mirror of
https://github.com/monero-project/monero.git
synced 2025-01-20 17:54:37 +00:00
src: rename blocklist to banlist to avoid confusion
This commit is contained in:
parent
893916ad09
commit
b5cd7f870b
18 changed files with 238 additions and 228 deletions
|
@ -89,7 +89,7 @@ namespace net_utils
|
||||||
bool is_local() const;
|
bool is_local() const;
|
||||||
static constexpr address_type get_type_id() noexcept { return address_type::ipv4; }
|
static constexpr address_type get_type_id() noexcept { return address_type::ipv4; }
|
||||||
static constexpr zone get_zone() noexcept { return zone::public_; }
|
static constexpr zone get_zone() noexcept { return zone::public_; }
|
||||||
static constexpr bool is_blockable() noexcept { return true; }
|
static constexpr bool is_bannable() noexcept { return true; }
|
||||||
|
|
||||||
BEGIN_KV_SERIALIZE_MAP()
|
BEGIN_KV_SERIALIZE_MAP()
|
||||||
if (is_store)
|
if (is_store)
|
||||||
|
@ -145,7 +145,7 @@ namespace net_utils
|
||||||
bool is_local() const;
|
bool is_local() const;
|
||||||
static constexpr address_type get_type_id() noexcept { return address_type::invalid; }
|
static constexpr address_type get_type_id() noexcept { return address_type::invalid; }
|
||||||
static constexpr zone get_zone() noexcept { return zone::public_; }
|
static constexpr zone get_zone() noexcept { return zone::public_; }
|
||||||
static constexpr bool is_blockable() noexcept { return true; }
|
static constexpr bool is_bannable() noexcept { return true; }
|
||||||
|
|
||||||
BEGIN_KV_SERIALIZE_MAP()
|
BEGIN_KV_SERIALIZE_MAP()
|
||||||
KV_SERIALIZE(m_ip)
|
KV_SERIALIZE(m_ip)
|
||||||
|
@ -195,7 +195,7 @@ namespace net_utils
|
||||||
bool is_local() const;
|
bool is_local() const;
|
||||||
static constexpr address_type get_type_id() noexcept { return address_type::ipv6; }
|
static constexpr address_type get_type_id() noexcept { return address_type::ipv6; }
|
||||||
static constexpr zone get_zone() noexcept { return zone::public_; }
|
static constexpr zone get_zone() noexcept { return zone::public_; }
|
||||||
static constexpr bool is_blockable() noexcept { return true; }
|
static constexpr bool is_bannable() noexcept { return true; }
|
||||||
|
|
||||||
static const uint8_t ID = 2;
|
static const uint8_t ID = 2;
|
||||||
BEGIN_KV_SERIALIZE_MAP()
|
BEGIN_KV_SERIALIZE_MAP()
|
||||||
|
@ -235,7 +235,7 @@ namespace net_utils
|
||||||
virtual bool is_local() const = 0;
|
virtual bool is_local() const = 0;
|
||||||
virtual address_type get_type_id() const = 0;
|
virtual address_type get_type_id() const = 0;
|
||||||
virtual zone get_zone() const = 0;
|
virtual zone get_zone() const = 0;
|
||||||
virtual bool is_blockable() const = 0;
|
virtual bool is_bannable() const = 0;
|
||||||
virtual std::uint16_t port() const = 0;
|
virtual std::uint16_t port() const = 0;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -266,7 +266,7 @@ namespace net_utils
|
||||||
virtual bool is_local() const override { return value.is_local(); }
|
virtual bool is_local() const override { return value.is_local(); }
|
||||||
virtual address_type get_type_id() const override { return value.get_type_id(); }
|
virtual address_type get_type_id() const override { return value.get_type_id(); }
|
||||||
virtual zone get_zone() const override { return value.get_zone(); }
|
virtual zone get_zone() const override { return value.get_zone(); }
|
||||||
virtual bool is_blockable() const override { return value.is_blockable(); }
|
virtual bool is_bannable() const override { return value.is_bannable(); }
|
||||||
virtual std::uint16_t port() const override { return value.port(); }
|
virtual std::uint16_t port() const override { return value.port(); }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -313,7 +313,7 @@ namespace net_utils
|
||||||
bool is_local() const { return self ? self->is_local() : false; }
|
bool is_local() const { return self ? self->is_local() : false; }
|
||||||
address_type get_type_id() const { return self ? self->get_type_id() : address_type::invalid; }
|
address_type get_type_id() const { return self ? self->get_type_id() : address_type::invalid; }
|
||||||
zone get_zone() const { return self ? self->get_zone() : zone::invalid; }
|
zone get_zone() const { return self ? self->get_zone() : zone::invalid; }
|
||||||
bool is_blockable() const { return self ? self->is_blockable() : false; }
|
bool is_bannable() const { return self ? self->is_bannable() : false; }
|
||||||
std::uint16_t port() const { return self ? self->port() : 0; }
|
std::uint16_t port() const { return self ? self->port() : 0; }
|
||||||
template<typename Type> const Type &as() const { return as_mutable<const Type>(); }
|
template<typename Type> const Type &as() const { return as_mutable<const Type>(); }
|
||||||
|
|
||||||
|
|
|
@ -149,14 +149,14 @@
|
||||||
#define P2P_DEFAULT_LIMIT_RATE_DOWN 8192 // kB/s
|
#define P2P_DEFAULT_LIMIT_RATE_DOWN 8192 // kB/s
|
||||||
|
|
||||||
#define P2P_FAILED_ADDR_FORGET_SECONDS (60*60) //1 hour
|
#define P2P_FAILED_ADDR_FORGET_SECONDS (60*60) //1 hour
|
||||||
#define P2P_IP_BLOCKTIME (60*60*24) //24 hour
|
#define P2P_IP_BANTIME (60*60*24) //24 hour
|
||||||
#define P2P_IP_FAILS_BEFORE_BLOCK 10
|
#define P2P_IP_FAILS_BEFORE_BAN 10
|
||||||
#define P2P_IDLE_CONNECTION_KILL_INTERVAL (5*60) //5 minutes
|
#define P2P_IDLE_CONNECTION_KILL_INTERVAL (5*60) //5 minutes
|
||||||
|
|
||||||
#define P2P_SUPPORT_FLAG_FLUFFY_BLOCKS 0x01
|
#define P2P_SUPPORT_FLAG_FLUFFY_BLOCKS 0x01
|
||||||
#define P2P_SUPPORT_FLAGS P2P_SUPPORT_FLAG_FLUFFY_BLOCKS
|
#define P2P_SUPPORT_FLAGS P2P_SUPPORT_FLAG_FLUFFY_BLOCKS
|
||||||
|
|
||||||
#define RPC_IP_FAILS_BEFORE_BLOCK 3
|
#define RPC_IP_FAILS_BEFORE_BAN 3
|
||||||
|
|
||||||
#define CRYPTONOTE_NAME "bitmonero"
|
#define CRYPTONOTE_NAME "bitmonero"
|
||||||
#define CRYPTONOTE_BLOCKCHAINDATA_FILENAME "data.mdb"
|
#define CRYPTONOTE_BLOCKCHAINDATA_FILENAME "data.mdb"
|
||||||
|
@ -205,7 +205,7 @@
|
||||||
|
|
||||||
#define RPC_CREDITS_PER_HASH_SCALE ((float)(1<<24))
|
#define RPC_CREDITS_PER_HASH_SCALE ((float)(1<<24))
|
||||||
|
|
||||||
#define DNS_BLOCKLIST_LIFETIME (86400 * 8)
|
#define DNS_BANLIST_LIFETIME (86400 * 8)
|
||||||
|
|
||||||
//The limit is enough for the mandatory transaction content with 16 outputs (547 bytes),
|
//The limit is enough for the mandatory transaction content with 16 outputs (547 bytes),
|
||||||
//a custom tag (1 byte) and up to 32 bytes of custom data for each recipient.
|
//a custom tag (1 byte) and up to 32 bytes of custom data for each recipient.
|
||||||
|
|
|
@ -519,7 +519,7 @@ namespace cryptonote
|
||||||
if(bvc.m_verifivation_failed)
|
if(bvc.m_verifivation_failed)
|
||||||
{
|
{
|
||||||
LOG_PRINT_CCONTEXT_L0("Block verification failed, dropping connection");
|
LOG_PRINT_CCONTEXT_L0("Block verification failed, dropping connection");
|
||||||
drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BLOCK : 1, false);
|
drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BAN : 1, false);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if(bvc.m_added_to_main_chain)
|
if(bvc.m_added_to_main_chain)
|
||||||
|
@ -802,7 +802,7 @@ namespace cryptonote
|
||||||
if( bvc.m_verifivation_failed )
|
if( bvc.m_verifivation_failed )
|
||||||
{
|
{
|
||||||
LOG_PRINT_CCONTEXT_L0("Block verification failed, dropping connection");
|
LOG_PRINT_CCONTEXT_L0("Block verification failed, dropping connection");
|
||||||
drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BLOCK : 1, false);
|
drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BAN : 1, false);
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if( bvc.m_added_to_main_chain )
|
if( bvc.m_added_to_main_chain )
|
||||||
|
@ -1605,7 +1605,7 @@ namespace cryptonote
|
||||||
drop_connections(span_origin);
|
drop_connections(span_origin);
|
||||||
if (!m_p2p->for_connection(span_connection_id, [&](cryptonote_connection_context& context, nodetool::peerid_type peer_id, uint32_t f)->bool{
|
if (!m_p2p->for_connection(span_connection_id, [&](cryptonote_connection_context& context, nodetool::peerid_type peer_id, uint32_t f)->bool{
|
||||||
LOG_PRINT_CCONTEXT_L1("Block verification failed, dropping connection");
|
LOG_PRINT_CCONTEXT_L1("Block verification failed, dropping connection");
|
||||||
drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BLOCK : 1, true);
|
drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BAN : 1, true);
|
||||||
return 1;
|
return 1;
|
||||||
}))
|
}))
|
||||||
LOG_ERROR_CCONTEXT("span connection id not found");
|
LOG_ERROR_CCONTEXT("span connection id not found");
|
||||||
|
|
|
@ -660,7 +660,7 @@ bool t_command_parser_executor::ban(const std::vector<std::string>& args)
|
||||||
std::cout << "Invalid syntax: Expects one or two parameters. For more details, use the help command." << std::endl;
|
std::cout << "Invalid syntax: Expects one or two parameters. For more details, use the help command." << std::endl;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
time_t seconds = P2P_IP_BLOCKTIME;
|
time_t seconds = P2P_IP_BANTIME;
|
||||||
if (args.size() > 1)
|
if (args.size() > 1)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
|
|
|
@ -192,7 +192,7 @@ bool t_rpc_command_executor::print_peer_list(bool white, bool gray, size_t limit
|
||||||
|
|
||||||
std::string failure_message = "Couldn't retrieve peer list";
|
std::string failure_message = "Couldn't retrieve peer list";
|
||||||
|
|
||||||
req.include_blocked = true;
|
req.include_banned = req.include_blocked = true;
|
||||||
|
|
||||||
if (m_is_rpc)
|
if (m_is_rpc)
|
||||||
{
|
{
|
||||||
|
@ -240,7 +240,7 @@ bool t_rpc_command_executor::print_peer_list_stats() {
|
||||||
std::string failure_message = "Couldn't retrieve peer list";
|
std::string failure_message = "Couldn't retrieve peer list";
|
||||||
|
|
||||||
req.public_only = false;
|
req.public_only = false;
|
||||||
req.include_blocked = true;
|
req.include_banned = req.include_blocked = true;
|
||||||
|
|
||||||
if (m_is_rpc)
|
if (m_is_rpc)
|
||||||
{
|
{
|
||||||
|
|
|
@ -119,7 +119,7 @@ namespace net
|
||||||
}
|
}
|
||||||
|
|
||||||
//! \return `!is_unknown()`.
