Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-12-26 16:09:35 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

first UI prototype for IP ban list system. Not yet usable.

Browse Source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8305 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2015-05-27 21:30:40 +00:00
parent 76642e4710
commit 38aefdf62f
8 changed files with 503 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
libretroshare/src/retroshare/rsbanlist.h
View File

@ -30,23 +30,36 @@
class RsBanList;
extern RsBanList *rsBanList ;
#define RSBANLIST_ORIGIN_UNKNOWN 0
#define RSBANLIST_ORIGIN_SELF 1
#define RSBANLIST_ORIGIN_FRIEND 2
#define RSBANLIST_ORIGIN_FOF 3
#define RSBANLIST_REASON_UNKNOWN 0
#define RSBANLIST_REASON_USER 1
#define RSBANLIST_REASON_DHT 2
class BanListPeer
{
public:
struct sockaddr_storage addr;
uint8_t masked_bytes ;
uint32_t reason; // Dup Self, Dup Friend
int level; // LOCAL, FRIEND, FoF.
time_t mTs;
uint8_t masked_bytes ; // 0 = []/32. 1=[]/24, 2=[]/16
uint32_t reason; // User, DHT
uint32_t level; // LOCAL, FRIEND, FoF.
bool state ; // true=>active, false=>just stored but inactive
int connect_attempts ; // recorded by the BanList service
time_t mTs;
std::string comment ; //
};
class RsBanList
{
public:
virtual bool isAddressAccepted(const struct sockaddr_storage& addr) =0;
virtual void getListOfBannedIps(std::list<BanListPeer>& list) =0;
public:
virtual void enableIPFiltering(bool b) =0;
virtual bool ipFilteringEnabled() =0;
virtual bool isAddressAccepted(const struct sockaddr_storage& addr) =0;
virtual void getListOfBannedIps(std::list<BanListPeer>& list) =0;
};

4
libretroshare/src/rsserver/rsinit.cc
View File

@ -1142,6 +1142,7 @@ int RsServer::StartupRetroShare()
// NEXT BITDHT.
p3BitDht *mBitDht = new p3BitDht(ownId, mLinkMgr, mNetMgr, mDhtStack, bootstrapfile, filteredipfile);
/* install external Pointer for Interface */
rsDht = mBitDht;
@ -1520,7 +1521,8 @@ int RsServer::StartupRetroShare()
#endif
// new services to test.
p3BanList *mBanList = new p3BanList(serviceCtrl, mNetMgr);
p3BanList *mBanList = new p3BanList(serviceCtrl, mNetMgr);
rsBanList = mBanList ;
pqih -> addService(mBanList, true);
mBitDht->setupPeerSharer(mBanList);

3
libretroshare/src/serialiser/rstlvbanlist.h
View File

@ -50,7 +50,8 @@ virtual std::ostream &print(std::ostream &out, uint16_t indent) const;
RsTlvIpAddress addr;
uint32_t level;
uint32_t reason;
uint32_t age;
uint32_t age;
uint8_t masked_bytes ;
};

