Merge pull request #502

38ceb73 add RPC calls and commands to get/set bans (moneromooo-monero)
7bc4dce net_node: allow bans for custom amounts of time (moneromooo-monero)
This commit is contained in:
Riccardo Spagni 2015-11-30 00:16:32 +02:00
commit a2d1e5a82c
No known key found for this signature in database
GPG key ID: 55432DF31CCD4FCD
11 changed files with 304 additions and 6 deletions

View file

@ -392,5 +392,34 @@ bool t_command_parser_executor::hard_fork_info(const std::vector<std::string>& a
return m_executor.hard_fork_info(version);
}
bool t_command_parser_executor::show_bans(const std::vector<std::string>& args)
{
if (!args.empty()) return false;
return m_executor.print_bans();
}
bool t_command_parser_executor::ban(const std::vector<std::string>& args)
{
if (args.size() != 1 && args.size() != 2) return false;
std::string ip = args[0];
time_t seconds = P2P_IP_BLOCKTIME;
if (args.size() > 1)
{
seconds = std::stoi(args[0]);
if (seconds == 0)
{
return false;
}
}
return m_executor.ban(ip, seconds);
}
bool t_command_parser_executor::unban(const std::vector<std::string>& args)
{
if (args.size() != 1) return false;
std::string ip = args[0];
return m_executor.unban(ip);
}
} // namespace daemonize

View file

@ -106,6 +106,12 @@ public:
bool stop_save_graph(const std::vector<std::string>& args);
bool hard_fork_info(const std::vector<std::string>& args);
bool show_bans(const std::vector<std::string>& args);
bool ban(const std::vector<std::string>& args);
bool unban(const std::vector<std::string>& args);
};
} // namespace daemonize

View file

@ -194,6 +194,21 @@ t_command_server::t_command_server(
, std::bind(&t_command_parser_executor::hard_fork_info, &m_parser, p::_1)
, "Print hard fork voting information"
);
m_command_lookup.set_handler(
"bans"
, std::bind(&t_command_parser_executor::show_bans, &m_parser, p::_1)
, "Show the currently banned IPs"
);
m_command_lookup.set_handler(
"ban"
, std::bind(&t_command_parser_executor::ban, &m_parser, p::_1)
, "Ban a given IP for a time"
);
m_command_lookup.set_handler(
"unban"
, std::bind(&t_command_parser_executor::unban, &m_parser, p::_1)
, "Unban a given IP"
);
}
bool t_command_server::process_command_str(const std::string& cmd)

View file

@ -1036,4 +1036,110 @@ bool t_rpc_command_executor::hard_fork_info(uint8_t version)
return true;
}
bool t_rpc_command_executor::print_bans()
{
cryptonote::COMMAND_RPC_GETBANS::request req;
cryptonote::COMMAND_RPC_GETBANS::response res;
std::string fail_message = "Unsuccessful";
epee::json_rpc::error error_resp;
if (m_is_rpc)
{
if (!m_rpc_client->json_rpc_request(req, res, "get_bans", fail_message.c_str()))
{
return true;
}
}
else
{
if (!m_rpc_server->on_get_bans(req, res, error_resp))
{
tools::fail_msg_writer() << fail_message.c_str();
return true;
}
}
time_t now = time(nullptr);
for (auto i = res.bans.begin(); i != res.bans.end(); ++i)
{
time_t seconds = i->seconds - now;
tools::msg_writer() << epee::string_tools::get_ip_string_from_int32(i->ip) << " banned for " << seconds << " seconds";
}
return true;
}
bool t_rpc_command_executor::ban(const std::string &ip, time_t seconds)
{
cryptonote::COMMAND_RPC_SETBANS::request req;
cryptonote::COMMAND_RPC_SETBANS::response res;
std::string fail_message = "Unsuccessful";
epee::json_rpc::error error_resp;
cryptonote::COMMAND_RPC_SETBANS::ban ban;
if (!epee::string_tools::get_ip_int32_from_string(ban.ip, ip))
{
tools::fail_msg_writer() << "Invalid IP";
return true;
}
ban.ban = true;
ban.seconds = seconds;
req.bans.push_back(ban);
if (m_is_rpc)
{
if (!m_rpc_client->json_rpc_request(req, res, "set_bans", fail_message.c_str()))
{
return true;
}
}
else
{
if (!m_rpc_server->on_set_bans(req, res, error_resp))
{
tools::fail_msg_writer() << fail_message.c_str();
return true;
}
}
return true;
}
bool t_rpc_command_executor::unban(const std::string &ip)
{
cryptonote::COMMAND_RPC_SETBANS::request req;
cryptonote::COMMAND_RPC_SETBANS::response res;
std::string fail_message = "Unsuccessful";
epee::json_rpc::error error_resp;
cryptonote::COMMAND_RPC_SETBANS::ban ban;
if (!epee::string_tools::get_ip_int32_from_string(ban.ip, ip))
{
tools::fail_msg_writer() << "Invalid IP";
return true;
}
ban.ban = false;
ban.seconds = 0;
req.bans.push_back(ban);
if (m_is_rpc)
{
if (!m_rpc_client->json_rpc_request(req, res, "set_bans", fail_message.c_str()))
{
return true;
}
}
else
{
if (!m_rpc_server->on_set_bans(req, res, error_resp))
{
tools::fail_msg_writer() << fail_message.c_str();
return true;
}
}
return true;
}
}// namespace daemonize

