mirror of
https://github.com/RetroShare/RetroShare.git
synced 2024-12-27 08:29:26 -05:00
added whitelist system and GUI for it. Not used in pqissl yet.
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@8319 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
parent
0a42b334ae
commit
f699855b7d
@ -80,10 +80,25 @@ public:
|
||||
virtual void enableIPFiltering(bool b) =0;
|
||||
virtual bool ipFilteringEnabled() =0;
|
||||
|
||||
virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,const std::string& comment) =0;
|
||||
// addIpRange()/removeIpRange()
|
||||
// addr: full IPv4 address. Port is ignored.
|
||||
// masked_bytes: 0=full IP, 1="/24", 2="/16"
|
||||
// list_type: RSBANLIST_CHECKING_FLAGS_BLACKLIST or RSBANLIST_CHECKING_FLAGS_WHITELIST
|
||||
// comment: anything, user-based.
|
||||
|
||||
virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type,const std::string& comment) =0;
|
||||
virtual void removeIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type) =0;
|
||||
|
||||
// isAddressAccepted()
|
||||
// addr: full IPv4 address. Port is ignored.
|
||||
// checking flags: any combination of RSBANLIST_CHECKING_FLAGS_BLACKLIST and RSBANLIST_CHECKING_FLAGS_WHITELIST
|
||||
// check_result: returned result of the check in RSBANLIST_CHECK_RESULT_*
|
||||
// returned value: true=address is accepted, false=address is rejected.
|
||||
|
||||
virtual bool isAddressAccepted(const struct sockaddr_storage& addr,uint32_t checking_flags,uint32_t& check_result) =0;
|
||||
virtual void getListOfBannedIps(std::list<BanListPeer>& list) =0;
|
||||
|
||||
virtual void getBannedIps(std::list<BanListPeer>& list) =0;
|
||||
virtual void getWhiteListedIps(std::list<BanListPeer>& list) =0;
|
||||
|
||||
virtual bool autoRangeEnabled() =0;
|
||||
virtual void enableAutoRange(bool b) =0 ;
|
||||
|
@ -238,36 +238,38 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checkin
|
||||
if(!mIPFilteringEnabled)
|
||||
return true ;
|
||||
|
||||
std::cerr << "isAddressAccepted(): tested addr=" << sockaddr_storage_iptostring(addr) << ", checking flags=" << checking_flags ;
|
||||
|
||||
// we should normally work this including entire ranges of IPs. For now, just check the exact IPs.
|
||||
|
||||
sockaddr_storage addr_24 = makeBitsRange(addr,1) ;
|
||||
sockaddr_storage addr_16 = makeBitsRange(addr,2) ;
|
||||
|
||||
if(checking_flags & RSBANLIST_CHECKING_FLAGS_WHITELIST)
|
||||
bool white_list_found = false ;
|
||||
|
||||
white_list_found = white_list_found || (mWhiteListedRanges.find(addr_16) != mWhiteListedRanges.end()) ;
|
||||
white_list_found = white_list_found || (mWhiteListedRanges.find(addr_24) != mWhiteListedRanges.end()) ;
|
||||
white_list_found = white_list_found || (mWhiteListedRanges.find(addr ) != mWhiteListedRanges.end()) ;
|
||||
|
||||
if(white_list_found)
|
||||
{
|
||||
bool found = false ;
|
||||
|
||||
found = found || (mWhiteListedRanges.find(addr ) != mWhiteListedRanges.end()) ;
|
||||
found = found || (mWhiteListedRanges.find(addr_16) != mWhiteListedRanges.end()) ;
|
||||
found = found || (mWhiteListedRanges.find(addr_24) != mWhiteListedRanges.end()) ;
|
||||
|
||||
if(found)
|
||||
{
|
||||
check_result = RSBANLIST_CHECK_RESULT_ACCEPTED ;
|
||||
return true ;
|
||||
}
|
||||
else
|
||||
{
|
||||
check_result = RSBANLIST_CHECK_RESULT_NOT_WHITELISTED ;
|
||||
return false ;
|
||||
}
|
||||
check_result = RSBANLIST_CHECK_RESULT_ACCEPTED ;
|
||||
std::cerr << ". Address is in whitelist. Accepting" << std::endl;
|
||||
return true ;
|
||||
}
|
||||
|
||||
if(checking_flags & RSBANLIST_CHECKING_FLAGS_WHITELIST)
|
||||
{
|
||||
check_result = RSBANLIST_CHECK_RESULT_NOT_WHITELISTED ;
|
||||
std::cerr << ". Address is not whitelist, and whitelist is required. Rejecting" << std::endl;
|
||||
return false ;
|
||||
}
|
||||
|
||||
#ifdef DEBUG_BANLIST
|
||||
std::cerr << "p3BanList::isAddressAccepted() testing " << sockaddr_storage_iptostring(addr) << " and range " << sockaddr_storage_iptostring(addr_24) ;
|
||||
#endif
|
||||
