[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor] 03/04: relay: Add number of rejected connections to MetricsPort
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main
in repository tor.
commit c8d8fa0d3639058544ffe153c1b83e0ed80bf43a
Author: David Goulet <dgoulet@xxxxxxxxxxxxxx>
AuthorDate: Wed Oct 12 09:25:01 2022 -0400
relay: Add number of rejected connections to MetricsPort
Related to #40194
Signed-off-by: David Goulet <dgoulet@xxxxxxxxxxxxxx>
---
src/core/mainloop/connection.c | 3 +++
src/core/or/connection_edge.c | 2 ++
src/feature/relay/relay_metrics.c | 5 +++++
src/feature/stats/rephist.c | 19 +++++++++++++++++++
src/feature/stats/rephist.h | 2 ++
5 files changed, 31 insertions(+)
diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index c6af478c44..8bb3534b28 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -2013,6 +2013,7 @@ connection_handle_listener_read(connection_t *conn, int new_type)
log_notice(LD_APP,
"Denying socks connection from untrusted address %s.",
fmt_and_decorate_addr(&addr));
+ rep_hist_note_conn_rejected(new_type);
tor_close_socket(news);
return 0;
}
@@ -2022,6 +2023,7 @@ connection_handle_listener_read(connection_t *conn, int new_type)
if (dir_policy_permits_address(&addr) == 0) {
log_notice(LD_DIRSERV,"Denying dir connection from address %s.",
fmt_and_decorate_addr(&addr));
+ rep_hist_note_conn_rejected(new_type);
tor_close_socket(news);
return 0;
}
@@ -2030,6 +2032,7 @@ connection_handle_listener_read(connection_t *conn, int new_type)
/* Assess with the connection DoS mitigation subsystem if this address
* can open a new connection. */
if (dos_conn_addr_get_defense_type(&addr) == DOS_CONN_DEFENSE_CLOSE) {
+ rep_hist_note_conn_rejected(new_type);
tor_close_socket(news);
return 0;
}
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
index ea4bf00735..7ba7ecc4c5 100644
--- a/src/core/or/connection_edge.c
+++ b/src/core/or/connection_edge.c
@@ -4206,6 +4206,7 @@ connection_exit_connect(edge_connection_t *edge_conn)
log_info(LD_EXIT,"%s failed exit policy%s. Closing.",
connection_describe(conn),
why_failed_exit_policy);
+ rep_hist_note_conn_rejected(conn->type);
connection_edge_end(edge_conn, END_STREAM_REASON_EXITPOLICY);
circuit_detach_stream(circuit_get_by_edge_conn(edge_conn), edge_conn);
connection_free(conn);
@@ -4233,6 +4234,7 @@ connection_exit_connect(edge_connection_t *edge_conn)
nodelist_reentry_contains(&conn->addr, conn->port)) {
log_info(LD_EXIT, "%s tried to connect back to a known relay address. "
"Closing.", connection_describe(conn));
+ rep_hist_note_conn_rejected(conn->type);
connection_edge_end(edge_conn, END_STREAM_REASON_CONNECTREFUSED);
circuit_detach_stream(circuit_get_by_edge_conn(edge_conn), edge_conn);
connection_free(conn);
diff --git a/src/feature/relay/relay_metrics.c b/src/feature/relay/relay_metrics.c
index efe77473aa..8d0fef86b3 100644
--- a/src/feature/relay/relay_metrics.c
+++ b/src/feature/relay/relay_metrics.c
@@ -170,6 +170,11 @@ fill_connections_values(void)
rentry->help);
fill_single_connection_value(sentry, i, "received", "opened",
rep_hist_get_conn_opened(true, i));
+
+ sentry = metrics_store_add(the_store, rentry->type, rentry->name,
+ rentry->help);
+ fill_single_connection_value(sentry, i, "received", "rejected",
+ rep_hist_get_conn_rejected(i));
}
}
diff --git a/src/feature/stats/rephist.c b/src/feature/stats/rephist.c
index b272f27909..f12b1e8a70 100644
--- a/src/feature/stats/rephist.c
+++ b/src/feature/stats/rephist.c
@@ -1651,6 +1651,8 @@ rep_hist_note_exit_stream_opened(uint16_t port)
static uint64_t conn_num_created[2][CONN_TYPE_MAX_];
/** Number of connections opened per direction per type. */
static uint64_t conn_num_opened[2][CONN_TYPE_MAX_];
+/** Number of connections rejected per type. Always inbound. */
+static uint64_t conn_num_rejected[CONN_TYPE_MAX_];
/** Note that a connection has opened of the given type. */
void
@@ -1677,6 +1679,15 @@ rep_hist_note_conn_closed(bool from_listener, unsigned int type)
}
}
+/** Note that a connection has rejected of the given type. */
+void
+rep_hist_note_conn_rejected(unsigned int type)
+{
+ tor_assert(type <= CONN_TYPE_MAX_);
+
+ conn_num_rejected[type]++;
+}
+
/** Return number of created connections of the given type. */
uint64_t
rep_hist_get_conn_created(bool from_listener, unsigned int type)
@@ -1695,6 +1706,14 @@ rep_hist_get_conn_opened(bool from_listener, unsigned int type)
return conn_num_opened[dir][type];
}
+/** Return number of opened connections of the given type. */
+uint64_t
+rep_hist_get_conn_rejected(unsigned int type)
+{
+ tor_assert(type <= CONN_TYPE_MAX_);
+ return conn_num_rejected[type];
+}
+
/*** cell statistics ***/
/** Start of the current buffer stats interval or 0 if we're not
diff --git a/src/feature/stats/rephist.h b/src/feature/stats/rephist.h
index 21808cdee8..2a83dd185e 100644
--- a/src/feature/stats/rephist.h
+++ b/src/feature/stats/rephist.h
@@ -43,8 +43,10 @@ void rep_hist_note_exit_stream_opened(uint16_t port);
void rep_hist_note_conn_opened(bool initiated, unsigned int type);
void rep_hist_note_conn_closed(bool initiated, unsigned int type);
+void rep_hist_note_conn_rejected(unsigned int type);
uint64_t rep_hist_get_conn_created(bool initiated, unsigned int type);
uint64_t rep_hist_get_conn_opened(bool initiated, unsigned int type);
+uint64_t rep_hist_get_conn_rejected(unsigned int type);
void rep_hist_buffer_stats_init(time_t now);
void rep_hist_buffer_stats_add_circ(circuit_t *circ,
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits