Policy
The policy block sets per-level connection timeouts, buffer sizes, and which traffic counters the stats subsystem should populate.
Top-level options
| Field | Type | Default | Allowed values | Description |
|---|---|---|---|---|
levels | map[uint32]*Policy | {} | { "<level>": Policy } | Map keyed by user level (uint32). Each value is a Policy object whose flags apply to traffic from users at that level. |
system | *SystemPolicy | (unset) | SystemPolicy | System-wide policy. Currently only carries the four inbound/outbound traffic counter toggles. |
Source: infra/conf/policy.go:73-76 · pinned at v26.6.1 (94ffd50)
Per-level Policy
Each entry under levels is a Policy object. Level 0 is the default for users with no explicit level set.
| Field | Type | Default | Allowed values | Description |
|---|---|---|---|---|
handshake | *uint32 | 4 | <seconds> | Maximum time for the inbound to complete its handshake before the connection is closed. |
connIdle | *uint32 | 300 | <seconds> | Idle timeout. A connection with no traffic for this many seconds is closed. |
uplinkOnly | *uint32 | 2 | <seconds> | Grace window after the downlink closes; the uplink is closed this many seconds later. |
downlinkOnly | *uint32 | 5 | <seconds> | Grace window after the uplink closes; the downlink is closed this many seconds later. |
statsUserUplink | bool | false | true | false | Count uplink bytes per user (requires the stats block to be present). |
statsUserDownlink | bool | false | true | false | Count downlink bytes per user. |
statsUserOnline | bool | false | true | false | Track per-user online status. |
bufferSize | *int32 | (internal) | <KB> | -1 | Per-connection internal buffer in KB. -1 (or any negative value) means unlimited. |
Source: infra/conf/policy.go:7-16 · pinned at v26.6.1 (94ffd50)
SystemPolicy
| Field | Type | Default | Allowed values | Description |
|---|---|---|---|---|
statsInboundUplink | bool | false | true | false | Per-inbound-tag uplink byte counter. |
statsInboundDownlink | bool | false | true | false | Per-inbound-tag downlink byte counter. |
statsOutboundUplink | bool | false | true | false | Per-outbound-tag uplink byte counter. |
statsOutboundDownlink | bool | false | true | false | Per-outbound-tag downlink byte counter. |
Source: infra/conf/policy.go:55-60 · pinned at v26.6.1 (94ffd50)
Example
json
{
"stats": {},
"policy": {
"levels": {
"0": {
"handshake": 4,
"connIdle": 300,
"uplinkOnly": 2,
"downlinkOnly": 5,
"statsUserUplink": true,
"statsUserDownlink": true,
"bufferSize": 0
}
},
"system": {
"statsInboundUplink": true,
"statsInboundDownlink": true,
"statsOutboundUplink": true,
"statsOutboundDownlink": true
}
}
}Notes
- Timeouts are pointers in the Go struct. Omitting a field leaves the internal default in place; setting it explicitly to
0actually means "no timeout" for that field. bufferSizeis multiplied by 1024 inPolicy.Build(infra/conf/policy.go:42-46) — the JSON value is in KB. Any negative value disables the cap.- Per-user counters require the user object on the relevant inbound to have a non-empty level whose number matches a key under
policy.levels.
Source: infra/conf/policy.go:7-76 · v26.6.1 (94ffd50)