Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2025-08-06 05:14:21 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

added possibility to include manually some IP ranges

Browse source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8315 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2015-05-29 18:03:14 +00:00
parent 86eb9a33d6
commit 4ebc87b9c2
7 changed files with 160 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

2
libretroshare/src/retroshare/rsbanlist.h
View file

@ -62,6 +62,8 @@ public:
virtual void enableIPFiltering(bool b) =0;
virtual bool ipFilteringEnabled() =0;
virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,const std::string& comment) =0;
virtual bool isAddressAccepted(const struct sockaddr_storage& addr) =0;
virtual void getListOfBannedIps(std::list<BanListPeer>& list) =0;

68
libretroshare/src/services/p3banlist.cc
View file

@ -124,12 +124,12 @@ BanListPeer::BanListPeer()
masked_bytes=0;
reason=RSBANLIST_REASON_UNKNOWN ;
level=RSBANLIST_ORIGIN_UNKNOWN ;
state = false ;
state = true ;
connect_attempts=0;
mTs=0;
}
static sockaddr_storage make24BitsRange(const sockaddr_storage& addr)
static sockaddr_storage makeBitsRange(const sockaddr_storage& addr,int masked_bytes)
{
sockaddr_storage s ;
sockaddr_storage_clear(s) ;
@ -137,7 +137,12 @@ static sockaddr_storage make24BitsRange(const sockaddr_storage& addr)
sockaddr_in *ad = (sockaddr_in*)(&s) ;
ad->sin_addr.s_addr |= 0xff000000 ;
if(masked_bytes == 1)
ad->sin_addr.s_addr |= 0xff000000 ;
else if(masked_bytes == 2)
ad->sin_addr.s_addr |= 0xffff0000 ;
else if(masked_bytes != 0)
std::cerr << "Warning: unhandled mask size for IP range: " << masked_bytes << std::endl;
return s ;
}
@ -146,7 +151,18 @@ void p3BanList::autoFigureOutBanRanges()
{
RS_STACK_MUTEX(mBanMtx) ;
mBanRanges.clear() ;
// clear automatic ban ranges
for(std::map<sockaddr_storage,BanListPeer>::iterator it(mBanRanges.begin());it!=mBanRanges.end();)
if(it->second.reason == RSBANLIST_REASON_AUTO_RANGE)
{
std::map<sockaddr_storage,BanListPeer>::iterator it2=it ;
++it2 ;
mBanRanges.erase(it) ;
it=it2 ;
}
else
++it;
if(!mAutoRangeIps)
return ;
@ -156,7 +172,7 @@ void p3BanList::autoFigureOutBanRanges()
std::map<sockaddr_storage,ZeroedInt> range_map ;
for(std::map<sockaddr_storage,BanListPeer>::iterator it(mBanSet.begin());it!=mBanSet.end();++it)
++range_map[make24BitsRange(it->first)].n ;
++range_map[makeBitsRange(it->first,1)].n ;
time_t now = time(NULL) ;
@ -169,6 +185,9 @@ void p3BanList::autoFigureOutBanRanges()
std::cerr << " --> creating new ban range." << std::endl;
BanListPeer& peer(mBanRanges[it->first]) ;
if(peer.reason == RSBANLIST_REASON_USER)
continue ;
peer.addr = it->first ;
peer.masked_bytes = 1 ;
peer.reason = RSBANLIST_REASON_AUTO_RANGE ;
@ -190,12 +209,20 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr)
// we should normally work this including entire ranges of IPs. For now, just check the exact IPs.
sockaddr_storage addr_24 = make24BitsRange(addr) ;
sockaddr_storage addr_24 = makeBitsRange(addr,1) ;
sockaddr_storage addr_16 = makeBitsRange(addr,2) ;
std::cerr << "p3BanList::isAddressAccepted() testing " << sockaddr_storage_iptostring(addr) << " and range " << sockaddr_storage_iptostring(addr_24) ;
std::map<sockaddr_storage,BanListPeer>::iterator it ;
if((it=mBanRanges.find(addr_16)) != mBanRanges.end())
{
++it->second.connect_attempts;
std::cerr << " returning false. attempts=" << it->second.connect_attempts << std::endl;
return false ;
}
if((it=mBanRanges.find(addr_24)) != mBanRanges.end())
{
++it->second.connect_attempts;
@ -219,13 +246,38 @@ void p3BanList::getListOfBannedIps(std::list<BanListPeer> &lst)
RS_STACK_MUTEX(mBanMtx) ;
for(std::map<sockaddr_storage,BanListPeer>::const_iterator it(mBanSet.begin());it!=mBanSet.end();++it)
if(mBanRanges.find(make24BitsRange(it->first)) == mBanRanges.end())
if(mBanRanges.find(makeBitsRange(it->first,1)) == mBanRanges.end()
&& mBanRanges.find(makeBitsRange(it->first,2)) == mBanRanges.end())
lst.push_back(it->second) ;
for(std::map<sockaddr_storage,BanListPeer>::const_iterator it(mBanRanges.begin());it!=mBanRanges.end();++it)
lst.push_back(it->second) ;
}
void p3BanList::addIpRange(const sockaddr_storage &addr, int masked_bytes,const std::string& comment)
{
RS_STACK_MUTEX(mBanMtx) ;
BanListPeer blp ;
blp.level = RSBANLIST_ORIGIN_SELF ;
blp.connect_attempts = 0 ;
blp.addr = addr ;
blp.masked_bytes = masked_bytes ;
blp.mTs = time(NULL) ;
blp.reason = RSBANLIST_REASON_USER;
blp.comment = comment ;
if(masked_bytes != 0 && masked_bytes != 1 && masked_bytes != 2)
{
std::cerr << "Unhandled masked byte size " << masked_bytes << ". Should be 0,1 or 2" << std::endl;
return ;
}
sockaddr_storage addrrange = makeBitsRange(addr,masked_bytes) ;
mBanRanges[addrrange] = blp ;
}
int p3BanList::tick()
{
processIncoming();
@ -237,6 +289,7 @@ int p3BanList::tick()
{
if(mIPDHTGatheringEnabled)
getDhtInfo() ;
mLastDhtInfoRequest = now;
if(mAutoRangeIps)
@ -332,7 +385,6 @@ bool p3BanList::recvBanItem(RsBanListItem *item)
{
bool updated = false;
std::cerr << "(EE) should not receive a Ban item yet. Not implemented!" << std::endl;
time_t now = time(NULL) ;
std::list<RsTlvBanListEntry>::const_iterator it;
//for(it = item->peerList.entries.begin(); it != item->peerList.entries.end(); ++it)

