Page MenuHomePhabricator
Files F56794396

raw-paste-data.txt
No One
Actions

Authored By
CDanis
Jul 30 2024, 7:43 PM
Size
2 KB
Referenced Files
None
Subscribers
None

raw-paste-data.txt
View Options

### All of this from Puppet, as usual
# Pseudo-backends used only for statistics tracking.
backend httpreqrate
stick-table type ipv6 size 1m expire 300s store http_req_rate(10s),gpc_rate(10,300s)
backend httpreqrate_http
stick-table type ipv6 size 1m expire 300s store http_req_rate(10s),gpc_rate(10,300s)
listen tls
http-request track-sc0 src table httpreqrate
### All of the above from Puppet, as usual
### All of the below from requestctl
## per-ip-default-concurrency
acl per-ip-default-concurrency_too-high-now sc0_trackers(httpreqrate) ge 500
acl per-ip-default-concurrency_too-high-recently sc_gpc_rate(0,0,httpreqrate) gt 0
acl per-ip-default-concurrency_mark-as-too-high sc_inc_gpc(0,0,httpreqrate)
# per-ip-default-concurrency logging enabled
http-request set-var(req.dummy) src,debug(silent-drop_for_300s/per-ip-default-concurrency) if per-ip-default-concurrency_too-high-now !per-ip-default-concurrency_too-high-recently
# per-ip-default-concurrency mark: (logging OR enforcement) enabled
http-request set-var(req.dummy) src if per-ip-default-concurrency_too-high-now per-ip-default-concurrency_mark-as-too-high
# per-ip-default-concurrency enforcement enabled
http-request silent-drop if per-ip-default-concurrency_too-high-recently
## per-ip-sussy-concurrency
acl per-ip-sussy-concurrency_too-high-now sc0_trackers(httpreqrate) ge 50
acl per-ip-sussy-concurrency_too-high-recently sc_gpc_rate(0,1,httpreqrate) gt 0
acl per-ip-sussy-concurrency_mark-as-too-high sc_inc_gpc(0,1,httpreqrate)
# per-ip-sussy-concurrency logging enabled
http-request set-var(req.dummy) src,debug(silent-drop_for_300s/per-ip-sussy-concurrency) if ipblock_known_sussy per-ip-sussy-concurrency_too-high-now !per-ip-sussy-concurrency_too-high-recently
# per-ip-sussy-concurrency mark: (logging OR enforcement) enabled
http-request set-var(req.dummy) src if ipblock_known_sussy per-ip-sussy-concurrency_too-high-now per-ip-sussy-concurrency_mark-as-too-high
# per-ip-sussy-concurrency enforcement enabled
http-request silent-drop if ipblock_known_sussy per-ip-sussy-concurrency_too-high-recently
## per-ip-aws-concurrency
acl per-ip-aws-concurrency_too-high-now sc0_trackers(httpreqrate) ge 25
acl per-ip-aws-concurrency_too-high-recently sc_gpc_rate(0,2,httpreqrate) gt 0
acl per-ip-aws-concurrency_mark-as-too-high sc_inc_gpc(0,2,httpreqrate)
# per-ip-aws-concurrency logging enabled
http-request set-var(req.dummy) src,debug(silent-drop_for_300s/per-ip-aws-concurrency) if ipblock_cloud_aws per-ip-aws-concurrency_too-high-now !per-ip-aws-concurrency_too-high-recently
# per-ip-aws-concurrency mark: (logging OR enforcement) enabled
http-request set-var(req.dummy) src if ipblock_cloud_aws per-ip-aws-concurrency_too-high-now per-ip-aws-concurrency_mark-as-too-high
# per-ip-aws-concurrency enforcement disabled

File Metadata

Mime Type
text/plain; charset=utf-8
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
18568873
Default Alt Text
raw-paste-data.txt (2 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits