CN115134103B

CN115134103B - Request processing method, device, equipment and storage medium

Info

Publication number: CN115134103B
Application number: CN202110315860.4A
Authority: CN
Inventors: 黄珊珊; 帅涛; 郑振锋
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2021-03-24
Filing date: 2021-03-24
Publication date: 2024-12-31
Anticipated expiration: 2041-03-24
Also published as: CN115134103A

Abstract

The application discloses a request processing method, a request processing device, request processing equipment and a storage medium, and belongs to the technical field of networks. According to the application, the HTTP requests are counted based on the source IP address, once the number of HTTP requests sent by the same source IP address in a counting period exceeds the threshold value of a certain request processing rule, the gateway equipment writes the corresponding instruction of the request processing rule into the source IP address, and as the counting is performed in real time, the application can timely acquire which source IP is sending abnormal traffic without hysteresis analysis, so that the source IP address is limited to different degrees based on different number limitations, thereby more accurately identifying and limiting the abnormal traffic, achieving the purpose of dynamically and rapidly protecting the gateway, and laying a good foundation for information routing among different network equipment.

Description

Request processing method, device, equipment and storage medium

Technical Field

The present application relates to the field of network technologies, and in particular, to a method, an apparatus, a device, and a storage medium for processing a request.

Background

With the development of computer technology, the variety of various business systems is increasing, and different business services can be provided. Normally, the sender sends a hypertext transfer protocol (hypertext transfer protocol, HTTP) request to the service system according to the requirement, and the gateway of the service system can process the request normally. When the sender is controlled by a hacker or the system program is abnormal, the sender sends a large number of HTTP requests to the business system, so that the business system gateway needs to consume a large amount of resources to process the HTTP requests, and cannot process normal requests, thereby failing to provide normal business services. In the related art, generally, an iptables tool is adopted, and based on an internet protocol (internet protocol, IP) address, a port number and a network communication protocol of an HTTP request, a rejection or speed limitation process is performed on the HTTP request at a network layer, so as to achieve the purpose of protecting a gateway.

In the above technology, the iptables have a hysteresis in processing HTTP requests, and generally, after a gateway has failed, the iptables are manually analyzed based on the HTTP request received before the failure to determine the HTTP request that causes the gateway to fail, thereby determining an abnormal IP address, and further, in subsequent network communications, the HTTP request from the address can be rejected based on the abnormal IP address, so that abnormal traffic cannot be recognized and limited in time.

Disclosure of Invention

The embodiment of the application provides a request processing method, a device, equipment and a storage medium, wherein the method can identify and limit abnormal flow in time, and the aim of dynamically and rapidly protecting gateway equipment is fulfilled. The technical scheme is as follows:

In one aspect, a method for processing a request is provided, the method comprising:

Receiving a first HTTP request;

Responding to the first HTTP request without hitting at least two request processing rules, forwarding the first HTTP request, and counting based on the source IP address of the first HTTP request;

Writing an instruction corresponding to any request processing rule when the HTTP request quantity responding to the source IP address reaches the threshold value of the request processing rule;

Receiving a second HTTP request from the source IP address, responding to the written instruction to determine that the second HTTP request hits the request processing rule, and executing the limitation processing corresponding to the request processing rule;

Wherein the at least two request processing rules are used for indicating that different restriction processing is performed based on different thresholds of the number of times of sending HTTP requests in one counting period.

In one aspect, there is provided a request processing apparatus, the apparatus comprising:

The receiving module is used for receiving a first HTTP request;

The forwarding module is used for responding to the first HTTP request and not hitting at least two request processing rules, and forwarding the first HTTP request;

the counting module is used for counting based on the source IP address of the first HTTP request;

The writing module is used for responding to the HTTP request quantity of the source IP address to reach the threshold value of any request processing rule, and writing an instruction corresponding to the request processing rule;

The receiving module is used for receiving a second HTTP request from the source IP address;

a limiting module, configured to execute limiting processing corresponding to the request processing rule in response to determining that the second HTTP request hits the request processing rule based on the written instruction;

In some embodiments, the apparatus further comprises:

And the judging module is used for judging whether the first HTTP request hits the at least two request processing rules according to a target sequence, wherein the target sequence is used for indicating that the strict degree corresponding to the request processing rules is from large to small.

In some embodiments, the restriction module further comprises:

the first counting module is used for counting the data packets of the source IP address;

and the rejecting module is used for discarding the data packets received in the residual duration of the first duration in response to the fact that the number of the data packets sent by the source IP address in the first duration exceeds the first number.

In some embodiments, the restriction module further comprises:

A second counting module for counting the number of connections maintained with the source IP address;

And the interruption module is used for responding to the fact that the number of the connections exceeds the second number and disconnecting the connections exceeding the second number.

In some embodiments, the restriction module further comprises:

The third counting module is used for counting the number of the newly-built connections with the source IP address in the first duration;

and the rejecting module is used for rejecting to establish new connection with the source IP address in response to the newly established connection number exceeding the third number.

In some embodiments, the at least two request processing rules include at least one level of speed limit rules for limiting the speed at which the source IP address sends HTTP requests and a reject rule for rejecting HTTP requests sent by the source IP address.

In some embodiments, the at least one level of speed limit rule is used to limit at least one of a number of connections that the source IP address can maintain with the gateway device, a number of connections that can be newly established per second with the gateway device, and a number of packets transmitted per second.

In some embodiments, the apparatus further comprises:

the starting module is used for starting the timer;

and the deleting module is used for deleting the instruction of the corresponding request processing rule in response to the condition that the HTTP request from the source IP address is not received again within the second time period.

In some embodiments, the apparatus further comprises:

The detection module is used for responding to any HTTP request, and detecting whether the HTTP request from the source IP address of the HTTP request is received for the first time according to the source IP address of the HTTP request;

The starting module is used for starting a counter in response to the first time of receiving the HTTP request from the source IP address of the HTTP request, and starting the timer to record the statistical duration of the counter.

In one aspect, a computer-readable storage medium having stored therein at least one computer program loaded and executed by a processor to perform operations performed by the request processing method is provided.

In one aspect, a computer program product is provided that includes at least one computer program stored in a computer readable storage medium. The processor of the computer device reads the at least one computer program from the computer-readable storage medium, and the processor executes the at least one computer program such that the computer device implements the operations performed by the request processing method.

