Skip to content

feature: rate limit#346

Open
SkohTV wants to merge 1 commit intofacebook:mainfrom
SkohTV:rate-limit
Open

feature: rate limit#346
SkohTV wants to merge 1 commit intofacebook:mainfrom
SkohTV:rate-limit

Conversation

@SkohTV
Copy link
Copy Markdown
Contributor

@SkohTV SkohTV commented Oct 8, 2025
edited
Loading

Fix #215

Hi, sorry for the long hiatus,
A bunch of stuff came up, and I didn't have the time to do the big rebase+refactor.

Changes:

  • Did the big rebase.
  • Changed ratelimit from an action to a matcher, supports for eq with an uint32
  • Kept the map, because some persistence is required for rate limiting.
  • Also kept and slightly changed the elfstub.
  10 first All after
chain my_chain BF_HOOK_XDP{ifindex=2} DROP rule meta.ratelimit eq 10 ACCEPT ACCEPT DROP
chain my_chain BF_HOOK_XDP{ifindex=2} ACCEPT rule meta.ratelimit eq 10 DROP DROP ACCEPT
chain my_chain BF_HOOK_XDP{ifindex=2} DROP rule meta.ratelimit not eq 10 ACCEPT DROP ACCEPT
chain my_chain BF_HOOK_XDP{ifindex=2} ACCEPT rule meta.ratelimit not eq 10 DROP ACCEPT DROP
I'd really like to get this PR over the finish line at some point :)

@meta-cla meta-cla Bot added the cla signed label Oct 8, 2025
@SkohTV SkohTV force-pushed the rate-limit branch 2 times, most recently from 3d56c6e to 63e5923 Compare October 8, 2025 20:45
@SkohTV SkohTV changed the title cli: add ratelimit keyword feature: rate limit Oct 10, 2025
qdeslandes
qdeslandes reviewed Oct 15, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@qdeslandes qdeslandes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I went for an early review, mostly for the parsing part. On the BPF side, the map will contain the runtime values for a given rule's rate limit (current burst/allowance, limit, last update time...).

Comment thread src/bfcli/parser.y Outdated
Comment thread src/bfcli/lexer.l Outdated
Comment thread src/bfcli/parser.y Outdated
Comment thread src/bfcli/parser.y Outdated
Comment thread src/bpfilter/cgen/program.c Outdated
Comment thread src/bpfilter/cgen/program.c Outdated
@SkohTV SkohTV force-pushed the rate-limit branch 4 times, most recently from df768e9 to fd116e7 Compare January 23, 2026 21:39
@SkohTV

This comment was marked as outdated.

Sign in to view
@SkohTV SkohTV marked this pull request as ready for review January 23, 2026 21:49
@SkohTV SkohTV requested a review from qdeslandes January 31, 2026 01:08
qdeslandes
qdeslandes requested changes Feb 1, 2026
View reviewed changes
Comment thread src/bfcli/parser.y Outdated
Comment thread src/bfcli/parser.y Outdated
Comment thread src/bfcli/parser.y
Comment thread src/bpfilter/bpf/ratelimit.bpf.c Outdated
Comment thread src/bpfilter/cgen/prog/map.c Outdated
Comment thread src/bpfilter/cgen/elfstub.h Outdated
Comment thread src/bpfilter/cgen/program.c Outdated
Comment thread src/bpfilter/cgen/program.c Outdated
@SkohTV SkohTV force-pushed the rate-limit branch 4 times, most recently from 0ecf4d4 to 699137e Compare February 3, 2026 20:40
@SkohTV SkohTV marked this pull request as draft April 29, 2026 10:38
@SkohTV SkohTV marked this pull request as ready for review April 30, 2026 21:38
@SkohTV SkohTV requested a review from qdeslandes April 30, 2026 21:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@qdeslandes qdeslandes Awaiting requested review from qdeslandes qdeslandes is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

cla signed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Traffic rate limiting

2 participants

@SkohTV @qdeslandes