Struct BandguardsConfig 

pub struct BandguardsConfig {
    pub circ_max_megabytes: u64,
    pub circ_max_age_hours: u32,
    pub circ_max_hsdesc_kilobytes: u32,
    pub circ_max_serv_intro_kilobytes: u32,
    pub circ_max_disconnected_secs: u32,
    pub conn_max_disconnected_secs: u32,
}

Bandwidth monitoring configuration options.

Controls circuit bandwidth limits and disconnection warnings. These settings help detect bandwidth-based side-channel attacks that attempt to identify hidden services through traffic analysis.

Attack Detection

Bandguards monitors for several attack patterns:

┌─────────────────────────────────────────────────────────────────┐
│                  Bandwidth Attack Detection                     │
└─────────────────────────────────────────────────────────────────┘

  1. Circuit Size Attack
     ├── Monitor total bytes per circuit
     └── Alert/close if exceeds circ_max_megabytes

  2. Circuit Age Attack
     ├── Track circuit creation time
     └── Alert/close if exceeds circ_max_age_hours

  3. HSDIR Descriptor Attack
     ├── Monitor HSDIR circuit bandwidth
     └── Alert if exceeds circ_max_hsdesc_kilobytes

  4. Connectivity Monitoring
     ├── Track disconnection duration
     └── Warn if exceeds threshold

Fields

Field	Default	Description
circ_max_megabytes	0	Max circuit size in MB (0 = disabled)
circ_max_age_hours	24	Max circuit age in hours
circ_max_hsdesc_kilobytes	30	Max HSDIR circuit size in KB
circ_max_serv_intro_kilobytes	0	Max intro circuit size (0 = disabled)
circ_max_disconnected_secs	30	Warn after N seconds disconnected
conn_max_disconnected_secs	15	Warn after N seconds with no connections

Example

use vanguards_rs::BandguardsConfig;

let mut config = BandguardsConfig::default();

// Enable circuit size limiting
config.circ_max_megabytes = 100;

// Reduce circuit age for higher security
config.circ_max_age_hours = 12;

See Also

• Config - Main configuration struct
• BandwidthStats - Runtime bandwidth statistics

Fields

circ_max_megabytes: u64

Maximum circuit size in megabytes. 0 disables this check.

circ_max_age_hours: u32

Maximum circuit age in hours.

circ_max_hsdesc_kilobytes: u32

Maximum HSDIR circuit size in kilobytes.

circ_max_serv_intro_kilobytes: u32

Maximum service intro circuit size in kilobytes. 0 disables.

circ_max_disconnected_secs: u32

Warn after this many seconds disconnected from circuits.

conn_max_disconnected_secs: u32

Warn after this many seconds with no connections.

Trait Implementations

impl Clone for BandguardsConfig

fn clone(&self) -> BandguardsConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for BandguardsConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for BandguardsConfig

fn default() -> Self

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for BandguardsConfig

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl PartialEq for BandguardsConfig

fn eq(&self, other: &BandguardsConfig) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for BandguardsConfig

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl StructuralPartialEq for BandguardsConfig