According to the technical scheme provided by the embodiment of the application, the HTTP requests are counted based on the source IP address, once the number of HTTP requests sent by the same source IP address in a counting period exceeds the threshold value of a certain request processing rule, the gateway equipment writes the corresponding instruction of the request processing rule into the source IP address, and because the counting is performed in real time, the analysis is not needed to be delayed, which source IP is sending abnormal traffic can be timely obtained, so that the source IP addresses are limited to different degrees based on different number limitations, the abnormal traffic can be more accurately identified and limited, and the purpose of dynamically and rapidly protecting the gateway is achieved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a schematic diagram of an implementation environment of a request processing method according to an embodiment of the present application;

FIG. 2 is a schematic diagram of a basic principle of a request processing method according to an embodiment of the present application;

FIG. 3 is a flowchart of a request processing method according to an embodiment of the present application;

FIG. 4 is a flowchart of a request processing method according to an embodiment of the present application;

FIG. 5 is a flowchart of a request processing method according to an embodiment of the present application;

FIG. 6 is a flowchart of a request processing method according to an embodiment of the present application;

FIG. 7 is a flowchart of a request processing method according to an embodiment of the present application;

FIG. 8 is a flowchart of a request processing method according to an embodiment of the present application;

FIG. 9 is a schematic diagram of a request processing device according to an embodiment of the present application;

fig. 10 is a schematic structural diagram of a computer device according to an embodiment of the present application.

Detailed Description

For the purpose of promoting an understanding of the principles and advantages of the application, reference will now be made in detail to the embodiments of the application, some but not all of which are illustrated in the accompanying drawings. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.

The terms "first," "second," and the like in this disclosure are used for distinguishing between similar elements or items having substantially the same function and function, and it should be understood that there is no logical or chronological dependency between the terms "first," "second," and "n," and that there is no limitation on the amount and order of execution.

Fig. 1 is a schematic diagram of an implementation environment of a request processing method according to an embodiment of the present application, referring to fig. 1, where the implementation environment includes a network device 110 and a service system 120, and the network device 110 is connected to the service system 120 through a wireless network or a wired network.

The network device 110 is a terminal or a server. The terminal may be a smart phone, tablet computer, notebook computer, desktop computer, smart speaker, smart watch, etc., which is not set in the embodiment of the present application. The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, a content distribution network (content delivery network, CDN), basic cloud computing services such as big data and an artificial intelligent platform. Alternatively, the number of the servers may be greater or lesser, which is not limited in this embodiment. Of course, the server may also include other functional servers in order to provide more comprehensive and diverse services.

The service system 120 includes a gateway device, which may be a host, a server, a router, or the like, and a service server, which may be any of the above servers, but is not limited thereto. It should be noted that, the gateway device and the server may be on the same hardware device or on different hardware devices, which is not limited in this embodiment.

In the related art, the network device 110 may also be referred to as a source system with respect to a service system, and is capable of transmitting an HTTP request to the service system. The business system 120 may also be referred to as a target system with respect to the network device, and is capable of receiving HTTP requests from the network device and providing corresponding services.

Based on the above implementation environment, fig. 2 is a schematic diagram of a basic principle of a request processing method according to an embodiment of the present application. The method may be applied to a gateway device. Referring to fig. 2, the network device sends an HTTP request to the service system, and the gateway device in the service system receives the HTTP request and determines whether the HTTP request hits the request processing rule. The request processing rule may also be referred to as a service fusing rule, where the request processing rule is used to instruct how to perform different constraint processing on the HTTP request based on different sending times thresholds of the HTTP request in a counting period. And responding to any one of the limit rules of the HTTP request hit request processing rules, and carrying out corresponding limit processing on the HTTP request by the gateway equipment. In response to the HTTP request not hitting the request processing rule, the gateway device forwards the HTTP request normally to the traffic server. The limiting process includes, but is not limited to, limiting the speed and rejecting the request. The speed limiting mode includes, but is not limited to, limiting the number of the connection that can be kept between the network device and the gateway device, limiting the number of the connection that can be newly built every second between the network device and the gateway device, limiting the number of data packets transmitted by the network device every second and the like.

In one possible implementation, the setting of the request processing rule is divided into the following three strategies:

(1) And the hierarchical tightening strategy is to limit the speed of sending the HTTP request from the source system step by step from a single dimension by setting a plurality of request processing rules, for example, a plurality of thresholds are set, and the request processing rules corresponding to the thresholds are more strict on the limit of sending the HTTP request by the network equipment along with the increase of the value of the thresholds.

An example of a staged tightening strategy that combines two stages of speed limit rules and reject rules is presented below, as follows:

The counting period is 10 seconds, and the request processing rule comprises:

a first rate limiting rule is that in response to the number of HTTP requests sent by a network device reaching 100 in one counting period, the gateway device limits the number of packets that can be sent by the network device per second to less than 3000.

And a second speed limiting rule, wherein in response to the number of HTTP requests sent by the network device in one counting period reaching 500, the gateway device limits the number of data packets which can be sent by the network device per second to less than 2000.

And rejecting rule, namely rejecting the HTTP request sent by the network device by the gateway device in response to the number of HTTP requests sent by the network device reaching 1000 in one counting period.

The rules described above may be implemented by triggers, instructions, and timers. The trigger includes a counter and a threshold, where the trigger threshold refers to a limit value of the number of HTTP requests in the rule, and for example, the trigger threshold of the first speed limit rule is 100. The counter can count the number of HTTP requests sent from the same IP address in each counting period, and if the number of HTTP requests sent by the IP address reaches the trigger threshold value of the certain rule, the gateway device executes an instruction corresponding to the trigger for the IP address. Wherein the instruction is specific command content of the request processing rule. For example, the instruction of the first speed limit rule limits the number of data packets that can be sent by the network device per second to 3000 for the gateway device. The counting period refers to a period of time that the counter needs to keep statistics of the number of HTTP requests sent by the IP address, and the statistical duration of the counter can be recorded by a timer. The counter is cleared each time the timer reaches a count period, while the timer is reset.

It should be noted that the setting of the request processing rule is an exemplary description of the hierarchical tightening policy. In some embodiments, an administrator may implement a hierarchical tightening policy by setting more or fewer request handling rules. For example, the hierarchical tightening policy may be implemented by only a plurality of levels of speed limit rules, or by one speed limit rule and one reject rule, and of course, the hierarchical tightening policy may also be implemented by a plurality of levels of speed limit rules and one reject rule, which is not limited in this embodiment. The trigger threshold, the value of the counting period and the content of the instruction in the request processing rule can be set correspondingly according to different application scenes, and the embodiment is not limited to this.

(2) And simultaneously limiting the speed of sending the HTTP request from the source system from multiple dimensions by setting multiple request processing rules, for example, setting multiple thresholds, and limiting the HTTP request sent by the network equipment from different dimensions by the request processing rules corresponding to the different thresholds.

An example of a parallel operation strategy implemented by three speed limit rules is presented below, specifically as follows:

The counting period is 10 seconds, and the request processing rule comprises:

and a third speed limiting rule, wherein after the number of HTTP requests sent by the network device reaches 100 in one counting period, the gateway device limits the number of data packets which can be sent by the network device per second to less than 20 after 3000 data packets sent by the network device reach.

And a fourth speed limiting rule, wherein in response to the number of HTTP requests sent by the network equipment in one counting period reaching 500, the number of newly-built connections between the network equipment and the gateway equipment per second is limited to 1.