129
libretroshare/src/services/p3banlist.cc
View File

@ -38,6 +38,7 @@
* #define DEBUG_BANLIST 1
****/
#define DEBUG_BANLIST 1
#define DEBUG_BANLIST_CONDENSE 1
/* DEFINE INTERFACE POINTER! */
@ -46,10 +47,6 @@
#define RSBANLIST_ENTRY_MAX_AGE (60 * 60 * 1) // 1 HOURS
#define RSBANLIST_SEND_PERIOD 600 // 10 Minutes.
#define RSBANLIST_SOURCE_SELF 0
#define RSBANLIST_SOURCE_FRIEND 1
#define RSBANLIST_SOURCE_FOF 2
#define RSBANLIST_DELAY_BETWEEN_TALK_TO_DHT 60 // should be more: e.g. 600 secs.
@ -87,6 +84,16 @@ RsServiceInfo p3BanList::getServiceInfo()
BANLIST_MIN_MINOR_VERSION);
}
bool p3BanList::ipFilteringEnabled()
{
return mIPFilteringEnabled ;
}
void p3BanList::enableIPFiltering(bool b)
{
mIPFilteringEnabled = b ;
}
bool p3BanList::isAddressAccepted(const sockaddr_storage &addr)
{
// we should normally work this including entire ranges of IPs. For now, just check the exact IPs.
@ -140,11 +147,12 @@ void p3BanList::getDhtInfo()
{
std::cerr << " filtered peer: " << rs_inet_ntoa((*it).mAddr.sin_addr) << std::endl;
int int_reason = 0 ;
int age = 0 ;
int int_reason = RSBANLIST_REASON_DHT ;
int time_stamp = (*it).mLastSeen ;
uint8_t masked_bytes = 0 ;
sockaddr_storage ad = *(sockaddr_storage*)&(*it).mAddr ;
addBanEntry(ownId, ad, RSBANLIST_SOURCE_SELF, int_reason, age);
addBanEntry(ownId, ad, RSBANLIST_ORIGIN_SELF, int_reason, time_stamp, masked_bytes);
}
condenseBanSources_locked() ;
@ -202,36 +210,39 @@ bool p3BanList::recvBanItem(RsBanListItem *item)
{
bool updated = false;
std::cerr << "(EE) should not receive a Ban item yet. Not implemented!" << std::endl;
time_t now = time(NULL) ;
std::list<RsTlvBanListEntry>::const_iterator it;
//for(it = item->peerList.entries.begin(); it != item->peerList.entries.end(); ++it)
for(it = item->peerList.mList.begin(); it != item->peerList.mList.end(); ++it)
{
// Order is important!.
updated = (addBanEntry(item->PeerId(), it->addr.addr, it->level,
it->reason, it->age) || updated);
updated = (addBanEntry(item->PeerId(), it->addr.addr, it->level, it->reason, now - it->age,it->masked_bytes) || updated);
}
return updated;
}
/* overloaded from pqiNetAssistSharePeer */
void p3BanList::updatePeer(const RsPeerId& /*id*/, const struct sockaddr_storage &addr, int /*type*/, int /*reason*/, int age)
void p3BanList::updatePeer(const RsPeerId& /*id*/, const struct sockaddr_storage &addr, int type, int /*reason*/, int time_stamp)
{
RsPeerId ownId = mServiceCtrl->getOwnId();
RsPeerId ownId = mServiceCtrl->getOwnId();
int int_reason = 0;
addBanEntry(ownId, addr, RSBANLIST_SOURCE_SELF, int_reason, age);
int int_reason = RSBANLIST_REASON_DHT;
/* process */
{
RsStackMutex stack(mBanMtx); /****** LOCKED MUTEX *******/
addBanEntry(ownId, addr, RSBANLIST_ORIGIN_SELF, int_reason, time_stamp,0);
mBanSet.clear();
condenseBanSources_locked();
}
/* process */
{
RsStackMutex stack(mBanMtx); /****** LOCKED MUTEX *******/
