From 8923cb7156b60c95c49422dfdb2c9aafbbff5d42 Mon Sep 17 00:00:00 2001 From: Shane da Silva Date: Wed, 25 Sep 2024 10:21:28 -0700 Subject: [PATCH] fix: Ignore rate limits for local/loopback IP traffic (#2331) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## Why is this change needed? When using a proxy in front of the hub you'll get rate limit errors even though the traffic is coming from different IPs. Until we support the `X-Forwarded-For`, this is a quick way to unblock the use of reverse proxies like nginx or Caddy. ## Merge Checklist - [x] PR title adheres to the [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/) standard - [x] PR has a [changeset](https://github.com/farcasterxyz/hub-monorepo/blob/main/CONTRIBUTING.md#35-adding-changesets) - [x] PR has been tagged with a change label(s) (i.e. documentation, feature, bugfix, or chore) - [x] PR includes [documentation](https://github.com/farcasterxyz/hub-monorepo/blob/main/CONTRIBUTING.md#32-writing-docs) if necessary. --- ## PR-Codex overview This PR focuses on enhancing the rate limiting functionality to ignore rate limits for local loopback traffic, specifically allowing requests from `127.0.0.1` without restrictions. ### Detailed summary - Updated `rateLimits.ts` to bypass rate limits for local loopback IP `127.0.0.1`. - Removed rate limit check in `server.ts` for local requests. - Added a test in `rateLimits.test.ts` to ensure local requests are not rate limited. > ✨ Ask PR-Codex anything about this PR by commenting with `/codex {your question}` --- .changeset/long-mayflies-march.md | 5 +++++ apps/hubble/src/rpc/server.ts | 1 - apps/hubble/src/utils/rateLimits.test.ts | 7 +++++++ apps/hubble/src/utils/rateLimits.ts | 5 +++++ 4 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 .changeset/long-mayflies-march.md diff --git a/.changeset/long-mayflies-march.md b/.changeset/long-mayflies-march.md new file mode 100644 index 0000000000..e6bc4e9408 --- /dev/null +++ b/.changeset/long-mayflies-march.md @@ -0,0 +1,5 @@ +--- +"@farcaster/hubble": patch +--- + +Ignore rate limits for local loopback traffic diff --git a/apps/hubble/src/rpc/server.ts b/apps/hubble/src/rpc/server.ts index 13d63038e0..223ca763b6 100644 --- a/apps/hubble/src/rpc/server.ts +++ b/apps/hubble/src/rpc/server.ts @@ -903,7 +903,6 @@ export default class Server { (e) => e, )().unwrapOr("unavailable"); - // Check for rate limits const rateLimitResult = await rateLimitByIp(peer, this.submitMessageRateLimiter); if (rateLimitResult.isErr()) { logger.warn({ peer }, "submitMessage rate limited"); diff --git a/apps/hubble/src/utils/rateLimits.test.ts b/apps/hubble/src/utils/rateLimits.test.ts index 5fb18f7a17..26c2c25d91 100644 --- a/apps/hubble/src/utils/rateLimits.test.ts +++ b/apps/hubble/src/utils/rateLimits.test.ts @@ -35,6 +35,13 @@ describe("test rate limits", () => { } }); + test("don't rate limit local requests", async () => { + for (let i = 0; i < 100; i++) { + const result = await rateLimitByIp("127.0.0.1:3000", Limit10PerSecond); + expect(result.isOk()).toBeTruthy(); + } + }); + test("test rate limiting via consumeRateLimit/isRateLimited", async () => { // 10 Requests should be fine for (let i = 0; i < 10; i++) { diff --git a/apps/hubble/src/utils/rateLimits.ts b/apps/hubble/src/utils/rateLimits.ts index f1e6b5ac1b..f843cbb1aa 100644 --- a/apps/hubble/src/utils/rateLimits.ts +++ b/apps/hubble/src/utils/rateLimits.ts @@ -30,6 +30,11 @@ export const rateLimitByIp = async (ip: string, limiter: RateLimiterAbstract): H // Get the IP part of the address const ipPart = ip.split(":")[0] ?? ""; + // Ignore local loopback traffic + if (ipPart === "127.0.0.1") { + return ok(true); + } + return rateLimitByKey(ipPart, limiter); };