mirrors
/
rspamd
mirror of https://github.com/vstakhov/rspamd.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 159 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
21266 Commits
29 Branches
Tree: 90b73439d2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '90b73439d2'
${ noResults }
rspamd/lualib/redis_scripts/ratelimit_check.lua

ratelimit_check.lua 2.8KB
Raw Blame History

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. -- This Lua script is a rate limiter for Redis using the token bucket algorithm.

  2. -- The script checks if a message should be rate-limited and updates the bucket status accordingly.

  3. -- Input keys:

  4. -- KEYS[1]: A prefix for the Redis keys, e.g., RL_<triplet>_<seconds>

  5. -- KEYS[2]: The current time in milliseconds

  6. -- KEYS[3]: The bucket leak rate (messages per millisecond)

  7. -- KEYS[4]: The maximum allowed burst

  8. -- KEYS[5]: The expiration time for a bucket

  9. -- KEYS[6]: The number of recipients for the message

  10. 

  11. -- Redis keys used:

  12. -- l: Last hit (time in milliseconds)

  13. -- b: Current burst (number of tokens in the bucket)

  14. -- p: Pending messages (number of messages in processing)

  15. -- dr: Current dynamic rate multiplier (*10000)

  16. -- db: Current dynamic burst multiplier (*10000)

  17. 

  18. -- Returns:

  19. -- An array containing:

  20. -- 1. if the message should be rate-limited or 0 if not

  21. -- 2. The current burst value after processing the message

  22. -- 3. The dynamic rate multiplier

  23. -- 4. The dynamic burst multiplier

  24. -- 5. The number of tokens leaked during processing

  25. 

  26. local last = redis.call('HGET', KEYS[1], 'l')

  27. local now = tonumber(KEYS[2])

  28. local nrcpt = tonumber(KEYS[6])

  29. local leak_rate = tonumber(KEYS[3])

  30. local max_burst = tonumber(KEYS[4])

  31. local prefix = KEYS[1]

  32. local dynr, dynb, leaked = 0, 0, 0

  33. if not last then

  34.   -- New bucket

  35.   redis.call('HMSET', prefix, 'l', tostring(now), 'b', '0', 'dr', '10000', 'db', '10000', 'p', tostring(nrcpt))

  36.   redis.call('EXPIRE', prefix, KEYS[5])

  37.   return { 0, '0', '1', '1', '0' }

  38. end

  39. last = tonumber(last)

  40. 

  41. local burst, pending = unpack(redis.call('HMGET', prefix, 'b', 'p'))

  42. burst, pending = tonumber(burst or '0'), tonumber(pending or '0')

  43. -- Sanity to avoid races

  44. if burst < 0 then

  45.   burst = 0

  46. end

  47. if pending < 0 then

  48.   pending = 0

  49. end

  50. pending = pending + nrcpt -- this message

  51. -- Perform leak

  52. if burst + pending > 0 then

  53.   -- If we have any time passed

  54.   if burst > 0 and last < now then

  55.     dynr = tonumber(redis.call('HGET', prefix, 'dr')) / 10000.0

  56.     if dynr == 0 then

  57.       dynr = 0.0001

  58.     end

  59.     leak_rate = leak_rate * dynr

  60.     leaked = ((now - last) * leak_rate)

  61.     if leaked > burst then

  62.       leaked = burst

  63.     end

  64.     burst = burst - leaked

  65.     redis.call('HINCRBYFLOAT', prefix, 'b', -(leaked))

  66.     redis.call('HSET', prefix, 'l', tostring(now))

  67.   end

  68. 

  69.   dynb = tonumber(redis.call('HGET', prefix, 'db')) / 10000.0

  70.   if dynb == 0 then

  71.     dynb = 0.0001

  72.   end

  73. 

  74.   burst = burst + pending

  75.   if burst > 0 and burst > max_burst * dynb then

  76.     return { 1, tostring(burst - pending), tostring(dynr), tostring(dynb), tostring(leaked) }

  77.   end

  78.   -- Increase pending if we allow ratelimit

  79.   redis.call('HINCRBY', prefix, 'p', nrcpt)

  80. else

  81.   burst = 0

  82.   redis.call('HMSET', prefix, 'b', '0', 'p', tostring(nrcpt))

  83. end

  84. 

  85. return { 0, tostring(burst), tostring(dynr), tostring(dynb), tostring(leaked) }