Started implementation of ban list. For now, just gathers the list of banned IPs from

the DHT and is not used to reject IPs yet (the DHT list is, even if DHT is desactivated). Next steps: GUI with switch controls, exchange of IP ban lists between friends, handling IP ranges. git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8297 b45a01b8-16f6-495d-af2f-9b41ad6348cc
2025-02-17 13:24:15 -05:00 · 2015-05-26 21:17:09 +00:00 · 2015-05-26 21:17:09 +00:00 · 047977b645
commit 047977b645
parent 5200f30a32
13 changed files with 337 additions and 204 deletions
--- a/libbitdht/src/bitdht/bdfilter.cc
+++ b/libbitdht/src/bitdht/bdfilter.cc
@ -66,7 +66,7 @@ void bdFilter::writeBannedIpFile()

    for( std::map<uint32_t,bdFilteredPeer>::iterator it=mFiltered.begin();it!=mFiltered.end();++it)
    {
-        fprintf(fd, "%s %d %ld %ld\n", bdnet_inet_ntoa(it->second.mAddr.sin_addr).c_str(), it->second.mFilterFlags, it->second.mFilterTS, it->second.mLastSeen) ;
+        fprintf(fd, "%s %u %lu %lu\n", bdnet_inet_ntoa(it->second.mAddr.sin_addr).c_str(), it->second.mFilterFlags, it->second.mFilterTS, it->second.mLastSeen) ;
 #ifdef DEBUG_FILTER
        fprintf(stderr, "Storing Peer Address: %s \n", bdnet_inet_ntoa(it->second.mAddr.sin_addr).c_str()) ;
 #endif
@ -212,11 +212,11 @@ int bdFilter::addPeerToFilter(const struct sockaddr_in& addr, uint32_t flags)
 //         mFiltered[saddr] = *it ;
 //     }
 // }
-// void bdFilter::getFilteredPeers(std::list<bdFilteredPeer>& peers)
-// {
-//     for(std::map<uint32_t,bdFilteredPeer>::iterator it = mFiltered.begin(); it != mFiltered.end();++it)
-//         peers.push_back(it->second) ;
-// }
+void bdFilter::getFilteredPeers(std::list<bdFilteredPeer>& peers)
+{
+    for(std::map<uint32_t,bdFilteredPeer>::iterator it = mFiltered.begin(); it != mFiltered.end();++it)
+        peers.push_back(it->second) ;
+}
 /* fast check if the addr is in the structure */
 int bdFilter::addrOkay(struct sockaddr_in *addr)
 {
--- a/libbitdht/src/bitdht/bdfilter.h
+++ b/libbitdht/src/bitdht/bdfilter.h
@ -40,11 +40,11 @@

 class bdFilteredPeer
 {
-	public:
-	struct sockaddr_in mAddr;
-	uint32_t mFilterFlags; /* reasons why we are filtering */
-	time_t mFilterTS;
-	time_t mLastSeen;
+    public:
+    struct sockaddr_in mAddr;
+    uint32_t mFilterFlags; /* reasons why we are filtering */
+    time_t mFilterTS;
+    time_t mLastSeen;
 };

 class bdFilter
@ -56,7 +56,7 @@ class bdFilter
 //bool	filtered(std::list<bdFilteredPeer> &answer);
 bool	filteredIPs(std::list<struct sockaddr_in> &answer);

-void    loadFilteredPeers(const std::list<bdFilteredPeer>& peers) ;
+//void    loadFilteredPeers(const std::list<bdFilteredPeer>& peers) ;
 void 	getFilteredPeers(std::list<bdFilteredPeer> &peers);

 int 	checkPeer(const bdId *id, uint32_t peerFlags);
--- a/libbitdht/src/bitdht/bdnode.cc
+++ b/libbitdht/src/bitdht/bdnode.cc
@ -93,10 +93,11 @@ void bdNode::init()
 	setNodeDhtMode(BITDHT_MODE_TRAFFIC_DEFAULT);

 }
-//void bdNode::getFilteredPeers(std::list<bdFilteredPeer>& peers)
-//{
-//    mFilterPeers.getFilteredPeers(peers) ;
-//}
+bool bdNode::getFilteredPeers(std::list<bdFilteredPeer>& peers)
+{
+    mFilterPeers.getFilteredPeers(peers) ;
+    return true ;
+}
 //
 //void bdNode::loadFilteredPeers(const std::list<bdFilteredPeer>& peers)
 //{
--- a/libbitdht/src/bitdht/bdnode.h
+++ b/libbitdht/src/bitdht/bdnode.h
@ -149,8 +149,8 @@ class bdNode: public bdNodePublisher
 	void updateStore();

    bool addressBanned(const sockaddr_in &raddr) ;
-    void getFilteredPeers(std::list<bdFilteredPeer> &peers);
-    void loadFilteredPeers(const std::list<bdFilteredPeer> &peers);
+    bool getFilteredPeers(std::list<bdFilteredPeer> &peers);
+    //void loadFilteredPeers(const std::list<bdFilteredPeer> &peers);