mBanSet.clear();
condenseBanSources_locked();
}
}
bool p3BanList::addBanEntry(const RsPeerId &peerId, const struct sockaddr_storage &addr, int level, uint32_t reason, uint32_t age)
bool p3BanList::addBanEntry(const RsPeerId &peerId, const struct sockaddr_storage &addr,
int level, uint32_t reason, time_t time_stamp,uint8_t masked_bytes)
{
RsStackMutex stack(mBanMtx); /****** LOCKED MUTEX *******/
@ -239,8 +250,8 @@ bool p3BanList::addBanEntry(const RsPeerId &peerId, const struct sockaddr_storag
bool updated = false;
#ifdef DEBUG_BANLIST
std::cerr << "p3BanList::addBanEntry() Addr: " << sockaddr_storage_iptostring(addr) << " Level: " << level;
std::cerr << " Reason: " << reason << " Age: " << age;
std::cerr << "p3BanList::addBanEntry() Addr: " << sockaddr_storage_iptostring(addr) << " Origin: " << level;
std::cerr << " Reason: " << reason << " Age: " << now - time_stamp;
std::cerr << std::endl;
#endif
@ -282,9 +293,9 @@ bool p3BanList::addBanEntry(const RsPeerId &peerId, const struct sockaddr_storag
BanListPeer blp;
blp.addr = addr;
blp.reason = reason;
blp.level = level;
blp.mTs = now - age;
blp.level = level;
blp.mTs = time_stamp ;
blp.masked_bytes = masked_bytes ;
it->second.mBanPeers[bannedaddr] = blp;
it->second.mLastUpdate = now;
@ -294,14 +305,17 @@ bool p3BanList::addBanEntry(const RsPeerId &peerId, const struct sockaddr_storag
{
/* see if it needs an update */
if ((mit->second.reason != reason) ||
(mit->second.level != level) ||
(mit->second.mTs < (time_t) (now - age)))
(mit->second.level != level) ||
(mit->second.mTs < time_stamp)||
(mit->second.masked_bytes < masked_bytes)
)
{
/* update */
mit->second.addr = addr;
mit->second.reason = reason;
mit->second.level = level;
mit->second.mTs = now - age;
mit->second.level = level;
mit->second.mTs = time_stamp;
mit->second.masked_bytes = masked_bytes ;
it->second.mLastUpdate = now;
updated = true;
@ -328,15 +342,15 @@ int p3BanList::condenseBanSources_locked()
std::map<RsPeerId, BanList>::const_iterator it;
for(it = mBanSources.begin(); it != mBanSources.end(); ++it)
{
if (now - it->second.mLastUpdate > RSBANLIST_ENTRY_MAX_AGE)
{
#ifdef DEBUG_BANLIST_CONDENSE
std::cerr << "p3BanList::condenseBanSources_locked()";
std::cerr << " Ignoring Out-Of-Date peer: " << it->first;
std::cerr << std::endl;
#endif
continue;
}
// if (now - it->second.mLastUpdate > RSBANLIST_ENTRY_MAX_AGE)
// {
//#ifdef DEBUG_BANLIST_CONDENSE
// std::cerr << "p3BanList::condenseBanSources_locked()";
// std::cerr << " Ignoring Out-Of-Date peer: " << it->first;
// std::cerr << std::endl;
//#endif
// continue;
// }
#ifdef DEBUG_BANLIST_CONDENSE
std::cerr << "p3BanList::condenseBanSources_locked()";
@ -349,18 +363,19 @@ int p3BanList::condenseBanSources_locked()
lit != it->second.mBanPeers.end(); ++lit)
{
/* check timestamp */
if (now - lit->second.mTs > RSBANLIST_ENTRY_MAX_AGE)
