From 8dbf049a7107f03715da2a88e01e3ba28fa3f84a Mon Sep 17 00:00:00 2001
From: cyan317 <120398799+cindyyan317@users.noreply.github.com>
Date: Thu, 2 Feb 2023 09:04:00 +0000
Subject: [PATCH] Adjust DosGuard default cfg (#496)

Fix #497
---
 example-config.json      | 28 +++++++++++++++++-----------
 src/webserver/DOSGuard.h |  8 ++++----
 2 files changed, 21 insertions(+), 15 deletions(-)

diff --git a/example-config.json b/example-config.json
index d72e80e9..49f83b0e 100644
--- a/example-config.json
+++ b/example-config.json
@@ -19,30 +19,36 @@
             "grpc_port": "50051"
         }
     ],
-    "dos_guard":
-    {
-        "whitelist":["127.0.0.1"], // comma-separated list of ips to exclude from rate limiting
+    "dos_guard": {
+        "whitelist": [
+            "127.0.0.1"
+        ], // comma-separated list of ips to exclude from rate limiting
         /* The below values are the default values and are only specified here
          * for documentation purposes. The rate limiter currently limits
          * connections and bandwidth per ip. The rate limiter looks at the raw
          * ip of a client connection, and so requests routed through a load
          * balancer will all have the same ip and be treated as a single client
          */
-        "max_fetches":100000000, // max bytes per ip per sweep interval
-        "max_connections":1, // max connections per ip
-        "sweep_interval": 10 // time in seconds before resetting bytes per ip count
+        "max_fetches": 1000000, // max bytes per ip per sweep interval
+        "max_connections": 20, // max connections per ip
+        "max_requests": 20, // max connections per ip
+        "sweep_interval": 1 // time in seconds before resetting bytes per ip count
     },
-    "cache":
-    {
-        "peers": [{"ip":"127.0.0.1","port":51234}]
+    "cache": {
+        "peers": [
+            {
+                "ip": "127.0.0.1",
+                "port": 51234
+            }
+        ]
     },
-    "server":{
+    "server": {
         "ip": "0.0.0.0",
         "port": 51233,
         /* Max number of requests to queue up before rejecting further requests.
         * Defaults to 0, which disables the limit
         */
-        "max_queue_size":500
+        "max_queue_size": 500
     },
     "log_channels": [
         {
diff --git a/src/webserver/DOSGuard.h b/src/webserver/DOSGuard.h
index 582ae60f..502b3fb4 100644
--- a/src/webserver/DOSGuard.h
+++ b/src/webserver/DOSGuard.h
@@ -77,9 +77,9 @@ public:
      */
     BasicDOSGuard(clio::Config const& config, SweepHandler& sweepHandler)
         : whitelist_{getWhitelist(config)}
-        , maxFetches_{config.valueOr("dos_guard.max_fetches", 100000000u)}
-        , maxConnCount_{config.valueOr("dos_guard.max_connections", 1u)}
-        , maxRequestCount_{config.valueOr("dos_guard.max_requests", 10u)}
+        , maxFetches_{config.valueOr("dos_guard.max_fetches", 1000000u)}
+        , maxConnCount_{config.valueOr("dos_guard.max_connections", 20u)}
+        , maxRequestCount_{config.valueOr("dos_guard.max_requests", 20u)}
     {
         sweepHandler.setup(this);
     }
@@ -271,7 +271,7 @@ public:
         : sweepInterval_{std::max(
               1u,
               static_cast<uint32_t>(
-                  config.valueOr("dos_guard.sweep_interval", 10.0) * 1000.0))}
+                  config.valueOr("dos_guard.sweep_interval", 1.0) * 1000.0))}
         , ctx_{std::ref(ctx)}
     {
     }