aboutsummaryrefslogtreecommitdiff
path: root/src/net.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/net.cpp')
-rw-r--r--src/net.cpp14
1 files changed, 12 insertions, 2 deletions
diff --git a/src/net.cpp b/src/net.cpp
index 7f4e571c8d..91a1b05b81 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -948,6 +948,15 @@ static void EraseLastKElements(
elements.erase(std::remove_if(elements.end() - eraseSize, elements.end(), predicate), elements.end());
}
+void ProtectNoBanConnections(std::vector<NodeEvictionCandidate>& eviction_candidates)
+{
+ eviction_candidates.erase(std::remove_if(eviction_candidates.begin(), eviction_candidates.end(),
+ [](NodeEvictionCandidate const& n) {
+ return n.m_noban;
+ }),
+ eviction_candidates.end());
+}
+
void ProtectEvictionCandidatesByRatio(std::vector<NodeEvictionCandidate>& eviction_candidates)
{
// Protect the half of the remaining nodes which have been connected the longest.
@@ -1025,6 +1034,8 @@ void ProtectEvictionCandidatesByRatio(std::vector<NodeEvictionCandidate>& evicti
{
// Protect connections with certain characteristics
+ ProtectNoBanConnections(vEvictionCandidates);
+
// Deterministically select 4 peers to protect by netgroup.
// An attacker cannot predict which netgroups will be protected
EraseLastKElements(vEvictionCandidates, CompareNetGroupKeyed, 4);
@@ -1096,8 +1107,6 @@ bool CConnman::AttemptToEvictConnection()
LOCK(m_nodes_mutex);
for (const CNode* node : m_nodes) {
- if (node->HasPermission(NetPermissionFlags::NoBan))
- continue;
if (!node->IsInboundConn())
continue;
if (node->fDisconnect)
@@ -1115,6 +1124,7 @@ bool CConnman::AttemptToEvictConnection()
Desig(prefer_evict) node->m_prefer_evict,
Desig(m_is_local) node->addr.IsLocal(),
Desig(m_network) node->ConnectedThroughNetwork(),
+ Desig(m_noban) node->HasPermission(NetPermissionFlags::NoBan),
};
vEvictionCandidates.push_back(candidate);
}