{
#ifdef DEBUG_BANLIST_CONDENSE
std::cerr << "p3BanList::condenseBanSources_locked()";
std::cerr << " Ignoring Out-Of-Date Entry for: ";
std::cerr << sockaddr_storage_iptostring(lit->second.addr);
std::cerr << std::endl;
#endif
continue;
}
// if (now > RSBANLIST_ENTRY_MAX_AGE + lit->second.mTs)
// {
//#ifdef DEBUG_BANLIST_CONDENSE
// std::cerr << "p3BanList::condenseBanSources_locked()";
// std::cerr << " Ignoring Out-Of-Date Entry for: ";
// std::cerr << sockaddr_storage_iptostring(lit->second.addr);
// std::cerr << " time stamp= " << lit->second.mTs << ", age=" << now - lit->second.mTs;
// std::cerr << std::endl;
//#endif
// continue;
// }
int lvl = lit->second.level;
int lvl = lit->second.level;
if (it->first != ownId)
{
/* as from someone else, increment level */
@ -376,10 +391,10 @@ int p3BanList::condenseBanSources_locked()
/* check if it exists in the Set already */
std::map<struct sockaddr_storage, BanListPeer>::iterator sit;
sit = mBanSet.find(bannedaddr);
if ((sit == mBanSet.end()) || (lvl < sit->second.level))
if ((sit == mBanSet.end()) || (lvl < sit->second.level))
{
BanListPeer bp = lit->second;
bp.level = lvl;
bp.level = lvl;
sockaddr_storage_setport(bp.addr, 0);
mBanSet[bannedaddr] = bp;
#ifdef DEBUG_BANLIST_CONDENSE
@ -398,7 +413,7 @@ int p3BanList::condenseBanSources_locked()
std::cerr << std::endl;
#endif
/* update if necessary */
if (lvl == sit->second.level)
if (lvl == sit->second.level)
{
sit->second.reason |= lit->second.reason;
if (sit->second.mTs < lit->second.mTs)
@ -492,7 +507,7 @@ int p3BanList::sendBanSet(const RsPeerId& peerid)
std::map<struct sockaddr_storage, BanListPeer>::iterator it;
for(it = mBanSet.begin(); it != mBanSet.end(); ++it)
{
if (it->second.level >= RSBANLIST_SOURCE_FRIEND)
if (it->second.level >= RSBANLIST_ORIGIN_FRIEND)
{
continue; // only share OWN for the moment.
}
@ -500,7 +515,7 @@ int p3BanList::sendBanSet(const RsPeerId& peerid)
RsTlvBanListEntry bi;
bi.addr.addr = it->second.addr;
bi.reason = it->second.reason;
bi.level = it->second.level;
bi.level = it->second.level;
bi.age = now - it->second.mTs;
//item->peerList.entries.push_back(bi);
@ -525,8 +540,8 @@ int p3BanList::printBanSet_locked(std::ostream &out)
{
out << "Ban: " << sockaddr_storage_iptostring(it->second.addr);
out << " Reason: " << it->second.reason;
out << " Level: " << it->second.level;
if (it->second.level > RSBANLIST_SOURCE_FRIEND)
out << " Level: " << it->second.level;
if (it->second.level > RSBANLIST_ORIGIN_FRIEND)
{
out << " (unused)";
}
@ -557,7 +572,7 @@ int p3BanList::printBanSources_locked(std::ostream &out)
out << "\t";
out << "Ban: " << sockaddr_storage_iptostring(lit->second.addr);
out << " Reason: " << lit->second.reason;
out << " Level: " << lit->second.level;
out << " Level: " << lit->second.level;
out << " Age: " << now - lit->second.mTs;
out << std::endl;
}

