From b20496e42bdf3a8d755de6b5385f4fae82c3fb50 Mon Sep 17 00:00:00 2001 From: theli Date: Wed, 21 Jun 2006 19:28:42 +0000 Subject: [PATCH] *) make DHT DoS check configurable (requested by KoH) - check can be disabled via property indexDistribution.dhtReceiptLimitEnabled - upper bound can be configured via indexDistribution.dhtReceiptLimit git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@2234 6c8d7289-2bf4-0310-a012-ef5d649a1542 --- htroot/yacy/transferRWI.java | 11 ++++++++--- source/de/anomic/plasma/plasmaDHTTransfer.java | 3 ++- yacy.init | 8 ++++++++ 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/htroot/yacy/transferRWI.java b/htroot/yacy/transferRWI.java index 510749299..fb7346da0 100644 --- a/htroot/yacy/transferRWI.java +++ b/htroot/yacy/transferRWI.java @@ -78,8 +78,10 @@ public final class transferRWI { final int entryc = Integer.parseInt(post.get("entryc", "")); // number of entries in indexes byte[] indexes = post.get("indexes", "").getBytes(); // the indexes, as list of word entries boolean granted = sb.getConfig("allowReceiveIndex", "false").equals("true"); + boolean checkLimit = sb.getConfigBool("indexDistribution.dhtReceiptLimitEnabled", true); + final long cachelimit = sb.getConfigLong("indexDistribution.dhtReceiptLimit", 1000); final yacySeed otherPeer = yacyCore.seedDB.get(iam); - final String otherPeerName = iam + ":" + ((otherPeer == null) ? "NULL" : (otherPeer.getName() + "/" + otherPeer.getVersion())); + final String otherPeerName = iam + ":" + ((otherPeer == null) ? "NULL" : (otherPeer.getName() + "/" + otherPeer.getVersion())); // response values String result = "ok"; @@ -91,7 +93,7 @@ public final class transferRWI { sb.getLog().logInfo("Rejecting RWIs from peer " + otherPeerName + ". Not granted."); result = "not_granted"; pause = 0; - } else if (sb.wordIndex.kSize() > 1000) { + } else if (checkLimit && sb.wordIndex.kSize() > cachelimit) { // we are too busy to receive indexes sb.getLog().logInfo("Rejecting RWIs from peer " + otherPeerName + ". We are too busy (buffersize=" + sb.wordIndex.kSize() + ")."); granted = false; // don't accept more words if there are too many words to flush @@ -171,7 +173,10 @@ public final class transferRWI { sb.getLog().logInfo("Received " + received + " Words [" + wordhashes[0] + " .. " + wordhashes[received - 1] + "]/" + avdist + " from " + otherPeerName + ", processed in " + (System.currentTimeMillis() - startProcess) + " milliseconds, requesting " + unknownURL.size() + " URLs"); } result = "ok"; - pause = (sb.wordIndex.kSize() < 500) ? 0 : 60 * sb.wordIndex.kSize(); // estimation of necessary pause time + + if (checkLimit) { + pause = (sb.wordIndex.kSize() < 500) ? 0 : 60 * sb.wordIndex.kSize(); // estimation of necessary pause time + } } prop.put("unknownURL", unknownURLs.toString()); diff --git a/source/de/anomic/plasma/plasmaDHTTransfer.java b/source/de/anomic/plasma/plasmaDHTTransfer.java index b686a6665..7d40dedfd 100644 --- a/source/de/anomic/plasma/plasmaDHTTransfer.java +++ b/source/de/anomic/plasma/plasmaDHTTransfer.java @@ -258,13 +258,14 @@ public class plasmaDHTTransfer extends Thread { if (transferRWIResult != null && transferRWIResult.containsKey("pause")) { String pauseStr = (String) transferRWIResult.get("pause"); try { pause = Integer.valueOf(pauseStr).intValue(); } catch (NumberFormatException numEx){} - if (pause <= 0) pause = 60000; + if (pause < 0) pause = 60000; else if (pause > 1800000) pause = 1800000; } return pause; } private void pause(long sleepTime) throws InterruptedException { + if (sleepTime == 0) return; long sleepCounter = sleepTime / 1000; long sleepRest = sleepTime % 1000; while (!this.isAborted() && sleepCounter > 0) { diff --git a/yacy.init b/yacy.init index 44c2d3ad0..b856bac5f 100644 --- a/yacy.init +++ b/yacy.init @@ -649,6 +649,14 @@ indexDistribution.minChunkSize = 5 indexDistribution.maxChunkSize = 1000 indexDistribution.startChunkSize = 50 +# defines if the peer should reject incoming index transfer +# request if a given limit is reached +indexDistribution.dhtReceiptLimitEnabled = false + +# defines the word cache for DHT reaches this level +# the peer reports itself as busy +indexDistribution.dhtReceiptLimit = 1000 + # Distribution of Citation-Reference (CR-) files # The distribution is done in two steps: # first step to anonymize the records