push.rocks/smartproxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bb2c82b44ae6fa041de64e6604364c9d7158e90b
smartproxy/readme.plan.md
Juergen Kunz 5d011ba84c better logging
2025-07-03 02:32:17 +00:00

45 lines
2.0 KiB
Markdown
Raw Blame History

# SmartProxy Connection Limiting Improvements Plan
Command to re-read CLAUDE.md: `cat /home/philkunz/.claude/CLAUDE.md`
## Issues Identified
1. **HttpProxy Bypass**: Connections forwarded to HttpProxy for TLS termination only check global limits, not per-IP limits
2. **Missing Route-Level Connection Enforcement**: Routes can define `security.maxConnections` but it's never enforced
3. **Cleanup Queue Race Condition**: New connections can be added to cleanup queue while processing
4. **IP Tracking Memory Optimization**: IP entries remain in map even without active connections
## Implementation Steps
### 1. Fix HttpProxy Per-IP Validation ✓
- [x] Pass IP information to HttpProxy when forwarding connections
- [x] Add per-IP validation in HttpProxy connection handler
- [x] Ensure connection tracking is consistent between SmartProxy and HttpProxy
### 2. Implement Route-Level Connection Limits ✓
- [x] Add connection count tracking per route in ConnectionManager
- [x] Update SharedSecurityManager.isAllowed() to check route-specific maxConnections
- [x] Add route connection limit validation in route-connection-handler.ts
### 3. Fix Cleanup Queue Race Condition ✓
- [x] Implement proper queue snapshotting before processing
- [x] Ensure new connections added during processing aren't missed
- [x] Add proper synchronization for cleanup operations
### 4. Optimize IP Tracking Memory Usage ✓
- [x] Add periodic cleanup for IPs with no active connections
- [x] Implement expiry for rate limit timestamps
- [x] Add memory-efficient data structures for IP tracking
### 5. Add Comprehensive Tests ✓
- [x] Test per-IP limits with HttpProxy forwarding
- [x] Test route-level connection limits
- [x] Test cleanup queue edge cases
- [x] Test memory usage with many unique IPs
## Notes
- All connection limiting is now consistent across SmartProxy and HttpProxy
- Route-level limits provide additional granular control
- Memory usage is optimized for high-traffic scenarios
- Comprehensive test coverage ensures reliability
Reference in New Issue View Git Blame Copy Permalink