99
libretroshare/src/services/p3banlist.h
View File

@ -38,8 +38,6 @@
class p3ServiceControl;
class p3NetMgr;
class BanList
{
public:
@ -49,8 +47,6 @@ class BanList
std::map<struct sockaddr_storage, BanListPeer> mBanPeers;
};
//!The RS BanList service.
/**
*
@ -59,72 +55,75 @@ class BanList
class p3BanList: public RsBanList, public p3Service, public pqiNetAssistPeerShare /* , public p3Config, public pqiMonitor */
{
public:
p3BanList(p3ServiceControl *sc, p3NetMgr *nm);
virtual RsServiceInfo getServiceInfo();
public:
p3BanList(p3ServiceControl *sc, p3NetMgr *nm);
virtual RsServiceInfo getServiceInfo();
/***** overloaded from RsBanList *****/
/***** overloaded from RsBanList *****/
virtual bool isAddressAccepted(const struct sockaddr_storage& addr) ;
virtual void getListOfBannedIps(std::list<BanListPeer>& list) ;
virtual void enableIPFiltering(bool b) ;
virtual bool ipFilteringEnabled() ;
virtual bool isAddressAccepted(const struct sockaddr_storage& addr) ;
virtual void getListOfBannedIps(std::list<BanListPeer>& list) ;
/***** overloaded from pqiNetAssistPeerShare *****/
/***** overloaded from pqiNetAssistPeerShare *****/
virtual void updatePeer(const RsPeerId& id, const struct sockaddr_storage &addr, int type, int reason, int age);
virtual void updatePeer(const RsPeerId& id, const struct sockaddr_storage &addr, int type, int reason, int time_stamp);
/***** overloaded from p3Service *****/
/*!
* This retrieves all chat msg items and also (important!)
* processes chat-status items that are in service item queue. chat msg item requests are also processed and not returned
* (important! also) notifications sent to notify base on receipt avatar, immediate status and custom status
* : notifyCustomState, notifyChatStatus, notifyPeerHasNewAvatar
* @see NotifyBase
/***** overloaded from p3Service *****/
/*!
* This retrieves all chat msg items and also (important!)
* processes chat-status items that are in service item queue. chat msg item requests are also processed and not returned
* (important! also) notifications sent to notify base on receipt avatar, immediate status and custom status
* : notifyCustomState, notifyChatStatus, notifyPeerHasNewAvatar
* @see NotifyBase
*/
virtual int tick();
virtual int status();
*/
virtual int tick();
virtual int status();
int sendPackets();
bool processIncoming();
int sendPackets();
bool processIncoming();
bool recvBanItem(RsBanListItem *item);
bool addBanEntry(const RsPeerId &peerId, const struct sockaddr_storage &addr, int level, uint32_t reason, uint32_t age);
void sendBanLists();
int sendBanSet(const RsPeerId& peerid);
bool recvBanItem(RsBanListItem *item);
bool addBanEntry(const RsPeerId &peerId, const struct sockaddr_storage &addr, int level, uint32_t reason, time_t time_stamp, uint8_t masked_bytes);
void sendBanLists();
int sendBanSet(const RsPeerId& peerid);
/*!
* Interface stuff.
*/
/*!
* Interface stuff.
*/
/*************** pqiMonitor callback ***********************/
//virtual void statusChange(const std::list<pqipeer> &plist);
/*************** pqiMonitor callback ***********************/
//virtual void statusChange(const std::list<pqipeer> &plist);
/************* from p3Config *******************/
//virtual RsSerialiser *setupSerialiser() ;
//virtual bool saveList(bool& cleanup, std::list<RsItem*>&) ;
//virtual void saveDone();
//virtual bool loadList(std::list<RsItem*>& load) ;
/************* from p3Config *******************/
//virtual RsSerialiser *setupSerialiser() ;
//virtual bool saveList(bool& cleanup, std::list<RsItem*>&) ;
//virtual void saveDone();
//virtual bool loadList(std::list<RsItem*>& load) ;
private:
void getDhtInfo() ;
private:
void getDhtInfo() ;
RsMutex mBanMtx;
RsMutex mBanMtx;
int condenseBanSources_locked();
int printBanSources_locked(std::ostream &out);
int printBanSet_locked(std::ostream &out);
int condenseBanSources_locked();
int printBanSources_locked(std::ostream &out);
int printBanSet_locked(std::ostream &out);
time_t mSentListTime;
std::map<RsPeerId, BanList> mBanSources;
std::map<struct sockaddr_storage, BanListPeer> mBanSet;
time_t mSentListTime;
std::map<RsPeerId, BanList> mBanSources;
std::map<struct sockaddr_storage, BanListPeer> mBanSet;
p3ServiceControl *mServiceCtrl;
p3NetMgr *mNetMgr;
time_t mLastDhtInfoRequest ;
p3ServiceControl *mServiceCtrl;
p3NetMgr *mNetMgr;
time_t mLastDhtInfoRequest ;
bool mIPFilteringEnabled ;
};
#endif // SERVICE_RSBANLIST_HEADER

