{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 你好瞎i 的问题《Servlet filter: very simple rate-limiting filter a》','https://www.manongdao.com/q-315056.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'd like to add a very simple filter doing a per-IP rate-limit but still allowing burst, a bit like what the iptables allows to do.
I don't want install the entire kitchen sink: all I need is one Filter class implementing that functionality.
What would be a good data structure / algorithm allowing to do a simple "rate-limiting-but-with-short-bursts allowed"?
For example I'd like to serve an HTTP error code if the user tries to do more than 'x' GET / POST per minute, but I'd still like to enable that same user to "burst" up to 'y' (where y > x) until he hits the burst cap.
Just for comparision, here's how a similar rate-limitation-with-a-burst can be configured using iptables (it's just an example, to show what I'm talking about, even though in my case it's not about putting a rate-limit+burst on TCP SYN packets):
iptables -A INPUT -p tcp --syn -m limit --limit 1/s --limit-burst 5
At Java level :
But I think it's easier to implement at webserver level
Or with a dedicated server add-on
you can also look at Guava RateLimiter - it provides a nice starting point for more sophisticated ratelimiters.