And fifth speed limiting rule, wherein in response to the number of HTTP requests sent by the network device in one counting period reaching 1000, the sustainable connection number of the network device and the gateway device is limited to be less than 5.

The above rule may be implemented by a trigger, an instruction, and a timer, and the specific implementation manner is the same as that of the above mixing policy, which is not described herein.

(3) And (3) mixing the strategy, namely setting a plurality of request processing rules, and simultaneously restricting the speed of sending the HTTP requests from the source system step by step from a plurality of dimensions. For example, a plurality of thresholds are set, the service request rule corresponding to each threshold limits the HTTP request sent by the network device from a plurality of dimensions, and as the value of the threshold increases, the request processing rule corresponding to the threshold limits the HTTP request sent by the network device more strictly in each dimension.

An example of a hybrid strategy that combines two-level speed limit rules and reject rules is presented below, as follows:

The counting period is 10 seconds, and the request processing rule comprises:

and the first mixed speed limiting rule is that in response to the fact that the number of HTTP requests sent by the network equipment in one counting period reaches 100, the number of the connection which can be kept between the network equipment and the gateway equipment is limited to be less than 5, and after the number of data packets sent by the network equipment reaches 3000, the gateway equipment limits the number of the data packets which can be sent by the network equipment per second to be less than 20.

And a second mixed speed limiting rule, wherein in response to the number of HTTP requests sent by the network equipment in one counting period reaching 500, the number of the connection which can be kept between the network equipment and the gateway equipment is limited to 1, and after the number of data packets sent by the network equipment reaches 2000, the gateway equipment limits the number of the data packets which can be sent by the network equipment per second to 10 or less.

And (3) a mixed rejection rule, wherein in response to the number of HTTP requests sent by the network device reaching 1000 in one counting period, the gateway device rejects the HTTP requests sent by the network device.

In some embodiments, any of the policies described above is provided with a corresponding jason file for defining each rule in the policy, so that the gateway device can correctly execute the request processing rule. The following describes the setting manner of the jason file by taking a possible implementation manner of the mixing policy as an example, which is specifically as follows:

The description of each attribute contained in the jason file above is shown in table 1. Referring to table 1, the first column in table 1 represents attributes contained in jason files, the second column represents meaning of each attribute and notes when setting the attribute, and the third column represents an example of each attribute.

In some embodiments, the service system administrator may also configure the whitelist to specify that certain IP addresses are not limited by the request handling rules, avoiding the situation where request packets sent by some specific systems are discarded.

It should be noted that, the gateway device judges all the request processing rules one by one, and once an HTTP request hits a certain request processing rule, the instruction of the request processing rule is immediately executed, and the judgment is not continued. In some embodiments, the gateway device determines whether the HTTP request hits the request processing rule according to a target order, where the target order is used to indicate that the severity of the request processing rule corresponds from large to small. For example, the reject rule is greater than the speed limit rule.

TABLE 1

In some embodiments, the traffic system administrator configures global rules to implement restrictions on HTTP requests by rejecting HTTP requests by the gateway device in response to gateway device data throughput including, but not limited to, the number of HTTP requests received by the gateway device, the number of connections maintained with the network device, and the number of packets per second passed. The value of the threshold of the gateway device is determined by the performance of the gateway device, and the values of different gateway devices are different, which is not limited in this embodiment. In the case where the request processing rule and the global rule are configured at the same time, the judging order may be to judge the global rule first and then judge the request processing rule, which may, of course, be executed according to other orders, which is not limited by the embodiment of the present application.

Fig. 3 is a flowchart of a request processing method according to an embodiment of the present application. The method may be applied to a gateway device, see fig. 3, and in one possible implementation, this embodiment comprises the following steps.

301. The gateway device receives a first HTTP request.

For gateway devices in the service system, HTTP requests sent by any source system are received by the gateway device, and subsequent processing is performed.

302. In response to the first HTTP request missing at least two request handling rules, the gateway device performs forwarding of the first HTTP request, counting based on a source IP address of the first HTTP request.

303. And responding to the HTTP request quantity of the source IP address to reach the threshold value of any request processing rule, and writing an instruction corresponding to the request processing rule by the gateway equipment.

When writing the instruction corresponding to the request processing rule, the gateway device writes the instruction corresponding to the request processing rule into a request processing process, wherein the request processing process is used for forwarding the HTTP request received by the gateway device, judging whether the HTTP request received by the gateway device hits the request processing rule or not, and executing limitation processing corresponding to the hit request processing rule on the HTTP request received by the gateway device.

304. The gateway device receives a second HTTP request from the source IP address, and performs a restriction process corresponding to the request processing rule in response to determining that the second HTTP request hits the request processing rule based on the written instruction.

In the request processing process, if an instruction corresponding to a certain request processing rule is written in a certain source IP address, the HTTP request from the source IP address hits the request processing rule corresponding to the instruction.

According to the technical scheme provided by the embodiment of the application, the HTTP requests are counted based on the source IP address, once the number of HTTP requests sent by the same source IP address in a counting period exceeds the threshold value of a certain request processing rule, the gateway equipment writes the corresponding instruction of the request processing rule into the source IP address, and because the counting is performed in real time, the gateway equipment can timely acquire which source IP addresses are sending abnormal traffic without hysteresis analysis, so that the source IP addresses are limited to different degrees based on different number limitations, and the abnormal traffic can be more accurately identified and limited, thereby achieving the purpose of dynamically and rapidly protecting the gateway.

The example of the hierarchical tightening strategy described in fig. 2 is implemented by two-stage speed limit rule and reject rule, and the present embodiment is described with reference to fig. 4 and 5 by taking the example of implementing the hierarchical tightening strategy by using the first speed limit rule and reject rule. Fig. 4 and fig. 5 are flowcharts of a request processing method provided in an embodiment of the present application, which is executed by a gateway device, and referring to fig. 4 and fig. 5, the embodiment includes the following steps.

401. The gateway device receives a first HTTP request.

In some embodiments, in response to receiving any HTTP request, the gateway device detects whether an HTTP request from the source IP address was first received according to the source IP address of the HTTP request, starts a counter in response to first receiving the HTTP request from the source IP address, and starts a timer to record a statistical duration of the counter. For the embodiment of the present application, the first HTTP request may be an initial HTTP request of the source IP address, that is, the first HTTP request from the source IP address, or may not be an initial HTTP request, which is not described herein.

402. In response to the first HTTP request missing any of the request handling rules, the gateway device forwards the first HTTP request to the traffic server.

The hit of any request processing rule refers to that, for the source IP address of the first HTTP request, an instruction corresponding to the request processing rule has been written in a request processing process, where the instruction is a constraint process to be executed after the source IP address meets an execution condition of the request processing rule.

In some embodiments, the gateway device determines whether the first HTTP request hits a request handling rule, including the steps of:

And 402A, the gateway equipment judges whether the first HTTP request hits the rejecting rule, if the first HTTP request does not hit the rejecting rule, the gateway equipment executes 402B, and if the first HTTP request hits the rejecting rule, the gateway equipment executes the limiting processing corresponding to the rejecting rule.