238
retroshare-gui/src/gui/settings/ServerPage.cpp
View File

@ -29,8 +29,10 @@
#include <retroshare/rsconfig.h>
#include <retroshare/rspeers.h>
#include <retroshare/rsturtle.h>
#include <retroshare/rsbanlist.h>
#include <QMovie>
#include <QMenu>
#include <QTcpSocket>
#include <QNetworkProxy>
#include <QNetworkReply>
@ -41,6 +43,12 @@
#define ICON_STATUS_UNKNOWN ":/images/ledoff1.png"
#define ICON_STATUS_OK ":/images/ledon1.png"
#define COLUMN_RANGE 0
#define COLUMN_STATUS 1
#define COLUMN_ORIGIN 2
#define COLUMN_REASON 3
#define COLUMN_COMMENT 4
//#define SERVER_DEBUG 1
ServerPage::ServerPage(QWidget * parent, Qt::WindowFlags flags)
@ -56,6 +64,17 @@ ServerPage::ServerPage(QWidget * parent, Qt::WindowFlags flags)
manager = NULL ;
ui.filteredIpsTable->setHorizontalHeaderItem(COLUMN_RANGE,new QTableWidgetItem(tr("IP Range"))) ;
ui.filteredIpsTable->setHorizontalHeaderItem(COLUMN_STATUS,new QTableWidgetItem(tr("Status"))) ;
ui.filteredIpsTable->setHorizontalHeaderItem(COLUMN_ORIGIN,new QTableWidgetItem(tr("Origin"))) ;
ui.filteredIpsTable->setHorizontalHeaderItem(COLUMN_COMMENT,new QTableWidgetItem(tr("Comment"))) ;
ui.filteredIpsTable->verticalHeader()->hide() ;
QObject::connect(ui.filteredIpsTable,SIGNAL(customContextMenuRequested(const QPoint&)),this,SLOT(ipFilterContextMenu(const QPoint&))) ;
QObject::connect(ui.denyAll_CB,SIGNAL(toggled(bool)),this,SLOT(toggleIpFiltering(bool)));
QTimer *timer = new QTimer(this);
timer->connect(timer, SIGNAL(timeout()), this, SLOT(updateStatus()));
timer->start(1000);
@ -136,9 +155,11 @@ void ServerPage::load()
if (!rsPeers->getPeerDetails(rsPeers->getOwnId(), detail))
{
return;
}
}
loadFilteredIps() ;
mIsHiddenNode = (detail.netMode == RS_NETMODE_HIDDEN);
mIsHiddenNode = (detail.netMode == RS_NETMODE_HIDDEN);
if (mIsHiddenNode)
{
loadHiddenNode();
@ -233,12 +254,209 @@ void ServerPage::load()
updateTorOutProxyIndicator();
}
//void ServerPage::toggleTurtleRouting(bool b)
//{
// ui._max_tr_up_per_sec_SB->setEnabled(b) ;
//
// rsTurtle->setEnabled(b) ;
//}
static std::string print_addr(const struct sockaddr_storage& addr)
{
const sockaddr_in *in = (const sockaddr_in*)&addr ;
char str[100];
uint8_t *bytes = (uint8_t *) &(in->sin_addr.s_addr);
sprintf(str, "%u.%u.%u.%u", (int) bytes[0], (int) bytes[1], (int) bytes[2], (int) bytes[3]);
return std::string(str) ;
}
std::string print_addr_range(const struct sockaddr_storage& addr,uint8_t masked_bytes)
{
const sockaddr_in *in = (const sockaddr_in*)&addr ;
char str[100];
uint8_t *bytes = (uint8_t *) &(in->sin_addr.s_addr);
str[0] = 0 ;
switch(masked_bytes)
{
case 0: sprintf(str, "%u.%u.%u.%u", (int) bytes[0], (int) bytes[1], (int) bytes[2], (int) bytes[3]);
break ;
case 1: sprintf(str, "%u.%u.%u.255/24", (int) bytes[0], (int) bytes[1], (int) bytes[2]);
break ;
case 2: sprintf(str, "%u.%u.255.255/16", (int) bytes[0], (int) bytes[1]);
break ;
default:
std::cerr << "ERROR: Wrong format : masked_bytes = " << masked_bytes << std::endl;
return std::string("Invalid format") ;
}
return std::string(str) ;
}
void ServerPage::toggleIpFiltering(bool b)
{
rsBanList->enableIPFiltering(b) ;
loadFilteredIps() ;
}
void ServerPage::loadFilteredIps()
{
ui.includeFromFriends_CB->setChecked(false) ;
ui.includeFromDHT_CB->setChecked(true) ;
ui.ipInput_LE->setEnabled(false) ;
ui.ipInputRange_SB->setEnabled(false) ;
ui.ipInputComment_LE->setEnabled(false) ;
ui.ipInputAdd_PB->setEnabled(false) ;
if(rsBanList->ipFilteringEnabled())
{
ui.denyAll_CB->setChecked(true) ;
ui.filteredIpsTable->setEnabled(true) ;
ui.includeFromFriends_CB->setEnabled(false) ;
ui.includeFromDHT_CB->setEnabled(false) ;
}
else
{
ui.denyAll_CB->setChecked(false) ;
ui.filteredIpsTable->setEnabled(false) ;
ui.includeFromFriends_CB->setEnabled(false) ;
ui.includeFromDHT_CB->setEnabled(false) ;
}
std::list<BanListPeer> lst ;
rsBanList->getListOfBannedIps(lst) ;
ui.filteredIpsTable->setRowCount(lst.size()) ;
//std::cerr << "Adding " << lst.size() << " entries to table." << std::endl;
int row = 0 ;
for(std::list<BanListPeer>::const_iterator it(lst.begin());it!=lst.end();++it,++row)
{
