Limit incoming connections from the same IP

This commit is contained in:
Miguel Herranz 2017-01-14 13:21:20 +01:00
parent 2a2f02e375
commit 3f269e988c
2 changed files with 32 additions and 0 deletions

View file

@ -227,6 +227,8 @@ namespace nodetool
bool set_rate_down_limit(const boost::program_options::variables_map& vm, int64_t limit); bool set_rate_down_limit(const boost::program_options::variables_map& vm, int64_t limit);
bool set_rate_limit(const boost::program_options::variables_map& vm, int64_t limit); bool set_rate_limit(const boost::program_options::variables_map& vm, int64_t limit);
bool has_too_many_connections(const uint32_t ip);
void kill() { ///< will be called e.g. from deinit() void kill() { ///< will be called e.g. from deinit()
_info("Killing the net_node"); _info("Killing the net_node");
is_closing = true; is_closing = true;

View file

@ -1457,6 +1457,14 @@ namespace nodetool
drop_connection(context); drop_connection(context);
return 1; return 1;
} }
if(has_too_many_connections(context.m_remote_ip))
{
LOG_PRINT_CCONTEXT_L1("CONNECTION FROM " << epee::string_tools::get_ip_string_from_int32(context.m_remote_ip) << " REFUSED, too many connections from the same address");
drop_connection(context);
return 1;
}
//associate peer_id with this connection //associate peer_id with this connection
context.peer_id = arg.node_data.peer_id; context.peer_id = arg.node_data.peer_id;
@ -1677,4 +1685,26 @@ namespace nodetool
return true; return true;
} }
template<class t_payload_net_handler>
bool node_server<t_payload_net_handler>::has_too_many_connections(const uint32_t ip)
{
const uint8_t max_connections = 3;
uint8_t count = 0;
m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
{
if (cntxt.m_is_income && cntxt.m_remote_ip == ip) {
count++;
if (count > max_connections) {
return false;
}
}
return true;
});
return count > max_connections;
}
} }