if(!(checking_flags & RSBANLIST_CHECKING_FLAGS_BLACKLIST))
|
||||
{
|
||||
std::cerr << ". No blacklisting required. Accepting." << std::endl;
|
||||
return true;
|
||||
}
|
||||
|
||||
std::map<sockaddr_storage,BanListPeer>::iterator it ;
|
||||
|
||||
@ -275,7 +277,7 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checkin
|
||||
{
|
||||
++it->second.connect_attempts;
|
||||
#ifdef DEBUG_BANLIST
|
||||
std::cerr << " returning false. attempts=" << it->second.connect_attempts << std::endl;
|
||||
std::cerr << " found in blacklisted range " << sockaddr_storage_iptostring(it->first) << "/16. returning false. attempts=" << it->second.connect_attempts << std::endl;
|
||||
#endif
|
||||
check_result = RSBANLIST_CHECK_RESULT_BLACKLISTED ;
|
||||
return false ;
|
||||
@ -285,7 +287,7 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checkin
|
||||
{
|
||||
++it->second.connect_attempts;
|
||||
#ifdef DEBUG_BANLIST
|
||||
std::cerr << " returning false. attempts=" << it->second.connect_attempts << std::endl;
|
||||
std::cerr << "found in blacklisted range " << sockaddr_storage_iptostring(it->first) << "/24. returning false. attempts=" << it->second.connect_attempts << std::endl;
|
||||
#endif
|
||||
check_result = RSBANLIST_CHECK_RESULT_BLACKLISTED ;
|
||||
return false ;
|
||||
@ -295,23 +297,31 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checkin
|
||||
{
|
||||
++it->second.connect_attempts;
|
||||
#ifdef DEBUG_BANLIST
|
||||
std::cerr << " returning false. attempts=" << it->second.connect_attempts << std::endl;
|
||||
std::cerr << "found as blacklisted address " << sockaddr_storage_iptostring(it->first) << ". returning false. attempts=" << it->second.connect_attempts << std::endl;
|
||||
#endif
|
||||
check_result = RSBANLIST_CHECK_RESULT_BLACKLISTED ;
|
||||
return false ;
|
||||
}
|
||||
|
||||
#ifdef DEBUG_BANLIST
|
||||
std::cerr << " returning true " << std::endl;
|
||||
std::cerr << " not blacklisted. Accepting." << std::endl;
|
||||
#endif
|
||||
check_result = RSBANLIST_CHECK_RESULT_ACCEPTED ;
|
||||
return true ;
|
||||
}
|
||||
|
||||
void p3BanList::getListOfBannedIps(std::list<BanListPeer> &lst)
|
||||
void p3BanList::getWhiteListedIps(std::list<BanListPeer> &lst)
|
||||
{
|
||||
RS_STACK_MUTEX(mBanMtx) ;
|
||||
|
||||
lst.clear() ;
|
||||
for(std::map<sockaddr_storage,BanListPeer>::const_iterator it(mWhiteListedRanges.begin());it!=mWhiteListedRanges.end();++it)
|
||||
lst.push_back(it->second) ;
|
||||
}
|
||||
void p3BanList::getBannedIps(std::list<BanListPeer> &lst)
|
||||
{
|
||||
RS_STACK_MUTEX(mBanMtx) ;
|
||||
|
||||
lst.clear() ;
|
||||
for(std::map<sockaddr_storage,BanListPeer>::const_iterator it(mBanSet.begin());it!=mBanSet.end();++it)
|
||||
if(mBanRanges.find(makeBitsRange(it->first,1)) == mBanRanges.end()
|
||||
&& mBanRanges.find(makeBitsRange(it->first,2)) == mBanRanges.end())
|
||||
@ -321,7 +331,12 @@ void p3BanList::getListOfBannedIps(std::list<BanListPeer> &lst)
|
||||
lst.push_back(it->second) ;
|
||||
}
|
||||
|
||||
void p3BanList::addIpRange(const sockaddr_storage &addr, int masked_bytes,const std::string& comment)
|
||||
void p3BanList::removeIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type)
|
||||
{
|
||||
#warning NOT IMPLEMENTED YET
|
||||
}
|
||||
|
||||
void p3BanList::addIpRange(const sockaddr_storage &addr, int masked_bytes,uint32_t list_type,const std::string& comment)
|
||||
{
|
||||
RS_STACK_MUTEX(mBanMtx) ;
|
||||
|
||||
@ -342,10 +357,15 @@ void p3BanList::addIpRange(const sockaddr_storage &addr, int masked_bytes,const
|
||||
|
||||
sockaddr_storage addrrange = makeBitsRange(addr,masked_bytes) ;
|
||||
|
||||
mBanRanges[addrrange] = blp ;
|
||||
if(list_type == RSBANLIST_CHECKING_FLAGS_BLACKLIST)
|
||||
mBanRanges[addrrange] = blp ;
|
||||
else if(list_type == RSBANLIST_CHECKING_FLAGS_WHITELIST)
|
||||
mWhiteListedRanges[addrrange] = blp ;
|
||||
else
|
||||
std::cerr << "(EE) Cannot add IP range. Bad list_type. Should be eiter RSBANLIST_CHECKING_FLAGS_BLACKLIST or RSBANLIST_CHECKING_FLAGS_WHITELIST" << std::endl;