//std::cerr << " adding banned lst peer: " << print_addr((*it).addr) << std::endl;
ui.filteredIpsTable->setItem(row,COLUMN_RANGE,new QTableWidgetItem(QString::fromStdString(print_addr_range((*it).addr,(*it).masked_bytes)))) ;
if( (*it).state )
ui.filteredIpsTable->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString("active"))) ;
else
ui.filteredIpsTable->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString(""))) ;
ui.filteredIpsTable->item(row,COLUMN_STATUS)->setData(Qt::UserRole,QVariant( (*it).state )) ;
switch((*it).level)
{
default:
case RSBANLIST_ORIGIN_UNKNOWN: ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("Unknown"))) ;
break ;
case RSBANLIST_ORIGIN_FOF: ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend of a friend"))) ;
break ;
case RSBANLIST_ORIGIN_FRIEND: ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend"))) ;
break ;
case RSBANLIST_ORIGIN_SELF: ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From you"))) ;
break ;
}
switch( (*it).reason )
{
case RSBANLIST_REASON_DHT: ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Bad peer (DHT)"))) ;
break ;
case RSBANLIST_REASON_USER: ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Home-made rule"))) ;
break ;
default:
case RSBANLIST_REASON_UNKNOWN: ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Unknown"))) ;
break ;
}
ui.filteredIpsTable->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(QString::fromStdString((*it).comment))) ;
}
}
static bool parseAddrFromQString(const QString& s,struct sockaddr_storage& addr,int& bytes )
{
QStringList lst = s.split(".") ;
QStringList::const_iterator it = lst.begin();
bool ok ;
uint32_t s1 = (*it).toInt(&ok) ; ++it ; if(!ok) return false ;
uint32_t s2 = (*it).toInt(&ok) ; ++it ; if(!ok) return false ;
uint32_t s3 = (*it).toInt(&ok) ; ++it ; if(!ok) return false ;
QStringList lst2 = (*it).split("/") ;
it = lst2.begin();
uint32_t s4 ;
s4 = (*it).toInt(&ok) ; ++it ; if(!ok) return false ;
if(it != lst2.end())
{
uint32_t x = (*it).toInt(&ok) ; if(!ok) return false ;
if(x%8 != 0)
return false ;
if(x != 16 && x != 24)
return false ;
bytes = 4 - x/8 ;
}
const sockaddr_in *in = (const sockaddr_in*)&addr ;
((uint8_t*)&in->sin_addr.s_addr)[0] = s1 ;
((uint8_t*)&in->sin_addr.s_addr)[1] = s2 ;
((uint8_t*)&in->sin_addr.s_addr)[2] = s3 ;
((uint8_t*)&in->sin_addr.s_addr)[3] = s4 ;
return ok;
}
void ServerPage::ipFilterContextMenu(const QPoint& point)
{
QMenu contextMenu(this) ;
int row = ui.filteredIpsTable->currentRow();
QTableWidgetItem *item = ui.filteredIpsTable->item(row, COLUMN_STATUS);
if(item == NULL)
return ;
bool status = item->data(Qt::UserRole).toBool();
if(!status)
contextMenu.addAction(tr("Disable/remove"),this,SLOT(removeBannedIp()))->setEnabled(false) ;
QString addr_string = ui.filteredIpsTable->item(row,COLUMN_RANGE)->text() ;
sockaddr_storage addr ;
int masked_bytes ;
if(!parseAddrFromQString(addr_string,addr,masked_bytes))
{
std::cerr <<"Cannot parse IP \"" << addr_string.toStdString() << "\"" << std::endl;
return ;
}
QString range0 = QString::fromStdString(print_addr_range(addr,0)) ;
QString range1 = QString::fromStdString(print_addr_range(addr,1)) ;
QString range2 = QString::fromStdString(print_addr_range(addr,2)) ;
contextMenu.addAction(QObject::tr("Filter IP " )+range0,this,SLOT(enableBannedIp()))->setEnabled(false) ;
#warning UNIMPLEMENTED CODE
contextMenu.addAction(QObject::tr("Filter entire range ")+range1,this,SLOT(enableBannedIp()))->setEnabled(false) ;
contextMenu.addAction(QObject::tr("Filter entire range ")+range2,this,SLOT(enableBannedIp()))->setEnabled(false) ;
contextMenu.exec(QCursor::pos()) ;
}
void ServerPage::removeBannedIp()
{
#warning UNIMPLEMENTED CODE
std::cerr << "Removing banned IP" << std::endl;
}
void ServerPage::enableBannedIp()
{
#warning UNIMPLEMENTED CODE
std::cerr << "Removing banned IP" << std::endl;
}
/** Loads the settings for this page */
void ServerPage::updateStatus()
@ -254,11 +472,13 @@ void ServerPage::updateStatus()
if(!isVisible())
return ;
loadFilteredIps() ;
if (mIsHiddenNode)
{
updateStatusHiddenNode();
return;
}
}
/* load up configuration from rsPeers */
RsPeerDetails detail;

