forked from I2P_Developers/i2p.i2p
banlist
This commit is contained in:
@@ -94,7 +94,7 @@ public class I2Plistener implements Runnable {
|
|||||||
|
|
||||||
}
|
}
|
||||||
} catch (I2PException e) {
|
} catch (I2PException e) {
|
||||||
// bad shit
|
// bad stuff
|
||||||
System.out.println("Exception " + e);
|
System.out.println("Exception " + e);
|
||||||
}
|
}
|
||||||
} finally {
|
} finally {
|
||||||
|
|||||||
@@ -58,7 +58,7 @@ public class I2PSnarkUtil {
|
|||||||
private volatile I2PSocketManager _manager;
|
private volatile I2PSocketManager _manager;
|
||||||
private boolean _configured;
|
private boolean _configured;
|
||||||
private volatile boolean _connecting;
|
private volatile boolean _connecting;
|
||||||
private final Set<Hash> _shitlist;
|
private final Set<Hash> _banlist;
|
||||||
private int _maxUploaders;
|
private int _maxUploaders;
|
||||||
private int _maxUpBW;
|
private int _maxUpBW;
|
||||||
private int _maxConnections;
|
private int _maxConnections;
|
||||||
@@ -86,7 +86,7 @@ public class I2PSnarkUtil {
|
|||||||
_opts = new HashMap();
|
_opts = new HashMap();
|
||||||
//setProxy("127.0.0.1", 4444);
|
//setProxy("127.0.0.1", 4444);
|
||||||
setI2CPConfig("127.0.0.1", 7654, null);
|
setI2CPConfig("127.0.0.1", 7654, null);
|
||||||
_shitlist = new ConcurrentHashSet();
|
_banlist = new ConcurrentHashSet();
|
||||||
_maxUploaders = Snark.MAX_TOTAL_UPLOADERS;
|
_maxUploaders = Snark.MAX_TOTAL_UPLOADERS;
|
||||||
_maxUpBW = DEFAULT_MAX_UP_BW;
|
_maxUpBW = DEFAULT_MAX_UP_BW;
|
||||||
_maxConnections = MAX_CONNECTIONS;
|
_maxConnections = MAX_CONNECTIONS;
|
||||||
@@ -283,7 +283,7 @@ public class I2PSnarkUtil {
|
|||||||
I2PSocketManager mgr = _manager;
|
I2PSocketManager mgr = _manager;
|
||||||
// FIXME this can cause race NPEs elsewhere
|
// FIXME this can cause race NPEs elsewhere
|
||||||
_manager = null;
|
_manager = null;
|
||||||
_shitlist.clear();
|
_banlist.clear();
|
||||||
if (mgr != null) {
|
if (mgr != null) {
|
||||||
if (_log.shouldLog(Log.DEBUG))
|
if (_log.shouldLog(Log.DEBUG))
|
||||||
_log.debug("Disconnecting from I2P", new Exception("I did it"));
|
_log.debug("Disconnecting from I2P", new Exception("I did it"));
|
||||||
@@ -306,24 +306,24 @@ public class I2PSnarkUtil {
|
|||||||
if (addr.equals(getMyDestination()))
|
if (addr.equals(getMyDestination()))
|
||||||
throw new IOException("Attempt to connect to myself");
|
throw new IOException("Attempt to connect to myself");
|
||||||
Hash dest = addr.calculateHash();
|
Hash dest = addr.calculateHash();
|
||||||
if (_shitlist.contains(dest))
|
if (_banlist.contains(dest))
|
||||||
throw new IOException("Not trying to contact " + dest.toBase64() + ", as they are shitlisted");
|
throw new IOException("Not trying to contact " + dest.toBase64() + ", as they are banlisted");
|
||||||
try {
|
try {
|
||||||
I2PSocket rv = _manager.connect(addr);
|
I2PSocket rv = _manager.connect(addr);
|
||||||
if (rv != null)
|
if (rv != null)
|
||||||
_shitlist.remove(dest);
|
_banlist.remove(dest);
|
||||||
return rv;
|
return rv;
|
||||||
} catch (I2PException ie) {
|
} catch (I2PException ie) {
|
||||||
_shitlist.add(dest);
|
_banlist.add(dest);
|
||||||
_context.simpleScheduler().addEvent(new Unshitlist(dest), 10*60*1000);
|
_context.simpleScheduler().addEvent(new Unbanlist(dest), 10*60*1000);
|
||||||
throw new IOException("Unable to reach the peer " + peer + ": " + ie.getMessage());
|
throw new IOException("Unable to reach the peer " + peer + ": " + ie.getMessage());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private class Unshitlist implements SimpleTimer.TimedEvent {
|
private class Unbanlist implements SimpleTimer.TimedEvent {
|
||||||
private Hash _dest;
|
private Hash _dest;
|
||||||
public Unshitlist(Hash dest) { _dest = dest; }
|
public Unbanlist(Hash dest) { _dest = dest; }