View file

@ -124,6 +124,12 @@ public:
bool stop_save_graph();
bool hard_fork_info(uint8_t version);
bool print_bans();
bool ban(const std::string &ip, time_t seconds);
bool unban(const std::string &ip);
};
} // namespace daemonize

View file

@ -117,6 +117,9 @@ namespace nodetool
size_t get_outgoing_connections_count();
peerlist_manager& get_peerlist_manager(){return m_peerlist;}
void delete_connections(size_t count);
virtual bool block_ip(uint32_t adress, time_t seconds = P2P_IP_BLOCKTIME);
virtual bool unblock_ip(uint32_t address);
virtual std::map<uint32_t, time_t> get_blocked_ips() const { return m_blocked_ips; }
private:
const std::vector<std::string> m_seed_nodes_list =
{ "seeds.moneroseeds.se"
@ -171,7 +174,6 @@ namespace nodetool
virtual bool drop_connection(const epee::net_utils::connection_context_base& context);
virtual void request_callback(const epee::net_utils::connection_context_base& context);
virtual void for_each_connection(std::function<bool(typename t_payload_net_handler::connection_context&, peerid_type)> f);
virtual bool block_ip(uint32_t adress);
virtual bool add_ip_fail(uint32_t address);
//----------------- i_connection_filter --------------------------------------------------------
virtual bool is_remote_ip_allowed(uint32_t adress);

View file

@ -169,7 +169,7 @@ namespace nodetool
auto it = m_blocked_ips.find(addr);
if(it == m_blocked_ips.end())
return true;
if(time(nullptr) - it->second > P2P_IP_BLOCKTIME )
if(time(nullptr) >= it->second)
{
m_blocked_ips.erase(it);
LOG_PRINT_CYAN("IP " << epee::string_tools::get_ip_string_from_int32(addr) << "is unblocked.", LOG_LEVEL_0);
@ -186,15 +186,27 @@ namespace nodetool
}
//-----------------------------------------------------------------------------------
template<class t_payload_net_handler>
bool node_server<t_payload_net_handler>::block_ip(uint32_t addr)
bool node_server<t_payload_net_handler>::block_ip(uint32_t addr, time_t seconds)
{
CRITICAL_REGION_LOCAL(m_blocked_ips_lock);
m_blocked_ips[addr] = time(nullptr);
m_blocked_ips[addr] = time(nullptr) + seconds;
LOG_PRINT_CYAN("IP " << epee::string_tools::get_ip_string_from_int32(addr) << " blocked.", LOG_LEVEL_0);
return true;
}
//-----------------------------------------------------------------------------------
template<class t_payload_net_handler>
bool node_server<t_payload_net_handler>::unblock_ip(uint32_t addr)
{
CRITICAL_REGION_LOCAL(m_blocked_ips_lock);
auto i = m_blocked_ips.find(addr);
if (i == m_blocked_ips.end())
return false;
m_blocked_ips.erase(i);
LOG_PRINT_CYAN("IP " << epee::string_tools::get_ip_string_from_int32(addr) << " unblocked.", LOG_LEVEL_0);
return true;
}
//-----------------------------------------------------------------------------------
template<class t_payload_net_handler>
bool node_server<t_payload_net_handler>::add_ip_fail(uint32_t address)
{
CRITICAL_REGION_LOCAL(m_ip_fails_score_lock);

View file

@ -50,7 +50,9 @@ namespace nodetool
virtual void request_callback(const epee::net_utils::connection_context_base& context)=0;
virtual uint64_t get_connections_count()=0;
virtual void for_each_connection(std::function<bool(t_connection_context&, peerid_type)> f)=0;
virtual bool block_ip(uint32_t adress)=0;
virtual bool block_ip(uint32_t adress, time_t seconds = 0)=0;
virtual bool unblock_ip(uint32_t adress)=0;
virtual std::map<uint32_t, time_t> get_blocked_ips()const=0;
virtual bool add_ip_fail(uint32_t adress)=0;
};
@ -86,10 +88,18 @@ namespace nodetool
{
return false;
}
virtual bool block_ip(uint32_t adress)
virtual bool block_ip(uint32_t adress, time_t seconds)
{
return true;
}
virtual bool unblock_ip(uint32_t adress)
{
return true;
}
virtual std::map<uint32_t, time_t> get_blocked_ips() const
{
return std::map<uint32_t, time_t>();
}
virtual bool add_ip_fail(uint32_t adress)
{
return true;