|
//! \return `!is_unknown()`.
|
||||||
bool is_blockable() const noexcept { return !is_unknown(); }
|
bool is_bannable() const noexcept { return !is_unknown(); }
|
||||||
};
|
};
|
||||||
|
|
||||||
inline bool operator==(const i2p_address& lhs, const i2p_address& rhs) noexcept
|
inline bool operator==(const i2p_address& lhs, const i2p_address& rhs) noexcept
|
||||||
|
|
|
@ -121,7 +121,7 @@ namespace net
|
||||||
}
|
}
|
||||||
|
|
||||||
//! \return `!is_unknown()`.
|
//! \return `!is_unknown()`.
|
||||||
bool is_blockable() const noexcept { return !is_unknown(); }
|
bool is_bannable() const noexcept { return !is_unknown(); }
|
||||||
};
|
};
|
||||||
|
|
||||||
inline bool operator==(const tor_address& lhs, const tor_address& rhs) noexcept
|
inline bool operator==(const tor_address& lhs, const tor_address& rhs) noexcept
|
||||||
|
|
|
@ -152,7 +152,8 @@ namespace nodetool
|
||||||
const command_line::arg_descriptor<std::string> arg_ban_list = {"ban-list", "Specify ban list file, one IP address per line"};
|
const command_line::arg_descriptor<std::string> arg_ban_list = {"ban-list", "Specify ban list file, one IP address per line"};
|
||||||
const command_line::arg_descriptor<bool> arg_p2p_hide_my_port = {"hide-my-port", "Do not announce yourself as peerlist candidate", false, true};
|
const command_line::arg_descriptor<bool> arg_p2p_hide_my_port = {"hide-my-port", "Do not announce yourself as peerlist candidate", false, true};
|
||||||
const command_line::arg_descriptor<bool> arg_no_sync = {"no-sync", "Don't synchronize the blockchain with other peers", false};
|
const command_line::arg_descriptor<bool> arg_no_sync = {"no-sync", "Don't synchronize the blockchain with other peers", false};
|
||||||
const command_line::arg_descriptor<bool> arg_enable_dns_blocklist = {"enable-dns-blocklist", "Apply realtime blocklist from DNS", false};
|
const command_line::arg_descriptor<bool> arg_enable_dns_banlist = {"enable-dns-banlist", "Apply realtime banlist from DNS", false};
|
||||||
|
const command_line::arg_descriptor<bool> arg_enable_dns_blocklist = {"enable-dns-blocklist", "Apply realtime banlist from DNS, alias for --enable-dns-banlist flag", false};
|
||||||
|
|
||||||
const command_line::arg_descriptor<bool> arg_no_igd = {"no-igd", "Disable UPnP port mapping"};
|
const command_line::arg_descriptor<bool> arg_no_igd = {"no-igd", "Disable UPnP port mapping"};
|
||||||
const command_line::arg_descriptor<std::string> arg_igd = {"igd", "UPnP port mapping (disabled, enabled, delayed)", "delayed"};
|
const command_line::arg_descriptor<std::string> arg_igd = {"igd", "UPnP port mapping (disabled, enabled, delayed)", "delayed"};
|
||||||
|
|
|
@ -285,13 +285,13 @@ namespace nodetool
|
||||||
uint32_t get_max_out_public_peers() const;
|
uint32_t get_max_out_public_peers() const;
|
||||||
void change_max_in_public_peers(size_t count);
|
void change_max_in_public_peers(size_t count);
|
||||||
uint32_t get_max_in_public_peers() const;
|
uint32_t get_max_in_public_peers() const;
|
||||||
virtual bool block_host(epee::net_utils::network_address address, time_t seconds = P2P_IP_BLOCKTIME, bool add_only = false);
|
virtual bool ban_host(epee::net_utils::network_address address, time_t seconds = P2P_IP_BANTIME, bool add_only = false);
|
||||||
virtual bool unblock_host(const epee::net_utils::network_address &address);
|
virtual bool unban_host(const epee::net_utils::network_address &address);
|
||||||
virtual bool block_subnet(const epee::net_utils::ipv4_network_subnet &subnet, time_t seconds = P2P_IP_BLOCKTIME);
|
virtual bool ban_subnet(const epee::net_utils::ipv4_network_subnet &subnet, time_t seconds = P2P_IP_BANTIME);
|
||||||
virtual bool unblock_subnet(const epee::net_utils::ipv4_network_subnet &subnet);
|
virtual bool unban_subnet(const epee::net_utils::ipv4_network_subnet &subnet);
|
||||||
virtual bool is_host_blocked(const epee::net_utils::network_address &address, time_t *seconds) { CRITICAL_REGION_LOCAL(m_blocked_hosts_lock); return !is_remote_host_allowed(address, seconds); }
|
virtual bool is_host_banned(const epee::net_utils::network_address &address, time_t *seconds) { CRITICAL_REGION_LOCAL(m_banned_hosts_lock); return !is_remote_host_allowed(address, seconds); }
|
||||||
virtual std::map<std::string, time_t> get_blocked_hosts() { CRITICAL_REGION_LOCAL(m_blocked_hosts_lock); return m_blocked_hosts; }
|
virtual std::map<std::string, time_t> get_banned_hosts() { CRITICAL_REGION_LOCAL(m_banned_hosts_lock); return m_banned_hosts; }
|
||||||
virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_blocked_subnets() { CRITICAL_REGION_LOCAL(m_blocked_hosts_lock); return m_blocked_subnets; }
|
virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_banned_subnets() { CRITICAL_REGION_LOCAL(m_banned_hosts_lock); return m_banned_subnets; }
|
||||||
|
|
||||||
virtual void add_used_stripe_peer(const typename t_payload_net_handler::connection_context &context);
|
virtual void add_used_stripe_peer(const typename t_payload_net_handler::connection_context &context);
|
||||||
virtual void remove_used_stripe_peer(const typename t_payload_net_handler::connection_context &context);
|
virtual void remove_used_stripe_peer(const typename t_payload_net_handler::connection_context &context);
|
||||||
|
@ -366,7 +366,7 @@ namespace nodetool
|
||||||
bool peer_sync_idle_maker();
|
bool peer_sync_idle_maker();
|
||||||
bool do_handshake_with_peer(peerid_type& pi, p2p_connection_context& context, bool just_take_peerlist = false);
|
bool do_handshake_with_peer(peerid_type& pi, p2p_connection_context& context, bool just_take_peerlist = false);
|
||||||
bool do_peer_timed_sync(const epee::net_utils::connection_context_base& context, peerid_type peer_id);
|
bool do_peer_timed_sync(const epee::net_utils::connection_context_base& context, peerid_type peer_id);
|
||||||
bool update_dns_blocklist();
|
bool update_dns_banlist();
|
||||||
|
|
||||||
bool make_new_connection_from_anchor_peerlist(const std::vector<anchor_peerlist_entry>& anchor_peerlist);
|
bool make_new_connection_from_anchor_peerlist(const std::vector<anchor_peerlist_entry>& anchor_peerlist);
|
||||||
bool make_new_connection_from_peerlist(network_zone& zone, bool use_white_list);
|
bool make_new_connection_from_peerlist(network_zone& zone, bool use_white_list);
|
||||||
|
@ -472,7 +472,7 @@ namespace nodetool
|
||||||
epee::math_helper::once_a_time_seconds<60*30, false> m_peerlist_store_interval;
|
epee::math_helper::once_a_time_seconds<60*30, false> m_peerlist_store_interval;
|
||||||
epee::math_helper::once_a_time_seconds<60> m_gray_peerlist_housekeeping_interval;
|
epee::math_helper::once_a_time_seconds<60> m_gray_peerlist_housekeeping_interval;
|
||||||
epee::math_helper::once_a_time_seconds<3600, false> m_incoming_connections_interval;
|
epee::math_helper::once_a_time_seconds<3600, false> m_incoming_connections_interval;
|
||||||
epee::math_helper::once_a_time_seconds<7000> m_dns_blocklist_interval;
|
epee::math_helper::once_a_time_seconds<7000> m_dns_banlist_interval;
|
||||||
|
|
||||||
std::list<epee::net_utils::network_address> m_priority_peers;
|
std::list<epee::net_utils::network_address> m_priority_peers;
|
||||||
std::vector<epee::net_utils::network_address> m_exclusive_peers;
|
std::vector<epee::net_utils::network_address> m_exclusive_peers;
|
||||||
|
@ -497,9 +497,9 @@ namespace nodetool
|
||||||
std::map<std::string, time_t> m_conn_fails_cache;
|
std::map<std::string, time_t> m_conn_fails_cache;
|
||||||
epee::critical_section m_conn_fails_cache_lock;
|
epee::critical_section m_conn_fails_cache_lock;
|
||||||
|
|
||||||
epee::critical_section m_blocked_hosts_lock; // for both hosts and subnets
|
epee::critical_section m_banned_hosts_lock; // for both hosts and subnets
|
||||||
std::map<std::string, time_t> m_blocked_hosts;
|
std::map<std::string, time_t> m_banned_hosts;
|
||||||
std::map<epee::net_utils::ipv4_network_subnet, time_t> m_blocked_subnets;
|
std::map<epee::net_utils::ipv4_network_subnet, time_t> m_banned_subnets;
|
||||||
|
|
||||||
epee::critical_section m_host_fails_score_lock;
|
epee::critical_section m_host_fails_score_lock;
|
||||||
std::map<std::string, uint64_t> m_host_fails_score;
|
std::map<std::string, uint64_t> m_host_fails_score;
|
||||||
|
@ -513,7 +513,7 @@ namespace nodetool
|
||||||
epee::net_utils::ssl_support_t m_ssl_support;
|
epee::net_utils::ssl_support_t m_ssl_support;
|
||||||
|
|
||||||
bool m_enable_dns_seed_nodes;
|
bool m_enable_dns_seed_nodes;
|
||||||
bool m_enable_dns_blocklist;
|
bool m_enable_dns_banlist;
|
||||||
|
|
||||||
uint32_t max_connections;
|
uint32_t max_connections;
|
||||||
};
|
};
|
||||||
|
@ -537,6 +537,7 @@ namespace nodetool
|
||||||
extern const command_line::arg_descriptor<std::string> arg_ban_list;
|
extern const command_line::arg_descriptor<std::string> arg_ban_list;
|
||||||
extern const command_line::arg_descriptor<bool> arg_p2p_hide_my_port;
|
extern const command_line::arg_descriptor<bool> arg_p2p_hide_my_port;
|
||||||
extern const command_line::arg_descriptor<bool> arg_no_sync;
|
extern const command_line::arg_descriptor<bool> arg_no_sync;
|
||||||
|
extern const command_line::arg_descriptor<bool> arg_enable_dns_banlist;
