aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/init.cpp54
-rw-r--r--src/net.cpp12
-rw-r--r--src/net.h13
3 files changed, 68 insertions, 11 deletions
diff --git a/src/init.cpp b/src/init.cpp
index b5f9a0310f..9d140c8e25 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -328,6 +328,7 @@ std::string HelpMessage(HelpMessageMode mode)
strUsage += HelpMessageOpt("-whitebind=<addr>", _("Bind to given address and whitelist peers connecting to it. Use [host]:port notation for IPv6"));
strUsage += HelpMessageOpt("-whitelist=<netmask>", _("Whitelist peers connecting from the given netmask or IP address. Can be specified multiple times.") +
" " + _("Whitelisted peers cannot be DoS banned and their transactions are always relayed, even if they are already in the mempool, useful e.g. for a gateway"));
+ strUsage += HelpMessageOpt("-whiteconnections=<n>", strprintf(_("Reserve this many inbound connections for whitelisted peers (default: %d)"), 0));
#ifdef ENABLE_WALLET
strUsage += HelpMessageGroup(_("Wallet options:"));
@@ -723,16 +724,6 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
LogPrintf("%s: parameter interaction: -zapwallettxes=<mode> -> setting -rescan=1\n", __func__);
}
- // Make sure enough file descriptors are available
- int nBind = std::max((int)mapArgs.count("-bind") + (int)mapArgs.count("-whitebind"), 1);
- nMaxConnections = GetArg("-maxconnections", 125);
- nMaxConnections = std::max(std::min(nMaxConnections, (int)(FD_SETSIZE - nBind - MIN_CORE_FILEDESCRIPTORS)), 0);
- int nFD = RaiseFileDescriptorLimit(nMaxConnections + MIN_CORE_FILEDESCRIPTORS);
- if (nFD < MIN_CORE_FILEDESCRIPTORS)
- return InitError(_("Not enough file descriptors available."));
- if (nFD - MIN_CORE_FILEDESCRIPTORS < nMaxConnections)
- nMaxConnections = nFD - MIN_CORE_FILEDESCRIPTORS;
-
// if using block pruning, then disable txindex
if (GetArg("-prune", 0)) {
if (GetBoolArg("-txindex", false))
@@ -743,6 +734,47 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
}
#endif
}
+
+ // Make sure enough file descriptors are available
+ int nBind = std::max((int)mapArgs.count("-bind") + (int)mapArgs.count("-whitebind"), 1);
+ int nUserMaxConnections = GetArg("-maxconnections", 125);
+ nMaxConnections = std::max(nUserMaxConnections, 0);
+ int nUserWhiteConnections = GetArg("-whiteconnections", 0);
+ nWhiteConnections = std::max(nUserWhiteConnections, 0);
+
+ if ((mapArgs.count("-whitelist")) || (mapArgs.count("-whitebind"))) {
+ if (!(mapArgs.count("-maxconnections"))) {
+ // User is using whitelist feature,
+ // but did not specify -maxconnections parameter.
+ // Silently increase the default to compensate,
+ // so that the whitelist connection reservation feature
+ // does not inadvertently reduce the default
+ // inbound connection capacity of the network.
+ nMaxConnections += nWhiteConnections;
+ }
+ } else {
+ // User not using whitelist feature.
+ // Silently disable connection reservation,
+ // for the same reason as above.
+ nWhiteConnections = 0;
+ }
+
+ // Trim requested connection counts, to fit into system limitations
+ nMaxConnections = std::max(std::min(nMaxConnections, (int)(FD_SETSIZE - nBind - MIN_CORE_FILEDESCRIPTORS)), 0);
+ int nFD = RaiseFileDescriptorLimit(nMaxConnections + MIN_CORE_FILEDESCRIPTORS);
+ if (nFD < MIN_CORE_FILEDESCRIPTORS)
+ return InitError(_("Not enough file descriptors available."));
+ nMaxConnections = std::min(nFD - MIN_CORE_FILEDESCRIPTORS, nMaxConnections);
+
+ if (nMaxConnections < nUserMaxConnections)
+ InitWarning(strprintf(_("Reducing -maxconnections from %d to %d, because of system limitations."), nUserMaxConnections, nMaxConnections));
+
+ // Connection capacity is prioritized in this order:
+ // outbound connections (hardcoded to 8),
+ // then whitelisted connections,
+ // then non-whitelisted connections get whatever's left (if any).