 	/* simplified outgoing msg functions (for the managers) */
 	virtual void send_ping(bdId *id); /* message out */
--- a/libbitdht/src/udp/udpbitdht.cc
+++ b/libbitdht/src/udp/udpbitdht.cc
@ -217,6 +217,11 @@ bool UdpBitDht::isAddressBanned(const sockaddr_in &raddr)
    return mBitDhtManager->addressBanned(raddr) ;
 }

+bool UdpBitDht::getListOfBannedIps(std::list<bdFilteredPeer>& ipl)
+{
+    return mBitDhtManager->getFilteredPeers(ipl) ;
+}
+


        /* stats and Dht state */
--- a/libbitdht/src/udp/udpbitdht.h
+++ b/libbitdht/src/udp/udpbitdht.h
@ -88,6 +88,7 @@ virtual int getDhtQueries(std::map<bdNodeId, bdQueryStatus> &queries);
 virtual int getDhtQueryStatus(const bdNodeId *id, bdQuerySummary &query);

    virtual bool isAddressBanned(const sockaddr_in &raddr) ;
+    virtual bool getListOfBannedIps(std::list<bdFilteredPeer> &ipl);

        /* stats and Dht state */
 virtual int startDht();
@ -111,9 +112,8 @@ virtual int status(std::ostream &out);
 virtual void run();

 	/**** do whats to be done ***/
-	int tick();
-
-	private:
+int tick();
+private:

 void clearDataTransferred();

--- a/libretroshare/src/dht/p3bitdht.cc
+++ b/libretroshare/src/dht/p3bitdht.cc
@ -23,6 +23,7 @@
 *
 */

+#include <list>

 #include "dht/p3bitdht.h"

@ -387,6 +388,22 @@ bool p3BitDht::isAddressBanned(const sockaddr_storage &raddr)
    return false ;
 }

+void p3BitDht::getListOfBannedIps(std::list<RsDhtFilteredPeer>& ips)
+{
+    std::list<bdFilteredPeer> lst ;
+
+    mUdpBitDht->getListOfBannedIps(lst) ;
+
+    for(std::list<bdFilteredPeer>::const_iterator it(lst.begin());it!=lst.end();++it)
+    {
+        RsDhtFilteredPeer fp ;
+        fp.mAddr = (*it).mAddr ;
+        fp.mFilterFlags = (*it).mFilterFlags ;
+        fp.mFilterTS = (*it).mFilterTS ;
+        fp.mLastSeen = (*it).mLastSeen ;
+        ips.push_back(fp) ;
+    }
+}

 bool 	p3BitDht::setAttachMode(bool on)
 {
--- a/libretroshare/src/dht/p3bitdht.h
+++ b/libretroshare/src/dht/p3bitdht.h
@ -141,252 +141,253 @@ class p3NetMgr;

 class p3BitDht: public p3Config, public pqiNetAssistConnect, public RsDht
 {
-	public:
-	p3BitDht(const RsPeerId& id, pqiConnectCb *cb, p3NetMgr *nm,
-        UdpStack *udpstack, std::string bootstrapfile, const std::string &filteredipfile);
+public:
+    p3BitDht(const RsPeerId& id, pqiConnectCb *cb, p3NetMgr *nm,
+             UdpStack *udpstack, std::string bootstrapfile, const std::string &filteredipfile);


-virtual	~p3BitDht();
+    virtual	~p3BitDht();


-/***********************************************************************************************
+    /***********************************************************************************************
 ********** External RsDHT Interface (defined in libretroshare/src/retroshare/rsdht.h) *********
 ************************************************************************************************/

-virtual uint32_t getNetState(uint32_t type);
-virtual int      getDhtPeers(int lvl, std::list<RsDhtPeer> &peers);
-virtual int      getNetPeerList(std::list<RsPeerId> &peerIds);
-virtual int      getNetPeerStatus(const RsPeerId& peerId, RsDhtNetPeer &status);
+    virtual uint32_t getNetState(uint32_t type);
+    virtual int      getDhtPeers(int lvl, std::list<RsDhtPeer> &peers);
+    virtual int      getNetPeerList(std::list<RsPeerId> &peerIds);
+    virtual int      getNetPeerStatus(const RsPeerId& peerId, RsDhtNetPeer &status);

-virtual int     getRelayEnds(std::list<RsDhtRelayEnd> &relayEnds);
-virtual int     getRelayProxies(std::list<RsDhtRelayProxy> &relayProxies);
+    virtual int     getRelayEnds(std::list<RsDhtRelayEnd> &relayEnds);
+    virtual int     getRelayProxies(std::list<RsDhtRelayProxy> &relayProxies);

-//virtual int      getNetFailedPeer(std::string peerId, PeerStatus &status);
+    //virtual int      getNetFailedPeer(std::string peerId, PeerStatus &status);

-virtual std::string getUdpAddressString();
+    virtual std::string getUdpAddressString();

-virtual void    getDhtRates(float &read, float &write);
-virtual void    getRelayRates(float &read, float &write, float &relay);
+    virtual void    getDhtRates(float &read, float &write);
+    virtual void    getRelayRates(float &read, float &write, float &relay);