Judging whether the first HTTP request hits the refusal rule or not comprises judging whether an instruction corresponding to the refusal rule is written into the source IP address of the first HTTP request in a request processing process. The gateway device determines that the first HTTP request hits the rejection rule in response to an instruction in the request processing process that the rejection rule has been written to the source IP address, and determines that the first HTTP request does not hit the rejection rule in response to an instruction in the request processing process that the rejection rule has not been written to the source IP address.

402B, the gateway device judges whether the first HTTP request hits the first speed limit rule, and executes a subsequent forwarding process in response to the first HTTP request not hitting the first speed limit rule, and executes a limitation process corresponding to the first speed limit rule in response to the first HTTP request hitting the first speed limit rule.

The determining whether the first HTTP request hits the first speed limit rule includes determining whether an instruction corresponding to the first speed limit rule has been written into the source IP address in a request processing process. In response to an instruction that the first speed limit rule is written into the source IP address of the first HTTP request in the request processing process, the gateway device judges that the first HTTP request hits the first speed limit rule, and in response to an instruction that the first speed limit rule is not written into the source IP address in the request processing process, the gateway device judges that the first HTTP request does not hit the first speed limit rule.

403. The gateway device counts based on the source IP address of the first HTTP request.

In some embodiments, the gateway device parses the first HTTP request to obtain a source IP address of the first HTTP request, and counts, by a counter corresponding to the source IP address, the number of HTTP requests sent by the source IP address.

404. And responding to the HTTP request quantity sent by the source IP address to reach the threshold value of the first speed limit rule, and writing an instruction corresponding to the first speed limit rule into a request processing process by the gateway equipment.

In some embodiments, the gateway device obtains the number of HTTP requests obtained by counting the source IP address by the counter, and determines whether the number of HTTP requests reaches a threshold of each request processing rule. And in response to the HTTP request quantity reaching a first speed limit rule threshold, the gateway equipment judges whether an instruction of a first speed limit rule is written into the source IP address in a request processing process, and in response to the instruction of the first speed limit rule not written into the source IP address in the request processing process, the gateway equipment writes the instruction of the first speed limit rule into the request processing process.

It should be noted that, the timer remains running in the above process, and in response to the duration counted by the timer reaching the counting period, the gateway device clears the counter, resets the timer, and in response to the duration not reaching the counting period, keeps the timer and the counter running.

405. The gateway device receives a second HTTP request from the source IP address.

In some embodiments, the second HTTP request may be any HTTP request from the source IP address, except for the initial request, which is not described herein.

406. In response to determining that the second HTTP request hits the first speed limit rule based on the written instruction, the gateway device performs a restriction process corresponding to the first speed limit rule, and speed limits the HTTP request from the source IP address.

In some embodiments, the gateway device determines whether the first HTTP request hits the request processing rule, and the determination process is described in step 402, which is not described herein.

In some embodiments, rate limiting the HTTP request from the source IP address includes any of the following:

The gateway device counts the data packets sent by the source IP address, and discards the data packets received in the remaining duration of the first duration in response to the number of the data packets sent by the source IP address in the first duration exceeding the first number.

For example, the gateway device limits the number of packets that can be sent per second for the source IP address to less than 3000, and if the number of packets sent by the source IP address in one second exceeds 3000, the gateway device discards the number of packets exceeding the limit for the period of time. It should be noted that, the source IP address may retransmit the discarded data packet, that is, for the received data packet, the gateway device may send an acknowledgement message to the source IP address, and the source IP address may determine whether the gateway device discards the data packet according to whether the acknowledgement message is received, so as to retransmit the data packet discarded by the gateway device.

Yet another way of handling is that the gateway device counts the number of connections maintained with the source IP address, and in response to the number of connections exceeding the second number, the connection exceeding the second number is disconnected.

For example, the gateway device limits the number of connections that can be maintained by the IP address of the certain source to less than 5, and if the number of connections exceeds 5, the gateway device disconnects the redundant connection.

The gateway equipment counts the number of new connections with the source IP address within a first time period, and the gateway equipment refuses to establish new connections with the source IP address if the number of new connections exceeds a third number.

For example, the gateway device limits the number of connections newly established by the source IP address to less than 5, and if the number of connections exceeds 5, the gateway device refuses to establish a new connection with the source IP address.

The above processing methods can limit the speed of the HTTP request from the source IP address, and the embodiment of the present application does not limit what processing method is used.

407. The gateway device proceeds with counting based on the received HTTP request.

In the embodiment of the application, the gateway device keeps running, and can also receive HTTP requests from various source systems and execute corresponding steps during the running process, the embodiment of the application focuses on the HTTP request which originates from the same source IP address as the first HTTP request, and when the HTTP request of the same source IP address is received, the corresponding counter is triggered to count, and details are not repeated here.

408. And responding to the HTTP request quantity sent by the source IP address to reach the refusal rule threshold value, and writing an instruction corresponding to the refusal rule into a request processing process by the gateway equipment.

In some embodiments, the gateway device obtains the number of HTTP requests obtained by counting the source IP address by the counter, and determines whether the number of HTTP requests reaches a threshold of each request processing rule. And in response to the HTTP request quantity reaching the refusal rule threshold, the gateway equipment judges whether an instruction of refusal rule is written into the source IP address in the request processing process, and in response to the instruction of refusal rule is not written into the source IP address in the request processing process, the gateway equipment writes the instruction of refusal rule into the request processing process.

409. The gateway device receives a third HTTP request from the source IP address.

In some embodiments, the third HTTP request may be any HTTP request from the source IP address, except for the initial request, which is not described herein.

410. In response to determining that the third HTTP request hits the refusal rule based on the written instruction, the gateway device refuses the third HTTP request.

In some embodiments, the gateway device determines whether the third HTTP request hits the request processing rule, and the determination process is described in step 402, which is not described herein.

In some embodiments, in response to determining that the third HTTP request hits the reject rule based on the written instruction, the gateway device performs a restriction process corresponding to the reject rule, rejects the third HTTP request, and stops the determination flow.

In some embodiments, for a source IP address that hits in any request processing rule, the gateway device starts a timer and, in response to not receiving an HTTP request again from the source IP address within a second time period, deletes the instruction of the corresponding request processing rule. By deleting the instruction of the request processing rule in time according to the transmission condition of the HTTP request, the accidental injury to the source system which is recovered to be normal can be avoided, and the normal business service is maintained.

Further, the technical scheme limits the speed of sending the HTTP request from the abnormal IP address from a single dimension, reduces the gateway resource waste caused by abnormal traffic, and ensures the processing of the normal request by the gateway.

