marek/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

NTCP: Increase temp. inbound IP block time

Browse Source 
Block IP on failed inbound
Ban peers that ban us
This commit is contained in:
zzz
2023-02-08 08:32:06 -05:00
parent c08d6b3a18
commit c94bfe6cd0
2 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
router/java/src/net/i2p/router/transport/ntcp/EventPumper.java
View File

@ -87,7 +87,7 @@ class EventPumper implements Runnable {
private static final long FAILSAFE_ITERATION_FREQ = 2*1000l;
private static final int FAILSAFE_LOOP_COUNT = 512;
private static final long SELECTOR_LOOP_DELAY = 200;
private static final long BLOCKED_IP_FREQ = 3*60*1000;
private static final long BLOCKED_IP_FREQ = 12*60*1000;
/** tunnel test now disabled, but this should be long enough to allow an active tunnel to get started */
private static final long MIN_EXPIRE_IDLE_TIME = 120*1000l;
@ -913,6 +913,18 @@ class EventPumper implements Runnable {
}
}
/**
* Temp. block inbound from this IP
*
* @since 0.9.58
*/
public void blockIP(byte[] ip) {
if (ip == null)
return;
ByteArray ba = new ByteArray(ip);
_blockedIPs.increment(ba);
}
private long _lastExpired;
private void expireTimedOut() {

4
router/java/src/net/i2p/router/transport/ntcp/NTCPConnection.java
View File

@ -1411,6 +1411,7 @@ public class NTCPConnection implements Closeable {
* @since 0.9.36
*/
synchronized void failInboundEstablishment(CipherState sender, byte[] sip_ba, int reason) {
byte[] ip = getRemoteIP();
_sender = sender;
_sendSipk1 = fromLong8LE(sip_ba, 0);
_sendSipk2 = fromLong8LE(sip_ba, 8);
@ -1422,6 +1423,7 @@ public class NTCPConnection implements Closeable {
_nextInfoTime = Long.MAX_VALUE;
_paddingConfig = OUR_PADDING;
sendTermination(reason, 0);
_transport.getPumper().blockIP(ip);
}
/**
@ -1710,6 +1712,8 @@ public class NTCPConnection implements Closeable {
_log.info("Got Termination: " + reason + " total rcvd: " + lastReceived + " on " + NTCPConnection.this);
// close() calls destroy() sets _terminated
close();
if (reason == REASON_BANNED && _remotePeer != null)
_context.banlist().banlistRouter(_remotePeer.calculateHash(), "They banned us", null, null, _context.clock().now() + 2*60*60*1000);
}
public void gotUnknown(int type, int len) {