Skip to content

Commit

Permalink
chore: DOS protection of non-relay req/resp protocols new cli argumen…
Browse files Browse the repository at this point in the history
…t description (#216)

* DOS protection of non-relay req/resp protocols has a new cli argument, now described officially.
  • Loading branch information
NagyZoltanPeter authored Sep 23, 2024
1 parent 35c06b3 commit edb6b63
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions docs/guides/nwaku/config-options.md
Original file line number Diff line number Diff line change
Expand Up @@ -157,6 +157,12 @@ Here are the available node configuration options, along with their default valu
| `websocket-secure-key-path` | | Secure websocket key path: '/path/to/key.txt' |
| `websocket-secure-cert-path` | | Secure websocket Certificate path: '/path/to/cert.txt' |

## Non relay, request-response protocol DOS protection configuration

| Name | Default Value | Description |
| ---------------------------- | ------------- | ------------------------------------------------------ |
| `rate-limit` | | This is a repeatable option. Each one of them can describe spefic rate limit configuration for a particular protocol.<br />\<protocol\>:volume/period\<time-unit\><br />- if protocol is not given, settings will be taken as default for un-set protocols. Ex: `80/2s`<br />-Supported protocols are: `lightpush`\|`filter`\|`px`\|`store`\|`storev2`\|`storev3`<br />-volume must be an integer value, representing number of requests over the period of time allowed.<br />-period\<time-unit\> must be an integer with defined unit as one of `h`\|`m`\|`s`\|`ms`<br />- `storev2` and `storev3` takes precedence over `store` which can easy set both store protocols at once.<br />- In case of multiple set of the same protocol limit, last one will take place.<br />- if config is not set it means unlimited requests are allowed.<br />-filter has a bit different approach. It has a default setting applied if not overridden. Rate limit setting for filter will be applied per subscriber-peers, not globally - it must be considered when changing the setting.<br /><br />Examples:<br />- `100/1s` - default for all protocols if not set otherwise.<br />-`lightpush:0/0s` - lightpush protocol will be not rate limited.<br />-`store:130/1500ms` - both store-v3 and store-v2 will apply 130 request per each 1500ms separately.<br />-`px:10/1h` PeerExchange will serve only 10 requests in every hour.<br />-`filter:8/5m` - will allow 8 subs/unsubs/ping requests for each subscribers within every 5 min. |

:::tip
To configure your node using the provided configuration options, have a look at the [Node Configuration Methods](/guides/nwaku/config-methods) guide.
:::

0 comments on commit edb6b63

Please sign in to comment.