initial commit

jb55 · jb55 · commit 24a1c0dfc297 · 2024-07-07T22:29:29.000-05:00
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,7 @@
+target/
+.direnv/
+.buildcmd
+.build-result
+shell.nix
+.envrc
+tags
diff --git a/COPYING b/COPYING
@@ -0,0 +1,19 @@
+Copyright 2024 Damus Nostr, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the “Software”), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -0,0 +1,13 @@
+[package]
+name = "noteguard"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+serde = { version = "1.0", features = ["derive"] }
+serde_json = "1.0"
+toml = "0.5"
+tracing = "0.1.40"
+
+
+
diff --git a/Makefile b/Makefile
@@ -0,0 +1,2 @@
+tags:
+	find src -name '*.rs' | xargs ctags 
diff --git a/README.md b/README.md
@@ -0,0 +1,23 @@
+
+# noteguard
+
+A high performance note filter plugin system for [strfry]
+
+## Usage
+
+Filters are registered and loaded from the [noteguard.toml](noteguard.toml) config.
+
+You can add any new filter you want by implementing the `NoteFilter` trait and registering it with noteguard via the `register_filter` method.
+
+The `pipeline` config specifies the order in which filters are run. When the first `reject` or `shadowReject` action is hit, then the pipeline stops and returns the rejection error.
+
+```toml
+
+pipeline = ["ratelimit"]
+
+[filters.ratelimit]
+notes_per_second = 1
+whitelist = ["127.0.0.1"]
+```
+
+[strfry]: https://github.com/hoytech/strfry
diff --git a/noteguard.toml b/noteguard.toml
@@ -0,0 +1,6 @@
+
+pipeline = ["ratelimit"]
+
+[filters.ratelimit]
+notes_per_second = 1
+whitelist = ["127.0.0.1"]
diff --git a/src/filters/mod.rs b/src/filters/mod.rs
@@ -0,0 +1,5 @@
+mod rate_limit;
+mod whitelist;
+
+pub use rate_limit::RateLimit;
+pub use whitelist::Whitelist;
diff --git a/src/filters/rate_limit.rs b/src/filters/rate_limit.rs
@@ -0,0 +1,54 @@
+use crate::{Action, InputMessage, NoteFilter, OutputMessage};
+use serde::Deserialize;
+use std::collections::HashMap;
+use std::time::{Duration, Instant};
+
+pub struct RateInfo {
+    pub last_note: Instant,
+}
+
+#[derive(Deserialize, Default)]
+pub struct RateLimit {
+    pub notes_per_second: u64,
+    pub whitelist: Option<Vec<String>>,
+
+    #[serde(skip)]
+    pub sources: HashMap<String, RateInfo>,
+}
+
+impl NoteFilter for RateLimit {
+    fn filter_note(&mut self, msg: &InputMessage) -> OutputMessage {
+        if let Some(whitelist) = &self.whitelist {
+            if whitelist.contains(&msg.source_info) {
+                return OutputMessage::new(msg.event.id.clone(), Action::Accept, None);
+            }
+        }
+
+        if self.sources.contains_key(&msg.source_info) {
+            let now = Instant::now();
+            let entry = self.sources.get_mut(&msg.source_info).expect("impossiburu");
+            if now - entry.last_note < Duration::from_secs(self.notes_per_second) {
+                return OutputMessage::new(
+                    msg.event.id.clone(),
+                    Action::Reject,
+                    Some("rate-limited: you are noting too fast".to_string()),
+                );
+            } else {
+                entry.last_note = Instant::now();
+                return OutputMessage::new(msg.event.id.clone(), Action::Accept, None);
+            }
+        } else {
+            self.sources.insert(
+                msg.source_info.to_owned(),
+                RateInfo {
+                    last_note: Instant::now(),
+                },
+            );
+            return OutputMessage::new(msg.event.id.clone(), Action::Accept, None);
+        }
+    }
+
+    fn name(&self) -> &'static str {
+        "ratelimit"
+    }
+}
diff --git a/src/filters/whitelist.rs b/src/filters/whitelist.rs
@@ -0,0 +1,26 @@
+use crate::{Action, InputMessage, NoteFilter, OutputMessage};
+use serde::Deserialize;
+
+#[derive(Deserialize)]
+pub struct Whitelist {
+    pub pubkeys: Vec<String>,
+    pub ips: Vec<String>,
+}
+
+impl NoteFilter for Whitelist {
+    fn filter_note(&mut self, msg: &InputMessage) -> OutputMessage {
+        if self.pubkeys.contains(&msg.event.pubkey) || self.ips.contains(&msg.source_info) {
+            OutputMessage::new(msg.event.id.clone(), Action::Accept, None)
+        } else {
+            OutputMessage::new(
+                msg.event.id.clone(),
+                Action::Reject,
+                Some("blocked: pubkey not on the whitelist".to_string()),
+            )
+        }
+    }
+
+    fn name(&self) -> &'static str {
+        "whitelist"
+    }
+}
diff --git a/src/lib.rs b/src/lib.rs
@@ -0,0 +1,6 @@
+pub mod filters;
+mod messages;
+mod note_filter;
+
+pub use messages::{Action, InputMessage, OutputMessage};
+pub use note_filter::{Note, NoteFilter};
diff --git a/src/main.rs b/src/main.rs
diff --git a/src/messages.rs b/src/messages.rs
diff --git a/src/note_filter.rs b/src/note_filter.rs
diff --git a/test/test-inputs b/test/test-inputs

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+tags:`
	`2`	`+ find src -name '*.rs' \| xargs ctags`