, dos_get_num_stream_rejected());
}
/** Fill function for the RELAY_METRICS_CC_COUNTERS metric. */