diff --git a/node/impl/common/conngater.go b/node/impl/common/conngater.go index a740ea537..f22620aca 100644 --- a/node/impl/common/conngater.go +++ b/node/impl/common/conngater.go @@ -2,21 +2,90 @@ package common import ( "context" + "net" + + "golang.org/x/xerrors" "github.com/filecoin-project/lotus/node/modules/dtypes" ) func (a *CommonAPI) NetBlockAdd(ctx context.Context, acl dtypes.NetBlockList) error { - // TODO + for _, p := range acl.Peers { + err := a.ConnGater.BlockPeer(p) + if err != nil { + return xerrors.Errorf("error blocking peer %s: %w", p, err) + } + } + + for _, addr := range acl.IPAddrs { + ip := net.ParseIP(addr) + if ip == nil { + return xerrors.Errorf("error parsing IP address %s", addr) + } + + err := a.ConnGater.BlockAddr(ip) + if err != nil { + return xerrors.Errorf("error blocking IP address %s: %w", addr, err) + } + } + + for _, subnet := range acl.IPSubnets { + _, cidr, err := net.ParseCIDR(subnet) + if err != nil { + return xerrors.Errorf("error parsing subnet %s: %w", subnet, err) + } + + err = a.ConnGater.BlockSubnet(cidr) + if err != nil { + return xerrors.Errorf("error blocking subunet %s: %w", subnet, err) + } + } + return nil } func (a *CommonAPI) NetBlockRemove(ctx context.Context, acl dtypes.NetBlockList) error { - // TODO + for _, p := range acl.Peers { + err := a.ConnGater.UnblockPeer(p) + if err != nil { + return xerrors.Errorf("error unblocking peer %s: %w", p, err) + } + } + + for _, addr := range acl.IPAddrs { + ip := net.ParseIP(addr) + if ip == nil { + return xerrors.Errorf("error parsing IP address %s", addr) + } + + err := a.ConnGater.UnblockAddr(ip) + if err != nil { + return xerrors.Errorf("error unblocking IP address %s: %w", addr, err) + } + } + + for _, subnet := range acl.IPSubnets { + _, cidr, err := net.ParseCIDR(subnet) + if err != nil { + return xerrors.Errorf("error parsing subnet %s: %w", subnet, err) + } + + err = a.ConnGater.UnblockSubnet(cidr) + if err != nil { + return xerrors.Errorf("error unblocking subunet %s: %w", subnet, err) + } + } + return nil } -func (a *CommonAPI) NetBlockList(ctx context.Context) (dtypes.NetBlockList, error) { - // TODO - return dtypes.NetBlockList{}, nil +func (a *CommonAPI) NetBlockList(ctx context.Context) (result dtypes.NetBlockList, err error) { + result.Peers = a.ConnGater.ListBlockedPeers() + for _, ip := range a.ConnGater.ListBlockedAddrs() { + result.IPAddrs = append(result.IPAddrs, ip.String()) + } + for _, subnet := range a.ConnGater.ListBlockedSubnets() { + result.IPSubnets = append(result.IPSubnets, subnet.String()) + } + return }