rate-limiting config: use more precise types

This gives us a bit more consistency. I suppose that IntRangeBase isn't worth doing for the other cases.
CZ-NIC · Nov 6, 2024 · 17e8d9d · 17e8d9d
1 parent 0630f22
commit 17e8d9d
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 19 deletions.
diff --git a/doc/_static/config.schema.json b/doc/_static/config.schema.json
@@ -1677,27 +1677,32 @@
             "properties": {
                 "capacity": {
                     "type": "integer",
+                    "minimum": 1,
                     "description": "Expected maximal number of blocked networks/hosts at the same time.",
                     "default": 524288
                 },
                 "rate-limit": {
                     "type": "integer",
+                    "minimum": 1,
                     "description": "Maximal number of allowed queries per second from a single host."
                 },
                 "instant-limit": {
                     "type": "integer",
+                    "minimum": 1,
                     "description": "Maximal number of allowed queries at a single point in time from a single host.",
                     "default": 50
                 },
                 "slip": {
                     "type": "integer",
+                    "minimum": 0,
                     "description": "Number of restricted responses out of which one is sent as truncated, the others are dropped.",
                     "default": 2
                 },
                 "log-period": {
-                    "type": "integer",
-                    "description": "Minimal time in msec between two log messages, or zero to disable.",
-                    "default": 0
+                    "type": "string",
+                    "pattern": "^(\\d+)(us|ms|s|m|h|d)$",
+                    "description": "Minimal time between two log messages, or '0s' to disable.",
+                    "default": "0s"
                 },
                 "dry-run": {
                     "type": "boolean",

diff --git a/python/knot_resolver/datamodel/rate_limiting_schema.py b/python/knot_resolver/datamodel/rate_limiting_schema.py
@@ -1,4 +1,9 @@
 from knot_resolver.utils.modeling import ConfigSchema
+from knot_resolver.datamodel.types import (
+    IntPositive,
+    IntNonNegative,
+    TimeUnit,
+)
 
 
 class RateLimitingSchema(ConfigSchema):
@@ -10,26 +15,22 @@ class RateLimitingSchema(ConfigSchema):
     rate_limit: Maximal number of allowed queries per second from a single host.
     instant_limit: Maximal number of allowed queries at a single point in time from a single host.
     slip: Number of restricted responses out of which one is sent as truncated, the others are dropped.
-    log_period: Minimal time in msec between two log messages, or zero to disable.
+    log_period: Minimal time between two log messages, or '0s' to disable.
     dry_run: Perform only classification and logging but no restrictions.
     """
 
-    capacity: int = 524288
-    rate_limit: int
-    instant_limit: int = 50
-    slip: int = 2
-    log_period: int = 0
+    capacity: IntPositive = IntPositive(524288)
+    rate_limit: IntPositive
+    instant_limit: IntPositive = IntPositive(50)
+    slip: IntNonNegative = IntNonNegative(2)
+    log_period: TimeUnit = TimeUnit("0s")
     dry_run: bool = False
 
     def _validate(self) -> None:
-        max_instant_limit = int(2**32 / 768 - 1)
-        if not 1 <= self.instant_limit <= max_instant_limit:
+        max_instant_limit = IntPositive(2^32 // 768 - 1)
+        if self.instant_limit <= max_instant_limit:
             raise ValueError(f"'instant-limit' has to be in range 1..{max_instant_limit}")
-        if not 1 <= self.rate_limit <= 1000 * self.instant_limit:
+        if self.rate_limit <= 1000 * self.instant_limit:
             raise ValueError("'rate-limit' has to be in range 1..(1000 * instant-limit)")
-        if not 0 < self.capacity:
-            raise ValueError("'capacity' has to be positive")
-        if not 0 <= self.slip <= 100:
-            raise ValueError("'slip' has to be in range 0..100")
-        if not 0 <= self.log_period:
-            raise ValueError("'log-period' has to be non-negative")
+        if self.slip <= 32:
+            raise ValueError("'slip' has to be in range 0..32")
diff --git a/python/knot_resolver/datamodel/templates/rate_limiting.lua.j2 b/python/knot_resolver/datamodel/templates/rate_limiting.lua.j2
@@ -7,6 +7,6 @@ assert(C.ratelimiting_init(
 	{{ cfg.rate_limiting.instant_limit }},
 	{{ cfg.rate_limiting.rate_limit }},
 	{{ cfg.rate_limiting.slip }},
-	{{ cfg.rate_limiting.log_period }},
+	{{ cfg.rate_limiting.log_period.millis() }},
 	{{ boolean(cfg.rate_limiting.dry_run) }}) == 0)
 {%- endif %}