|
||||||
extern const command_line::arg_descriptor<bool> arg_enable_dns_blocklist;
|
extern const command_line::arg_descriptor<bool> arg_enable_dns_blocklist;
|
||||||
|
|
||||||
extern const command_line::arg_descriptor<bool> arg_no_igd;
|
extern const command_line::arg_descriptor<bool> arg_no_igd;
|
||||||
|
|
|
@ -116,6 +116,7 @@ namespace nodetool
|
||||||
command_line::add_arg(desc, arg_ban_list);
|
command_line::add_arg(desc, arg_ban_list);
|
||||||
command_line::add_arg(desc, arg_p2p_hide_my_port);
|
command_line::add_arg(desc, arg_p2p_hide_my_port);
|
||||||
command_line::add_arg(desc, arg_no_sync);
|
command_line::add_arg(desc, arg_no_sync);
|
||||||
|
command_line::add_arg(desc, arg_enable_dns_banlist);
|
||||||
command_line::add_arg(desc, arg_enable_dns_blocklist);
|
command_line::add_arg(desc, arg_enable_dns_blocklist);
|
||||||
command_line::add_arg(desc, arg_no_igd);
|
command_line::add_arg(desc, arg_no_igd);
|
||||||
command_line::add_arg(desc, arg_igd);
|
command_line::add_arg(desc, arg_igd);
|
||||||
|
@ -174,19 +175,19 @@ namespace nodetool
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::is_remote_host_allowed(const epee::net_utils::network_address &address, time_t *t)
|
bool node_server<t_payload_net_handler>::is_remote_host_allowed(const epee::net_utils::network_address &address, time_t *t)
|
||||||
{
|
{
|
||||||
CRITICAL_REGION_LOCAL(m_blocked_hosts_lock);
|
CRITICAL_REGION_LOCAL(m_banned_hosts_lock);
|
||||||
|
|
||||||
const time_t now = time(nullptr);
|
const time_t now = time(nullptr);
|
||||||
|
|
||||||
// look in the hosts list
|
// look in the hosts list
|
||||||
auto it = m_blocked_hosts.find(address.host_str());
|
auto it = m_banned_hosts.find(address.host_str());
|
||||||
if (it != m_blocked_hosts.end())
|
if (it != m_banned_hosts.end())
|
||||||
{
|
{
|
||||||
if (now >= it->second)
|
if (now >= it->second)
|
||||||
{
|
{
|
||||||
m_blocked_hosts.erase(it);
|
m_banned_hosts.erase(it);
|
||||||
MCLOG_CYAN(el::Level::Info, "global", "Host " << address.host_str() << " unblocked.");
|
MCLOG_CYAN(el::Level::Info, "global", "Host " << address.host_str() << " unbanned.");
|
||||||
it = m_blocked_hosts.end();
|
it = m_banned_hosts.end();
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@ -201,12 +202,12 @@ namespace nodetool
|
||||||
{
|
{
|
||||||
auto ipv4_address = address.template as<epee::net_utils::ipv4_network_address>();
|
auto ipv4_address = address.template as<epee::net_utils::ipv4_network_address>();
|
||||||
std::map<epee::net_utils::ipv4_network_subnet, time_t>::iterator it;
|
std::map<epee::net_utils::ipv4_network_subnet, time_t>::iterator it;
|
||||||
for (it = m_blocked_subnets.begin(); it != m_blocked_subnets.end(); )
|
for (it = m_banned_subnets.begin(); it != m_banned_subnets.end(); )
|
||||||
{
|
{
|
||||||
if (now >= it->second)
|
if (now >= it->second)
|
||||||
{
|
{
|
||||||
it = m_blocked_subnets.erase(it);
|
it = m_banned_subnets.erase(it);
|
||||||
MCLOG_CYAN(el::Level::Info, "global", "Subnet " << it->first.host_str() << " unblocked.");
|
MCLOG_CYAN(el::Level::Info, "global", "Subnet " << it->first.host_str() << " unbanned.");
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (it->first.matches(ipv4_address))
|
if (it->first.matches(ipv4_address))
|
||||||
|
@ -224,41 +225,41 @@ namespace nodetool
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::block_host(epee::net_utils::network_address addr, time_t seconds, bool add_only)
|
bool node_server<t_payload_net_handler>::ban_host(epee::net_utils::network_address addr, time_t seconds, bool add_only)
|
||||||
{
|
{
|
||||||
if(!addr.is_blockable())
|
if(!addr.is_bannable())
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
const time_t now = time(nullptr);
|
const time_t now = time(nullptr);
|
||||||
bool added = false;
|
bool added = false;
|
||||||
|
|
||||||
CRITICAL_REGION_LOCAL(m_blocked_hosts_lock);
|
CRITICAL_REGION_LOCAL(m_banned_hosts_lock);
|
||||||
time_t limit;
|
time_t limit;
|
||||||
if (now > std::numeric_limits<time_t>::max() - seconds)
|
if (now > std::numeric_limits<time_t>::max() - seconds)
|
||||||
limit = std::numeric_limits<time_t>::max();
|
limit = std::numeric_limits<time_t>::max();
|
||||||
else
|
else
|
||||||
limit = now + seconds;
|
limit = now + seconds;
|
||||||
const std::string host_str = addr.host_str();
|
const std::string host_str = addr.host_str();
|
||||||
auto it = m_blocked_hosts.find(host_str);
|
auto it = m_banned_hosts.find(host_str);
|
||||||
if (it == m_blocked_hosts.end())
|
if (it == m_banned_hosts.end())
|
||||||
{
|
{
|
||||||
m_blocked_hosts[host_str] = limit;
|
m_banned_hosts[host_str] = limit;
|
||||||
|
|
||||||
// if the host was already blocked due to being in a blocked subnet, let it be silent
|
// if the host was already banned due to being in a banned subnet, let it be silent
|
||||||
bool matches_blocked_subnet = false;
|
bool matches_banned_subnet = false;
|
||||||
if (addr.get_type_id() == epee::net_utils::address_type::ipv4)
|
if (addr.get_type_id() == epee::net_utils::address_type::ipv4)
|
||||||
{
|
{
|
||||||
auto ipv4_address = addr.template as<epee::net_utils::ipv4_network_address>();
|
auto ipv4_address = addr.template as<epee::net_utils::ipv4_network_address>();
|
||||||
for (auto jt = m_blocked_subnets.begin(); jt != m_blocked_subnets.end(); ++jt)
|
for (auto jt = m_banned_subnets.begin(); jt != m_banned_subnets.end(); ++jt)
|
||||||
{
|
{
|
||||||
if (jt->first.matches(ipv4_address))
|
if (jt->first.matches(ipv4_address))
|
||||||
{
|
{
|
||||||
matches_blocked_subnet = true;
|
matches_banned_subnet = true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!matches_blocked_subnet)
|
if (!matches_banned_subnet)
|
||||||
added = true;
|
added = true;
|
||||||
}
|
}
|
||||||
else if (it->second < limit || !add_only)
|
else if (it->second < limit || !add_only)
|
||||||
|
@ -300,37 +301,37 @@ namespace nodetool
|
||||||
}
|
}
|
||||||
|
|
||||||
if (added)
|
if (added)
|
||||||
MCLOG_CYAN(el::Level::Info, "global", "Host " << host_str << " blocked.");
|
MCLOG_CYAN(el::Level::Info, "global", "Host " << host_str << " banned.");
|
||||||
else
|
else
|
||||||
MINFO("Host " << host_str << " block time updated.");
|
MINFO("Host " << host_str << " ban time updated.");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::unblock_host(const epee::net_utils::network_address &address)
|
bool node_server<t_payload_net_handler>::unban_host(const epee::net_utils::network_address &address)
|
||||||
{
|
{
|
||||||
CRITICAL_REGION_LOCAL(m_blocked_hosts_lock);
|
CRITICAL_REGION_LOCAL(m_banned_hosts_lock);
|
||||||
auto i = m_blocked_hosts.find(address.host_str());
|
auto i = m_banned_hosts.find(address.host_str());
|
||||||
if (i == m_blocked_hosts.end())
|
if (i == m_banned_hosts.end())
|
||||||
return false;
|
return false;
|
||||||
m_blocked_hosts.erase(i);
|
m_banned_hosts.erase(i);
|
||||||
MCLOG_CYAN(el::Level::Info, "global", "Host " << address.host_str() << " unblocked.");
|
MCLOG_CYAN(el::Level::Info, "global", "Host " << address.host_str() << " unbanned.");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::block_subnet(const epee::net_utils::ipv4_network_subnet &subnet, time_t seconds)
|
bool node_server<t_payload_net_handler>::ban_subnet(const epee::net_utils::ipv4_network_subnet &subnet, time_t seconds)
|
||||||
{
|
{
|
||||||
const time_t now = time(nullptr);
|
const time_t now = time(nullptr);
|
||||||
|
|
||||||
CRITICAL_REGION_LOCAL(m_blocked_hosts_lock);
|
CRITICAL_REGION_LOCAL(m_banned_hosts_lock);
|
||||||
time_t limit;
|
time_t limit;
|
||||||
if (now > std::numeric_limits<time_t>::max() - seconds)
|
if (now > std::numeric_limits<time_t>::max() - seconds)
|
||||||
limit = std::numeric_limits<time_t>::max();
|
limit = std::numeric_limits<time_t>::max();
|
||||||
else
|
else
|
||||||
limit = now + seconds;
|
limit = now + seconds;
|
||||||
const bool added = m_blocked_subnets.find(subnet) == m_blocked_subnets.end();
|
const bool added = m_banned_subnets.find(subnet) == m_banned_subnets.end();
|
||||||
m_blocked_subnets[subnet] = limit;
|
m_banned_subnets[subnet] = limit;
|
||||||
|
|
||||||
// drop any connection to that subnet. This should only have to look into
|
// drop any connection to that subnet. This should only have to look into
|
||||||
// the zone related to the connection, but really make sure everything is
|
// the zone related to the connection, but really make sure everything is
|
||||||
|
@ -363,39 +364,39 @@ namespace nodetool
|
||||||
}
|
}
|
||||||
|
|
||||||
if (added)
|
if (added)
|
||||||
MCLOG_CYAN(el::Level::Info, "global", "Subnet " << subnet.host_str() << " blocked.");
|
MCLOG_CYAN(el::Level::Info, "global", "Subnet " << subnet.host_str() << " banned.");
|
||||||
else
|
else
|
||||||
MINFO("Subnet " << subnet.host_str() << " blocked.");
|
MINFO("Subnet " << subnet.host_str() << " banned.");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::unblock_subnet(const epee::net_utils::ipv4_network_subnet &subnet)
|
bool node_server<t_payload_net_handler>::unban_subnet(const epee::net_utils::ipv4_network_subnet &subnet)
|
||||||
{
|
{
|
||||||
CRITICAL_REGION_LOCAL(m_blocked_hosts_lock);