This embodiment is described with reference to fig. 6 and 7 by taking the two-stage speed limit rule and reject rule as an example to implement the mixing policy as described in fig. 2. Fig. 6 and fig. 7 are flowcharts of a request processing method provided in an embodiment of the present application, which is executed by a gateway device, and referring to fig. 6 and fig. 7, the embodiment includes the following steps.

601. The gateway device receives a first HTTP request.

This step is performed as described in step 401 of fig. 4, and will not be described in detail herein.

602. In response to the first HTTP request missing any of the request handling rules, the gateway device forwards the first HTTP request to the traffic server.

The hit of any request processing rule refers to that an instruction corresponding to the request processing rule has been written into a source IP address of the first HTTP request in a request processing process, where the instruction is a constraint process to be executed after the source IP address meets an execution condition of the request processing rule.

In some embodiments, the gateway device determines whether the first HTTP request hits the request processing rule, see the request processing rule determining step in fig. 7, including the steps of:

602A, the gateway device determines whether the first HTTP request hits the hybrid rejection rule, executes 602B in response to the first HTTP request not hitting the hybrid rejection rule, and executes the restriction process corresponding to the hybrid rejection rule in response to the first HTTP request hitting the hybrid rejection rule.

The method comprises the steps of judging whether a first HTTP request hits a mixed rejection rule or not, and judging whether an instruction corresponding to the mixed rejection rule is written into a source IP address of the first HTTP request in a request processing process or not. In response to an instruction that the source IP address has been written with the mixed rejection rule in the request processing process, the gateway device determines that the first HTTP request hits the mixed rejection rule, and in response to an instruction that the source IP address has not been written with the mixed rejection rule in the request processing process, the gateway device determines that the first HTTP request does not hit the mixed rejection rule.

602B, the gateway device determines whether the first HTTP request hits the second hybrid speed limit rule, and executes step 602C in response to the first HTTP request not hitting the second hybrid speed limit rule, and executes the limitation process corresponding to the second hybrid speed limit rule in response to the first HTTP request hitting the second hybrid speed limit rule.

Judging whether the first HTTP request hits the second mixed speed limit rule or not comprises judging whether an instruction corresponding to the second mixed speed limit rule is written into a source IP address of the first HTTP request in a request processing process or not. In response to an instruction that the second hybrid speed limit rule has been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request hits the second hybrid speed limit rule, and in response to an instruction that the second hybrid speed limit rule has not been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request does not hit the second hybrid speed limit rule.

602C, the gateway device judges whether the first HTTP request hits the first mixed speed limit rule, and executes a subsequent forwarding process in response to the first HTTP request not hitting the first mixed speed limit rule, and executes the limit processing corresponding to the first mixed speed limit rule in response to the first HTTP request hitting the first mixed speed limit rule.

Judging whether the first HTTP request hits the first mixed speed limit rule or not comprises judging whether an instruction corresponding to the first mixed speed limit rule is written into a source IP address of the first HTTP request in a request processing process or not. In response to an instruction that the first hybrid speed limit rule has been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request hits the first hybrid speed limit rule, and in response to an instruction that the first hybrid speed limit rule has not been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request does not hit the first hybrid speed limit rule.

603. The gateway device counts based on the source IP address of the first HTTP request.

In some embodiments, the gateway device parses the first HTTP request to obtain a source IP address of the first HTTP request, and counts, by a counter corresponding to the source IP address, the number of HTTP requests sent by the source IP address, see the gateway device counting step in fig. 7.

604. And responding to the HTTP request quantity sent by the source IP address to reach the threshold value of the first mixed speed limit rule, and writing an instruction corresponding to the first mixed speed limit rule into a request processing process by the gateway equipment.

In some embodiments, the gateway device obtains the number of HTTP requests counted by the counter from the source IP address, and determines whether the number of HTTP requests reaches the threshold of each request processing rule, respectively, see the request number determining step in fig. 7. And in response to the number of HTTP requests reaching the first mixed speed limit rule threshold, the gateway device judges whether an instruction of the first mixed speed limit rule is written into the source IP address in the request processing process, and in response to the instruction of the first mixed speed limit rule is not written into the source IP address in the request processing process, the gateway device writes the instruction of the first mixed speed limit rule into the request processing process, see a first mixed speed limit rule writing step in FIG. 7.

It should be noted that, the timer remains running in the above process, and in response to the duration counted by the timer reaching the counting period, the gateway device clears the counter, resets the timer, and in response to the duration not reaching the counting period, keeps the timer and the counter running, see the counting period determining step in fig. 7.

605. The gateway device receives a second HTTP request from the source IP address.

606. In response to determining that the second HTTP request hits the first hybrid speed limit rule based on the written instruction, the gateway device performs a restriction process corresponding to the first hybrid speed limit rule, and speed limits the HTTP request from the source IP address.

In some embodiments, the gateway device determines whether the second HTTP request hits the request processing rule, see the request processing rule determining step in fig. 7, where the determining process is described in step 602, and is not described herein.

The gateway equipment counts the number of connections kept with the source IP address and the number of data packets sent by the source IP address at the same time, and in response to the number of connections kept with the source IP address exceeding the first number, the gateway equipment disconnects the connections exceeding the first number, in response to the number of data packets sent by the source IP address exceeding the second number, the number of data packets sent by the source IP address in the first time duration is limited, and in response to the number of data packets sent by the source IP address in the first time duration exceeding the third number, the data packets received in the rest time duration of the first time duration are discarded.

For example, the gateway device limits the number of the connections which can be kept with a certain source IP address to less than 5, and after the number of the data packets sent by the source IP address reaches 3000, the gateway device limits the number of the data packets which can be sent by the source IP address per second to less than 20. If the number of connections maintained with the source IP address exceeds 5, the gateway device disconnects the excess connections. If the number of data packets sent by the source IP address exceeds 3000, the gateway device limits the number of data packets which can be sent by the source IP address per second to be less than 20, and if the number of data packets sent by the source IP address in one second exceeds 20, the gateway device discards the data packets which exceed the limited number in the period of time.

The gateway device counts the number of the connection with the source IP address and the number of the data packets sent by the source IP address at the same time, and in response to the number of the connection with the source IP address exceeding the first number, the gateway device disconnects the connection exceeding the first number, and in response to the number of the data packets sent by the source IP address within a first time period exceeding a fourth number, the data packets received within the remaining time period of the first time period are discarded.

For example, the gateway device limits the number of connections that can be maintained with a certain source IP address to within 5, and limits the number of packets that can be sent by the network device per second to within 3000. If the number of remaining connections to the source IP address exceeds 5, the gateway device disconnects the excess connections. If the source IP address sends more than 3000 packets in one second, the gateway device discards more than the limited number of packets in the period.

It should be noted that, the source IP address may retransmit the discarded data packet, that is, for the received data packet, the gateway device may send an acknowledgement message to the source IP address, and the source IP address may determine whether the gateway device discards the data packet according to whether the acknowledgement message is received, so as to retransmit the data packet discarded by the gateway device.

