Merge pull request #1572

0e0e6c5f Reduce to one connection per IP (Miguel Herranz)
3f269e98 Limit incoming connections from the same IP (Miguel Herranz)
This commit is contained in:
Riccardo Spagni 2017-01-20 20:54:03 -05:00
commit d10425025a
No known key found for this signature in database
GPG key ID: 55432DF31CCD4FCD
2 changed files with 32 additions and 0 deletions

View file

@ -227,6 +227,8 @@ namespace nodetool
bool set_rate_down_limit(const boost::program_options::variables_map& vm, int64_t limit);
bool set_rate_limit(const boost::program_options::variables_map& vm, int64_t limit);
bool has_too_many_connections(const uint32_t ip);
void kill() { ///< will be called e.g. from deinit()
_info("Killing the net_node");
is_closing = true;

View file

@ -1456,6 +1456,14 @@ namespace nodetool
drop_connection(context);
return 1;
}
if(has_too_many_connections(context.m_remote_ip))
{
LOG_PRINT_CCONTEXT_L1("CONNECTION FROM " << epee::string_tools::get_ip_string_from_int32(context.m_remote_ip) << " REFUSED, too many connections from the same address");
drop_connection(context);
return 1;
}
//associate peer_id with this connection
context.peer_id = arg.node_data.peer_id;
@ -1674,4 +1682,26 @@ namespace nodetool
return true;
}
template<class t_payload_net_handler>
bool node_server<t_payload_net_handler>::has_too_many_connections(const uint32_t ip)
{
const uint8_t max_connections = 1;
uint8_t count = 0;
m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
{
if (cntxt.m_is_income && cntxt.m_remote_ip == ip) {
count++;
if (count > max_connections) {
return false;
}
}
return true;
});
return count > max_connections;
}
}