From a94b476726aaaec2cf41f3fa3b06218066518339 Mon Sep 17 00:00:00 2001 From: user123456 Date: Wed, 18 Jun 2025 20:44:26 +0800 Subject: [PATCH] =?UTF-8?q?=E7=A7=BB=E9=99=A4=E5=86=97=E4=BD=99=E7=9A=84?= =?UTF-8?q?=E9=99=90=E6=B5=81=E6=99=BA=E8=83=BD=E5=88=A4=E6=96=AD=E9=80=BB?= =?UTF-8?q?=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/ratelimiter.go | 7 +-- src/smart_ratelimit.go | 108 ----------------------------------------- 2 files changed, 2 insertions(+), 113 deletions(-) delete mode 100644 src/smart_ratelimit.go diff --git a/src/ratelimiter.go b/src/ratelimiter.go index 249992e..671a6cd 100644 --- a/src/ratelimiter.go +++ b/src/ratelimiter.go @@ -287,11 +287,8 @@ func RateLimitMiddleware(limiter *IPRateLimiter) gin.HandlerFunc { return } - // 智能限流判断:检查是否应该跳过限流计数 - shouldSkip := smartLimiter.ShouldSkipRateLimit(cleanIP, c.Request.URL.Path) - - // 只有在不跳过的情况下才检查限流 - if !shouldSkip && !ipLimiter.Allow() { + // 检查限流 + if !ipLimiter.Allow() { c.JSON(429, gin.H{ "error": "请求频率过快,暂时限制访问", }) diff --git a/src/smart_ratelimit.go b/src/smart_ratelimit.go deleted file mode 100644 index c154cdc..0000000 --- a/src/smart_ratelimit.go +++ /dev/null @@ -1,108 +0,0 @@ -package main - -import ( - "strings" - "sync" - "time" -) - -// SmartRateLimit 智能限流会话管理 -type SmartRateLimit struct { - sessions sync.Map -} - -// PullSession Docker拉取会话 -type PullSession struct { - LastManifestTime time.Time - RequestCount int -} - -// 全局智能限流实例 -var smartLimiter = &SmartRateLimit{} - -const ( - // manifest请求后的活跃窗口时间 - activeWindowDuration = 3 * time.Minute - // 活跃窗口内最大免费blob请求数(防止滥用) - maxFreeBlobRequests = 100 - sessionCleanupInterval = 10 * time.Minute - sessionExpireTime = 30 * time.Minute -) - -func init() { - go smartLimiter.cleanupSessions() -} - -// ShouldSkipRateLimit 判断是否应该跳过限流计数 -func (s *SmartRateLimit) ShouldSkipRateLimit(ip, path string) bool { - requestType, _ := parseRequestInfo(path) - - if requestType != "manifests" && requestType != "blobs" { - return false - } - - sessionKey := normalizeIPForRateLimit(ip) - sessionInterface, _ := s.sessions.LoadOrStore(sessionKey, &PullSession{}) - session := sessionInterface.(*PullSession) - - now := time.Now() - - if requestType == "manifests" { - session.LastManifestTime = now - session.RequestCount = 0 - return false - } - - if requestType == "blobs" { - if !session.LastManifestTime.IsZero() && - now.Sub(session.LastManifestTime) <= activeWindowDuration { - - session.RequestCount++ - if session.RequestCount <= maxFreeBlobRequests { - return true - } - } - } - - return false -} - -func parseRequestInfo(path string) (requestType, imageRef string) { - path = strings.TrimPrefix(path, "/v2/") - - if idx := strings.Index(path, "/manifests/"); idx != -1 { - return "manifests", path[:idx] - } - if idx := strings.Index(path, "/blobs/"); idx != -1 { - return "blobs", path[:idx] - } - if idx := strings.Index(path, "/tags/"); idx != -1 { - return "tags", path[:idx] - } - - return "unknown", "" -} - -// cleanupSessions 定期清理过期会话,防止内存泄露 -func (s *SmartRateLimit) cleanupSessions() { - ticker := time.NewTicker(sessionCleanupInterval) - defer ticker.Stop() - - for range ticker.C { - now := time.Now() - expiredKeys := make([]string, 0) - - s.sessions.Range(func(key, value interface{}) bool { - session := value.(*PullSession) - if !session.LastManifestTime.IsZero() && - now.Sub(session.LastManifestTime) > sessionExpireTime { - expiredKeys = append(expiredKeys, key.(string)) - } - return true - }) - - for _, key := range expiredKeys { - s.sessions.Delete(key) - } - } -} \ No newline at end of file