Kyren223/eko
1
1
Fork 0
mirror of https://github.com/Kyren223/eko.git synced 2025-09-05 21:18:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added metrics for sus/malicious connections

Browse Source
This commit is contained in:
Kyren223
2025-07-17 16:06:18 +03:00
parent 52eb471e89
commit aaea258a21
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/server/metrics/metrics.go
View File

@@ -26,6 +26,12 @@ var RequestProcessingDuration = promauto.NewHistogramVec(prometheus.HistogramOpt
NativeHistogramBucketFactor: 1.00271,
}, []string{"request_type", "dropped"})
var ConnectionsRateLimited = promauto.NewCounterVec(prometheus.CounterOpts{
Namespace: namespace,
Name: "connections_rate_limited_total",
Help: "The total number of rate limited connections",
}, []string{"category"})
var ConnectionsEstablished = promauto.NewCounter(prometheus.CounterOpts{
Namespace: namespace,
Name: "connections_established_total",

2
internal/server/server.go
View File

@@ -636,6 +636,7 @@ func (s *server) isRateLimited(ip uint32) bool {
s.ipConns[ip] = entry
return false
} else if entry.count < RateLimitCountThresholdMalicious {
metrics.ConnectionsRateLimited.WithLabelValues("suspicious").Inc()
if entry.count == RateLimitCountThresholdSus {
slog.Warn("suspicious connection activity", "ip", ipStr, "count", entry.count)
// Only log the first one
@@ -644,6 +645,7 @@ func (s *server) isRateLimited(ip uint32) bool {
s.ipConns[ip] = entry
return true
} else {
metrics.ConnectionsRateLimited.WithLabelValues("malicious").Inc()
if entry.count == RateLimitCountThresholdMalicious {
slog.Warn("potential malicious connection behavior", "ip", ipStr, "count", entry.count)
// Only log the first one