+ if ((nWhiteConnections > 0) && (nWhiteConnections >= (nMaxConnections - 8)))
+ InitWarning(strprintf(_("All non-whitelisted incoming connections will be dropped, because -whiteconnections is %d and -maxconnections is only %d."), nWhiteConnections, nMaxConnections));
// ********************************************************* Step 3: parameter-to-internal-flags
@@ -910,6 +942,8 @@ bool AppInit2(boost::thread_group& threadGroup, CScheduler& scheduler)
LogPrintf("Using data directory %s\n", strDataDir);
LogPrintf("Using config file %s\n", GetConfigFile().string());
LogPrintf("Using at most %i connections (%i file descriptors available)\n", nMaxConnections, nFD);
+ if (nWhiteConnections > 0)
+ LogPrintf("Reserving %i of these connections for whitelisted inbound peers\n", nWhiteConnections);
std::ostringstream strErrors;
LogPrintf("Using %u threads for script verification\n", nScriptCheckThreads);
diff --git a/src/net.cpp b/src/net.cpp
index 42ac0e50ea..541318e743 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -79,6 +79,7 @@ uint64_t nLocalHostNonce = 0;
static std::vector<ListenSocket> vhListenSocket;
CAddrMan addrman;
int nMaxConnections = 125;
+int nWhiteConnections = 0;
bool fAddressesInitialized = false;
vector<CNode*> vNodes;
@@ -827,6 +828,7 @@ void ThreadSocketHandler()
SOCKET hSocket = accept(hListenSocket.socket, (struct sockaddr*)&sockaddr, &len);
CAddress addr;
int nInbound = 0;
+ int nMaxInbound = nMaxConnections - MAX_OUTBOUND_CONNECTIONS;
if (hSocket != INVALID_SOCKET)
if (!addr.SetSockAddr((const struct sockaddr*)&sockaddr))
@@ -846,8 +848,14 @@ void ThreadSocketHandler()
if (nErr != WSAEWOULDBLOCK)
LogPrintf("socket error accept failed: %s\n", NetworkErrorString(nErr));
}
- else if (nInbound >= nMaxConnections - MAX_OUTBOUND_CONNECTIONS)
+ else if (nInbound >= nMaxInbound)
{
+ LogPrint("net", "connection from %s dropped (full)\n", addr.ToString());
+ CloseSocket(hSocket);
+ }
+ else if (!whitelisted && (nInbound >= (nMaxInbound - nWhiteConnections)))
+ {
+ LogPrint("net", "connection from %s dropped (non-whitelisted)\n", addr.ToString());
CloseSocket(hSocket);
}
else if (CNode::IsBanned(addr) && !whitelisted)
@@ -861,6 +869,8 @@ void ThreadSocketHandler()
pnode->AddRef();
pnode->fWhitelisted = whitelisted;
+ LogPrint("net", "connection from %s accepted\n", addr.ToString());
+
{
LOCK(cs_vNodes);
vNodes.push_back(pnode);
diff --git a/src/net.h b/src/net.h
index 938f2376f7..bd360276ab 100644
--- a/src/net.h
+++ b/src/net.h
@@ -140,7 +140,20 @@ extern bool fListen;
extern uint64_t nLocalServices;
extern uint64_t nLocalHostNonce;
extern CAddrMan addrman;
+
+// The allocation of connections against the maximum allowed (nMaxConnections)
+// is prioritized as follows:
+// 1st: Outbound connections (MAX_OUTBOUND_CONNECTIONS)
+// 2nd: Inbound connections from whitelisted peers (nWhiteConnections)
+// 3rd: Inbound connections from non-whitelisted peers
+// Thus, the number of connection slots for the general public to use is:
+// nMaxConnections - (MAX_OUTBOUND_CONNECTIONS + nWhiteConnections)
+// Any additional inbound connections beyond limits will be immediately closed
+
+/** Maximum number of connections to simultaneously allow (aka connection slots) */
extern int nMaxConnections;
+/** Number of connection slots to reserve for inbound from whitelisted peers */
+extern int nWhiteConnections;
extern std::vector<CNode*> vNodes;
extern CCriticalSection cs_vNodes;