-virtual bool    getOwnDhtId(std::string &ownDhtId);
+    virtual bool    getOwnDhtId(std::string &ownDhtId);

-/***********************************************************************************************
+    /***********************************************************************************************
 ********** External RsDHT Interface (defined in libretroshare/src/retroshare/rsdht.h) *********
 ************************************************************************************************/


-	void	setupConnectBits(UdpStunner *dhtStunner, UdpStunner *proxyStunner, UdpRelayReceiver  *relay);
-	void	setupPeerSharer(pqiNetAssistPeerShare *sharer);
-	void    modifyNodesPerBucket(uint16_t count);
+    void	setupConnectBits(UdpStunner *dhtStunner, UdpStunner *proxyStunner, UdpRelayReceiver  *relay);
+    void	setupPeerSharer(pqiNetAssistPeerShare *sharer);
+    void    modifyNodesPerBucket(uint16_t count);

-void	start(); /* starts up the bitdht thread */
+    void	start(); /* starts up the bitdht thread */

-	/* pqiNetAssist - external interface functions */
-virtual int     tick();
-virtual void    enable(bool on);  
-virtual void    shutdown(); /* blocking call */
-virtual void	restart();
+    /* pqiNetAssist - external interface functions */
+    virtual int     tick();
+    virtual void    enable(bool on);
+    virtual void    shutdown(); /* blocking call */
+    virtual void	restart();

-virtual bool    getEnabled();
-virtual bool    getActive();
-virtual bool    getNetworkStats(uint32_t &netsize, uint32_t &localnetsize);
+    virtual bool    getEnabled();
+    virtual bool    getActive();
+    virtual bool    getNetworkStats(uint32_t &netsize, uint32_t &localnetsize);

-	/* pqiNetAssistConnect - external interface functions */
+    /* pqiNetAssistConnect - external interface functions */

-	/* add / remove peers */
-virtual bool 	findPeer(const RsPeerId& id);
-virtual bool 	dropPeer(const RsPeerId& id);
+    /* add / remove peers */
+    virtual bool 	findPeer(const RsPeerId& id);
+    virtual bool 	dropPeer(const RsPeerId& id);

-virtual int addBadPeer(const struct sockaddr_storage &addr, uint32_t reason, uint32_t flags, uint32_t age);
-virtual int addKnownPeer(const RsPeerId &pid, const struct sockaddr_storage &addr, uint32_t flags);
-//virtual int 	addFriend(const std::string pid);
-//virtual int 	addFriendOfFriend(const std::string pid);
-//virtual int 	addOther(const std::string pid);
+    virtual int addBadPeer(const struct sockaddr_storage &addr, uint32_t reason, uint32_t flags, uint32_t age);
+    virtual int addKnownPeer(const RsPeerId &pid, const struct sockaddr_storage &addr, uint32_t flags);
+    //virtual int 	addFriend(const std::string pid);
+    //virtual int 	addFriendOfFriend(const std::string pid);
+    //virtual int 	addOther(const std::string pid);

-	/* feedback on success failure of Connections */
-virtual void 	ConnectionFeedback(const RsPeerId& pid, int state);
+    /* feedback on success failure of Connections */
+    virtual void 	ConnectionFeedback(const RsPeerId& pid, int state);

-	/* extract current peer status */
-virtual bool 	getPeerStatus(const RsPeerId& id, 
-			struct sockaddr_storage &laddr, struct sockaddr_storage &raddr, 
-					uint32_t &type, uint32_t &mode);
+    /* extract current peer status */
+    virtual bool 	getPeerStatus(const RsPeerId& id,
+                                  struct sockaddr_storage &laddr, struct sockaddr_storage &raddr,
+                                  uint32_t &type, uint32_t &mode);

-virtual bool 	getExternalInterface(struct sockaddr_storage &raddr, 
-					uint32_t &mode);
+    virtual bool 	getExternalInterface(struct sockaddr_storage &raddr,
+                                         uint32_t &mode);

-virtual bool	isAddressBanned(const struct sockaddr_storage& raddr) ;
+    virtual bool	isAddressBanned(const struct sockaddr_storage& raddr) ;
+    virtual void	getListOfBannedIps(std::list<RsDhtFilteredPeer> &lst) ;

-virtual bool    setAttachMode(bool on);
+    virtual bool    setAttachMode(bool on);



-	/* notifyPeer/setExtInterface/Bootstrap/Stun 
-	 * hould all be removed from NetAssist?
-	 */
+    /* notifyPeer/setExtInterface/Bootstrap/Stun
+     * hould all be removed from NetAssist?
+     */



-	/* pqiNetAssistConnect - external interface functions */
+    /* pqiNetAssistConnect - external interface functions */


-/***********************************************************************************************
+    /***********************************************************************************************
 ****************************** Connections (p3bitdht_peernet.cc) ******************************
 ************************************************************************************************/
-	/* Feedback from RS Upper Layers */
-//virtual void 	ConnectionFeedback(std::string pid, int state);
+    /* Feedback from RS Upper Layers */
+    //virtual void 	ConnectionFeedback(std::string pid, int state);