|
||||
}
|
||||
|
||||
int p3BanList::tick()
|
||||
int p3BanList::tick()
|
||||
{
|
||||
processIncoming();
|
||||
sendPackets();
|
||||
|
@ -62,9 +62,12 @@ public:
|
||||
/***** overloaded from RsBanList *****/
|
||||
|
||||
virtual bool isAddressAccepted(const struct sockaddr_storage& addr, uint32_t checking_flags,uint32_t& check_result) ;
|
||||
virtual void getListOfBannedIps(std::list<BanListPeer>& list) ;
|
||||
|
||||
virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,const std::string& comment) ;
|
||||
virtual void getBannedIps(std::list<BanListPeer>& list) ;
|
||||
virtual void getWhiteListedIps(std::list<BanListPeer>& list) ;
|
||||
|
||||
virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type,const std::string& comment) ;
|
||||
virtual void removeIpRange(const sockaddr_storage &addr, int masked_bytes, uint32_t list_type);
|
||||
|
||||
virtual void enableIPFiltering(bool b) ;
|
||||
virtual bool ipFilteringEnabled() ;
|
||||
|
@ -72,12 +72,14 @@ ServerPage::ServerPage(QWidget * parent, Qt::WindowFlags flags)
|
||||
ui.filteredIpsTable->verticalHeader()->hide() ;
|
||||
|
||||
QObject::connect(ui.filteredIpsTable,SIGNAL(customContextMenuRequested(const QPoint&)),this,SLOT(ipFilterContextMenu(const QPoint&))) ;
|
||||
QObject::connect(ui.whiteListIpsTable,SIGNAL(customContextMenuRequested(const QPoint&)),this,SLOT(ipWhiteListContextMenu(const QPoint&))) ;
|
||||
QObject::connect(ui.denyAll_CB,SIGNAL(toggled(bool)),this,SLOT(toggleIpFiltering(bool)));
|
||||
QObject::connect(ui.includeFromDHT_CB,SIGNAL(toggled(bool)),this,SLOT(toggleAutoIncludeDHT(bool)));
|
||||
QObject::connect(ui.includeFromFriends_CB,SIGNAL(toggled(bool)),this,SLOT(toggleAutoIncludeFriends(bool)));
|
||||
QObject::connect(ui.groupIPRanges_CB,SIGNAL(toggled(bool)),this,SLOT(toggleGroupIps(bool)));
|
||||
QObject::connect(ui.groupIPRanges_SB,SIGNAL(valueChanged(int)),this,SLOT(setGroupIpLimit(int)));
|
||||
QObject::connect(ui.ipInputAdd_PB,SIGNAL(clicked()),this,SLOT(addIpRange()));
|
||||
QObject::connect(ui.ipInputAddBlackList_PB,SIGNAL(clicked()),this,SLOT(addIpRangeToBlackList()));
|
||||
QObject::connect(ui.ipInputAddWhiteList_PB,SIGNAL(clicked()),this,SLOT(addIpRangeToWhiteList()));
|
||||
QObject::connect(ui.ipInput_LE,SIGNAL(textChanged(const QString&)),this,SLOT(checkIpRange(const QString&)));
|
||||
|
||||
QTimer *timer = new QTimer(this);
|
||||
@ -171,7 +173,7 @@ void ServerPage::checkIpRange(const QString& ipstr)
|
||||
ui.ipInput_LE->setPalette(palette);
|
||||
}
|
||||
|
||||
void ServerPage::addIpRange()
|
||||
void ServerPage::addIpRangeToBlackList()
|
||||
{
|
||||
QString ipstr = ui.ipInput_LE->text() ;
|
||||
sockaddr_storage addr ;
|
||||
@ -182,7 +184,21 @@ void ServerPage::addIpRange()
|
||||
|
||||
bytes = 4 - ui.ipInputRange_SB->value()/8;
|
||||
|
||||
rsBanList->addIpRange(addr,bytes,ui.ipInputComment_LE->text().toStdString());
|
||||
rsBanList->addIpRange(addr,bytes, RSBANLIST_CHECKING_FLAGS_BLACKLIST,ui.ipInputComment_LE->text().toStdString());
|
||||
}
|
||||
|
||||
void ServerPage::addIpRangeToWhiteList()
|
||||
{
|
||||
QString ipstr = ui.ipInput_LE->text() ;
|
||||
sockaddr_storage addr ;
|
||||
int bytes = 0 ;
|
||||
|
||||
if(!parseAddrFromQString(ipstr,addr,bytes) || bytes != 0)
|
||||
return ;
|
||||
|
||||
bytes = 4 - ui.ipInputRange_SB->value()/8;
|
||||
|
||||
rsBanList->addIpRange(addr,bytes, RSBANLIST_CHECKING_FLAGS_WHITELIST,ui.ipInputComment_LE->text().toStdString());
|
||||
}
|
||||
|
||||
void ServerPage::clearKnownAddressList()
|
||||
@ -394,7 +410,8 @@ void ServerPage::loadFilteredIps()
|
||||
ui.ipInput_LE->setEnabled(true) ;
|
||||
ui.ipInputRange_SB->setEnabled(true) ;
|
||||
ui.ipInputComment_LE->setEnabled(true) ;
|
||||
ui.ipInputAdd_PB->setEnabled(true) ;
|
||||
ui.ipInputAddBlackList_PB->setEnabled(true) ;
|
||||
ui.ipInputAddWhiteList_PB->setEnabled(true) ;
|
||||
ui.groupIPRanges_CB->setEnabled(true) ;
|
||||
ui.groupIPRanges_SB->setEnabled(true) ;
|
||||
}
|
||||
