Pool policy server collecting several stats on per IP basis. There are two options: iptables+ipset
or simple application level bans. Banning is disabled by default.
First you need to configure your firewall to use ipset
, read this article.
Specify ipset
name for banning in policy
section. Timeout argument (in seconds) will be passed to this ipset
. Stratum will use os/exec
command like sudo ipset add banlist x.x.x.x 1800
for banning, so you have to configure sudo
properly and make sure that your system will never ask for password:
Example /etc/sudoers.d/pool
where pool
is a username under which pool runs:
pool ALL=NOPASSWD: /sbin/ipset
If you need something simple, just set ipset
name to blank string and simple application level banning will be used instead.
Under some weird circumstances you can enforce limits to prevent connection flood to stratum, there are initial settings: limit
and limitJump
. Policy server will increase number of allowed connections per IP address on each valid share submission. Stratum will not enforce this policy for a grace
period specified after stratum start.