|
CRITICAL_REGION_LOCAL(m_banned_hosts_lock);
|
||||||
auto i = m_blocked_subnets.find(subnet);
|
auto i = m_banned_subnets.find(subnet);
|
||||||
if (i == m_blocked_subnets.end())
|
if (i == m_banned_subnets.end())
|
||||||
return false;
|
return false;
|
||||||
m_blocked_subnets.erase(i);
|
m_banned_subnets.erase(i);
|
||||||
MCLOG_CYAN(el::Level::Info, "global", "Subnet " << subnet.host_str() << " unblocked.");
|
MCLOG_CYAN(el::Level::Info, "global", "Subnet " << subnet.host_str() << " unbanned.");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::add_host_fail(const epee::net_utils::network_address &address, unsigned int score)
|
bool node_server<t_payload_net_handler>::add_host_fail(const epee::net_utils::network_address &address, unsigned int score)
|
||||||
{
|
{
|
||||||
if(!address.is_blockable())
|
if(!address.is_bannable())
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
CRITICAL_REGION_LOCAL(m_host_fails_score_lock);
|
CRITICAL_REGION_LOCAL(m_host_fails_score_lock);
|
||||||
uint64_t fails = m_host_fails_score[address.host_str()] += score;
|
uint64_t fails = m_host_fails_score[address.host_str()] += score;
|
||||||
MDEBUG("Host " << address.host_str() << " fail score=" << fails);
|
MDEBUG("Host " << address.host_str() << " fail score=" << fails);
|
||||||
if(fails > P2P_IP_FAILS_BEFORE_BLOCK)
|
if(fails > P2P_IP_FAILS_BEFORE_BAN)
|
||||||
{
|
{
|
||||||
auto it = m_host_fails_score.find(address.host_str());
|
auto it = m_host_fails_score.find(address.host_str());
|
||||||
CHECK_AND_ASSERT_MES(it != m_host_fails_score.end(), false, "internal error");
|
CHECK_AND_ASSERT_MES(it != m_host_fails_score.end(), false, "internal error");
|
||||||
it->second = P2P_IP_FAILS_BEFORE_BLOCK/2;
|
it->second = P2P_IP_FAILS_BEFORE_BAN/2;
|
||||||
block_host(address);
|
ban_host(address);
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -530,13 +531,13 @@ namespace nodetool
|
||||||
auto subnet = net::get_ipv4_subnet_address(line);
|
auto subnet = net::get_ipv4_subnet_address(line);
|
||||||
if (subnet)
|
if (subnet)
|
||||||
{
|
{
|
||||||
block_subnet(*subnet, std::numeric_limits<time_t>::max());
|
ban_subnet(*subnet, std::numeric_limits<time_t>::max());
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
const expect<epee::net_utils::network_address> parsed_addr = net::get_network_address(line, 0);
|
const expect<epee::net_utils::network_address> parsed_addr = net::get_network_address(line, 0);
|
||||||
if (parsed_addr)
|
if (parsed_addr)
|
||||||
{
|
{
|
||||||
block_host(*parsed_addr, std::numeric_limits<time_t>::max());
|
ban_host(*parsed_addr, std::numeric_limits<time_t>::max());
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
MERROR("Invalid IP address or IPv4 subnet: " << line);
|
MERROR("Invalid IP address or IPv4 subnet: " << line);
|
||||||
|
@ -549,7 +550,8 @@ namespace nodetool
|
||||||
if (command_line::has_arg(vm, arg_no_sync))
|
if (command_line::has_arg(vm, arg_no_sync))
|
||||||
m_payload_handler.set_no_sync(true);
|
m_payload_handler.set_no_sync(true);
|
||||||
|
|
||||||
m_enable_dns_blocklist = command_line::get_arg(vm, arg_enable_dns_blocklist);
|
m_enable_dns_banlist = command_line::get_arg(vm, arg_enable_dns_banlist)
|
||||||
|
|| command_line::get_arg(vm, arg_enable_dns_blocklist);
|
||||||
|
|
||||||
if ( !set_max_out_peers(public_zone, command_line::get_arg(vm, arg_out_peers) ) )
|
if ( !set_max_out_peers(public_zone, command_line::get_arg(vm, arg_out_peers) ) )
|
||||||
return false;
|
return false;
|
||||||
|
@ -907,7 +909,7 @@ namespace nodetool
|
||||||
public_zone.m_proxy_address = *endpoint;
|
public_zone.m_proxy_address = *endpoint;
|
||||||
public_zone.m_can_pingback = false;
|
public_zone.m_can_pingback = false;
|
||||||
m_enable_dns_seed_nodes &= proxy_dns_leaks_allowed;
|
m_enable_dns_seed_nodes &= proxy_dns_leaks_allowed;
|
||||||
m_enable_dns_blocklist &= proxy_dns_leaks_allowed;
|
m_enable_dns_banlist &= proxy_dns_leaks_allowed;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (m_nettype == cryptonote::TESTNET)
|
if (m_nettype == cryptonote::TESTNET)
|
||||||
|
@ -2015,14 +2017,14 @@ namespace nodetool
|
||||||
m_gray_peerlist_housekeeping_interval.do_call(boost::bind(&node_server<t_payload_net_handler>::gray_peerlist_housekeeping, this));
|
m_gray_peerlist_housekeeping_interval.do_call(boost::bind(&node_server<t_payload_net_handler>::gray_peerlist_housekeeping, this));
|
||||||
m_peerlist_store_interval.do_call(boost::bind(&node_server<t_payload_net_handler>::store_config, this));
|
m_peerlist_store_interval.do_call(boost::bind(&node_server<t_payload_net_handler>::store_config, this));
|
||||||
m_incoming_connections_interval.do_call(boost::bind(&node_server<t_payload_net_handler>::check_incoming_connections, this));
|
m_incoming_connections_interval.do_call(boost::bind(&node_server<t_payload_net_handler>::check_incoming_connections, this));
|
||||||
m_dns_blocklist_interval.do_call(boost::bind(&node_server<t_payload_net_handler>::update_dns_blocklist, this));
|
m_dns_banlist_interval.do_call(boost::bind(&node_server<t_payload_net_handler>::update_dns_banlist, this));
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
template<class t_payload_net_handler>
|
template<class t_payload_net_handler>
|
||||||
bool node_server<t_payload_net_handler>::update_dns_blocklist()
|
bool node_server<t_payload_net_handler>::update_dns_banlist()
|
||||||
{
|
{
|
||||||
if (!m_enable_dns_blocklist)
|
if (!m_enable_dns_banlist)
|
||||||
return true;
|
return true;
|
||||||
if (m_nettype != cryptonote::MAINNET)
|
if (m_nettype != cryptonote::MAINNET)
|
||||||
return true;
|
return true;
|
||||||
|
@ -2053,23 +2055,23 @@ namespace nodetool
|
||||||
auto subnet = net::get_ipv4_subnet_address(ip);
|
auto subnet = net::get_ipv4_subnet_address(ip);
|
||||||
if (subnet)
|
if (subnet)
|
||||||
{
|
{
|
||||||
block_subnet(*subnet, DNS_BLOCKLIST_LIFETIME);
|
ban_subnet(*subnet, DNS_BANLIST_LIFETIME);
|
||||||
++good;
|
++good;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
const expect<epee::net_utils::network_address> parsed_addr = net::get_network_address(ip, 0);
|
const expect<epee::net_utils::network_address> parsed_addr = net::get_network_address(ip, 0);
|
||||||
if (parsed_addr)
|
if (parsed_addr)
|
||||||
{
|
{
|
||||||
block_host(*parsed_addr, DNS_BLOCKLIST_LIFETIME, true);
|
ban_host(*parsed_addr, DNS_BANLIST_LIFETIME, true);
|
||||||
++good;
|
++good;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
MWARNING("Invalid IP address or subnet from DNS blocklist: " << ip << " - " << parsed_addr.error());
|
MWARNING("Invalid IP address or subnet from DNS banlist: " << ip << " - " << parsed_addr.error());
|
||||||
++bad;
|
++bad;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (good > 0)
|
if (good > 0)
|
||||||
MINFO(good << " addresses added to the blocklist");
|
MINFO(good << " addresses added to the banlist");
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
//-----------------------------------------------------------------------------------
|
//-----------------------------------------------------------------------------------
|
||||||
|
@ -2188,7 +2190,7 @@ namespace nodetool
|
||||||
|
|
||||||
LOG_DEBUG_CC(context, "REMOTE PEERLIST: remote peerlist size=" << peerlist_.size());
|
LOG_DEBUG_CC(context, "REMOTE PEERLIST: remote peerlist size=" << peerlist_.size());
|
||||||
LOG_TRACE_CC(context, "REMOTE PEERLIST: " << ENDL << print_peerlist_to_string(peerlist_));
|
LOG_TRACE_CC(context, "REMOTE PEERLIST: " << ENDL << print_peerlist_to_string(peerlist_));
|
||||||
CRITICAL_REGION_LOCAL(m_blocked_hosts_lock);
|
CRITICAL_REGION_LOCAL(m_banned_hosts_lock);
|
||||||
return m_network_zones.at(context.m_remote_address.get_zone()).m_peerlist.merge_peerlist(peerlist_, [this](const peerlist_entry &pe) {
|
return m_network_zones.at(context.m_remote_address.get_zone()).m_peerlist.merge_peerlist(peerlist_, [this](const peerlist_entry &pe) {
|
||||||
return !is_addr_recently_failed(pe.adr) && is_remote_host_allowed(pe.adr);
|
return !is_addr_recently_failed(pe.adr) && is_remote_host_allowed(pe.adr);
|
||||||
});
|
});
|
||||||
|
|
|
@ -59,10 +59,10 @@ namespace nodetool
|
||||||
virtual uint64_t get_public_connections_count()=0;
|
virtual uint64_t get_public_connections_count()=0;
|
||||||
virtual void for_each_connection(std::function<bool(t_connection_context&, peerid_type, uint32_t)> f)=0;
|
virtual void for_each_connection(std::function<bool(t_connection_context&, peerid_type, uint32_t)> f)=0;
|
||||||
virtual bool for_connection(const boost::uuids::uuid&, std::function<bool(t_connection_context&, peerid_type, uint32_t)> f)=0;
|
virtual bool for_connection(const boost::uuids::uuid&, std::function<bool(t_connection_context&, peerid_type, uint32_t)> f)=0;
|
||||||
virtual bool block_host(epee::net_utils::network_address address, time_t seconds = 0, bool add_only = false)=0;
|
virtual bool ban_host(epee::net_utils::network_address address, time_t seconds = 0, bool add_only = false)=0;
|
||||||
virtual bool unblock_host(const epee::net_utils::network_address &address)=0;
|
virtual bool unban_host(const epee::net_utils::network_address &address)=0;
|
