Skip to main content

EntityManager

synapse_pingora::entity

Struct EntityManager 

Source 
pub struct EntityManager { /* private fields */ }
Expand description

Thread-safe entity manager using DashMap.

Provides lock-free concurrent access to entity state for high-RPS WAF scenarios. Uses timestamp-based LRU eviction instead of ordered list for better concurrency.

SECURITY: Implements per-site entity quotas to prevent a single tenant from filling the global pool and degrading security for all tenants.

Implementations§

Source§

impl EntityManager

Source

pub fn new(config: EntityConfig) -> Self

Create a new entity manager with the given configuration.

Source

pub fn config(&self) -> &EntityConfig

Get the configuration.

Source

pub fn is_enabled(&self) -> bool

Check if entity tracking is enabled.

Source

pub fn len(&self) -> usize

Get the number of tracked entities.

Source

pub fn is_empty(&self) -> bool

Check if the store is empty.

Source

pub fn metrics(&self) -> EntityMetrics

Get metrics about the entity store.

Source

pub fn touch_entity(&self, ip: &str) -> EntitySnapshot

Touch an entity (update last_seen, apply decay, increment request_count).

Creates the entity if it doesn’t exist. Returns a snapshot of the entity state.

Source

pub fn touch_entity_with_fingerprint( &self, ip: &str, ja4: Option<&str>, combined: Option<&str>, ) -> EntitySnapshot

Touch an entity and associate fingerprint.

Source

pub fn touch_entity_for_site( &self, ip: &str, site_id: &str, ) -> Option<EntitySnapshot>

Touch an entity for a specific site/tenant.

SECURITY: Enforces per-site entity limits to prevent a single tenant from exhausting the global entity pool and degrading security for all tenants.

Returns None if the site has exceeded its quota and the entity doesn’t exist.

Source

pub fn get_site_count(&self, site_id: &str) -> u64

Get the current entity count for a site.

Source

pub fn site_metrics(&self) -> Vec<SiteMetrics>

Get site metrics for monitoring.

Source

pub fn get_entity(&self, ip: &str) -> Option<EntitySnapshot>

Get an entity snapshot (read-only).

Source

pub fn apply_rule_risk( &self, ip: &str, rule_id: u32, base_risk: f64, enable_multiplier: bool, ) -> Option<RiskApplication>

Apply risk from a matched rule.

Returns the risk application result, or None if entity doesn’t exist.

Source

pub fn apply_external_risk(&self, ip: &str, risk: f64, reason: &str) -> f64

Apply external risk (e.g., from anomaly detection).

Creates the entity if it doesn’t exist.

§Arguments
  • ip - Client IP address
  • risk - Risk points to add (will be clamped to max_risk)
  • reason - Reason for risk application (logged at debug level)
Source

pub fn apply_anomaly_risk( &self, ip: &str, anomaly_type: &str, risk: f64, details: Option<&str>, ) -> f64

Apply anomaly-based risk to an entity.

Used for behavioral anomalies like honeypot hits, rapid fingerprint changes, etc. Creates the entity if it doesn’t exist.

§Arguments
  • ip - Client IP address
  • anomaly_type - Type of anomaly detected (e.g., “honeypot_hit”, “ja4_rapid_change”)
  • risk - Risk points to add
  • details - Optional details about the anomaly
Source

pub fn check_block(&self, ip: &str) -> BlockDecision

Check if an entity should be blocked based on risk threshold.

Returns the block decision.

Source

pub fn manual_block(&self, ip: &str, reason: &str) -> bool

Manually block an entity.

Source

pub fn release_entity(&self, ip: &str) -> bool

Release an entity (reset risk and unblock).

Source

pub fn release_all(&self) -> usize

Release all entities (reset risk and unblock all).

Returns the number of entities released.

Source

pub fn list_entity_ids(&self) -> Vec<String>

List all entity IDs.

Source

pub fn list_top_risk(&self, limit: usize) -> Vec<EntitySnapshot>

Returns top N entities sorted by risk score (highest first)

Source

pub fn check_ja4_reputation( &self, ip: &str, current_ja4: &str, now_ms: u64, ) -> Option<Ja4ReputationResult>

Check JA4 reputation for an IP address. Detects rapid fingerprint changes that indicate bot behavior.

§Arguments
  • ip - Client IP address
  • current_ja4 - Current JA4 fingerprint
  • now_ms - Current timestamp in milliseconds
§Returns

Reputation result if entity exists, None otherwise

Source

pub fn snapshot(&self) -> Vec<EntityState>

Create a snapshot of all entity states for persistence.

Returns a Vec of cloned EntityState suitable for serialization.

Source

pub fn restore(&self, entities: Vec<EntityState>)

Restore entity states from a persisted snapshot.

Clears existing entities and inserts the restored ones. Updates total_created counter to reflect restored count. Rebuilds site_counts from restored entity site_id fields.

Source

pub fn merge_restore(&self, entities: Vec<EntityState>) -> usize

Merge restored entities with existing ones (additive restore).

Only inserts entities that don’t already exist. Useful for partial recovery scenarios. Updates site_counts for newly merged entities.

Source

pub fn clear(&self)

Clear the entity store and all site counts.

Trait Implementations§

Source§

impl Default for EntityManager

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> Downcast for T
where T: Any,

Source§

fn into_any(self: Box<T>) -> Box<dyn Any>

Convert Box<dyn Trait> (where Trait: Downcast) to Box<dyn Any>. Box<dyn Any> can then be further downcast into Box<ConcreteType> where ConcreteType implements Trait.
Source§

fn into_any_rc(self: Rc<T>) -> Rc<dyn Any>

Convert Rc<Trait> (where Trait: Downcast) to Rc<Any>. Rc<Any> can then be further downcast into Rc<ConcreteType> where ConcreteType implements Trait.
Source§

fn as_any(&self) -> &(dyn Any + 'static)

Convert &Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &Any’s vtable from &Trait’s.
Source§

fn as_any_mut(&mut self) -> &mut (dyn Any + 'static)

Convert &mut Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &mut Any’s vtable from &mut Trait’s.
Source§

impl<T> DowncastSync for T
where T: Any + Send + Sync,

Source§

fn into_any_arc(self: Arc<T>) -> Arc<dyn Any + Sync + Send>

Convert Arc<Trait> (where Trait: Downcast) to Arc<Any>. Arc<Any> can then be further downcast into Arc<ConcreteType> where ConcreteType implements Trait.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,