The above processing methods can all implement speed limiting of the HTTP request from the source IP address, and the embodiments of the present application use a two-dimensional speed limiting method in the above process, and in some embodiments, use more dimensions to speed limit, which is not limited herein.

607. The gateway device proceeds with counting based on the received HTTP request.

In the embodiment of the present application, the gateway device keeps running, and in the running process, the gateway device may also receive HTTP requests from various source systems and execute corresponding steps, and the embodiment of the present application focuses on HTTP requests from the same source IP address as the first HTTP request, and when HTTP requests from the same source IP address are received, the corresponding counter is triggered to count, which is referred to as the gateway device counting step in fig. 7, and is not described herein.

608. And responding to the HTTP request quantity sent by the source IP address to reach a threshold value of a second mixed speed limit rule, and writing an instruction corresponding to the second mixed speed limit rule into a request processing process by the gateway equipment.

In some embodiments, the gateway device obtains the number of HTTP requests counted by the counter from the source IP address, and determines whether the number of HTTP requests reaches the threshold of each request processing rule, respectively, see the request number determining step in fig. 7. And in response to the number of HTTP requests reaching the second mixed speed limit rule threshold, the gateway device judges whether an instruction of a second mixed speed limit rule is written into the source IP address in the request processing process, and in response to the instruction of the second mixed speed limit rule not written into the source IP address in the request processing process, the gateway device writes the instruction of the second mixed speed limit rule into the request processing process, see a second mixed speed limit rule writing step in FIG. 7.

609. The gateway device receives a third HTTP request from the source IP address.

610. In response to determining that the third HTTP request hits the second hybrid speed limit rule based on the written instruction, the gateway device performs a restriction process corresponding to the second hybrid speed limit rule, and speed limits the HTTP request from the source IP address.

In some embodiments, the gateway device determines whether the third HTTP request hits the request processing rule, see the request processing rule determining step in fig. 7, where the determining process is described in step 602, and will not be described in detail herein.

In some embodiments, the speed limit processing manner for the HTTP request from the source IP address is as described in step 606, and will not be described in detail herein.

611. The gateway device proceeds with counting based on the received HTTP request.

Referring to the gateway device counting step in fig. 7, the execution of this step is described in step 607, and will not be described herein.

612. And responding to the HTTP request quantity sent by the source IP address to reach the mixed rejection threshold value, and writing an instruction corresponding to the mixed rejection rule into a request processing process by the gateway equipment.

In some embodiments, the gateway device obtains the number of HTTP requests counted by the counter from the source IP address, and determines whether the number of HTTP requests reaches the threshold of each request processing rule, respectively, see the request number determining step in fig. 7. And in response to the number of HTTP requests reaching the mixed rejection rule threshold, the gateway device judges whether an instruction of the mixed rejection rule is written into the source IP address in the request processing process, and in response to an instruction of the mixed rejection rule is not written into the source IP address in the request processing process, the gateway device writes the instruction of the mixed rejection rule into the request processing process, see the mixed rejection rule writing step in FIG. 7.

613. The gateway device receives a fourth HTTP request from the source IP address.

In some embodiments, the fourth HTTP request may be any HTTP request from the source IP address, except for the initial request, which is not described herein.

614. In response to determining that the fourth HTTP request hits the hybrid rejection rule based on the written instruction, the gateway device executes a restriction process corresponding to the hybrid rejection rule, rejecting the fourth HTTP request.

In some embodiments, the gateway device determines whether the fourth HTTP request hits the request processing rule, see the request processing rule determining step in fig. 7, where the determining process is described in step 602, and will not be described in detail herein.

In some embodiments, in response to determining that the fourth HTTP request hits the hybrid rejection rule based on the written instruction, the gateway device executes a restriction process corresponding to the hybrid rejection rule, rejects the fourth HTTP request, and stops the determination flow.

In some embodiments, for a source IP address that hits in any request processing rule, the gateway device starts a timer and, in response to not receiving an HTTP request again from the source IP address within a second time period, deletes the instruction of the corresponding request processing rule. By deleting the instruction requesting the processing rule in time according to the HTTP sending condition, accidental injury to the source system which is recovered to be normal can be avoided, and normal business service can be maintained.

Furthermore, the technical scheme limits the speed of sending the HTTP request from the abnormal IP address from multiple dimensions, reduces the gateway resource waste caused by abnormal traffic, and ensures the processing of the normal request by the gateway.

The following embodiment performs request processing based on another hybrid strategy, and the following details of the hybrid strategy are described in the following:

The counting period is 10 seconds, and the request processing rule comprises:

And a third hybrid speed limit rule, wherein in response to the number of HTTP requests sent by the network device in one counting period reaching 100, the number of the connection which can be kept between the network device and the gateway device is limited to 5, and the gateway device limits the number of data packets which can be sent by the network device per second to less than 3000.

And fourth hybrid speed limit rule, wherein in response to the number of HTTP requests sent by the network device in one counting period reaching 500, the number of the connection which can be kept between the network device and the gateway device is limited to 1, and the gateway device limits the number of data packets which can be sent by the network device per second to less than 2000.

And fifth hybrid speed limit rule, in response to the number of HTTP requests sent by the network device reaching 1000 in one counting period, the gateway device limits the number of data packets that can be sent by the network device per second to less than 1000.

Fig. 8 is a flowchart of a request processing method provided in an embodiment of the present application, where the method is performed by a gateway device, and referring to fig. 8, the embodiment includes the following steps.

801. The gateway device receives a first HTTP request.

This step is performed as described in step 601 of fig. 6, and will not be described in detail herein.

802. In response to the first HTTP request missing any of the request handling rules, the gateway device forwards the first HTTP request to the traffic server.

The hit of any request processing rule refers to that, for the source IP address of the first HTTP request, an instruction corresponding to the request processing rule is written in a request processing process, where the instruction is a constraint process to be executed after the source IP address meets an execution condition of the request processing rule.

And 802A, the gateway equipment judges whether the first HTTP request hits a fifth mixed speed limit rule, executes 802B if the first HTTP request does not hit the fifth mixed speed limit rule, and executes limit processing corresponding to the fifth mixed speed limit rule if the first HTTP request hits the fifth mixed speed limit rule.

Judging whether the first HTTP request hits the fifth mixed speed limit rule or not comprises judging whether an instruction corresponding to the fifth mixed speed limit rule is written into a source IP address of the first HTTP request in a request processing process or not. In response to an instruction that a fifth hybrid speed limit rule has been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request hits the fifth hybrid speed limit rule, and in response to an instruction that a fifth hybrid speed limit rule has not been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request does not hit the fifth hybrid speed limit rule.

802B, the gateway device determines whether the first HTTP request hits the fourth hybrid speed limit rule, and executes step 802C in response to the first HTTP request not hitting the fourth hybrid speed limit rule, and executes the limitation process corresponding to the fourth hybrid speed limit rule in response to the first HTTP request hitting the fourth hybrid speed limit rule.