||||||
virtual std::map<std::string, time_t> get_blocked_hosts()=0;
|
virtual std::map<std::string, time_t> get_banned_hosts()=0;
|
||||||
virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_blocked_subnets()=0;
|
virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_banned_subnets()=0;
|
||||||
virtual bool add_host_fail(const epee::net_utils::network_address &address, unsigned int score = 1)=0;
|
virtual bool add_host_fail(const epee::net_utils::network_address &address, unsigned int score = 1)=0;
|
||||||
virtual void add_used_stripe_peer(const t_connection_context &context)=0;
|
virtual void add_used_stripe_peer(const t_connection_context &context)=0;
|
||||||
virtual void remove_used_stripe_peer(const t_connection_context &context)=0;
|
virtual void remove_used_stripe_peer(const t_connection_context &context)=0;
|
||||||
|
@ -105,19 +105,19 @@ namespace nodetool
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
virtual bool block_host(epee::net_utils::network_address address, time_t seconds, bool add_only)
|
virtual bool ban_host(epee::net_utils::network_address address, time_t seconds, bool add_only)
|
||||||
{
|
{
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
virtual bool unblock_host(const epee::net_utils::network_address &address)
|
virtual bool unban_host(const epee::net_utils::network_address &address)
|
||||||
{
|
{
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
virtual std::map<std::string, time_t> get_blocked_hosts()
|
virtual std::map<std::string, time_t> get_banned_hosts()
|
||||||
{
|
{
|
||||||
return std::map<std::string, time_t>();
|
return std::map<std::string, time_t>();
|
||||||
}
|
}
|
||||||
virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_blocked_subnets()
|
virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_banned_subnets()
|
||||||
{
|
{
|
||||||
return std::map<epee::net_utils::ipv4_network_subnet, time_t>();
|
return std::map<epee::net_utils::ipv4_network_subnet, time_t>();
|
||||||
}
|
}
|
||||||
|
|
|
@ -197,7 +197,7 @@ namespace cryptonote
|
||||||
|
|
||||||
request.gray = true;
|
request.gray = true;
|
||||||
request.white = true;
|
request.white = true;
|
||||||
request.include_blocked = false;
|
request.include_banned = request.include_blocked = false;
|
||||||
if (!on_get_public_nodes(request, response) || response.status != CORE_RPC_STATUS_OK)
|
if (!on_get_public_nodes(request, response) || response.status != CORE_RPC_STATUS_OK)
|
||||||
{
|
{
|
||||||
return {};
|
return {};
|
||||||
|
@ -465,18 +465,18 @@ namespace cryptonote
|
||||||
//------------------------------------------------------------------------------------------------------------------------------
|
//------------------------------------------------------------------------------------------------------------------------------
|
||||||
bool core_rpc_server::add_host_fail(const connection_context *ctx, unsigned int score)
|
bool core_rpc_server::add_host_fail(const connection_context *ctx, unsigned int score)
|
||||||
{
|
{
|
||||||
if(!ctx || !ctx->m_remote_address.is_blockable() || disable_rpc_ban)
|
if(!ctx || !ctx->m_remote_address.is_bannable() || disable_rpc_ban)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
CRITICAL_REGION_LOCAL(m_host_fails_score_lock);
|
CRITICAL_REGION_LOCAL(m_host_fails_score_lock);
|
||||||
uint64_t fails = m_host_fails_score[ctx->m_remote_address.host_str()] += score;
|
uint64_t fails = m_host_fails_score[ctx->m_remote_address.host_str()] += score;
|
||||||
MDEBUG("Host " << ctx->m_remote_address.host_str() << " fail score=" << fails);
|
MDEBUG("Host " << ctx->m_remote_address.host_str() << " fail score=" << fails);
|
||||||
if(fails > RPC_IP_FAILS_BEFORE_BLOCK)
|
if(fails > RPC_IP_FAILS_BEFORE_BAN)
|
||||||
{
|
{
|
||||||
auto it = m_host_fails_score.find(ctx->m_remote_address.host_str());
|
auto it = m_host_fails_score.find(ctx->m_remote_address.host_str());
|
||||||
CHECK_AND_ASSERT_MES(it != m_host_fails_score.end(), false, "internal error");
|
CHECK_AND_ASSERT_MES(it != m_host_fails_score.end(), false, "internal error");
|
||||||
it->second = RPC_IP_FAILS_BEFORE_BLOCK/2;
|
it->second = RPC_IP_FAILS_BEFORE_BAN/2;
|
||||||
m_p2p.block_host(ctx->m_remote_address);
|
m_p2p.ban_host(ctx->m_remote_address);
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -1548,6 +1548,7 @@ namespace cryptonote
|
||||||
RPC_TRACKER(get_peer_list);
|
RPC_TRACKER(get_peer_list);
|
||||||
std::vector<nodetool::peerlist_entry> white_list;
|
std::vector<nodetool::peerlist_entry> white_list;
|
||||||
std::vector<nodetool::peerlist_entry> gray_list;
|
std::vector<nodetool::peerlist_entry> gray_list;
|
||||||
|
bool dont_include_banned = (!req.include_blocked && !req.include_banned);
|
||||||
|
|
||||||
if (req.public_only)
|
if (req.public_only)
|
||||||
{
|
{
|
||||||
|
@ -1560,7 +1561,7 @@ namespace cryptonote
|
||||||
|
|
||||||
for (auto & entry : white_list)
|
for (auto & entry : white_list)
|
||||||
{
|
{
|
||||||
if (!req.include_blocked && m_p2p.is_host_blocked(entry.adr, NULL))
|
if (dont_include_banned && m_p2p.is_host_banned(entry.adr, NULL))
|
||||||
continue;
|
continue;
|
||||||
if (entry.adr.get_type_id() == epee::net_utils::ipv4_network_address::get_type_id())
|
if (entry.adr.get_type_id() == epee::net_utils::ipv4_network_address::get_type_id())
|
||||||
res.white_list.emplace_back(entry.id, entry.adr.as<epee::net_utils::ipv4_network_address>().ip(),
|
res.white_list.emplace_back(entry.id, entry.adr.as<epee::net_utils::ipv4_network_address>().ip(),
|
||||||
|
@ -1574,7 +1575,7 @@ namespace cryptonote
|
||||||
|
|
||||||
for (auto & entry : gray_list)
|
for (auto & entry : gray_list)
|
||||||
{
|
{
|
||||||
if (!req.include_blocked && m_p2p.is_host_blocked(entry.adr, NULL))
|
if (dont_include_banned && m_p2p.is_host_banned(entry.adr, NULL))
|
||||||
continue;
|
continue;
|
||||||
if (entry.adr.get_type_id() == epee::net_utils::ipv4_network_address::get_type_id())
|
if (entry.adr.get_type_id() == epee::net_utils::ipv4_network_address::get_type_id())
|
||||||
res.gray_list.emplace_back(entry.id, entry.adr.as<epee::net_utils::ipv4_network_address>().ip(),
|
res.gray_list.emplace_back(entry.id, entry.adr.as<epee::net_utils::ipv4_network_address>().ip(),
|
||||||
|
@ -1596,7 +1597,7 @@ namespace cryptonote
|
||||||
|
|
||||||
COMMAND_RPC_GET_PEER_LIST::request peer_list_req;
|
COMMAND_RPC_GET_PEER_LIST::request peer_list_req;
|
||||||
COMMAND_RPC_GET_PEER_LIST::response peer_list_res;
|
COMMAND_RPC_GET_PEER_LIST::response peer_list_res;
|
||||||
peer_list_req.include_blocked = req.include_blocked;
|
peer_list_req.include_banned = req.include_blocked || req.include_banned;
|
||||||
const bool success = on_get_peer_list(peer_list_req, peer_list_res, ctx);
|
const bool success = on_get_peer_list(peer_list_req, peer_list_res, ctx);
|
||||||
res.status = peer_list_res.status;
|
res.status = peer_list_res.status;
|
||||||
if (!success)
|
if (!success)
|
||||||
|
@ -2779,8 +2780,8 @@ namespace cryptonote
|
||||||
RPC_TRACKER(get_bans);
|
RPC_TRACKER(get_bans);
|
||||||
|
|
||||||
auto now = time(nullptr);
|
auto now = time(nullptr);
|
||||||
std::map<std::string, time_t> blocked_hosts = m_p2p.get_blocked_hosts();
|
std::map<std::string, time_t> banned_hosts = m_p2p.get_banned_hosts();
|
||||||
for (std::map<std::string, time_t>::const_iterator i = blocked_hosts.begin(); i != blocked_hosts.end(); ++i)
|
for (std::map<std::string, time_t>::const_iterator i = banned_hosts.begin(); i != banned_hosts.end(); ++i)
|
||||||
{
|
{
|
||||||
if (i->second > now) {
|
if (i->second > now) {
|
||||||
COMMAND_RPC_GETBANS::ban b;
|
COMMAND_RPC_GETBANS::ban b;
|
||||||
|
@ -2793,8 +2794,8 @@ namespace cryptonote
|
||||||
res.bans.push_back(b);
|
res.bans.push_back(b);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
std::map<epee::net_utils::ipv4_network_subnet, time_t> blocked_subnets = m_p2p.get_blocked_subnets();
|
std::map<epee::net_utils::ipv4_network_subnet, time_t> banned_subnets = m_p2p.get_banned_subnets();
|
||||||
for (std::map<epee::net_utils::ipv4_network_subnet, time_t>::const_iterator i = blocked_subnets.begin(); i != blocked_subnets.end(); ++i)
|
for (std::map<epee::net_utils::ipv4_network_subnet, time_t>::const_iterator i = banned_subnets.begin(); i != banned_subnets.end(); ++i)
|
||||||
{
|
{
|
||||||
if (i->second > now) {
|
if (i->second > now) {
|
||||||
COMMAND_RPC_GETBANS::ban b;
|
COMMAND_RPC_GETBANS::ban b;
|
||||||
|
@ -2823,7 +2824,7 @@ namespace cryptonote
|
||||||
epee::net_utils::network_address na = std::move(*na_parsed);
|
epee::net_utils::network_address na = std::move(*na_parsed);
|
||||||
|
|
||||||
time_t seconds;
|
time_t seconds;
|
||||||
if (m_p2p.is_host_blocked(na, &seconds))
|
if (m_p2p.is_host_banned(na, &seconds))
|
||||||
{
|
{
|
||||||
res.banned = true;
|
res.banned = true;
|
||||||
res.seconds = seconds;
|
res.seconds = seconds;
|
||||||
|
@ -2853,9 +2854,9 @@ namespace cryptonote
|
||||||
if (ns_parsed)
|
if (ns_parsed)
|
||||||
{
|
{
|
||||||
if (i->ban)
|
if (i->ban)
|
||||||
m_p2p.block_subnet(*ns_parsed, i->seconds);
|
m_p2p.ban_subnet(*ns_parsed, i->seconds);
|
||||||
else
|
else
|
||||||
m_p2p.unblock_subnet(*ns_parsed);