@ -407,7 +424,8 @@ void ServerPage::loadFilteredIps()
|
||||
ui.ipInput_LE->setEnabled(false) ;
|
||||
ui.ipInputRange_SB->setEnabled(false) ;
|
||||
ui.ipInputComment_LE->setEnabled(false) ;
|
||||
ui.ipInputAdd_PB->setEnabled(false) ;
|
||||
ui.ipInputAddBlackList_PB->setEnabled(false) ;
|
||||
ui.ipInputAddWhiteList_PB->setEnabled(true) ;
|
||||
ui.groupIPRanges_CB->setEnabled(false) ;
|
||||
ui.groupIPRanges_SB->setEnabled(false) ;
|
||||
}
|
||||
@ -418,58 +436,62 @@ void ServerPage::loadFilteredIps()
|
||||
ui.groupIPRanges_SB->setValue(rsBanList->autoRangeLimit()) ;
|
||||
|
||||
std::list<BanListPeer> lst ;
|
||||
|
||||
rsBanList->getListOfBannedIps(lst) ;
|
||||
rsBanList->getBannedIps(lst) ;
|
||||
|
||||
ui.filteredIpsTable->setRowCount(lst.size()) ;
|
||||
|
||||
//std::cerr << "Adding " << lst.size() << " entries to table." << std::endl;
|
||||
|
||||
int row = 0 ;
|
||||
for(std::list<BanListPeer>::const_iterator it(lst.begin());it!=lst.end();++it,++row)
|
||||
{
|
||||
//std::cerr << " adding banned lst peer: " << print_addr((*it).addr) << std::endl;
|
||||
addPeerToIPTable(ui.filteredIpsTable,row,*it) ;
|
||||
|
||||
ui.filteredIpsTable->setItem(row,COLUMN_RANGE,new QTableWidgetItem(QString::fromStdString(print_addr_range((*it).addr,(*it).masked_bytes)))) ;
|
||||
rsBanList->getWhiteListedIps(lst) ;
|
||||
ui.whiteListIpsTable->setRowCount(lst.size()) ;
|
||||
|
||||
if( (*it).state )
|
||||
ui.filteredIpsTable->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString("active"))) ;
|
||||
else
|
||||
ui.filteredIpsTable->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString(""))) ;
|
||||
|
||||
ui.filteredIpsTable->item(row,COLUMN_STATUS)->setData(Qt::UserRole,QVariant( (*it).state )) ;
|
||||
|
||||
switch((*it).level)
|
||||
{
|
||||
case RSBANLIST_ORIGIN_FOF: ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend of a friend"))) ;
|
||||
break ;
|
||||
case RSBANLIST_ORIGIN_FRIEND: ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend"))) ;
|
||||
break ;
|
||||
case RSBANLIST_ORIGIN_SELF: ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From you"))) ;
|
||||
break ;
|
||||
default:
|
||||
case RSBANLIST_ORIGIN_UNKNOWN: ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("Unknown"))) ;
|
||||
break ;
|
||||
}
|
||||
|
||||
switch( (*it).reason )
|
||||
{
|
||||
case RSBANLIST_REASON_DHT: ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Bad peer (DHT)"))) ;
|
||||
break ;
|
||||
case RSBANLIST_REASON_USER: ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Home-made rule"))) ;
|
||||
break ;
|
||||
case RSBANLIST_REASON_AUTO_RANGE: ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Auto-generated range"))) ;
|
||||
ui.filteredIpsTable->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(tr("Range made from %1 collected addresses").arg(QString::number((*it).connect_attempts)))) ;
|
||||
break ;
|
||||
default:
|
||||
case RSBANLIST_REASON_UNKNOWN: ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Unknown"))) ;
|
||||
break ;
|
||||
}
|
||||
|
||||
ui.filteredIpsTable->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(QString::fromStdString((*it).comment))) ;
|
||||
}
|
||||
row = 0;
|
||||
for(std::list<BanListPeer>::const_iterator it(lst.begin());it!=lst.end();++it,++row)
|
||||
addPeerToIPTable(ui.whiteListIpsTable,row,*it) ;
|
||||
}
|
||||
|
||||
void ServerPage::addPeerToIPTable(QTableWidget *table,int row,const BanListPeer& blp)
|
||||
{
|
||||
table->setItem(row,COLUMN_RANGE,new QTableWidgetItem(QString::fromStdString(print_addr_range(blp.addr,blp.masked_bytes)))) ;
|
||||
|
||||
if( blp.state )
|
||||
table->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString("active"))) ;
|
||||
else
|
||||
table->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString(""))) ;
|
||||
|
||||
table->item(row,COLUMN_STATUS)->setData(Qt::UserRole,QVariant( blp.state )) ;
|
||||
|
||||
switch(blp.level)
|
||||
{
|
||||
case RSBANLIST_ORIGIN_FOF: table->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend of a friend"))) ;
