You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
if client's connection of actix-web is probably attacking, how can I close it immediately and insert the address into a dynamic blocklist?
when a addr is in the blocklist, i don't what to parse the uri or headers from this addr, just close the connection without sending or receiving any of the message.
let listener = TcpListener::bind(...).await?;
while let (socket, addr) = listener.accept().await? {
if blocklist.contains(&addr) {
continue;
}
tokio::spawn(async move {
...
if connection_is_attacking() {
blocklist.insert(addr);
connection.close_immediately();
}
...
});
}
The text was updated successfully, but these errors were encountered:
I found that tcpstream can be obtained by using the "on_connect" API, but still have no idea to shut it down.
typeBlocklist = Arc<RwLock<HashMap<IpAddr,Instant>>>;
...
let blocklist = Blocklist::default();
....on_connect({let blocklist = blocklist.clone();move |conn, data| {ifletSome(tcp_stream) = conn.downcast_ref::<TcpStream>(){let peer = tcp_stream.peer_addr().unwrap();if blocklist.read().unwrap().contains_key(&peer.ip()){// the ref of tcp_stream is immutable, how to shut it down? ...}// if possible, i need to send tcpstream object to handles and determine whether to close it
data.insert(ConnectionInfo{bind: tcp_stream.local_addr().unwrap(),
peer,ttl: tcp_stream.ttl().ok(),});}else{unreachable!("connection should only be plaintext since no TLS is set up");}}})
if client's connection of actix-web is probably attacking, how can I close it immediately and insert the address into a dynamic blocklist?
when a addr is in the blocklist, i don't what to parse the uri or headers from this addr, just close the connection without sending or receiving any of the message.
The text was updated successfully, but these errors were encountered: