RUST_LOG=debug cargo run -p tcptls 8080 RUSTFLAGS="-Z threads=8" cargo +nightly build --release time RUSTFLAGS="-Z threads=8" cargo +nightly build --release Finished release [optimized] target(s) in 23m 26s real 23m26.801s user 32m11.223s sys 4m19.326s sysctl -n machdep.cpu.brand_string hyperfine --runs 1 'RUSTFLAGS="-Z threads=8" cargo +nightly build --release' time cargo build --release Finished release [optimized] target(s) in 43m 39s real 43m37.079s user 39m46.355s sys 5m10.400s hyperfine --runs 1 'cargo build --release' RUST_LOG=debug cargo watch -q -c -w src/ -w .cargo/ -x "run -p tcptls 8080" echo -n -e "\x08\x00\x00\x00\x01\x00\x00\x00\" | nc 127.0.0.1 8090 for i in {1..100}; do echo '{"method":"isPrime","number":'$i'}' | nc localhost 8090; sleep 0.25; done; for i in {1..10}; do curl http://0.0.0.0:3000; sleep 0.25; done; for i in {1..1000}; do curl http://0.0.0.0:3000; done; for i in {1..100}; do curl -X GET http://localhost:8080/ping & done for i in {1..10}; do curl http://0.0.0.0:8080; sleep 0.25; done; echo PING | nc localhost 8090 for i in {1..10} do printf '= %.0s' {1..$i} sleep $1s done curl -i -X GET -H "Origin: http://0.0.0.0:3001" http://0.0.0.0:3001 curl -H "Origin: http://localhost:3000" -H "Access-Control-Request-Method: GET" -H "Access-Control-Request-Headers: X-Requested-With" -X OPTIONS --verbose http://localhost:3001/ echo '{"method":"isPrime","number":42}' | nc localhost 8090 {"method":"isPrime","prime":false} $ echo '{"method":"isPrime","number":13}' | nc localhost 8080 {"method":"isPrime","prime":true} $ echo '{"method":"isPrime","number":13.43}' | nc localhost 8080 {"method":"","prime":false} $ echo '{"method":"invalidMethod","number":13}' | nc localhost 8080 {"method":"","prime":false} ``` echo -e "GET /version HTTP/1.1\r\nHost: 192.168.64.12\r\n\r\n" | nc 192.168.64.12 1884 nc 192.168.64.12 1884 nc 127.0.0.1 8080 $ nano ~/Library/LaunchAgents/com.example.nsurlsessiond-monitor.plist $ launchctl load ~/Library/LaunchAgents/com.example.nsurlsessiond-monitor.plist $ launchctl unload ~/Library/LaunchAgents/com.example.nsurlsessiond-monitor.plist Connection Tracking: Enable connection tracking in the iptables: sudo modprobe nf_conntrack Rate Limiting: Use the hashlimit module to rate limit incoming connections: sudo iptables -A INPUT -p tcp --syn --dport 8090 -m conntrack --ctstate NEW -m hashlimit --hashlimit 50/s --hashlimit-burst 100 --hashlimit-mode srcip --hashlimit-name conn_limit -j ACCEPT sudo iptables -A INPUT -p tcp --syn --dport 8090 -j DROP limit the number of concurrent connections from a single IP address sudo iptables -A INPUT -p tcp --syn --dport 8090 -m connlimit --connlimit-above 10 --connlimit-mask 32 -j DROP $ ulimit -n 256 $ ulimit -n $ sysctl kern.num_taskthreads kern.num_taskthreads: 4096 lsof -p PID sudo launchctl unload /Library/LaunchDaemons/com.canonical.multipassd.plist sudo launchctl load -w /Library/LaunchDaemons/com.canonical.multipassd.plist