|
||||
break ;
|
||||
case RSBANLIST_ORIGIN_FRIEND: table->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend"))) ;
|
||||
break ;
|
||||
case RSBANLIST_ORIGIN_SELF: table->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From you"))) ;
|
||||
break ;
|
||||
default:
|
||||
case RSBANLIST_ORIGIN_UNKNOWN: table->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("Unknown"))) ;
|
||||
break ;
|
||||
}
|
||||
|
||||
switch( blp.reason )
|
||||
{
|
||||
case RSBANLIST_REASON_DHT: table->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Bad peer (DHT)"))) ;
|
||||
break ;
|
||||
case RSBANLIST_REASON_USER: table->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Home-made rule"))) ;
|
||||
break ;
|
||||
case RSBANLIST_REASON_AUTO_RANGE: table->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Auto-generated range"))) ;
|
||||
table->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(tr("Range made from %1 collected addresses").arg(QString::number(blp.connect_attempts)))) ;
|
||||
break ;
|
||||
default:
|
||||
case RSBANLIST_REASON_UNKNOWN: table->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Unknown"))) ;
|
||||
break ;
|
||||
}
|
||||
|
||||
table->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(QString::fromStdString(blp.comment))) ;
|
||||
}
|
||||
|
||||
|
||||
void ServerPage::toggleGroupIps(bool b) { rsBanList->enableAutoRange(b) ; }
|
||||
@ -487,8 +509,7 @@ void ServerPage::ipFilterContextMenu(const QPoint& point)
|
||||
|
||||
bool status = item->data(Qt::UserRole).toBool();
|
||||
|
||||
if(!status)
|
||||
contextMenu.addAction(tr("Disable/remove"),this,SLOT(removeBannedIp()))->setEnabled(false) ;
|
||||
contextMenu.addAction(tr("Remove"),this,SLOT(removeBannedIp()))->setEnabled(false) ;
|
||||
|
||||
QString addr_string = ui.filteredIpsTable->item(row,COLUMN_RANGE)->text() ;
|
||||
|
||||
@ -505,20 +526,115 @@ void ServerPage::ipFilterContextMenu(const QPoint& point)
|
||||
QString range1 = QString::fromStdString(print_addr_range(addr,1)) ;
|
||||
QString range2 = QString::fromStdString(print_addr_range(addr,2)) ;
|
||||
|
||||
contextMenu.addAction(QObject::tr("Filter IP " )+range0,this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
#warning UNIMPLEMENTED CODE
|
||||
contextMenu.addAction(QObject::tr("Filter entire range ")+range1,this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
contextMenu.addAction(QObject::tr("Filter entire range ")+range2,this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
if(masked_bytes != 0)
|
||||
contextMenu.addAction(QObject::tr("Ban only IP %1").arg(range0),this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
|
||||
if(masked_bytes != 1)
|
||||
contextMenu.addAction(QObject::tr("Ban entire range %2").arg(range1),this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
|
||||
if(masked_bytes != 2)
|
||||
contextMenu.addAction(QObject::tr("Ban entire range %1").arg(range2),this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
|
||||
contextMenu.addAction(QObject::tr("Move IP %1 to whitelist" ).arg(range0),this,SLOT(moveToWhiteList0())) ;
|
||||
contextMenu.addAction(QObject::tr("Whitelist entire range %1").arg(range1),this,SLOT(moveToWhiteList1())) ;
|
||||
contextMenu.addAction(QObject::tr("whitelist entire range %1").arg(range2),this,SLOT(moveToWhiteList2())) ;
|
||||
|
||||
contextMenu.exec(QCursor::pos()) ;
|
||||
}
|
||||
|
||||
bool ServerPage::removeCurrentRowFromBlackList(sockaddr_storage& collected_addr,int &masked_bytes)
|
||||
{
|
||||
int row = ui.filteredIpsTable->currentRow();
|
||||
QTableWidgetItem *item = ui.filteredIpsTable->item(row, COLUMN_STATUS);
|
||||
|
||||
if(item == NULL)
|
||||
return false;
|
||||
|
||||
QString addr_string = ui.filteredIpsTable->item(row,COLUMN_RANGE)->text() ;
|
||||
|
||||
if(!parseAddrFromQString(addr_string,collected_addr,masked_bytes))
|
||||
{
|
||||
std::cerr <<"Cannot parse IP \"" << addr_string.toStdString() << "\"" << std::endl;
|
||||
return false;
|
