From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 148841FF15E for ; Mon, 10 Nov 2025 14:43:57 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 7D24116C28; Mon, 10 Nov 2025 14:44:42 +0100 (CET) Message-ID: <3135b480-15f2-4fd3-9b92-79e3b9e0e957@proxmox.com> Date: Mon, 10 Nov 2025 14:44:09 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird From: Hannes Laimer To: pbs-devel@lists.proxmox.com References: <20251107132329.42965-1-h.laimer@proxmox.com> Content-Language: en-US In-Reply-To: <20251107132329.42965-1-h.laimer@proxmox.com> X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1762782227183 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.046 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pbs-devel] superseded: [PATCH proxmox{, -backup} v2 0/6] add user specific rate-limits X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" superseded-by: https://lore.proxmox.com/pbs-devel/20251110134255.69132-1-h.laimer@proxmox.com/T/#t On 11/7/25 14:23, Hannes Laimer wrote: > When a connection is accepted we create a shared tag handle for its > rate-limited stream. The REST layer clears that handle before every > request. Once a request authenticates successfully, we push a > User(...) tag with the auth ID. Failed or unauthenticated requests > leave the tag list empty. RateLimitedStream watches that handle and > forces an immediate limiter refresh whenever the tag set changes so > user-specific throttles take effect right away. > > Currently rules with a user specified take priority over others. So: > user > IP only > neither, in case two rules match. > > If users and networks are specified, the rule only applies if both > match. So, Any of the specified user connect from any of the specified > network. > > And all of this ofc still only if the given timeframe matches. > > v2, thanks @Chris!: > - fix problem with tag staying on connection after request finishes, > and with when it would be set in first place > - use a more generic tag-list on the connection, this is more general > - tag is now an enum, like chris suggested, this should make it > somewhat easy to extend if we at some point should want to > > > proxmox: > > Hannes Laimer (3): > pbs-api-types: allow traffic-control rules to match users > http: track user tag updates on rate-limited streams > rest-server: propagate rate-limit tags from authenticated users > > pbs-api-types/src/traffic_control.rs | 9 ++ > proxmox-http/src/lib.rs | 2 +- > proxmox-http/src/rate_limited_stream.rs | 35 +++++- > proxmox-rest-server/src/connection.rs | 18 +++- > proxmox-rest-server/src/rest.rs | 137 +++++++++++++++++++++++- > 5 files changed, 192 insertions(+), 9 deletions(-) > > > proxmox-backup: > > Hannes Laimer (3): > api: taffic-control: update/delete users on rule correctly > traffic-control: handle users specified in a rule correctly > ui: traffic-control: add users field in edit form and list > > src/api2/config/traffic_control.rs | 8 +++ > src/bin/proxmox-backup-proxy.rs | 12 +++- > src/traffic_control_cache.rs | 100 +++++++++++++++++++++++++---- > www/config/TrafficControlView.js | 7 ++ > www/window/TrafficControlEdit.js | 18 ++++++ > 5 files changed, 131 insertions(+), 14 deletions(-) > > > Summary over all repositories: > 10 files changed, 323 insertions(+), 23 deletions(-) > _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel