WIP: Add adaptive advert flood rate limiter#2545
Conversation
4np
left a comment
4np
left a comment
There was a problem hiding this comment.
Thanks for creating this :) I understand you want to keep a minimal footprint to alleviate some of the issues we're seeing with bad actors, but I wonder if it would be better to be able to detect bad actors and penalize them by silencing them with an increasing amount of time? Sometimes people genuinely send a message split in multiple packets, which can occasionally be more than 3, whereas bad actors can still flood the mesh by sending 3 messages and then staying silent for 5 mins.
| }; | ||
|
|
||
| class AdaptiveRateLimiter { | ||
| enum { |
There was a problem hiding this comment.
Consider adding some documentation explaining the approach uses Exponentially Weighted Moving Average (EWMA). It might be good to have unit tests for this class to verify its behavior.
There was a problem hiding this comment.
unit tests
We do unit tests these days?! haha.
No, all jokes aside, that should be easy to add in this case so will definetely do.
| } | ||
|
|
||
| public: | ||
| AdaptiveRateLimiter(uint16_t secs, uint8_t burst, uint8_t floor) |
There was a problem hiding this comment.
Consider adding some in-line documentation explaining what these arguments mean.
ViezeVingertjes
changed the title
Correct, the attack is on-going so we needed something quick and simple. 💯
I think it depends on the attack, what they seem to prefer so far is just generating random keys/names and flood-adverting those to annoy people with auto-add and generate some congestion on the mesh.
Very true, this rate limit only apply to Thanks for the review! |
2 participants
Adds an adaptive rate limiter on advert forwarding so one node cannot flood the mesh with bogus or abusive adverts. Bursts are still allowed when traffic is normal; the cap tightens when someone tries to hammer fake adverts.
That max rises and falls with recent traffic so normal use still gets through, but floods hit the cap fast and the rest is dropped until the next window.
Kept CLI changes minimal, on by default for happy neighbors.
get advert.ratelimitset advert.ratelimit {on/off}Context:
Most (intentional) abuse we had so far was spamming fake adverts, as it's one of the easiest things one (claude) can make apparantly. I tried to keep it as small/simple as possible, while still putting a brake on it, so it doesnt flood further into the mesh.
The EWMA config could be added to CLI perhaps as future improvement, with perhaps some kind of stats/status command, but left that out of scope for now.