||||
}
|
||||
rsBanList->removeIpRange(collected_addr,masked_bytes,RSBANLIST_CHECKING_FLAGS_BLACKLIST);
|
||||
return true ;
|
||||
}
|
||||
|
||||
void ServerPage::moveToWhiteList0()
|
||||
{
|
||||
sockaddr_storage addr ;
|
||||
int bytes ;
|
||||
|
||||
removeCurrentRowFromBlackList(addr,bytes) ;
|
||||
|
||||
rsBanList->addIpRange(addr,0,RSBANLIST_CHECKING_FLAGS_WHITELIST, tr("Added by you").toStdString());
|
||||
}
|
||||
void ServerPage::moveToWhiteList1()
|
||||
{
|
||||
sockaddr_storage addr ;
|
||||
int bytes ;
|
||||
|
||||
removeCurrentRowFromBlackList(addr,bytes) ;
|
||||
|
||||
rsBanList->addIpRange(addr,1,RSBANLIST_CHECKING_FLAGS_WHITELIST, tr("Added by you").toStdString());
|
||||
}
|
||||
void ServerPage::moveToWhiteList2()
|
||||
{
|
||||
sockaddr_storage addr ;
|
||||
int bytes ;
|
||||
|
||||
removeCurrentRowFromBlackList(addr,bytes) ;
|
||||
|
||||
rsBanList->addIpRange(addr,2,RSBANLIST_CHECKING_FLAGS_WHITELIST, tr("Added by you").toStdString());
|
||||
}
|
||||
void ServerPage::ipWhiteListContextMenu(const QPoint& point)
|
||||
{
|
||||
QMenu contextMenu(this) ;
|
||||
int row = ui.whiteListIpsTable->currentRow();
|
||||
|
||||
QTableWidgetItem *item = ui.whiteListIpsTable->item(row, COLUMN_STATUS);
|
||||
|
||||
if(item == NULL)
|
||||
return ;
|
||||
|
||||
bool status = item->data(Qt::UserRole).toBool();
|
||||
|
||||
if(!status)
|
||||
contextMenu.addAction(tr("Remove"),this,SLOT(removeWhiteListedIp()))->setEnabled(false) ;
|
||||
|
||||
QString addr_string = ui.whiteListIpsTable->item(row,COLUMN_RANGE)->text() ;
|
||||
|
||||
sockaddr_storage addr ;
|
||||
int masked_bytes ;
|
||||
|
||||
if(!parseAddrFromQString(addr_string,addr,masked_bytes))
|
||||
{
|
||||
std::cerr <<"Cannot parse IP \"" << addr_string.toStdString() << "\"" << std::endl;
|
||||
return ;
|
||||
}
|
||||
|
||||
QString range0 = QString::fromStdString(print_addr_range(addr,0)) ;
|
||||
QString range1 = QString::fromStdString(print_addr_range(addr,1)) ;
|
||||
QString range2 = QString::fromStdString(print_addr_range(addr,2)) ;
|
||||
|
||||
contextMenu.addAction(QObject::tr("Whitelist only IP " )+range0,this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
#warning UNIMPLEMENTED CODE
|
||||
contextMenu.addAction(QObject::tr("Whitelist entire range ")+range1,this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
contextMenu.addAction(QObject::tr("Whitelist entire range ")+range2,this,SLOT(enableBannedIp()))->setEnabled(false) ;
|
||||
|
||||
contextMenu.exec(QCursor::pos()) ;
|
||||
}
|
||||
void ServerPage::removeBannedIp()
|
||||
{
|
||||
#warning UNIMPLEMENTED CODE
|
||||
std::cerr << "Removing banned IP" << std::endl;
|
||||
}
|
||||
|
||||
void ServerPage::removeWhiteListedIp()
|
||||
{
|
||||
#warning UNIMPLEMENTED CODE
|
||||
std::cerr << "Removing White-Listed IP" << std::endl;
|
||||
}
|
||||
void ServerPage::enableBannedIp()
|
||||
{
|
||||
#warning UNIMPLEMENTED CODE
|
||||
|
@ -28,6 +28,8 @@
|
||||
|
||||
class QNetworkReply;
|
||||
class QNetworkAccessManager;
|
||||
class BanListPeer;
|
||||
struct sockaddr_storage;
|
||||
|
||||
class ServerPage: public ConfigPage
|
||||
{
|
||||
@ -50,7 +52,12 @@ public slots:
|
||||
void updateStatus();
|
||||
|
||||
private slots:
|
||||
void addIpRange();
|
||||
void addIpRangeToBlackList();
|
||||
void addIpRangeToWhiteList();
|
||||
void moveToWhiteList0();
|
||||
void moveToWhiteList1();
|
||||
void moveToWhiteList2();
|
||||
void removeWhiteListedIp();
|
||||
void checkIpRange(const QString &);
|
||||
void setGroupIpLimit(int n);
|
||||
void toggleGroupIps(bool b);
|
||||
@ -58,6 +65,7 @@ private slots:
|
||||
void toggleAutoIncludeFriends(bool b);
|
||||
void toggleIpFiltering(bool b);
|
||||
void ipFilterContextMenu(const QPoint &);
|
||||
void ipWhiteListContextMenu(const QPoint &point);
|
||||
void removeBannedIp();
|
||||
void enableBannedIp();
|
||||
void saveAddresses();
|
||||
@ -71,6 +79,8 @@ private slots:
|
||||
private:
|
||||
|
||||
// Alternative Versions for HiddenNode Mode.
