Git-Mirrors/monero
1
0
Fork 0
mirror of https://github.com/monero-project/monero.git synced 2025-08-12 02:00:19 -04:00
Code Issues Projects Releases Packages Wiki Activity

allow blocking whole subnets

Browse source
This commit is contained in:
moneromooo-monero 2019-03-29 10:47:53 +00:00
parent 515ac2951d
commit 65c4004963
No known key found for this signature in database
GPG key ID: 686F07454D6CEFC3
19 changed files with 413 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

38
tests/unit_tests/ban.cpp
View file

@ -36,6 +36,7 @@
#include "cryptonote_protocol/cryptonote_protocol_handler.inl"
#define MAKE_IPV4_ADDRESS(a,b,c,d) epee::net_utils::ipv4_network_address{MAKE_IP(a,b,c,d),0}
#define MAKE_IPV4_SUBNET(a,b,c,d,e) epee::net_utils::ipv4_network_subnet{MAKE_IP(a,b,c,d),e}
namespace cryptonote {
class blockchain_storage;
@ -93,11 +94,10 @@ typedef nodetool::node_server<cryptonote::t_cryptonote_protocol_handler<test_cor
static bool is_blocked(Server &server, const epee::net_utils::network_address &address, time_t *t = NULL)
{
const std::string host = address.host_str();
std::map<std::string, time_t> hosts = server.get_blocked_hosts();
std::map<epee::net_utils::network_address, time_t> hosts = server.get_blocked_hosts();
for (auto rec: hosts)
{
if (rec.first == host)
if (rec.first == address)
{
if (t)
*t = rec.second;
@ -208,5 +208,37 @@ TEST(ban, limit)
ASSERT_TRUE(is_blocked(server,MAKE_IPV4_ADDRESS(1,2,3,4)));
}
TEST(ban, subnet)
{
time_t seconds;
test_core pr_core;
cryptonote::t_cryptonote_protocol_handler<test_core> cprotocol(pr_core, NULL);
Server server(cprotocol);
cprotocol.set_p2p_endpoint(&server);
ASSERT_TRUE(server.block_subnet(MAKE_IPV4_SUBNET(1,2,3,4,24), 10));
ASSERT_TRUE(server.get_blocked_subnets().size() == 1);
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,4), &seconds));
ASSERT_TRUE(seconds >= 9);
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,255), &seconds));
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,0), &seconds));
ASSERT_FALSE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,4,0), &seconds));
ASSERT_FALSE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,2,0), &seconds));
ASSERT_TRUE(server.unblock_subnet(MAKE_IPV4_SUBNET(1,2,3,8,24)));
ASSERT_TRUE(server.get_blocked_subnets().size() == 0);
ASSERT_FALSE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,255), &seconds));
ASSERT_FALSE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,2,3,0), &seconds));
ASSERT_TRUE(server.block_subnet(MAKE_IPV4_SUBNET(1,2,3,4,8), 10));
ASSERT_TRUE(server.get_blocked_subnets().size() == 1);
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,255,3,255), &seconds));
ASSERT_TRUE(server.is_host_blocked(MAKE_IPV4_ADDRESS(1,0,3,255), &seconds));
ASSERT_FALSE(server.unblock_subnet(MAKE_IPV4_SUBNET(1,2,3,8,24)));
ASSERT_TRUE(server.get_blocked_subnets().size() == 1);
ASSERT_TRUE(server.block_subnet(MAKE_IPV4_SUBNET(1,2,3,4,8), 10));
ASSERT_TRUE(server.get_blocked_subnets().size() == 1);
ASSERT_TRUE(server.unblock_subnet(MAKE_IPV4_SUBNET(1,255,0,0,8)));
ASSERT_TRUE(server.get_blocked_subnets().size() == 0);
}
namespace nodetool { template class node_server<cryptonote::t_cryptonote_protocol_handler<test_core>>; }
namespace cryptonote { template class t_cryptonote_protocol_handler<test_core>; }