18
libretroshare/src/services/p3banlist.h
View file

@ -64,6 +64,8 @@ public:
virtual bool isAddressAccepted(const struct sockaddr_storage& addr) ;
virtual void getListOfBannedIps(std::list<BanListPeer>& list) ;
virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,const std::string& comment) ;
virtual void enableIPFiltering(bool b) ;
virtual bool ipFilteringEnabled() ;
@ -85,13 +87,13 @@ public:
/***** overloaded from p3Service *****/
/*!
* This retrieves all chat msg items and also (important!)
* processes chat-status items that are in service item queue. chat msg item requests are also processed and not returned
* (important! also) notifications sent to notify base on receipt avatar, immediate status and custom status
* : notifyCustomState, notifyChatStatus, notifyPeerHasNewAvatar
* @see NotifyBase
* This retrieves all chat msg items and also (important!)
* processes chat-status items that are in service item queue. chat msg item requests are also processed and not returned
* (important! also) notifications sent to notify base on receipt avatar, immediate status and custom status
* : notifyCustomState, notifyChatStatus, notifyPeerHasNewAvatar
* @see NotifyBase
*/
*/
virtual int tick();
virtual int status();
@ -105,8 +107,8 @@ public:
/*!
* Interface stuff.
*/
* Interface stuff.
*/
/*************** pqiMonitor callback ***********************/
//virtual void statusChange(const std::list<pqipeer> &plist);