|
||||
void addPeerToIPTable(QTableWidget *table, int row, const BanListPeer &blp);
|
||||
bool removeCurrentRowFromBlackList(sockaddr_storage& collected_addr,int& masked_bytes);
|
||||
void loadHiddenNode();
|
||||
void updateStatusHiddenNode();
|
||||
void saveAddressesHiddenNode();
|
||||
|
@ -6,8 +6,8 @@
|
||||
<rect>
|
||||
<x>0</x>
|
||||
<y>0</y>
|
||||
<width>661</width>
|
||||
<height>548</height>
|
||||
<width>722</width>
|
||||
<height>650</height>
|
||||
</rect>
|
||||
</property>
|
||||
<layout class="QVBoxLayout" name="verticalLayout_3">
|
||||
@ -502,162 +502,240 @@ behind a firewall or a VPN.</string>
|
||||
<attribute name="title">
|
||||
<string>IP Filters</string>
|
||||
</attribute>
|
||||
<layout class="QVBoxLayout" name="verticalLayout_4">
|
||||
<layout class="QVBoxLayout" name="verticalLayout_11">
|
||||
<item>
|
||||
<widget class="QCheckBox" name="denyAll_CB">
|
||||
<property name="text">
|
||||
<string>Deny all connections from the following IP ranges:</string>
|
||||
<widget class="QGroupBox" name="groupBox">
|
||||
<property name="title">
|
||||
<string>IP blacklist</string>
|
||||
</property>
|
||||
<layout class="QVBoxLayout" name="verticalLayout_4">
|
||||
<item>
|
||||
<widget class="QCheckBox" name="denyAll_CB">
|
||||
<property name="text">
|
||||
<string>Deny all connections from the following IP ranges:</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QTableWidget" name="filteredIpsTable">
|
||||
<property name="contextMenuPolicy">
|
||||
<enum>Qt::CustomContextMenu</enum>
|
||||
</property>
|
||||
<property name="toolTip">
|
||||
<string><html><head/><body><p>This list get automatically filled from information gathered at multiple sources: masquerading peers reported by the DHT, IP ranged entered by you, and IP ranges reported by your friends. Default settings should protect you against large scale traffic relaying.</p><p>Automatically guessing masquerading IPs can put your friends IPs in the blacklist. This case, use the context menu to whitelist them.</p></body></html></string>
|
||||
</property>
|
||||
<property name="alternatingRowColors">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
<property name="sortingEnabled">
|
||||
<bool>false</bool>
|
||||
</property>
|
||||
<attribute name="horizontalHeaderStretchLastSection">
|
||||
<bool>true</bool>
|
||||
</attribute>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>IP range</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Status</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Origin</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Reason</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Comment</string>
|
||||
</property>
|
||||
</column>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QCheckBox" name="includeFromFriends_CB">
|
||||
<property name="text">
|
||||
<string>Include the IPs reported by your friends</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<layout class="QHBoxLayout" name="horizontalLayout_11">
|
||||
<item>
|
||||
<widget class="QCheckBox" name="groupIPRanges_CB">
|
||||
<property name="text">
|
||||
<string>Auto-group IPs by ranges when at least :</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QSpinBox" name="groupIPRanges_SB">
|
||||
<property name="suffix">
|
||||
<string> IPs</string>
|
||||
</property>
|
||||
<property name="minimum">
|
||||
<number>2</number>
|
||||
</property>
|
||||
<property name="maximum">
|
||||
<number>255</number>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<spacer name="horizontalSpacer_2">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Horizontal</enum>
|
||||
</property>
|
||||
<property name="sizeHint" stdset="0">
|
||||
<size>
|
||||
<width>40</width>
|
||||
<height>20</height>
|
||||
</size>
|
||||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
</layout>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QCheckBox" name="includeFromDHT_CB">
|
||||
<property name="text">
|
||||
<string>Automatically include masquerading IPs reported by DHT</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
</layout>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QTableWidget" name="filteredIpsTable">
|
||||
<property name="contextMenuPolicy">
|
||||
<enum>Qt::CustomContextMenu</enum>
|
||||
<widget class="QGroupBox" name="groupBox_2">
|
||||
<property name="title">
|
||||
<string>IP whitelist</string>
|
||||
</property>
|
||||
<property name="toolTip">
|
||||
<string><html><head/><body><p>This list get automatically filled from information gathered at multiple sources: masquerading peers reported by the DHT, IP ranged entered by you, and IP ranges reported by your friends. </p></body></html></string>
|
||||
</property>
|
||||
<property name="alternatingRowColors">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
<property name="sortingEnabled">
|
||||
<bool>false</bool>
|
||||
</property>
|
||||
<attribute name="horizontalHeaderStretchLastSection">
|
||||
<bool>true</bool>
|
||||
</attribute>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>IP range</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Status</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Origin</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Reason</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Comment</string>
|
||||
</property>
|
||||
</column>
|
||||
<layout class="QVBoxLayout" name="verticalLayout_9">
|
||||
<item>
|
||||
<widget class="QTableWidget" name="whiteListIpsTable">
|
||||
<property name="contextMenuPolicy">
|
||||
<enum>Qt::CustomContextMenu</enum>
|
||||
</property>
|
||||
<property name="toolTip">
|
||||
<string><html><head/><body><p>White listed IPs are gathered from the following sources: IPs coming inside a manually exchanged certificate, IP ranges entered by you in this window, or in the security feed items.</p><p>The default behavior for Retroshare is to disallow connections to peers not in the white-list. You can change this behavior for each peer in the &quot;Details&quot; window of each Retroshare node. If not activated, connections will still be checked w.r.t. the whitelist, and the blacklit above, but will pass if not in the whitelist.</p></body></html></string>