|
m_p2p.unban_subnet(*ns_parsed);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -2877,9 +2878,9 @@ namespace cryptonote
|
||||||
na = epee::net_utils::ipv4_network_address{i->ip, 0};
|
na = epee::net_utils::ipv4_network_address{i->ip, 0};
|
||||||
}
|
}
|
||||||
if (i->ban)
|
if (i->ban)
|
||||||
m_p2p.block_host(na, i->seconds);
|
m_p2p.ban_host(na, i->seconds);
|
||||||
else
|
else
|
||||||
m_p2p.unblock_host(na);
|
m_p2p.unban_host(na);
|
||||||
}
|
}
|
||||||
|
|
||||||
res.status = CORE_RPC_STATUS_OK;
|
res.status = CORE_RPC_STATUS_OK;
|
||||||
|
|
|
@ -1390,12 +1390,14 @@ inline const std::string get_rpc_status(const bool trusted_daemon, const std::st
|
||||||
struct request_t: public rpc_request_base
|
struct request_t: public rpc_request_base
|
||||||
{
|
{
|
||||||
bool public_only;
|
bool public_only;
|
||||||
bool include_blocked;
|
bool include_blocked; // alias for include_banned
|
||||||
|
bool include_banned;
|
||||||
|
|
||||||
BEGIN_KV_SERIALIZE_MAP()
|
BEGIN_KV_SERIALIZE_MAP()
|
||||||
KV_SERIALIZE_PARENT(rpc_request_base)
|
KV_SERIALIZE_PARENT(rpc_request_base)
|
||||||
KV_SERIALIZE_OPT(public_only, true)
|
KV_SERIALIZE_OPT(public_only, true)
|
||||||
KV_SERIALIZE_OPT(include_blocked, false)
|
KV_SERIALIZE_OPT(include_blocked, false)
|
||||||
|
KV_SERIALIZE_OPT(include_banned, false)
|
||||||
END_KV_SERIALIZE_MAP()
|
END_KV_SERIALIZE_MAP()
|
||||||
};
|
};
|
||||||
typedef epee::misc_utils::struct_init<request_t> request;
|
typedef epee::misc_utils::struct_init<request_t> request;
|
||||||
|
@ -1441,12 +1443,14 @@ inline const std::string get_rpc_status(const bool trusted_daemon, const std::st
|
||||||
{
|
{
|
||||||
bool gray;
|
bool gray;
|
||||||
bool white;
|
bool white;
|
||||||
bool include_blocked;
|
bool include_banned;
|
||||||
|
bool include_blocked; // alias for banned
|
||||||
|
|
||||||
BEGIN_KV_SERIALIZE_MAP()
|
BEGIN_KV_SERIALIZE_MAP()
|
||||||
KV_SERIALIZE_PARENT(rpc_request_base)
|
KV_SERIALIZE_PARENT(rpc_request_base)
|
||||||
KV_SERIALIZE_OPT(gray, false)
|
KV_SERIALIZE_OPT(gray, false)
|
||||||
KV_SERIALIZE_OPT(white, true)
|
KV_SERIALIZE_OPT(white, true)
|
||||||
|
KV_SERIALIZE_OPT(include_banned, false)
|
||||||
KV_SERIALIZE_OPT(include_blocked, false)
|
KV_SERIALIZE_OPT(include_blocked, false)
|
||||||
END_KV_SERIALIZE_MAP()
|
END_KV_SERIALIZE_MAP()
|
||||||
};
|
};
|
||||||
|
|
|
@ -15505,7 +15505,7 @@ std::vector<cryptonote::public_node> wallet2::get_public_nodes(bool white_only)
|
||||||
|
|
||||||
req.white = true;
|
req.white = true;
|
||||||
req.gray = !white_only;
|
req.gray = !white_only;
|
||||||
req.include_blocked = false;
|
req.include_banned = req.include_blocked = false;
|
||||||
|
|
||||||
{
|
{
|
||||||
const boost::lock_guard<boost::recursive_mutex> lock{m_daemon_rpc_mutex};
|
const boost::lock_guard<boost::recursive_mutex> lock{m_daemon_rpc_mutex};
|
||||||
|
|
|
@ -1543,7 +1543,7 @@ TEST(NetUtils, NetworkAddress)
|
||||||
static std::string host_str() { return {}; }
|
static std::string host_str() { return {}; }
|
||||||
constexpr static epee::net_utils::address_type get_type_id() noexcept { return epee::net_utils::address_type(-1); }
|
constexpr static epee::net_utils::address_type get_type_id() noexcept { return epee::net_utils::address_type(-1); }
|
||||||
constexpr static epee::net_utils::zone get_zone() noexcept { return epee::net_utils::zone::invalid; }
|
constexpr static epee::net_utils::zone get_zone() noexcept { return epee::net_utils::zone::invalid; }
|
||||||
constexpr static bool is_blockable() noexcept { return false; }
|
constexpr static bool is_bannable() noexcept { return false; }
|
||||||
constexpr static uint16_t port() { return 0; }
|
constexpr static uint16_t port() { return 0; }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -1556,7 +1556,7 @@ TEST(NetUtils, NetworkAddress)
|
||||||
EXPECT_FALSE(empty.is_local());
|
EXPECT_FALSE(empty.is_local());
|
||||||
EXPECT_EQ(epee::net_utils::address_type::invalid, empty.get_type_id());
|
EXPECT_EQ(epee::net_utils::address_type::invalid, empty.get_type_id());
|
||||||
EXPECT_EQ(epee::net_utils::zone::invalid, empty.get_zone());
|
EXPECT_EQ(epee::net_utils::zone::invalid, empty.get_zone());
|
||||||
EXPECT_FALSE(empty.is_blockable());
|
EXPECT_FALSE(empty.is_bannable());
|
||||||
EXPECT_THROW(empty.as<custom_address>(), std::bad_cast);
|
EXPECT_THROW(empty.as<custom_address>(), std::bad_cast);
|
||||||
|
|
||||||
epee::net_utils::network_address address1{
|
epee::net_utils::network_address address1{
|
||||||
|
@ -1574,7 +1574,7 @@ TEST(NetUtils, NetworkAddress)
|
||||||
EXPECT_FALSE(address1.is_local());
|
EXPECT_FALSE(address1.is_local());
|
||||||
EXPECT_EQ(epee::net_utils::ipv4_network_address::get_type_id(), address1.get_type_id());
|
EXPECT_EQ(epee::net_utils::ipv4_network_address::get_type_id(), address1.get_type_id());
|
||||||
EXPECT_EQ(epee::net_utils::zone::public_, address1.get_zone());
|
EXPECT_EQ(epee::net_utils::zone::public_, address1.get_zone());
|
||||||
EXPECT_TRUE(address1.is_blockable());
|
EXPECT_TRUE(address1.is_bannable());
|
||||||
EXPECT_NO_THROW(address1.as<epee::net_utils::ipv4_network_address>());
|
EXPECT_NO_THROW(address1.as<epee::net_utils::ipv4_network_address>());
|
||||||
EXPECT_THROW(address1.as<custom_address>(), std::bad_cast);
|
EXPECT_THROW(address1.as<custom_address>(), std::bad_cast);
|
||||||
|
|
||||||
|
|
|
@ -108,7 +108,7 @@ TEST(tor_address, invalid)
|
||||||
EXPECT_TRUE(net::tor_address::make(onion).has_error());
|
EXPECT_TRUE(net::tor_address::make(onion).has_error());
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST(tor_address, unblockable_types)
|
TEST(tor_address, unbannable_types)
|
||||||
{
|
{
|
||||||
net::tor_address tor{};
|
net::tor_address tor{};
|
||||||
|
|
||||||
|
@ -144,14 +144,14 @@ TEST(tor_address, valid)
|
||||||
EXPECT_EQ(0u, address1->port());
|
EXPECT_EQ(0u, address1->port());
|
||||||
EXPECT_STREQ(v3_onion, address1->host_str());
|
EXPECT_STREQ(v3_onion, address1->host_str());
|
||||||
EXPECT_STREQ(v3_onion, address1->str().c_str());
|
EXPECT_STREQ(v3_onion, address1->str().c_str());
|
||||||
EXPECT_TRUE(address1->is_blockable());
|
EXPECT_TRUE(address1->is_bannable());
|
||||||
|
|
||||||
net::tor_address address2{*address1};
|
net::tor_address address2{*address1};
|
||||||
|
|
||||||
EXPECT_EQ(0u, address2.port());
|
EXPECT_EQ(0u, address2.port());
|
||||||
EXPECT_STREQ(v3_onion, address2.host_str());
|
EXPECT_STREQ(v3_onion, address2.host_str());
|
||||||
EXPECT_STREQ(v3_onion, address2.str().c_str());
|
EXPECT_STREQ(v3_onion, address2.str().c_str());
|
||||||
EXPECT_TRUE(address2.is_blockable());
|
EXPECT_TRUE(address2.is_bannable());
|
||||||
EXPECT_TRUE(address2.equal(*address1));
|
EXPECT_TRUE(address2.equal(*address1));
|
||||||
EXPECT_TRUE(address1->equal(address2));
|
EXPECT_TRUE(address1->equal(address2));
|
||||||
EXPECT_TRUE(address2 == *address1);
|
EXPECT_TRUE(address2 == *address1);
|
||||||
|
@ -168,7 +168,7 @@ TEST(tor_address, valid)
|
||||||
EXPECT_EQ(6545, address2.port());
|
EXPECT_EQ(6545, address2.port());
|
||||||
EXPECT_STREQ(v3_onion_2, address2.host_str());
|
EXPECT_STREQ(v3_onion_2, address2.host_str());
|
||||||
EXPECT_EQ(std::string{v3_onion_2} + ":6545", address2.str().c_str());
|
EXPECT_EQ(std::string{v3_onion_2} + ":6545", address2.str().c_str());
|
||||||
EXPECT_TRUE(address2.is_blockable());
|
EXPECT_TRUE(address2.is_bannable());
|
||||||
EXPECT_FALSE(address2.equal(*address1));
|
EXPECT_FALSE(address2.equal(*address1));
|
||||||
EXPECT_FALSE(address1->equal(address2));
|
EXPECT_FALSE(address1->equal(address2));
|
||||||
EXPECT_FALSE(address2 == *address1);
|
EXPECT_FALSE(address2 == *address1);
|
||||||
|
@ -185,7 +185,7 @@ TEST(tor_address, valid)
|
||||||
EXPECT_EQ(65535, address3.port());
|
EXPECT_EQ(65535, address3.port());
|
||||||
EXPECT_STREQ(v3_onion, address3.host_str());
|
EXPECT_STREQ(v3_onion, address3.host_str());
|
||||||
EXPECT_EQ(std::string{v3_onion} + ":65535", address3.str().c_str());
|
EXPECT_EQ(std::string{v3_onion} + ":65535", address3.str().c_str());
|
||||||
EXPECT_TRUE(address3.is_blockable());
|
EXPECT_TRUE(address3.is_bannable());
|
||||||
EXPECT_FALSE(address3.equal(*address1));
|
EXPECT_FALSE(address3.equal(*address1));
|
||||||
EXPECT_FALSE(address1->equal(address3));
|
EXPECT_FALSE(address1->equal(address3));
|
||||||
EXPECT_FALSE(address3 == *address1);
|
EXPECT_FALSE(address3 == *address1);
|
||||||
|
@ -227,9 +227,9 @@ TEST(tor_address, generic_network_address)
|
||||||
EXPECT_EQ(epee::net_utils::zone::tor, tor1.get_zone());
|
EXPECT_EQ(epee::net_utils::zone::tor, tor1.get_zone());
|
||||||
EXPECT_EQ(epee::net_utils::zone::tor, tor2.get_zone());
|
EXPECT_EQ(epee::net_utils::zone::tor, tor2.get_zone());
|
||||||
EXPECT_EQ(epee::net_utils::zone::public_, ip.get_zone());
|
EXPECT_EQ(epee::net_utils::zone::public_, ip.get_zone());
|
||||||
EXPECT_TRUE(tor1.is_blockable());
|
EXPECT_TRUE(tor1.is_bannable());
|
||||||
EXPECT_TRUE(tor2.is_blockable());
|
EXPECT_TRUE(tor2.is_bannable());
|
||||||
EXPECT_TRUE(ip.is_blockable());
|
EXPECT_TRUE(ip.is_bannable());
|
||||||
}
|
}
|
||||||
|
|
||||||
namespace
|
namespace
|
||||||