Judging whether the first HTTP request hits the fourth mixed speed limit rule or not comprises judging whether an instruction corresponding to the fourth mixed speed limit rule is written into a source IP address of the first HTTP request in a request processing process or not. In response to an instruction that the fourth hybrid speed limit rule has been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request hits the fourth hybrid speed limit rule, and in response to an instruction that the fourth hybrid speed limit rule has not been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request does not hit the fourth hybrid speed limit rule.

And 802C, the gateway equipment judges whether the first HTTP request hits a third mixed speed limit rule, and executes a subsequent forwarding process in response to the first HTTP request not hitting the third mixed speed limit rule, and executes limit processing corresponding to the third mixed speed limit rule in response to the first HTTP request hitting the third mixed speed limit rule.

Judging whether the first HTTP request hits the third mixed speed limit rule or not comprises judging whether an instruction corresponding to the third mixed speed limit rule is written into a source IP address of the first HTTP request in a request processing process or not. In response to an instruction that a third hybrid speed limit rule has been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request hits the third hybrid speed limit rule, and in response to an instruction that a third hybrid speed limit rule has not been written to the source IP address in the request processing process, the gateway device determines that the first HTTP request does not hit the third hybrid speed limit rule.

803. The gateway device counts based on the source IP address of the first HTTP request.

This step is performed as described in step 603 of fig. 6, and will not be described in detail herein.

804. And responding to the HTTP request quantity sent by the source IP address to reach a threshold value of a third mixed speed limit rule, and writing an instruction corresponding to the third mixed speed limit rule into a request processing process by the gateway equipment.

In some embodiments, the gateway device obtains the number of HTTP requests obtained by counting the source IP address by the counter, and determines whether the number of HTTP requests reaches a threshold of each request processing rule. And in response to the HTTP request quantity reaching a third mixed speed limit rule threshold, the gateway equipment judges whether an instruction of a third mixed speed limit rule is written into the source IP address in the request processing process, and in response to the instruction of the third mixed speed limit rule not written into the source IP address in the request processing process, the gateway equipment writes the instruction of the third mixed speed limit rule into the request processing process.

805. The gateway device receives a second HTTP request from the source IP address.

806. In response to determining that the second HTTP request hits a third hybrid speed limit rule based on the written instruction, the gateway device performs a limitation process corresponding to the third hybrid speed limit rule, and speed limits the HTTP request from the source IP address.

In some embodiments, the method of determining whether the second HTTP request hits the request processing rule by the gateway device is described in step 802, and is not described herein.

In some embodiments, the speed limit processing manner for the HTTP request from the source IP address is as described in step 606 of fig. 6, and will not be described in detail herein.

807. The gateway device proceeds with counting based on the received HTTP request.

This step is performed as described in step 607 of fig. 6, and will not be described again here.

808. And responding to the HTTP request quantity sent by the source IP address to reach a fourth mixed speed limit threshold value, and writing an instruction corresponding to a fourth mixed speed limit rule into a request processing process by the gateway equipment.

In some embodiments, the gateway device obtains the number of HTTP requests obtained by counting the source IP address by the counter, and determines whether the number of HTTP requests reaches a threshold of each request processing rule. And in response to the HTTP request quantity reaching the fourth mixed speed limit rule threshold, the gateway equipment judges whether an instruction of a fourth mixed speed limit rule is written into the source IP address in the request processing process, and in response to the instruction of the fourth mixed speed limit rule not written into the source IP address in the request processing process, the gateway equipment writes the instruction of the fourth mixed speed limit rule into the request processing process.

809. The gateway device receives a third HTTP request from the source IP address.

810. In response to determining that the third HTTP request hits a fourth hybrid speed limit rule based on the written instruction, the gateway device performs a restriction process corresponding to the fourth hybrid speed limit rule, and speed limits the HTTP request from the source IP address.

In some embodiments, the gateway device determines whether the third HTTP request hits the request processing rule, and the determination process is described in step 802, which is not described herein.

811. The gateway device proceeds with counting based on the received HTTP request.

This step is performed as described in step 807 above, and will not be described in detail herein.

812. And responding to the HTTP request quantity sent by the source IP address to reach a fifth mixed speed limit threshold value, and writing an instruction corresponding to the fifth mixed speed limit rule into a request processing process by the gateway equipment.

In some embodiments, the gateway device obtains the number of HTTP requests obtained by counting the source IP address by the counter, and determines whether the number of HTTP requests reaches a threshold of each request processing rule. And in response to the HTTP request quantity reaching a fifth mixed speed limit rule threshold, the gateway equipment judges whether an instruction of a fifth mixed speed limit rule is written into the source IP address in the request processing process, and in response to the instruction of the fifth mixed speed limit rule not written into the source IP address in the request processing process, the gateway equipment writes the instruction of the fifth mixed speed limit rule into the request processing process.

813. The gateway device receives a fourth HTTP request from the source IP address.

814. In response to determining that the fourth HTTP request hits a fifth hybrid speed limit rule based on the written instruction, the gateway device performs a restriction process corresponding to the fifth hybrid speed limit rule, and speed limits the HTTP request from the source IP address.

In some embodiments, the gateway device determines whether the fourth HTTP request hits the request processing rule, and the determination process is described in step 802, which is not described herein.

In some embodiments, the speed limit processing manner for the HTTP request from the source IP address is described in step 606 of fig. 6, and is not described herein.

Fig. 9 is a schematic structural diagram of a request processing apparatus according to an embodiment of the present application, referring to fig. 9, the apparatus includes:

a receiving module 901, configured to receive a first HTTP request;

a forwarding module 902, configured to perform forwarding of the first HTTP request in response to the first HTTP request not hitting at least two request processing rules;

A statistics module 903, configured to count based on a source IP address of the first HTTP request;

A writing module 904, configured to write an instruction corresponding to the request processing rule if the number of HTTP requests corresponding to the source IP address reaches a threshold of any request processing rule;

The receiving module 901 is configured to receive a second HTTP request from the source IP address;

a limiting module 905, configured to execute a limiting process corresponding to the request processing rule in response to determining that the second HTTP request hits the request processing rule based on the written instruction;

In some embodiments, the apparatus further comprises:

In some embodiments, the limit module 905 block further comprises:

In some embodiments, the limit module 905 further comprises:

In some embodiments, the apparatus further comprises:

the starting module is used for starting the timer;

In some embodiments, the apparatus further comprises:

In this embodiment, the gateway device is a computer device, and fig. 10 is a schematic structural diagram of a computer device provided by an embodiment of the present application, where the computer device 1000 may have a relatively large difference due to different configurations or performances, and may include one or more processors (central processing units, CPU) 1001 and one or more memories 1002, where at least one program code is stored in the one or more memories 1002, and the at least one program code is loaded and executed by the one or more processors 1001 to implement the methods provided in the foregoing embodiments of the methods. Of course, the computer device 1000 may also have a wired or wireless network interface, a keyboard, an input/output interface, and other components for implementing the functions of the device, which are not described herein.