-	/* Callback functions - from bitdht */
-int 	NodeCallback(const bdId *id, uint32_t peerflags);
-int 	PeerCallback(const bdId *id, uint32_t status);
-int 	ValueCallback(const bdNodeId *id, std::string key, uint32_t status);
-int 	ConnectCallback(const bdId *srcId, const bdId *proxyId, const bdId *destId,
-				uint32_t mode, uint32_t point, uint32_t param, uint32_t cbtype, uint32_t errcode);
-int 	InfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::string info);
+    /* Callback functions - from bitdht */
+    int 	NodeCallback(const bdId *id, uint32_t peerflags);
+    int 	PeerCallback(const bdId *id, uint32_t status);
+    int 	ValueCallback(const bdNodeId *id, std::string key, uint32_t status);
+    int 	ConnectCallback(const bdId *srcId, const bdId *proxyId, const bdId *destId,
+                            uint32_t mode, uint32_t point, uint32_t param, uint32_t cbtype, uint32_t errcode);
+    int 	InfoCallback(const bdId *id, uint32_t type, uint32_t flags, std::string info);


-int 	OnlinePeerCallback_locked(const bdId *id, uint32_t status, DhtPeerDetails *dpd);
-int 	UnreachablePeerCallback_locked(const bdId *id, uint32_t status, DhtPeerDetails *dpd);
-//int 	tick();
-int 	minuteTick();
-int 	doActions();
-int 	checkProxyAllowed(const bdId *srcId, const bdId *destId, int mode, uint32_t &bandwidth);
-int 	checkConnectionAllowed(const bdId *peerId, int mode);
-void 	initiateConnection(const bdId *srcId, const bdId *proxyId, const bdId *destId, uint32_t mode, uint32_t loc, uint32_t delayOrBandwidth);
-int 	installRelayConnection(const bdId *srcId, const bdId *destId, uint32_t &bandwidth);
-int 	removeRelayConnection(const bdId *srcId, const bdId *destId);
-void 	monitorConnections();
+    int 	OnlinePeerCallback_locked(const bdId *id, uint32_t status, DhtPeerDetails *dpd);
+    int 	UnreachablePeerCallback_locked(const bdId *id, uint32_t status, DhtPeerDetails *dpd);
+    //int 	tick();
+    int 	minuteTick();
+    int 	doActions();
+    int 	checkProxyAllowed(const bdId *srcId, const bdId *destId, int mode, uint32_t &bandwidth);
+    int 	checkConnectionAllowed(const bdId *peerId, int mode);
+    void 	initiateConnection(const bdId *srcId, const bdId *proxyId, const bdId *destId, uint32_t mode, uint32_t loc, uint32_t delayOrBandwidth);
+    int 	installRelayConnection(const bdId *srcId, const bdId *destId, uint32_t &bandwidth);
+    int 	removeRelayConnection(const bdId *srcId, const bdId *destId);
+    void 	monitorConnections();

-void    ConnectCallout(const RsPeerId &peerId, struct sockaddr_in addr, uint32_t connectMode);
+    void    ConnectCallout(const RsPeerId &peerId, struct sockaddr_in addr, uint32_t connectMode);

-void 	ConnectCalloutTCPAttempt(const RsPeerId &peerId, struct sockaddr_in addr);
-void 	ConnectCalloutDirectOrProxy(const RsPeerId &peerId, struct sockaddr_in raddr, uint32_t connectFlags, uint32_t delay);
-void 	ConnectCalloutRelay(const RsPeerId &peerId, struct sockaddr_in srcaddr, 
-			struct sockaddr_in proxyaddr, struct sockaddr_in destaddr,
-                        uint32_t connectMode, uint32_t bandwidth);
+    void 	ConnectCalloutTCPAttempt(const RsPeerId &peerId, struct sockaddr_in addr);
+    void 	ConnectCalloutDirectOrProxy(const RsPeerId &peerId, struct sockaddr_in raddr, uint32_t connectFlags, uint32_t delay);
+    void 	ConnectCalloutRelay(const RsPeerId &peerId, struct sockaddr_in srcaddr,
+                                struct sockaddr_in proxyaddr, struct sockaddr_in destaddr,
+                                uint32_t connectMode, uint32_t bandwidth);


-void 	Feedback_Connected(const RsPeerId& pid);
-void 	Feedback_ConnectionFailed(const RsPeerId& pid);
-void 	Feedback_ConnectionClosed(const RsPeerId& pid);
+    void 	Feedback_Connected(const RsPeerId& pid);
+    void 	Feedback_ConnectionFailed(const RsPeerId& pid);
+    void 	Feedback_ConnectionClosed(const RsPeerId& pid);

-void 	UdpConnectionFailed_locked(DhtPeerDetails *dpd);
-void 	ReleaseProxyExclusiveMode_locked(DhtPeerDetails *dpd, bool addrChgLikely);
+    void 	UdpConnectionFailed_locked(DhtPeerDetails *dpd);
+    void 	ReleaseProxyExclusiveMode_locked(DhtPeerDetails *dpd, bool addrChgLikely);