5
retroshare-gui/src/gui/settings/ServerPage.h
View File

@ -50,6 +50,10 @@ public slots:
void updateStatus();
private slots:
void toggleIpFiltering(bool b);
void ipFilterContextMenu(const QPoint &);
void removeBannedIp();
void enableBannedIp();
void saveAddresses();
void toggleUPnP();
void toggleIpDetermination(bool) ;
@ -66,6 +70,7 @@ private:
void saveAddressesHiddenNode();
void updateTorOutProxyIndicator();
void updateLocInProxyIndicator();
void loadFilteredIps() ;
Ui::ServerPage ui;

122
retroshare-gui/src/gui/settings/ServerPage.ui
View File

@ -498,6 +498,128 @@ behind a firewall or a VPN.</string>
<zorder></zorder>
<zorder></zorder>
</widget>
<widget class="QWidget" name="tab_2">
<attribute name="title">
<string>IP Filters</string>
</attribute>
<layout class="QVBoxLayout" name="verticalLayout_4">
<item>
<widget class="QCheckBox" name="denyAll_CB">
<property name="text">
<string>Deny all connections from the following IP ranges:</string>
</property>
</widget>
</item>
<item>
<widget class="QTableWidget" name="filteredIpsTable">
<property name="contextMenuPolicy">
<enum>Qt::CustomContextMenu</enum>
</property>
<property name="alternatingRowColors">
<bool>true</bool>
</property>
<property name="sortingEnabled">
<bool>false</bool>
</property>
<attribute name="horizontalHeaderStretchLastSection">
<bool>true</bool>
</attribute>
<column>
<property name="text">
<string>IP range</string>
</property>
</column>
<column>
<property name="text">
<string>Status</string>
</property>
</column>
<column>
<property name="text">
<string>Origin</string>
</property>
</column>
<column>
<property name="text">
<string>Reason</string>
</property>
</column>
<column>
<property name="text">
<string>Comment</string>
</property>
</column>
</widget>
</item>
<item>
<widget class="QCheckBox" name="includeFromFriends_CB">
<property name="text">
<string> Automatically include the IPs denied by your friends</string>
</property>
</widget>
</item>
<item>
<widget class="QCheckBox" name="includeFromDHT_CB">
<property name="text">
<string>Automatically filter suspicious IPs detected by DHT</string>
</property>
</widget>
</item>
<item>
<layout class="QHBoxLayout" name="horizontalLayout_10">
<item>
<widget class="QLineEdit" name="ipInput_LE">
<property name="sizePolicy">
<sizepolicy hsizetype="Maximum" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="toolTip">
<string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Enter an IP range. Accepted formats:&lt;/p&gt;&lt;p&gt;193.190.209.15&lt;/p&gt;&lt;p&gt;193.190.209.15/24&lt;/p&gt;&lt;p&gt;193.190.209.15/16&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
</property>
</widget>
</item>
<item>
<widget class="QSpinBox" name="ipInputRange_SB">
<property name="minimum">
<number>16</number>
</property>
<property name="maximum">
<number>32</number>
</property>
<property name="singleStep">
<number>8</number>
</property>
<property name="value">
<number>32</number>
</property>
</widget>
</item>
<item>
<widget class="QLineEdit" name="ipInputComment_LE">
<property name="sizePolicy">
<sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="toolTip">
<string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Enter any comment you'd like&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
</property>
</widget>
</item>
<item>
<widget class="QPushButton" name="ipInputAdd_PB">
<property name="text">
<string>Add</string>
</property>
</widget>
</item>
</layout>
</item>
</layout>
</widget>
<widget class="QWidget" name="TorTAB">
<attribute name="title">
<string>TOR Configuration</string>