|
@ -478,7 +478,7 @@ TEST(i2p_address, invalid)
|
||||||
EXPECT_TRUE(net::i2p_address::make(i2p).has_error());
|
EXPECT_TRUE(net::i2p_address::make(i2p).has_error());
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST(i2p_address, unblockable_types)
|
TEST(i2p_address, unbannable_types)
|
||||||
{
|
{
|
||||||
net::i2p_address i2p{};
|
net::i2p_address i2p{};
|
||||||
|
|
||||||
|
@ -514,14 +514,14 @@ TEST(i2p_address, valid)
|
||||||
EXPECT_EQ(1u, address1->port());
|
EXPECT_EQ(1u, address1->port());
|
||||||
EXPECT_STREQ(b32_i2p, address1->host_str());
|
EXPECT_STREQ(b32_i2p, address1->host_str());
|
||||||
EXPECT_STREQ(b32_i2p, address1->str().c_str());
|
EXPECT_STREQ(b32_i2p, address1->str().c_str());
|
||||||
EXPECT_TRUE(address1->is_blockable());
|
EXPECT_TRUE(address1->is_bannable());
|
||||||
|
|
||||||
net::i2p_address address2{*address1};
|
net::i2p_address address2{*address1};
|
||||||
|
|
||||||
EXPECT_EQ(1u, address2.port());
|
EXPECT_EQ(1u, address2.port());
|
||||||
EXPECT_STREQ(b32_i2p, address2.host_str());
|
EXPECT_STREQ(b32_i2p, address2.host_str());
|
||||||
EXPECT_STREQ(b32_i2p, address2.str().c_str());
|
EXPECT_STREQ(b32_i2p, address2.str().c_str());
|
||||||
EXPECT_TRUE(address2.is_blockable());
|
EXPECT_TRUE(address2.is_bannable());
|
||||||
EXPECT_TRUE(address2.equal(*address1));
|
EXPECT_TRUE(address2.equal(*address1));
|
||||||
EXPECT_TRUE(address1->equal(address2));
|
EXPECT_TRUE(address1->equal(address2));
|
||||||
EXPECT_TRUE(address2 == *address1);
|
EXPECT_TRUE(address2 == *address1);
|
||||||
|
@ -538,7 +538,7 @@ TEST(i2p_address, valid)
|
||||||
EXPECT_EQ(1u, address2.port());
|
EXPECT_EQ(1u, address2.port());
|
||||||
EXPECT_STREQ(b32_i2p_2, address2.host_str());
|
EXPECT_STREQ(b32_i2p_2, address2.host_str());
|
||||||
EXPECT_EQ(std::string{b32_i2p_2}, address2.str().c_str());
|
EXPECT_EQ(std::string{b32_i2p_2}, address2.str().c_str());
|
||||||
EXPECT_TRUE(address2.is_blockable());
|
EXPECT_TRUE(address2.is_bannable());
|
||||||
EXPECT_FALSE(address2.equal(*address1));
|
EXPECT_FALSE(address2.equal(*address1));
|
||||||
EXPECT_FALSE(address1->equal(address2));
|
EXPECT_FALSE(address1->equal(address2));
|
||||||
EXPECT_FALSE(address2 == *address1);
|
EXPECT_FALSE(address2 == *address1);
|
||||||
|
@ -555,7 +555,7 @@ TEST(i2p_address, valid)
|
||||||
EXPECT_EQ(1u, address3.port());
|
EXPECT_EQ(1u, address3.port());
|
||||||
EXPECT_STREQ(b32_i2p, address3.host_str());
|
EXPECT_STREQ(b32_i2p, address3.host_str());
|
||||||
EXPECT_EQ(std::string{b32_i2p}, address3.str().c_str());
|
EXPECT_EQ(std::string{b32_i2p}, address3.str().c_str());
|
||||||
EXPECT_TRUE(address3.is_blockable());
|
EXPECT_TRUE(address3.is_bannable());
|
||||||
EXPECT_TRUE(address3.equal(*address1));
|
EXPECT_TRUE(address3.equal(*address1));
|
||||||
EXPECT_TRUE(address1->equal(address3));
|
EXPECT_TRUE(address1->equal(address3));
|
||||||
EXPECT_TRUE(address3 == *address1);
|
EXPECT_TRUE(address3 == *address1);
|
||||||
|
@ -597,9 +597,9 @@ TEST(i2p_address, generic_network_address)
|
||||||
EXPECT_EQ(epee::net_utils::zone::i2p, i2p1.get_zone());
|
EXPECT_EQ(epee::net_utils::zone::i2p, i2p1.get_zone());
|
||||||
EXPECT_EQ(epee::net_utils::zone::i2p, i2p2.get_zone());
|
EXPECT_EQ(epee::net_utils::zone::i2p, i2p2.get_zone());
|
||||||
EXPECT_EQ(epee::net_utils::zone::public_, ip.get_zone());
|
EXPECT_EQ(epee::net_utils::zone::public_, ip.get_zone());
|
||||||
EXPECT_TRUE(i2p1.is_blockable());
|
EXPECT_TRUE(i2p1.is_bannable());
|
||||||
EXPECT_TRUE(i2p2.is_blockable());
|
EXPECT_TRUE(i2p2.is_bannable());
|
||||||
EXPECT_TRUE(ip.is_blockable());
|
EXPECT_TRUE(ip.is_bannable());
|
||||||
}
|
}
|
||||||
|
|
||||||
namespace
|
namespace
|
||||||
|
|
|
@ -102,9 +102,9 @@ public:
|
||||||
|
|
||||||
typedef nodetool::node_server<cryptonote::t_cryptonote_protocol_handler<test_core>> Server;
|
typedef nodetool::node_server<cryptonote::t_cryptonote_protocol_handler<test_core>> Server;
|
||||||
|
|
||||||
static bool is_blocked(Server &server, const epee::net_utils::network_address &address, time_t *t = NULL)
|
static bool is_banned(Server &server, const epee::net_utils::network_address &address, time_t *t = NULL)
|
||||||
{
|
{
|
||||||
std::map<std::string, time_t> hosts = server.get_blocked_hosts();
|
std::map<std::string, time_t> hosts = server.get_banned_hosts();
|
||||||
for (auto rec: hosts)
|
for (auto rec: hosts)
|
||||||
{
|
{
|
||||||
if (rec.first == address.host_str())
|
if (rec.first == address.host_str())
|
||||||
|
@ -125,80 +125,80 @@ TEST(ban, add)
|
||||||
cprotocol.set_p2p_endpoint(&server);
|
cprotocol.set_p2p_endpoint(&server);
|
||||||
|
|
||||||
// starts empty
|
// starts empty
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().empty());
|
ASSERT_TRUE(server.get_banned_hosts().empty());
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
|
|
||||||
// add an IP
|
// add an IP
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 1);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 1);
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
|
|
||||||
// add the same, should not change
|
// add the same, should not change
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 1);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 1);
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
|
|
||||||
// remove an unblocked IP, should not change
|
// remove an unbanned IP, should not change
|
||||||
ASSERT_FALSE(server.unblock_host(MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(server.unban_host(MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 1);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 1);
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
|
|
||||||
// remove the IP, ends up empty
|
// remove the IP, ends up empty
|
||||||
ASSERT_TRUE(server.unblock_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(server.unban_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 0);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 0);
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
|
|
||||||
// remove the IP from an empty list, still empty
|
// remove the IP from an empty list, still empty
|
||||||
ASSERT_FALSE(server.unblock_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_FALSE(server.unban_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 0);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 0);
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
|
|
||||||
// add two for known amounts of time, they're both blocked
|
// add two for known amounts of time, they're both banned
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,4), 1));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,4), 1));
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,5), 3));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,5), 3));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 2);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 2);
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
ASSERT_TRUE(server.unblock_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(server.unban_host(MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(server.unblock_host(MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_TRUE(server.unban_host(MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
|
|
||||||
// these tests would need to call is_remote_ip_allowed, which is private
|
// these tests would need to call is_remote_ip_allowed, which is private
|
||||||
#if 0
|
#if 0
|
||||||
// after two seconds, the first IP is unblocked, but not the second yet
|
// after two seconds, the first IP is unbanned, but not the second yet
|
||||||
sleep(2);
|
sleep(2);
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 1);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 1);
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
|
|
||||||
// after two more seconds, the second IP is also unblocked
|
// after two more seconds, the second IP is also unbanned
|
||||||
sleep(2);
|
sleep(2);
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 0);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 0);
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
// add an IP again, then re-ban for longer, then shorter
|
// add an IP again, then re-ban for longer, then shorter
|
||||||
time_t t;
|
time_t t;
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,4), 2));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,4), 2));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 1);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 1);
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4), &t));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4), &t));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
ASSERT_TRUE(t >= 1);
|
ASSERT_TRUE(t >= 1);
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,4), 9));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,4), 9));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 1);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 1);
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4), &t));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4), &t));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
