commit f8b259c2fe2208889a26a7d9494fea0c1b97f7a4
parent 1b907d13bb97aba8badcb428623fa13e803b8d92
Author: trinity-1686a <trinity@deuxfleurs.fr>
Date: Sun, 10 Sep 2023 13:18:34 +0200
add metrics for rejected BEGIN/RESOLVE
Diffstat:
5 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
@@ -4247,7 +4247,8 @@ connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ)
dns_send_resolved_error_cell(dummy_conn, RESOLVED_TYPE_ERROR_TRANSIENT);
return 0;
case DOS_STREAM_DEFENSE_CLOSE_CIRCUIT:
- /* TODO maybe use REASON_RESOURCELIMIT? See connection_exit_begin_conn() */
+ /* TODO maybe use REASON_RESOURCELIMIT?
+ * See connection_exit_begin_conn() */
return -END_CIRC_REASON_NONE;
}
diff --git a/src/core/or/dos.c b/src/core/or/dos.c
@@ -839,6 +839,13 @@ dos_conn_addr_get_defense_type(const tor_addr_t *addr)
/* Stream creation public API. */
+/** Return the number of rejected stream and resolve. */
+uint64_t
+dos_get_num_stream_rejected(void)
+{
+ return stream_num_rejected;
+}
+
/* Return the action to take against a BEGIN or RESOLVE cell. Return
* DOS_STREAM_DEFENSE_NONE when no action should be taken.
* Increment the appropriate counter when the cell was found to go over a
diff --git a/src/core/or/dos.h b/src/core/or/dos.h
@@ -90,6 +90,7 @@ uint64_t dos_get_num_cc_rejected(void);
uint64_t dos_get_num_conn_addr_rejected(void);
uint64_t dos_get_num_conn_addr_connect_rejected(void);
uint64_t dos_get_num_single_hop_refused(void);
+uint64_t dos_get_num_stream_rejected(void);
/*
* Circuit creation DoS mitigation subsystemn interface.
diff --git a/src/feature/relay/dns.h b/src/feature/relay/dns.h
@@ -38,6 +38,8 @@ void dns_launch_correctness_checks(void);
#else /* !defined(HAVE_MODULE_RELAY) */
#define dns_init() (0)
+#define dns_send_resolved_error_cell(conn, answer_type) \
+ ((void)(conn), (void)(answer_type))
#define dns_seems_to_be_broken() (0)
#define has_dns_init_failed() (0)
#define dns_cache_total_allocation() (0)
diff --git a/src/feature/relay/relay_metrics.c b/src/feature/relay/relay_metrics.c
@@ -433,6 +433,12 @@ fill_dos_values(void)
metrics_store_entry_add_label(sentry,
metrics_format_label("type", "introduce2_rejected"));
metrics_store_entry_update(sentry, hs_dos_get_intro2_rejected_count());
+
+ sentry = metrics_store_add(the_store, rentry->type, rentry->name,
+ rentry->help, 0, NULL);
+ metrics_store_entry_add_label(sentry,
+ metrics_format_label("type", "stream_rejected"));
+ metrics_store_entry_update(sentry, dos_get_num_stream_rejected());
}
/** Fill function for the RELAY_METRICS_CC_COUNTERS metric. */