-	/*** RELAY HANDLER CODE ***/
-void 	installRelayHandler(p3BitDhtRelayHandler *);
-UdpRelayReceiver *getRelayReceiver();
+    /*** RELAY HANDLER CODE ***/
+    void 	installRelayHandler(p3BitDhtRelayHandler *);
+    UdpRelayReceiver *getRelayReceiver();

-int 	RelayHandler_InstallRelayConnection(const bdId *srcId, const bdId *destId, uint32_t mode, uint32_t &bandwidth);
-int 	RelayHandler_LogFailedProxyAttempt(const bdId *srcId, const bdId *destId, uint32_t mode, uint32_t errcode);
+    int 	RelayHandler_InstallRelayConnection(const bdId *srcId, const bdId *destId, uint32_t mode, uint32_t &bandwidth);
+    int 	RelayHandler_LogFailedProxyAttempt(const bdId *srcId, const bdId *destId, uint32_t mode, uint32_t errcode);



-/***********************************************************************************************
+    /***********************************************************************************************
 ******************** Relay Config Stuff (TEMP - MOSTLY, in p3bitdht_relay.cc) *****************
 ********** External RsDHT Interface (defined in libretroshare/src/retroshare/rsdht.h) *********
 ************************************************************************************************/

-        // Interface for controlling Relays & DHT Relay Mode
-virtual int     getRelayServerList(std::list<std::string> &ids);
-virtual int     addRelayServer(std::string ids);
-virtual int     removeRelayServer(std::string ids);
+    // Interface for controlling Relays & DHT Relay Mode
+    virtual int     getRelayServerList(std::list<std::string> &ids);
+    virtual int     addRelayServer(std::string ids);
+    virtual int     removeRelayServer(std::string ids);

-virtual uint32_t getRelayMode();
-virtual int      setRelayMode(uint32_t mode);
+    virtual uint32_t getRelayMode();
+    virtual int      setRelayMode(uint32_t mode);

-virtual int     getRelayAllowance(int  classIdx, uint32_t &count, uint32_t &bandwidth);
-virtual int     setRelayAllowance(int classIdx, uint32_t  count, uint32_t  bandwidth);
+    virtual int     getRelayAllowance(int  classIdx, uint32_t &count, uint32_t &bandwidth);
+    virtual int     setRelayAllowance(int classIdx, uint32_t  count, uint32_t  bandwidth);

-	private:
+private:

-	// Relay Handling Code / Variables (Mutex Protected).
-int 	setupRelayDefaults();
-int     pushRelayServers();
+    // Relay Handling Code / Variables (Mutex Protected).
+    int 	setupRelayDefaults();
+    int     pushRelayServers();

-	std::list<std::string> mRelayServerList;
-	uint32_t mRelayMode;
+    std::list<std::string> mRelayServerList;
+    uint32_t mRelayMode;

-        protected:
-/*****************************************************************/
-/***********************  p3config  ******************************/
-        /* Key Functions to be overloaded for Full Configuration */
-        virtual RsSerialiser *setupSerialiser();
-        virtual bool saveList(bool &cleanup, std::list<RsItem *>&);
-        virtual void saveDone();
-        virtual bool    loadList(std::list<RsItem *>& load);
-/*****************************************************************/
+protected:
+    /*****************************************************************/
+    /***********************  p3config  ******************************/
+    /* Key Functions to be overloaded for Full Configuration */
+    virtual RsSerialiser *setupSerialiser();
+    virtual bool saveList(bool &cleanup, std::list<RsItem *>&);
+    virtual void saveDone();
+    virtual bool    loadList(std::list<RsItem *>& load);
+    /*****************************************************************/

-	// DATA RATES: Variables (Mutex Protected).
-	private:
+    // DATA RATES: Variables (Mutex Protected).
+private:

-	void 	updateDataRates();
-	void	clearDataRates();
+    void 	updateDataRates();
+    void	clearDataRates();

-	float mRelayReadRate;
-	float mRelayWriteRate;
-	float mRelayRelayRate;
-	float mDhtReadRate;
-	float mDhtWriteRate;
+    float mRelayReadRate;
+    float mRelayWriteRate;
+    float mRelayRelayRate;
+    float mDhtReadRate;
+    float mDhtWriteRate;

-	time_t mLastDataRateUpdate;
+    time_t mLastDataRateUpdate;


-/***********************************************************************************************
+    /***********************************************************************************************
 ************************** Internal Accounting (p3bitdht_peers.cc) ****************************
 ************************************************************************************************/

-	public:
+public:

-int 	removePeer(const RsPeerId& pid);
+    int 	removePeer(const RsPeerId& pid);

-	// Can be used externally too.
-int 	calculateNodeId(const RsPeerId& pid, bdNodeId *id);
-int 	addKnownNode(const bdId *id, uint32_t flags);
+    // Can be used externally too.
+    int 	calculateNodeId(const RsPeerId& pid, bdNodeId *id);
+    int 	addKnownNode(const bdId *id, uint32_t flags);