View file

@ -899,6 +899,49 @@ namespace cryptonote
#endif
}
//------------------------------------------------------------------------------------------------------------------------------
bool core_rpc_server::on_get_bans(const COMMAND_RPC_GETBANS::request& req, COMMAND_RPC_GETBANS::response& res, epee::json_rpc::error& error_resp)
{
if(!check_core_busy())
{
error_resp.code = CORE_RPC_ERROR_CODE_CORE_BUSY;
error_resp.message = "Core is busy.";
return false;
}
std::map<uint32_t, time_t> blocked_ips = m_p2p.get_blocked_ips();
for (std::map<uint32_t, time_t>::const_iterator i = blocked_ips.begin(); i != blocked_ips.end(); ++i)
{
COMMAND_RPC_GETBANS::ban b;
b.ip = i->first;
b.seconds = i->second;
res.bans.push_back(b);
}
res.status = CORE_RPC_STATUS_OK;
return true;
}
//------------------------------------------------------------------------------------------------------------------------------
bool core_rpc_server::on_set_bans(const COMMAND_RPC_SETBANS::request& req, COMMAND_RPC_SETBANS::response& res, epee::json_rpc::error& error_resp)
{
if(!check_core_busy())
{
error_resp.code = CORE_RPC_ERROR_CODE_CORE_BUSY;
error_resp.message = "Core is busy.";
return false;
}
for (auto i = req.bans.begin(); i != req.bans.end(); ++i)
{
if (i->ban)
m_p2p.block_ip(i->ip, i->seconds);
else
m_p2p.unblock_ip(i->ip);
}
res.status = CORE_RPC_STATUS_OK;
return true;
}
//------------------------------------------------------------------------------------------------------------------------------
bool core_rpc_server::on_fast_exit(const COMMAND_RPC_FAST_EXIT::request& req, COMMAND_RPC_FAST_EXIT::response& res)
{
cryptonote::core::set_fast_exit();

View file

@ -105,6 +105,8 @@ namespace cryptonote
MAP_JON_RPC_WE("get_connections", on_get_connections, COMMAND_RPC_GET_CONNECTIONS)
MAP_JON_RPC_WE("get_info", on_get_info_json, COMMAND_RPC_GET_INFO)
MAP_JON_RPC_WE("hard_fork_info", on_hard_fork_info, COMMAND_RPC_HARD_FORK_INFO)
MAP_JON_RPC_WE("setbans", on_set_bans, COMMAND_RPC_SETBANS)
MAP_JON_RPC_WE("getbans", on_get_bans, COMMAND_RPC_GETBANS)
END_JSON_RPC_MAP()
END_URI_MAP2()
@ -142,6 +144,8 @@ namespace cryptonote
bool on_get_connections(const COMMAND_RPC_GET_CONNECTIONS::request& req, COMMAND_RPC_GET_CONNECTIONS::response& res, epee::json_rpc::error& error_resp);
bool on_get_info_json(const COMMAND_RPC_GET_INFO::request& req, COMMAND_RPC_GET_INFO::response& res, epee::json_rpc::error& error_resp);
bool on_hard_fork_info(const COMMAND_RPC_HARD_FORK_INFO::request& req, COMMAND_RPC_HARD_FORK_INFO::response& res, epee::json_rpc::error& error_resp);
bool on_set_bans(const COMMAND_RPC_SETBANS::request& req, COMMAND_RPC_SETBANS::response& res, epee::json_rpc::error& error_resp);
bool on_get_bans(const COMMAND_RPC_GETBANS::request& req, COMMAND_RPC_GETBANS::response& res, epee::json_rpc::error& error_resp);
//-----------------------
private:

View file

@ -888,5 +888,70 @@ namespace cryptonote
END_KV_SERIALIZE_MAP()
};
};
struct COMMAND_RPC_GETBANS
{
struct ban
{
uint32_t ip;
uint32_t seconds;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(ip)
KV_SERIALIZE(seconds)
END_KV_SERIALIZE_MAP()
};
struct request
{
BEGIN_KV_SERIALIZE_MAP()
END_KV_SERIALIZE_MAP()
};
struct response
{
std::string status;
std::vector<ban> bans;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(status)
KV_SERIALIZE(bans)
END_KV_SERIALIZE_MAP()
};
};
struct COMMAND_RPC_SETBANS
{
struct ban
{
uint32_t ip;
bool ban;
uint32_t seconds;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(ip)
KV_SERIALIZE(ban)
KV_SERIALIZE(seconds)
END_KV_SERIALIZE_MAP()
};
struct request
{
std::vector<ban> bans;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(bans)
END_KV_SERIALIZE_MAP()
};
struct response
{
std::string status;
BEGIN_KV_SERIALIZE_MAP()
KV_SERIALIZE(status)
END_KV_SERIALIZE_MAP()
};
};
}