Module ip_limit 

Per-IP concurrent connection limiter used by every streaming endpoint (WS notifier, SSE, shard WS). A single misbehaving peer should not be able to exhaust the server’s thread budget or per-client mutex pool by opening hundreds of long-lived sockets.

The limiter is cheap: one mutex, one HashMap entry per active IP. An RAII guard released on disconnect decrements the count — callers cannot leak a slot by forgetting to release it, even on panic.

Structs

IpConnCounter

Tracks how many concurrent streaming connections each IP currently holds.

IpConnGuard

RAII guard: decrements the IP’s connection count when dropped. Hold it for the full lifetime of the connection (thread, task) so the slot is only released on actual disconnect.

Constants

DEFAULT_MAX_CONNECTIONS_PER_IP

Default cap on concurrent streaming connections per client IP. Generous enough for normal browser tabs, chatty mobile apps, or shared NATs, but stingy enough that one attacker can’t open 10k sockets. Each endpoint can override by constructing the counter with a different cap.