-	private:
+private:

-DhtPeerDetails *addInternalPeer_locked(const RsPeerId& pid, uint32_t type);
-int 	removeInternalPeer_locked(const RsPeerId& pid);
-DhtPeerDetails *findInternalDhtPeer_locked(const bdNodeId *id, uint32_t type);
-DhtPeerDetails *findInternalRsPeer_locked(const RsPeerId &pid);
+    DhtPeerDetails *addInternalPeer_locked(const RsPeerId& pid, uint32_t type);
+    int 	removeInternalPeer_locked(const RsPeerId& pid);
+    DhtPeerDetails *findInternalDhtPeer_locked(const bdNodeId *id, uint32_t type);
+    DhtPeerDetails *findInternalRsPeer_locked(const RsPeerId &pid);

-bool 	havePeerTranslation_locked(const RsPeerId &pid);
-int 	lookupNodeId_locked(const RsPeerId& pid, bdNodeId *id);
-int 	lookupRsId_locked(const bdNodeId *id, RsPeerId &pid);
-int 	storeTranslation_locked(const RsPeerId& pid);
-int 	removeTranslation_locked(const RsPeerId& pid);
+    bool 	havePeerTranslation_locked(const RsPeerId &pid);
+    int 	lookupNodeId_locked(const RsPeerId& pid, bdNodeId *id);
+    int 	lookupRsId_locked(const bdNodeId *id, RsPeerId &pid);
+    int 	storeTranslation_locked(const RsPeerId& pid);
+    int 	removeTranslation_locked(const RsPeerId& pid);

-	UdpBitDht *mUdpBitDht; /* has own mutex, is static except for creation/destruction */
-	UdpStunner *mDhtStunner;
-	UdpStunner *mProxyStunner;
-	UdpRelayReceiver   *mRelay;
+    UdpBitDht *mUdpBitDht; /* has own mutex, is static except for creation/destruction */
+    UdpStunner *mDhtStunner;
+    UdpStunner *mProxyStunner;
+    UdpRelayReceiver   *mRelay;

-	p3NetMgr *mNetMgr;
+    p3NetMgr *mNetMgr;

-	pqiNetAssistPeerShare *mPeerSharer;
+    pqiNetAssistPeerShare *mPeerSharer;

-        bdDhtFunctions *mDhtFns;
+    bdDhtFunctions *mDhtFns;

-	RsMutex dhtMtx;
+    RsMutex dhtMtx;


-	p3BitDhtRelayHandler *mRelayHandler;
+    p3BitDhtRelayHandler *mRelayHandler;

-	RsPeerId mOwnRsId;
-	bdNodeId    mOwnDhtId;
+    RsPeerId mOwnRsId;
+    bdNodeId    mOwnDhtId;

-	time_t mMinuteTS;
+    time_t mMinuteTS;

-	/* translation maps */
-        std::map<RsPeerId, bdNodeId> mTransToNodeId;
-        std::map<bdNodeId, RsPeerId> mTransToRsId;
+    /* translation maps */
+    std::map<RsPeerId, bdNodeId> mTransToNodeId;
+    std::map<bdNodeId, RsPeerId> mTransToRsId;

-	std::map<bdNodeId, DhtPeerDetails> mPeers;
-	std::map<bdNodeId, DhtPeerDetails> mFailedPeers;
+    std::map<bdNodeId, DhtPeerDetails> mPeers;
+    std::map<bdNodeId, DhtPeerDetails> mFailedPeers;

-	/* Connection Action Queue */
-	std::list<PeerAction> mActions;
+    /* Connection Action Queue */
+    std::list<PeerAction> mActions;

 };

--- a/libretroshare/src/libretroshare.pro
+++ b/libretroshare/src/libretroshare.pro
@ -101,6 +101,7 @@ PUBLIC_HEADERS =	retroshare/rsdisc.h \
 					retroshare/rsrank.h \
 					retroshare/rsstatus.h \
 					retroshare/rsturtle.h \
+					retroshare/rsbanlist.h \
 					retroshare/rstypes.h \
 					retroshare/rsdht.h \
 					retroshare/rsrtt.h \
--- a/libretroshare/src/retroshare/rsbanlist.h
+++ b/libretroshare/src/retroshare/rsbanlist.h
@ -0,0 +1,53 @@
+/*
+ * libretroshare/src/services/p3banlist.h
+ *
+ * Exchange list of Peers for Banning / Whitelisting.
+ *
+ * Copyright 2011 by Robert Fernie.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Library General Public
+ * License Version 2 as published by the Free Software Foundation.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA.
+ *
+ * Please report all bugs and problems to "retroshare@lunamutt.com".
+ *
+ */
+
+#pragma once
+
+#include <netinet/in.h>
+
+class RsBanList;
+extern RsBanList *rsBanList ;
+
+class BanListPeer
+{
+public:
+
+    struct sockaddr_storage addr;
+    uint8_t masked_bytes ;
+    uint32_t reason; 		// Dup Self, Dup Friend
+    int level; 			// LOCAL, FRIEND, FoF.
+    time_t mTs;
+    bool state ; 			// true=>active, false=>just stored but inactive
+};
+
+class RsBanList
+{
+	public:
+		virtual bool isAddressAccepted(const struct sockaddr_storage& addr) =0;
+        virtual void getListOfBannedIps(std::list<BanListPeer>& list) =0;
+};
+
+
+
--- a/libretroshare/src/retroshare/rsdht.h
+++ b/libretroshare/src/retroshare/rsdht.h
@ -26,6 +26,7 @@
 *
 */

