137 lines
		
	
	
		
			3.1 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			137 lines
		
	
	
		
			3.1 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| package net
 | |
| 
 | |
| import (
 | |
| 	"context"
 | |
| 	"net"
 | |
| 
 | |
| 	"golang.org/x/xerrors"
 | |
| 
 | |
| 	logging "github.com/ipfs/go-log/v2"
 | |
| 	manet "github.com/multiformats/go-multiaddr/net"
 | |
| 
 | |
| 	"github.com/filecoin-project/lotus/api"
 | |
| )
 | |
| 
 | |
| var cLog = logging.Logger("conngater")
 | |
| 
 | |
| func (a *NetAPI) NetBlockAdd(ctx context.Context, acl api.NetBlockList) error {
 | |
| 	for _, p := range acl.Peers {
 | |
| 		err := a.ConnGater.BlockPeer(p)
 | |
| 		if err != nil {
 | |
| 			return xerrors.Errorf("error blocking peer %s: %w", p, err)
 | |
| 		}
 | |
| 
 | |
| 		for _, c := range a.Host.Network().ConnsToPeer(p) {
 | |
| 			err = c.Close()
 | |
| 			if err != nil {
 | |
| 				// just log this, don't fail
 | |
| 				cLog.Warnf("error closing connection to %s: %s", p, err)
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	for _, addr := range acl.IPAddrs {
 | |
| 		ip := net.ParseIP(addr)
 | |
| 		if ip == nil {
 | |
| 			return xerrors.Errorf("error parsing IP address %s", addr)
 | |
| 		}
 | |
| 
 | |
| 		err := a.ConnGater.BlockAddr(ip)
 | |
| 		if err != nil {
 | |
| 			return xerrors.Errorf("error blocking IP address %s: %w", addr, err)
 | |
| 		}
 | |
| 
 | |
| 		for _, c := range a.Host.Network().Conns() {
 | |
| 			remote := c.RemoteMultiaddr()
 | |
| 			remoteIP, err := manet.ToIP(remote)
 | |
| 			if err != nil {
 | |
| 				continue
 | |
| 			}
 | |
| 
 | |
| 			if ip.Equal(remoteIP) {
 | |
| 				err = c.Close()
 | |
| 				if err != nil {
 | |
| 					// just log this, don't fail
 | |
| 					cLog.Warnf("error closing connection to %s: %s", remoteIP, err)
 | |
| 				}
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	for _, subnet := range acl.IPSubnets {
 | |
| 		_, cidr, err := net.ParseCIDR(subnet)
 | |
| 		if err != nil {
 | |
| 			return xerrors.Errorf("error parsing subnet %s: %w", subnet, err)
 | |
| 		}
 | |
| 
 | |
| 		err = a.ConnGater.BlockSubnet(cidr)
 | |
| 		if err != nil {
 | |
| 			return xerrors.Errorf("error blocking subunet %s: %w", subnet, err)
 | |
| 		}
 | |
| 
 | |
| 		for _, c := range a.Host.Network().Conns() {
 | |
| 			remote := c.RemoteMultiaddr()
 | |
| 			remoteIP, err := manet.ToIP(remote)
 | |
| 			if err != nil {
 | |
| 				continue
 | |
| 			}
 | |
| 
 | |
| 			if cidr.Contains(remoteIP) {
 | |
| 				err = c.Close()
 | |
| 				if err != nil {
 | |
| 					// just log this, don't fail
 | |
| 					cLog.Warnf("error closing connection to %s: %s", remoteIP, err)
 | |
| 				}
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| func (a *NetAPI) NetBlockRemove(ctx context.Context, acl api.NetBlockList) error {
 | |
| 	for _, p := range acl.Peers {
 | |
| 		err := a.ConnGater.UnblockPeer(p)
 | |
| 		if err != nil {
 | |
| 			return xerrors.Errorf("error unblocking peer %s: %w", p, err)
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	for _, addr := range acl.IPAddrs {
 | |
| 		ip := net.ParseIP(addr)
 | |
| 		if ip == nil {
 | |
| 			return xerrors.Errorf("error parsing IP address %s", addr)
 | |
| 		}
 | |
| 
 | |
| 		err := a.ConnGater.UnblockAddr(ip)
 | |
| 		if err != nil {
 | |
| 			return xerrors.Errorf("error unblocking IP address %s: %w", addr, err)
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	for _, subnet := range acl.IPSubnets {
 | |
| 		_, cidr, err := net.ParseCIDR(subnet)
 | |
| 		if err != nil {
 | |
| 			return xerrors.Errorf("error parsing subnet %s: %w", subnet, err)
 | |
| 		}
 | |
| 
 | |
| 		err = a.ConnGater.UnblockSubnet(cidr)
 | |
| 		if err != nil {
 | |
| 			return xerrors.Errorf("error unblocking subunet %s: %w", subnet, err)
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| func (a *NetAPI) NetBlockList(ctx context.Context) (result api.NetBlockList, err error) {
 | |
| 	result.Peers = a.ConnGater.ListBlockedPeers()
 | |
| 	for _, ip := range a.ConnGater.ListBlockedAddrs() {
 | |
| 		result.IPAddrs = append(result.IPAddrs, ip.String())
 | |
| 	}
 | |
| 	for _, subnet := range a.ConnGater.ListBlockedSubnets() {
 | |
| 		result.IPSubnets = append(result.IPSubnets, subnet.String())
 | |
| 	}
 | |
| 	return
 | |
| }
 |