In an exemplary embodiment, a computer readable storage medium, such as a memory, comprising at least one program code executable by a processor to perform the request processing method of the above embodiment is also provided. For example, the computer readable storage medium may be read-only memory (ROM), random-access memory (random access memory, RAM), compact disc read-only memory (CD-ROM), magnetic tape, floppy disk, optical data storage device, and the like.

In an exemplary embodiment, a computer program product is also provided, the computer program product comprising at least one computer program, the at least one computer program being stored in a computer readable storage medium. The processor of the computer device reads the at least one computer program from the computer-readable storage medium, and the processor executes the at least one computer program so that the computer device performs the operations performed by the request processing method described above.

In some embodiments, a computer program according to an embodiment of the present application may be deployed to be executed on one computer device or on multiple computer devices located at one site or on multiple computer devices distributed across multiple sites and interconnected by a communication network, where the multiple computer devices distributed across multiple sites and interconnected by a communication network may constitute a blockchain system.

It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program for instructing relevant hardware, where the program may be stored in a computer readable storage medium, and the above storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.

The foregoing description of the preferred embodiments of the present application is not intended to be limiting, but rather is intended to cover all modifications, equivalents, alternatives, and improvements within the spirit and principles of the present application.

Claims

1. A method of request processing, the method comprising:

Receiving a first HTTP request;

Executing forwarding of the first HTTP request based on the source IP address of the first HTTP request in response to the first HTTP request missing at least two request processing rules;

Writing an instruction corresponding to any request processing rule when the HTTP request quantity of the source IP address reaches a threshold value of the any request processing rule, wherein the any request processing rule comprises a speed limiting rule used for limiting the speed of the source IP address for sending the HTTP request;

Receiving a second HTTP request from the source IP address, and counting the number of connections held with the source IP address and the number of data packets sent by the source IP address in response to determining that the second HTTP request hits the request processing rule based on the written instructions;

Disconnecting connections exceeding a first number in response to the number of connections maintained with the source IP address exceeding the first number;

Responding to the data packets sent by the source IP address exceeding a second number, and limiting the number of the data packets sent by the source IP address in a first duration;

Discarding the data packets received in the rest time period of the first time period in response to the number of the data packets sent by the source IP address in the first time period exceeding a third number;

The at least two request processing rules are used for indicating to perform different limiting processes based on different sending times thresholds of HTTP requests in a counting period, and the larger the corresponding times thresholds of the request processing rules are, the more strict the limiting process of each dimension in the request processing rules to the HTTP requests is.

2. The method according to claim 1, wherein the method further comprises:

and judging whether the first HTTP request hits the at least two request processing rules according to a target sequence, wherein the target sequence is used for indicating that the severity corresponding to the request processing rules is from large to small.

3. The method according to claim 1, wherein the method further comprises:

Counting the number of new connections with the source IP address within a first time period, and refusing to establish new connections with the source IP address in response to the number of new connections exceeding a fourth number.

4. The method of claim 1, wherein the at least two request processing rules further comprise a refusal rule, wherein the refusal rule is for refusing HTTP requests sent by the source IP address.

5. The method of claim 4, wherein at least one level of speed limit rules is used to limit at least one of a number of connections that the source IP address can maintain with a gateway device, a number of connections that can be newly established per second with the gateway device, and a number of packets transmitted per second.

6. The method according to claim 1, wherein after executing the restriction processing corresponding to the request processing rule, the method further comprises:

and starting a timer, and deleting the instruction of the corresponding request processing rule in response to the fact that the HTTP request from the source IP address is not received again within the second duration.

7. The method according to claim 1, wherein the method further comprises:

in response to receiving any HTTP request, detecting whether the HTTP request from the source IP address of the HTTP request is received for the first time according to the source IP address of the HTTP request, starting a counter in response to the HTTP request from the source IP address of the HTTP request being received for the first time, and starting a timer to record the statistical duration of the counter.

8. A request processing apparatus, the apparatus comprising:

The receiving module is used for receiving a first HTTP request;

a statistics module, configured to count based on a source IP address of the first HTTP request;

The writing module is used for responding to the HTTP request quantity of the source IP address to reach the threshold value of any request processing rule, and writing an instruction corresponding to any request processing rule, wherein the any request processing rule comprises a speed limiting rule used for limiting the speed of the source IP address for sending the HTTP request;

the receiving module is configured to receive a second HTTP request from the source IP address;

the limiting module comprises:

the first counting module is used for counting the number of data packets sent by the source IP address;

The second counting module is used for counting the number of the connections kept with the source IP address;

An interruption module for disconnecting connections exceeding a first number in response to the number of connections maintained with the source IP address exceeding the first number;

the system comprises a source IP address, a rejection module, a packet forwarding module and a packet forwarding module, wherein the source IP address is used for forwarding data packets to the client, the rejection module is used for limiting the number of the data packets sent by the source IP address in a first duration in response to the data packets sent by the source IP address exceeding a second number, discarding the data packets received in the residual duration of the first duration in response to the data packets sent by the source IP address in the first duration exceeding a third number, and retransmitting the discarded data packets by the source IP address in the process of limiting the HTTP request of the source IP address;

9. The apparatus of claim 8, wherein the apparatus further comprises:

the judging module is used for judging whether the first HTTP request hits the at least two request processing rules according to a target sequence, wherein the target sequence is used for indicating that the strict degree corresponding to the request processing rules is from big to small.

10. The apparatus of claim 8, wherein the limiting module comprises:

And the rejecting module is used for rejecting to establish new connection with the source IP address in response to the number of the new connection exceeding the fourth number.

11. The apparatus of claim 8, wherein the at least two request processing rules further comprise a refusal rule, wherein the refusal rule is for refusing HTTP requests sent by the source IP address.

12. The apparatus of claim 11, wherein at least one level of speed limit rules is used to limit at least one of a number of connections that the source IP address can maintain with a gateway device, a number of connections that can be newly established per second with the gateway device, and a number of packets transmitted per second.

13. The apparatus of claim 8, wherein the apparatus further comprises:

the starting module is used for starting the timer;

14. The apparatus of claim 8, wherein the apparatus further comprises:

And the starting module is used for starting a counter and starting a timer to record the statistical duration of the counter in response to the first time of receiving the HTTP request from the source IP address of the HTTP request.

15. A computer device comprising one or more processors and one or more memories, the one or more memories having stored therein at least one computer program loaded and executed by the one or more processors to implement the operations performed by the request processing method of any of claims 1 to 7.

16. A computer readable storage medium having stored therein at least one computer program loaded and executed by a processor to implement the operations performed by the request processing method of any one of claims 1 to 7.

17. A computer program product, characterized in that it comprises at least one computer program stored in a computer-readable storage medium, which is read from the computer-readable storage medium by a processor of a computer device and executed to realize the operations performed by the request processing method according to any one of claims 1 to 7.