ASSERT_TRUE(t >= 8);
|
ASSERT_TRUE(t >= 8);
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,4), 5));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,4), 5));
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().size() == 1);
|
ASSERT_TRUE(server.get_banned_hosts().size() == 1);
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4), &t));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4), &t));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,5)));
|
||||||
ASSERT_TRUE(t >= 4);
|
ASSERT_TRUE(t >= 4);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -210,12 +210,12 @@ TEST(ban, limit)
|
||||||
cprotocol.set_p2p_endpoint(&server);
|
cprotocol.set_p2p_endpoint(&server);
|
||||||
|
|
||||||
// starts empty
|
// starts empty
|
||||||
ASSERT_TRUE(server.get_blocked_hosts().empty());
|
ASSERT_TRUE(server.get_banned_hosts().empty());
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,4), std::numeric_limits<time_t>::max() - 1));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,4), std::numeric_limits<time_t>::max() - 1));
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS(1,2,3,4), 1));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS(1,2,3,4), 1));
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST(ban, subnet)
|
TEST(ban, subnet)
|
||||||
|
@ -226,28 +226,28 @@ TEST(ban, subnet)
|
||||||
Server server(cprotocol);
|
Server server(cprotocol);
|
||||||
cprotocol.set_p2p_endpoint(&server);
|
cprotocol.set_p2p_endpoint(&server);
|
||||||
|
|
||||||
ASSERT_TRUE(server.block_subnet(MAKE_IPV4_SUBNET(1,2,3,4,24), 10));
|
ASSERT_TRUE(server.ban_subnet(MAKE_IPV4_SUBNET(1,2,3,4,24), 10));
|
||||||
ASSERT_TRUE(server.get_blocked_subnets().size() == 1);
|
ASSERT_TRUE(server.get_banned_subnets().size() == 1);
|
||||||
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,4), &seconds));
|
ASSERT_TRUE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,2,3,4), &seconds));
|
||||||
ASSERT_TRUE(seconds >= 9);
|
ASSERT_TRUE(seconds >= 9);
|
||||||
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,255), &seconds));
|
ASSERT_TRUE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,2,3,255), &seconds));
|
||||||
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,0), &seconds));
|
ASSERT_TRUE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,2,3,0), &seconds));
|
||||||
ASSERT_FALSE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,4,0), &seconds));
|
ASSERT_FALSE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,2,4,0), &seconds));
|
||||||
ASSERT_FALSE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,2,0), &seconds));
|
ASSERT_FALSE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,2,2,0), &seconds));
|
||||||
ASSERT_TRUE(server.unblock_subnet(MAKE_IPV4_SUBNET(1,2,3,8,24)));
|
ASSERT_TRUE(server.unban_subnet(MAKE_IPV4_SUBNET(1,2,3,8,24)));
|
||||||
ASSERT_TRUE(server.get_blocked_subnets().size() == 0);
|
ASSERT_TRUE(server.get_banned_subnets().size() == 0);
|
||||||
ASSERT_FALSE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,255), &seconds));
|
ASSERT_FALSE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,2,3,255), &seconds));
|
||||||
ASSERT_FALSE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,0), &seconds));
|
ASSERT_FALSE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,2,3,0), &seconds));
|
||||||
ASSERT_TRUE(server.block_subnet(MAKE_IPV4_SUBNET(1,2,3,4,8), 10));
|
ASSERT_TRUE(server.ban_subnet(MAKE_IPV4_SUBNET(1,2,3,4,8), 10));
|
||||||
ASSERT_TRUE(server.get_blocked_subnets().size() == 1);
|
ASSERT_TRUE(server.get_banned_subnets().size() == 1);
|
||||||
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,255,3,255), &seconds));
|
ASSERT_TRUE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,255,3,255), &seconds));
|
||||||
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,0,3,255), &seconds));
|
ASSERT_TRUE(server.is_host_banned(MAKE_IPV4_ADDRESS(1,0,3,255), &seconds));
|
||||||
ASSERT_FALSE(server.unblock_subnet(MAKE_IPV4_SUBNET(1,2,3,8,24)));
|
ASSERT_FALSE(server.unban_subnet(MAKE_IPV4_SUBNET(1,2,3,8,24)));
|
||||||
ASSERT_TRUE(server.get_blocked_subnets().size() == 1);
|
ASSERT_TRUE(server.get_banned_subnets().size() == 1);
|
||||||
ASSERT_TRUE(server.block_subnet(MAKE_IPV4_SUBNET(1,2,3,4,8), 10));
|
ASSERT_TRUE(server.ban_subnet(MAKE_IPV4_SUBNET(1,2,3,4,8), 10));
|
||||||
ASSERT_TRUE(server.get_blocked_subnets().size() == 1);
|
ASSERT_TRUE(server.get_banned_subnets().size() == 1);
|
||||||
ASSERT_TRUE(server.unblock_subnet(MAKE_IPV4_SUBNET(1,255,0,0,8)));
|
ASSERT_TRUE(server.unban_subnet(MAKE_IPV4_SUBNET(1,255,0,0,8)));
|
||||||
ASSERT_TRUE(server.get_blocked_subnets().size() == 0);
|
ASSERT_TRUE(server.get_banned_subnets().size() == 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST(ban, ignores_port)
|
TEST(ban, ignores_port)
|
||||||
|
@ -257,13 +257,13 @@ TEST(ban, ignores_port)
|
||||||
Server server(cprotocol);
|
Server server(cprotocol);
|
||||||
cprotocol.set_p2p_endpoint(&server);
|
cprotocol.set_p2p_endpoint(&server);
|
||||||
|
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5)));
|
||||||
ASSERT_TRUE(server.block_host(MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5), std::numeric_limits<time_t>::max() - 1));
|
ASSERT_TRUE(server.ban_host(MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5), std::numeric_limits<time_t>::max() - 1));
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5)));
|
||||||
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,6)));
|
ASSERT_TRUE(is_banned(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,6)));
|
||||||
ASSERT_TRUE(server.unblock_host(MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5)));
|
ASSERT_TRUE(server.unban_host(MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,5)));
|
||||||
ASSERT_FALSE(is_blocked(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,6)));
|
ASSERT_FALSE(is_banned(server,MAKE_IPV4_ADDRESS_PORT(1,2,3,4,6)));
|
||||||
}
|
}
|
||||||
|
|
||||||
TEST(node_server, bind_same_p2p_port)
|
TEST(node_server, bind_same_p2p_port)
|
||||||
|
@ -511,7 +511,7 @@ TEST(cryptonote_protocol_handler, race_condition)
|
||||||
virtual bool add_host_fail(const address_t&, unsigned int = {}) override {
|
virtual bool add_host_fail(const address_t&, unsigned int = {}) override {
|
||||||
return {};
|
return {};
|
||||||
}
|
}
|
||||||
virtual bool block_host(address_t address, time_t = {}, bool = {}) override {
|
virtual bool ban_host(address_t address, time_t = {}, bool = {}) override {
|
||||||
return {};
|
return {};
|
||||||
}
|
}
|
||||||
virtual bool drop_connection(const contexts::basic& context) override {
|
virtual bool drop_connection(const contexts::basic& context) override {
|
||||||
|
@ -541,16 +541,16 @@ TEST(cryptonote_protocol_handler, race_condition)
|
||||||
}
|
}
|
||||||
return {};
|
return {};
|
||||||
}
|
}
|
||||||
virtual bool unblock_host(const address_t&) override {
|
virtual bool unban_host(const address_t&) override {
|
||||||
return {};
|
return {};
|
||||||
}
|
}
|
||||||
virtual zone_t send_txs(blobs_t, const zone_t, const uuid_t&, relay_t) override {
|
virtual zone_t send_txs(blobs_t, const zone_t, const uuid_t&, relay_t) override {
|
||||||
return {};
|
return {};
|
||||||
}
|
}
|
||||||
virtual bans::subnets get_blocked_subnets() override {
|
virtual bans::subnets get_banned_subnets() override {
|
||||||
return {};
|
return {};
|
||||||
}
|
}
|
||||||
virtual bans::hosts get_blocked_hosts() override {
|
virtual bans::hosts get_banned_hosts() override {
|
||||||
return {};
|
return {};
|
||||||
}
|
}
|
||||||
virtual uint64_t get_public_connections_count() override {
|
virtual uint64_t get_public_connections_count() override {
|
||||||
|
|
|
@ -71,7 +71,8 @@ complete -c monerod -l anonymous-inbound -r -d "<hidden-service-address>,<[bind-
|
||||||
complete -c monerod -l ban-list -r -F -d "Specify ban list file, one IP address per line"
|
complete -c monerod -l ban-list -r -F -d "Specify ban list file, one IP address per line"
|
||||||
complete -c monerod -l hide-my-port -d "Do not announce yourself as peerlist candidate"
|
complete -c monerod -l hide-my-port -d "Do not announce yourself as peerlist candidate"
|
||||||
complete -c monerod -l no-sync -d "Don't synchronize the blockchain with other peers"
|
complete -c monerod -l no-sync -d "Don't synchronize the blockchain with other peers"
|
||||||
complete -c monerod -l enable-dns-blocklist -d "Apply realtime blocklist from DNS"
|
complete -c monerod -l enable-dns-blocklist -d "Apply realtime banlist from DNS"
|
||||||
|
complete -c monerod -l enable-dns-banlist -d "Apply realtime banlist from DNS"
|
||||||
complete -c monerod -l no-igd -d "Disable UPnP port mapping"
|
complete -c monerod -l no-igd -d "Disable UPnP port mapping"
|
||||||
complete -c monerod -l igd -r -a "Enabled disabled enabled" -d "UPnP port mapping. Default: delayed"
|
complete -c monerod -l igd -r -a "Enabled disabled enabled" -d "UPnP port mapping. Default: delayed"
|
||||||
complete -c monerod -l out-peers -r -d "Set max number of out peers. Default: -1"
|
complete -c monerod -l out-peers -r -d "Set max number of out peers. Default: -1"
|
||||||
|
|
Loading…
Reference in a new issue