Skip to main content

ShadowMirrorManager

synapse_pingora::shadow

Struct ShadowMirrorManager 

Source 
pub struct ShadowMirrorManager { /* private fields */ }
Expand description

Manager for shadow mirroring operations.

Coordinates mirror decisions, rate limiting, and async delivery to honeypots. Uses a bounded queue (semaphore) to prevent memory exhaustion from slow honeypots.

Implementations§

Source§

impl ShadowMirrorManager

Source

pub fn new( config: ShadowMirrorConfig, sensor_id: String, ) -> Result<Self, ShadowMirrorError>

Creates a new shadow mirror manager with default concurrency limit.

§Errors

Returns ShadowMirrorError::ClientCreation if the HTTP client cannot be created.

Source

pub fn with_max_concurrent( config: ShadowMirrorConfig, sensor_id: String, max_concurrent: usize, ) -> Result<Self, ShadowMirrorError>

Creates a new shadow mirror manager with a custom concurrency limit.

§Arguments
  • config - Shadow mirror configuration
  • sensor_id - Sensor ID for payload attribution
  • max_concurrent - Maximum concurrent mirror operations (prevents memory exhaustion)
§Errors

Returns ShadowMirrorError::ClientCreation if the HTTP client cannot be created.

Source

pub fn should_mirror(&self, risk_score: f32, client_ip: &str) -> bool

Determines if a request should be mirrored based on detection result.

§Arguments
  • risk_score - Risk score from detection (0-100)
  • client_ip - Source IP address
§Returns

true if the request should be mirrored, false otherwise.

Source

pub fn mirror_async(&self, payload: MirrorPayload) -> bool

Sends a mirror payload asynchronously (fire-and-forget) with bounded concurrency.

Returns immediately without waiting for delivery to complete. Uses a semaphore to limit concurrent operations and prevent memory exhaustion when honeypots are slow or unresponsive. If the queue is full, the request is dropped (backpressure) rather than blocking or causing unbounded growth.

§Returns

true if the payload was queued for delivery, false if dropped due to backpressure.

Source

pub fn create_payload( &self, request_id: String, source_ip: String, method: String, uri: String, site_name: String, risk_score: f32, matched_rules: Vec<String>, ja4: Option<String>, ja4h: Option<String>, campaign_id: Option<String>, headers: HashMap<String, String>, body: Option<String>, ) -> MirrorPayload

Creates a mirror payload from request context.

§Arguments
  • request_id - Unique request identifier
  • source_ip - Client IP address
  • method - HTTP method
  • uri - Request URI
  • site_name - Site/vhost name
  • risk_score - Calculated risk score
  • matched_rules - IDs of rules that matched
  • ja4 - Optional JA4 TLS fingerprint
  • ja4h - Optional JA4H HTTP fingerprint
  • campaign_id - Optional campaign correlation ID
  • headers - Request headers to include
  • body - Optional request body
Source

pub fn cleanup(&self)

Runs periodic cleanup of the rate limiter.

Call this from a background task at regular intervals (e.g., every 60s).

Source

pub fn stats(&self) -> ShadowMirrorStats

Returns statistics about shadow mirroring.

Source

pub fn reset_stats(&self)

Resets all statistics.

Source

pub fn is_enabled(&self) -> bool

Returns whether shadow mirroring is enabled.

Source

pub fn config(&self) -> &ShadowMirrorConfig

Returns the configuration.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> Downcast for T
where T: Any,

Source§

fn into_any(self: Box<T>) -> Box<dyn Any>

Convert Box<dyn Trait> (where Trait: Downcast) to Box<dyn Any>. Box<dyn Any> can then be further downcast into Box<ConcreteType> where ConcreteType implements Trait.
Source§

fn into_any_rc(self: Rc<T>) -> Rc<dyn Any>

Convert Rc<Trait> (where Trait: Downcast) to Rc<Any>. Rc<Any> can then be further downcast into Rc<ConcreteType> where ConcreteType implements Trait.
Source§

fn as_any(&self) -> &(dyn Any + 'static)

Convert &Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &Any’s vtable from &Trait’s.
Source§

fn as_any_mut(&mut self) -> &mut (dyn Any + 'static)

Convert &mut Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &mut Any’s vtable from &mut Trait’s.
Source§

impl<T> DowncastSync for T
where T: Any + Send + Sync,

Source§

fn into_any_arc(self: Arc<T>) -> Arc<dyn Any + Sync + Send>

Convert Arc<Trait> (where Trait: Downcast) to Arc<Any>. Arc<Any> can then be further downcast into Arc<ConcreteType> where ConcreteType implements Trait.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<A, B, T> HttpServerConnExec<A, B> for T
where B: Body,