Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add setban/listbanned RPC commands #6158

Merged
merged 10 commits into from Jun 18, 2015
Merged

Conversation

jonasschnelli
Copy link
Contributor

@jonasschnelli jonasschnelli commented May 19, 2015

Groundwork for #5866.
If this makes it into master i'd like to add a GUI context menu for the peers table.
A simple disconnect (without banning) would be possible with setban <ip> add 1 (where 1 is the bantime).

At the moment the banned set does not survive a restart (should be added once).
Also currently banning is per IP and not per Node which results in disconnecting all nodes of a given IP (if the nodes uses the same ip but different ports).

Also includes some whitespace fixes for httpbasics.py test.

@jonasschnelli jonasschnelli force-pushed the 2015/05/rpc_ban branch 2 times, most recently from 9792d11 to ab10e9d Compare May 19, 2015
@jonasschnelli
Copy link
Contributor Author

jonasschnelli commented May 19, 2015

I'm open to alternatives (naming) for setban and listbanned. I thought adding banning options over the addnode command is a misuse.
I'm also not sure about banning whole IPs instead of only IP:port (node).

@@ -458,13 +458,30 @@ bool CNode::IsBanned(CNetAddr ip)
return fResult;
}

bool CNode::Ban(const CNetAddr &addr) {
bool CNode::Ban(const CNetAddr &addr, int64_t bantimeoffset) {
Copy link

@Diapolo Diapolo May 19, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why was/is this returning a bool, if it seems to be only true?

Copy link
Contributor Author

@jonasschnelli jonasschnelli May 19, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right. I didn't want to change this in this PR and i kept it for legacy reasons and to lower the risk of breaking something.

Copy link

@Diapolo Diapolo May 19, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Understood, but IMHO a function that doesn't need it could just be void. Perhaps you can just add a commit for that at the end? At least it could be changed for GetBanned as you just added it :).

Copy link
Contributor Author

@jonasschnelli jonasschnelli May 19, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed. Added a commit on top.

@jonasschnelli jonasschnelli force-pushed the 2015/05/rpc_ban branch 3 times, most recently from f2a123b to 8339b26 Compare May 19, 2015
@jonasschnelli
Copy link
Contributor Author

jonasschnelli commented May 19, 2015

Added a clearbanned command (also included in tests).

@jonasschnelli jonasschnelli force-pushed the 2015/05/rpc_ban branch 4 times, most recently from 83cd720 to 9f1394b Compare May 19, 2015
@laanwj
Copy link
Member

laanwj commented May 21, 2015

Concept ACK, did not test or review code yet, this will be after 0.11 release

@gmaxwell
Copy link
Contributor

gmaxwell commented May 22, 2015

Great; I had an old bitrotted version of this and had implemented almost exactly the same interface. One thing this can't accomplish though is banning netgroups. (thats actually what held up my code: I found issues with out netgroup parser that broke my tests)

@LeMiner
Copy link

LeMiner commented May 22, 2015

In light of what gmaxwell said, perhaps allowing for -- setban 12. * .12.12 or setban 50.50.50. * would make sense as well. To allow for banning of entire octets.

@laanwj
Copy link
Member

laanwj commented May 22, 2015

@LeMiner Good idea, but I'd say the interface should use /n or /x.y.z.w CIDR syntax (as parsed by CSubNet) instead of bringing back 0.9-era wildcards.

@jonasschnelli
Copy link
Contributor Author

jonasschnelli commented May 22, 2015

Agreed with @laanwj.
I don't think there is a use case for 1.x.2.3

@LeMiner
Copy link

LeMiner commented May 22, 2015

Yep, agreed as well.

@laanwj
Copy link
Member

laanwj commented May 22, 2015

1.x.2.3 in CIDR would be 1.0.2.3/255.0.255.255. But no, I don't see a use-case either.

@jonasschnelli
Copy link
Contributor Author

jonasschnelli commented May 26, 2015

Extended this PR to allow subnet banning/unbanning.
This needs testing because it changes the internal ban set from CNetAddr to CSubNet.

@jonasschnelli jonasschnelli force-pushed the 2015/05/rpc_ban branch 2 times, most recently from 12d6265 to 2eff5b8 Compare May 27, 2015
@jgarzik
Copy link
Contributor

jgarzik commented Jun 11, 2015

ut ACK

@laanwj
Copy link
Member

laanwj commented Jun 12, 2015

Needs rebase.
I agree with @luke-jr that it should be somehow possible to specify an absolute ban time. Relative times are useful for end-users, but not so much for programmatic use.

@jonasschnelli jonasschnelli force-pushed the 2015/05/rpc_ban branch 2 times, most recently from d416fe3 to 83b0cc6 Compare Jun 12, 2015
@jonasschnelli
Copy link
Contributor Author

jonasschnelli commented Jun 12, 2015

Rebased and added the possibility of setting an absolute bantime with setban add <ip> <unixtimestamp> true.

@@ -1330,6 +1330,11 @@ bool operator!=(const CSubNet& a, const CSubNet& b)
return !(a==b);
}

bool operator<(const CSubNet& a, const CSubNet& b)
{
return (a.network < b.network || (a.network == b.network && memcmp(a.netmask, b.netmask, 16)));
Copy link
Member

@laanwj laanwj Jun 12, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this should be:

return (a.network < b.network || (a.network == b.network && memcmp(a.netmask, b.netmask, 16) < 0));

Copy link
Contributor Author

@jonasschnelli jonasschnelli Jun 12, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch! Thanks for the review.
Fixed.

@jonasschnelli
Copy link
Contributor Author

jonasschnelli commented Jun 16, 2015

Rebased and added also tests for the new disconnectnode command

@laanwj laanwj merged commit 9d79afe into bitcoin:master Jun 18, 2015
laanwj added a commit that referenced this pull request Jun 18, 2015
9d79afe add RPC tests for setban & disconnectnode (Jonas Schnelli)
1f02b80 setban: add RPCErrorCode (Jonas Schnelli)
d624167 fix CSubNet comparison operator (Jonas Schnelli)
4e36e9b setban: rewrite to UniValue, allow absolute bantime (Jonas Schnelli)
3de24d7 rename json field "bannedtill" to "banned_until" (Jonas Schnelli)
433fb1a [RPC] extend setban to allow subnets (Jonas Schnelli)
e8b9347 [net] remove unused return type bool from CNode::Ban() (Jonas Schnelli)
1086ffb [QA] add setban/listbanned/clearbanned tests (Jonas Schnelli)
d930b26 [RPC] add setban/listbanned/clearbanned RPC commands (Jonas Schnelli)
2252fb9 [net] extend core functionallity for ban/unban/listban (Jonas Schnelli)
@jonasschnelli
Copy link
Contributor Author

jonasschnelli commented Jun 18, 2015

Thanks for the merge. I now try to extend this to the UI peers window.

@bitcoin bitcoin locked as resolved and limited conversation to collaborators Sep 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

7 participants