diff options
author | Pieter Wuille <pieter@wuille.net> | 2020-06-08 18:46:53 -0700 |
---|---|---|
committer | fanquake <fanquake@gmail.com> | 2020-07-08 09:09:46 +0800 |
commit | 04773480575ac79f238ac5764247dddd0cae5051 (patch) | |
tree | 34288bde888f53b22c818415ff3c065e9260fedb /src/rpc/net.cpp | |
parent | e7f06f9b0e84a65812d24ff6efa4bc2d3d818590 (diff) | |
download | bitcoin-04773480575ac79f238ac5764247dddd0cae5051.tar.xz |
Replace automatic bans with discouragement filter
This patch improves performance and resource usage around IP
addresses that are banned for misbehavior. They're already not
actually banned, as connections from them are still allowed,
but they are preferred for eviction if the inbound connection
slots are full.
Stop treating these like manually banned IP ranges, and instead
just keep them in a rolling Bloom filter of misbehaving nodes,
which isn't persisted to disk or exposed through the ban
framework. The effect remains the same: preferred for eviction,
avoided for outgoing connections, and not relayed to other peers.
Also change the name of this mechanism to better reflect reality;
they're not banned, just discouraged.
Contains release notes and several interface improvements by
John Newbery.
Github-Pull: #19219
Rebased-From: b691f2df5f7d443c0c9ee056ab94aa0fc19566d5
Diffstat (limited to 'src/rpc/net.cpp')
-rw-r--r-- | src/rpc/net.cpp | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/src/rpc/net.cpp b/src/rpc/net.cpp index 10562126db..3886efcadf 100644 --- a/src/rpc/net.cpp +++ b/src/rpc/net.cpp @@ -591,7 +591,8 @@ static UniValue setban(const JSONRPCRequest& request) if (strCommand == "add") { - if (isSubnet ? g_rpc_node->banman->IsBanned(subNet) : g_rpc_node->banman->IsBanned(netAddr)) { + if ((isSubnet && g_rpc_node->banman->IsBanned(subNet)) || + (!isSubnet && g_rpc_node->banman->IsBannedLevel(netAddr) == BanReasonManuallyAdded)) { throw JSONRPCError(RPC_CLIENT_NODE_ALREADY_ADDED, "Error: IP/Subnet already banned"); } @@ -618,7 +619,7 @@ static UniValue setban(const JSONRPCRequest& request) else if(strCommand == "remove") { if (!( isSubnet ? g_rpc_node->banman->Unban(subNet) : g_rpc_node->banman->Unban(netAddr) )) { - throw JSONRPCError(RPC_CLIENT_INVALID_IP_OR_SUBNET, "Error: Unban failed. Requested address/subnet was not previously banned."); + throw JSONRPCError(RPC_CLIENT_INVALID_IP_OR_SUBNET, "Error: Unban failed. Requested address/subnet was not previously manually banned."); } } return NullUniValue; @@ -627,7 +628,7 @@ static UniValue setban(const JSONRPCRequest& request) static UniValue listbanned(const JSONRPCRequest& request) { RPCHelpMan{"listbanned", - "\nList all banned IPs/Subnets.\n", + "\nList all manually banned IPs/Subnets.\n", {}, RPCResult{RPCResult::Type::ARR, "", "", { @@ -636,7 +637,6 @@ static UniValue listbanned(const JSONRPCRequest& request) {RPCResult::Type::STR, "address", ""}, {RPCResult::Type::NUM_TIME, "banned_until", ""}, {RPCResult::Type::NUM_TIME, "ban_created", ""}, - {RPCResult::Type::STR, "ban_reason", ""}, }}, }}, RPCExamples{ @@ -660,7 +660,6 @@ static UniValue listbanned(const JSONRPCRequest& request) rec.pushKV("address", entry.first.ToString()); rec.pushKV("banned_until", banEntry.nBanUntil); rec.pushKV("ban_created", banEntry.nCreateTime); - rec.pushKV("ban_reason", banEntry.banReasonToString()); bannedAddresses.push_back(rec); } |