diff options
author | Cory Fields <cory-nospam-@coryfields.com> | 2017-10-05 16:40:43 -0400 |
---|---|---|
committer | Carl Dong <accounts@carldong.me> | 2019-01-16 13:54:18 -0500 |
commit | af3503d903b1a608cd212e2d74b274103199078c (patch) | |
tree | 14c60eea45f0f1ed6ccde5241be58922102524ec /src/net.h | |
parent | d0469b2e9386a7a4b268cb9725347e7517acace6 (diff) |
net: move BanMan to its own files
Diffstat (limited to 'src/net.h')
-rw-r--r-- | src/net.h | 49 |
1 files changed, 1 insertions, 48 deletions
@@ -37,6 +37,7 @@ class CScheduler; class CNode; +class BanMan; /** Time between pings automatically sent out for latency probing and keepalive (in seconds). */ static const int PING_INTERVAL = 2 * 60; @@ -85,9 +86,6 @@ static const bool DEFAULT_FORCEDNSSEED = false; static const size_t DEFAULT_MAXRECEIVEBUFFER = 5 * 1000; static const size_t DEFAULT_MAXSENDBUFFER = 1 * 1000; -// NOTE: When adjusting this, update rpcnet:setban's help ("24h") -static constexpr unsigned int DEFAULT_MISBEHAVING_BANTIME = 60 * 60 * 24; // Default 24-hour ban - typedef int64_t NodeId; struct AddedNodeInfo @@ -115,51 +113,6 @@ struct CSerializedNetMsg }; -class BanMan -{ -public: - // Denial-of-service detection/prevention - // The idea is to detect peers that are behaving - // badly and disconnect/ban them, but do it in a - // one-coding-mistake-won't-shatter-the-entire-network - // way. - // IMPORTANT: There should be nothing I can give a - // node that it will forward on that will make that - // node's peers drop it. If there is, an attacker - // can isolate a node and/or try to split the network. - // Dropping a node for sending stuff that is invalid - // now but might be valid in a later version is also - // dangerous, because it can cause a network split - // between nodes running old code and nodes running - // new code. - ~BanMan(); - BanMan(fs::path ban_file, CClientUIInterface* client_interface, int64_t default_ban_time); - void Ban(const CNetAddr& netAddr, const BanReason& reason, int64_t bantimeoffset = 0, bool sinceUnixEpoch = false); - void Ban(const CSubNet& subNet, const BanReason& reason, int64_t bantimeoffset = 0, bool sinceUnixEpoch = false); - void ClearBanned(); // needed for unit testing - bool IsBanned(CNetAddr ip); - bool IsBanned(CSubNet subnet); - bool Unban(const CNetAddr &ip); - bool Unban(const CSubNet &ip); - void GetBanned(banmap_t &banmap); - void DumpBanlist(); - -private: - void SetBanned(const banmap_t &banmap); - bool BannedSetIsDirty(); - //!set the "dirty" flag for the banlist - void SetBannedSetDirty(bool dirty=true); - //!clean unused entries (if bantime has expired) - void SweepBanned(); - - banmap_t setBanned; - CCriticalSection cs_setBanned; - bool setBannedIsDirty; - CClientUIInterface* clientInterface = nullptr; - CBanDB m_ban_db; - int64_t m_default_ban_time; -}; - class NetEventsInterface; class CConnman { |