|
||||
</property>
|
||||
<property name="alternatingRowColors">
|
||||
<bool>true</bool>
|
||||
</property>
|
||||
<property name="sortingEnabled">
|
||||
<bool>false</bool>
|
||||
</property>
|
||||
<attribute name="horizontalHeaderStretchLastSection">
|
||||
<bool>true</bool>
|
||||
</attribute>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>IP range</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Status</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Origin</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Reason</string>
|
||||
</property>
|
||||
</column>
|
||||
<column>
|
||||
<property name="text">
|
||||
<string>Comment</string>
|
||||
</property>
|
||||
</column>
|
||||
</widget>
|
||||
</item>
|
||||
</layout>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QCheckBox" name="includeFromFriends_CB">
|
||||
<property name="text">
|
||||
<string>Include the IPs reported by your friends</string>
|
||||
<widget class="QGroupBox" name="groupBox_3">
|
||||
<property name="title">
|
||||
<string>Manual input</string>
|
||||
</property>
|
||||
<layout class="QVBoxLayout" name="verticalLayout_10">
|
||||
<item>
|
||||
<layout class="QHBoxLayout" name="horizontalLayout_10">
|
||||
<item>
|
||||
<widget class="QLineEdit" name="ipInput_LE">
|
||||
<property name="sizePolicy">
|
||||
<sizepolicy hsizetype="Maximum" vsizetype="Fixed">
|
||||
<horstretch>0</horstretch>
|
||||
<verstretch>0</verstretch>
|
||||
</sizepolicy>
|
||||
</property>
|
||||
<property name="toolTip">
|
||||
<string><html><head/><body><p>Enter an IP range. Accepted formats:</p><p>193.190.209.15</p><p>193.190.209.15/24</p><p>193.190.209.15/16</p></body></html></string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QSpinBox" name="ipInputRange_SB">
|
||||
<property name="minimum">
|
||||
<number>16</number>
|
||||
</property>
|
||||
<property name="maximum">
|
||||
<number>24</number>
|
||||
</property>
|
||||
<property name="singleStep">
|
||||
<number>8</number>
|
||||
</property>
|
||||
<property name="value">
|
||||
<number>24</number>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QLineEdit" name="ipInputComment_LE">
|
||||
<property name="sizePolicy">
|
||||
<sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
|
||||
<horstretch>0</horstretch>
|
||||
<verstretch>0</verstretch>
|
||||
</sizepolicy>
|
||||
</property>
|
||||
<property name="toolTip">
|
||||
<string><html><head/><body><p>Enter any comment you'd like</p></body></html></string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QPushButton" name="ipInputAddBlackList_PB">
|
||||
<property name="text">
|
||||
<string>Add to blacklist</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QPushButton" name="ipInputAddWhiteList_PB">
|
||||
<property name="text">
|
||||
<string>Add to whitelist</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
</layout>
|
||||
</item>
|
||||
</layout>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<layout class="QHBoxLayout" name="horizontalLayout_11">
|
||||
<item>
|
||||
<widget class="QCheckBox" name="groupIPRanges_CB">
|
||||
<property name="text">
|
||||
<string>Group IPs by ranges when at least :</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QSpinBox" name="groupIPRanges_SB">
|
||||
<property name="suffix">
|
||||
<string> IPs</string>
|
||||
</property>
|
||||
<property name="minimum">
|
||||
<number>2</number>
|
||||
</property>
|
||||
<property name="maximum">
|
||||
<number>255</number>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<spacer name="horizontalSpacer_2">
|
||||
<property name="orientation">
|
||||
<enum>Qt::Horizontal</enum>
|
||||
</property>
|
||||
<property name="sizeHint" stdset="0">
|
||||
<size>
|
||||
<width>40</width>
|
||||
<height>20</height>
|
||||
</size>
|
||||
</property>
|
||||
</spacer>
|
||||
</item>
|
||||
</layout>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QCheckBox" name="includeFromDHT_CB">
|
||||
<property name="text">
|
||||
<string>Include masquerading IPs reported by DHT</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<layout class="QHBoxLayout" name="horizontalLayout_10">
|
||||
<item>
|
||||
<widget class="QLineEdit" name="ipInput_LE">
|
||||
<property name="sizePolicy">
|
||||
<sizepolicy hsizetype="Maximum" vsizetype="Fixed">
|
||||
<horstretch>0</horstretch>
|
||||
<verstretch>0</verstretch>
|
||||
</sizepolicy>
|
||||
</property>
|
||||
<property name="toolTip">
|
||||
<string><html><head/><body><p>Enter an IP range. Accepted formats:</p><p>193.190.209.15</p><p>193.190.209.15/24</p><p>193.190.209.15/16</p></body></html></string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QSpinBox" name="ipInputRange_SB">
|
||||
<property name="minimum">
|
||||
<number>16</number>
|
||||
</property>
|
||||
<property name="maximum">
|
||||
<number>24</number>
|
||||
</property>
|
||||
<property name="singleStep">
|
||||
<number>8</number>
|
||||
</property>
|
||||
<property name="value">
|
||||
<number>24</number>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QLineEdit" name="ipInputComment_LE">
|
||||
<property name="sizePolicy">
|
||||
<sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
|
||||
<horstretch>0</horstretch>
|
||||
<verstretch>0</verstretch>
|
||||
</sizepolicy>
|
||||
</property>
|
||||
<property name="toolTip">
|
||||
<string><html><head/><body><p>Enter any comment you'd like</p></body></html></string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item>
|
||||
<widget class="QPushButton" name="ipInputAdd_PB">
|
||||
<property name="text">
|
||||
<string>Add</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
</layout>
|
||||
</item>
|
||||
</layout>
|
||||
</widget>
|
||||
<widget class="QWidget" name="TorTAB">
|
||||
|
Loading…
Reference in New Issue
Block a user