+#include <netinet/in.h>
 #include <inttypes.h>
 #include <string>
 #include <list>
@ -35,11 +36,9 @@
 class RsDht;
 extern RsDht *rsDht;

-
 //std::ostream &operator<<(std::ostream &out, const RsPhotoShowDetails &detail);
 //std::ostream &operator<<(std::ostream &out, const RsPhotoDetails &detail);

-
 #define RSDHT_NETSTART_NETWORKMODE	0x0001
 #define RSDHT_NETSTART_NATTYPE		0x0002
 #define RSDHT_NETSTART_NATHOLE		0x0003
@ -157,7 +156,14 @@ class RsDhtRelayProxy
        //time_t mLastBandwidthTS;

 };
-
+class RsDhtFilteredPeer
+{
+public:
+    struct sockaddr_in mAddr;
+    uint32_t mFilterFlags; /* reasons why we are filtering */
+    time_t mFilterTS;
+    time_t mLastSeen;
+};

 class RsDht
 {
@ -196,6 +202,7 @@ virtual int	setRelayAllowance(int classIdx, uint32_t  count, uint32_t  bandwidth
 virtual bool    getOwnDhtId(std::string &ownDhtId) = 0;

 virtual bool	isAddressBanned(const struct sockaddr_storage& raddr) =0;
+virtual void	getListOfBannedIps(std::list<RsDhtFilteredPeer>& lst) =0;

 #if 0
 virtual std::string getPeerStatusString();
--- a/libretroshare/src/services/p3banlist.cc
+++ b/libretroshare/src/services/p3banlist.cc
@ -30,12 +30,14 @@

 #include "services/p3banlist.h"
 #include "serialiser/rsbanlistitems.h"
+#include "retroshare/rsdht.h"

 #include <sys/time.h>

 /****
 * #define DEBUG_BANLIST		1
 ****/
+ #define DEBUG_BANLIST		1


 /* DEFINE INTERFACE POINTER! */
@ -48,6 +50,8 @@
 #define RSBANLIST_SOURCE_FRIEND		1
 #define RSBANLIST_SOURCE_FOF		2

+#define RSBANLIST_DELAY_BETWEEN_TALK_TO_DHT 60	// should be more: e.g. 600 secs.
+

 /************ IMPLEMENTATION NOTES *********************************
 * 
@ -55,14 +59,15 @@
 * we distribute and track the network list of bad peers.
 *
 */
-
+RsBanList *rsBanList = NULL ;

 p3BanList::p3BanList(p3ServiceControl *sc, p3NetMgr *nm)
 	:p3Service(), mBanMtx("p3BanList"), mServiceCtrl(sc), mNetMgr(nm) 
 {
 	addSerialType(new RsBanListSerialiser());

-	mSentListTime = 0;
+    mSentListTime = 0;
+    mLastDhtInfoRequest = 0 ;
 }


@ -79,16 +84,38 @@ RsServiceInfo p3BanList::getServiceInfo()
                BANLIST_APP_MAJOR_VERSION,
                BANLIST_APP_MINOR_VERSION,
                BANLIST_MIN_MAJOR_VERSION,
-                BANLIST_MIN_MINOR_VERSION);
+                             BANLIST_MIN_MINOR_VERSION);
 }

+bool p3BanList::isAddressAccepted(const sockaddr_storage &addr)
+{
+    // we should normally work this including entire ranges of IPs. For now, just check the exact IPs.

+    if(mBanSet.find(addr) != mBanSet.end())
+        return false ;
+
+    return true ;
+}
+
+void p3BanList::getListOfBannedIps(std::list<BanListPeer> &lst)
+{
+    for(std::map<sockaddr_storage,BanListPeer>::const_iterator it(mBanSet.begin());it!=mBanSet.end();++it)
+        lst.push_back(it->second) ;
+}

 int	p3BanList::tick()
 {
 	processIncoming();
 	sendPackets();

+    time_t now = time(NULL) ;
+
+    if(mLastDhtInfoRequest + RSBANLIST_DELAY_BETWEEN_TALK_TO_DHT < now)
+    {
+        getDhtInfo() ;
+        mLastDhtInfoRequest = now;
+    }
+
 	return 0;
 }

@ -97,6 +124,31 @@ int	p3BanList::status()
 	return 1;
 }

+void p3BanList::getDhtInfo()
+{
+    // Get the list of masquerading peers from the DHT. Add them as potential IPs to be banned.
+    // Don't make them active. Just insert them in the list.
+
+    std::list<RsDhtFilteredPeer> filtered_peers ;
+
+    rsDht->getListOfBannedIps(filtered_peers) ;
+
+    std::cerr << "p3BanList::getDhtInfo() Got list of banned IPs." << std::endl;
+    RsPeerId ownId = mServiceCtrl->getOwnId();
+
+    for(std::list<RsDhtFilteredPeer>::const_iterator it(filtered_peers.begin());it!=filtered_peers.end();++it)
+    {
+        std::cerr << "  filtered peer: " << rs_inet_ntoa((*it).mAddr.sin_addr) << std::endl;
+
+        int int_reason = 0 ;
+        int age = 0 ;
+        sockaddr_storage ad = *(sockaddr_storage*)&(*it).mAddr ;
+
+        addBanEntry(ownId, ad, RSBANLIST_SOURCE_SELF, int_reason, age);
+    }
+
+    condenseBanSources_locked() ;
+}

 /***** Implementation ******/

@ -187,7 +239,7 @@ bool p3BanList::addBanEntry(const RsPeerId &peerId, const struct sockaddr_storag
 	bool updated = false;

 #ifdef DEBUG_BANLIST
-	std::cerr << "p3BanList::addBanEntry() Addr: " << rs_inet_ntoa(addr.sin_addr) << " Level: " << level;
+    std::cerr << "p3BanList::addBanEntry() Addr: " << sockaddr_storage_iptostring(addr) << " Level: " << level;
 	std::cerr << " Reason: " << reason << " Age: " << age;
 	std::cerr << std::endl;
 #endif
@ -418,7 +470,7 @@ void p3BanList::sendBanLists()
 	for(it = idList.begin(); it != idList.end(); ++it)
 	{
 #ifdef DEBUG_BANLIST
-		std::cerr << "p3BanList::sendBanList() To: " << *it;
+		std::cerr << "p3BanList::sendBanList() To: " << *it;
 		std::cerr << std::endl;
 #endif
 		sendBanSet(*it);
--- a/libretroshare/src/services/p3banlist.h
+++ b/libretroshare/src/services/p3banlist.h
@ -33,20 +33,12 @@

 #include "serialiser/rsbanlistitems.h"
 #include "services/p3service.h"
-//#include "retroshare/rsbanlist.h"
+#include "retroshare/rsbanlist.h"

 class p3ServiceControl;
 class p3NetMgr;

-class BanListPeer
-{
-	public:
-	
-	struct sockaddr_storage addr;
-	uint32_t reason; // Dup Self, Dup Friend
-	int level; // LOCAL, FRIEND, FoF.
-	time_t mTs;
-};
+

 class BanList
 {
@ -65,7 +57,7 @@ class BanList
  * Exchange list of Banned IP addresses with peers.
  */

-class p3BanList: /* public RsBanList, */ public p3Service, public pqiNetAssistPeerShare /* , public p3Config, public pqiMonitor */
+class p3BanList: public RsBanList, public p3Service, public pqiNetAssistPeerShare /* , public p3Config, public pqiMonitor */
 {
 	public:
 		p3BanList(p3ServiceControl *sc, p3NetMgr *nm);
@ -73,11 +65,13 @@ class p3BanList: /* public RsBanList, */ public p3Service, public pqiNetAssistPe

 		/***** overloaded from RsBanList *****/

-		/***** overloaded from pqiNetAssistPeerShare *****/
+        virtual bool isAddressAccepted(const struct sockaddr_storage& addr) ;
+        virtual void getListOfBannedIps(std::list<BanListPeer>& list) ;
+
+        /***** overloaded from pqiNetAssistPeerShare *****/

 		virtual void    updatePeer(const RsPeerId& id, const struct sockaddr_storage &addr, int type, int reason, int age);

-
 		/***** overloaded from p3Service *****/
 		/*!
 		 * This retrieves all chat msg items and also (important!)
@ -94,8 +88,7 @@ class p3BanList: /* public RsBanList, */ public p3Service, public pqiNetAssistPe
 		bool 	processIncoming();

 		bool recvBanItem(RsBanListItem *item);
-		bool addBanEntry(const RsPeerId &peerId, const struct sockaddr_storage &addr, 
-			int level, uint32_t reason, uint32_t age);
+        bool addBanEntry(const RsPeerId &peerId, const struct sockaddr_storage &addr, int level, uint32_t reason, uint32_t age);
 		void sendBanLists();
 		int sendBanSet(const RsPeerId& peerid);

@ -115,7 +108,9 @@ class p3BanList: /* public RsBanList, */ public p3Service, public pqiNetAssistPe
 		//virtual bool loadList(std::list<RsItem*>& load) ;


-	private:
+    private:
+        void getDhtInfo() ;
+
 		RsMutex mBanMtx;

 		int condenseBanSources_locked();
@ -127,7 +122,8 @@ class p3BanList: /* public RsBanList, */ public p3Service, public pqiNetAssistPe
 		std::map<struct sockaddr_storage, BanListPeer> mBanSet;

 		p3ServiceControl *mServiceCtrl;
-		p3NetMgr *mNetMgr;
+        p3NetMgr *mNetMgr;
+        time_t mLastDhtInfoRequest ;

 };