|
||||||
public void timeReached() { _shitlist.remove(_dest); }
|
public void timeReached() { _banlist.remove(_dest); }
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -18,15 +18,15 @@ import java.util.TreeMap;
|
|||||||
import net.i2p.data.DataHelper;
|
import net.i2p.data.DataHelper;
|
||||||
import net.i2p.data.Hash;
|
import net.i2p.data.Hash;
|
||||||
import net.i2p.router.RouterContext;
|
import net.i2p.router.RouterContext;
|
||||||
import net.i2p.router.Shitlist;
|
import net.i2p.router.Banlist;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Moved from Shitlist.java
|
* Moved from Banlist.java
|
||||||
*/
|
*/
|
||||||
public class ShitlistRenderer {
|
public class BanlistRenderer {
|
||||||
private final RouterContext _context;
|
private final RouterContext _context;
|
||||||
|
|
||||||
public ShitlistRenderer(RouterContext context) {
|
public BanlistRenderer(RouterContext context) {
|
||||||
_context = context;
|
_context = context;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -40,9 +40,9 @@ public class ShitlistRenderer {
|
|||||||
StringBuilder buf = new StringBuilder(1024);
|
StringBuilder buf = new StringBuilder(1024);
|
||||||
// move to the jsp
|
// move to the jsp
|
||||||
//buf.append("<h2>Banned Peers</h2>");
|
//buf.append("<h2>Banned Peers</h2>");
|
||||||
Map<Hash, Shitlist.Entry> entries = new TreeMap(new HashComparator());
|
Map<Hash, Banlist.Entry> entries = new TreeMap(new HashComparator());
|
||||||
|
|
||||||
entries.putAll(_context.shitlist().getEntries());
|
entries.putAll(_context.banlist().getEntries());
|
||||||
if (entries.isEmpty()) {
|
if (entries.isEmpty()) {
|
||||||
buf.append("<i>").append(_("none")).append("</i>");
|
buf.append("<i>").append(_("none")).append("</i>");
|
||||||
out.write(buf.toString());
|
out.write(buf.toString());
|
||||||
@@ -51,9 +51,9 @@ public class ShitlistRenderer {
|
|||||||
|
|
||||||
buf.append("<ul>");
|
buf.append("<ul>");
|
||||||
|
|
||||||
for (Map.Entry<Hash, Shitlist.Entry> e : entries.entrySet()) {
|
for (Map.Entry<Hash, Banlist.Entry> e : entries.entrySet()) {
|
||||||
Hash key = e.getKey();
|
Hash key = e.getKey();
|
||||||
Shitlist.Entry entry = e.getValue();
|
Banlist.Entry entry = e.getValue();
|
||||||
long expires = entry.expireOn-_context.clock().now();
|
long expires = entry.expireOn-_context.clock().now();
|
||||||
if (expires <= 0)
|
if (expires <= 0)
|
||||||
continue;
|
continue;
|
||||||
@@ -20,7 +20,7 @@ public class ConfigPeerHandler extends FormHandler {
|
|||||||
} else if (_action.equals(_("Ban peer until restart"))) {
|
} else if (_action.equals(_("Ban peer until restart"))) {
|
||||||
Hash h = getHash();
|
Hash h = getHash();
|
||||||
if (h != null) {
|
if (h != null) {
|
||||||
_context.shitlist().shitlistRouterForever(h, _("Manually banned via {0}"), "<a href=\"configpeer\">configpeer</a>");
|
_context.banlist().banlistRouterForever(h, _("Manually banned via {0}"), "<a href=\"configpeer\">configpeer</a>");
|
||||||
addFormNotice(_("Peer") + " " + _peer + " " + _("banned until restart") );
|
addFormNotice(_("Peer") + " " + _peer + " " + _("banned until restart") );
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -28,8 +28,8 @@ public class ConfigPeerHandler extends FormHandler {
|
|||||||
} else if (_action.equals(_("Unban peer"))) {
|
} else if (_action.equals(_("Unban peer"))) {
|
||||||
Hash h = getHash();
|
Hash h = getHash();
|
||||||
if (h != null) {
|
if (h != null) {
|
||||||
if (_context.shitlist().isShitlisted(h)) {
|
if (_context.banlist().isBanlisted(h)) {
|
||||||
_context.shitlist().unshitlistRouter(h);
|
_context.banlist().unbanlistRouter(h);
|
||||||
addFormNotice(_("Peer") + " " + _peer + " " + _("unbanned") );
|
addFormNotice(_("Peer") + " " + _peer + " " + _("unbanned") );
|
||||||
} else
|
} else
|
||||||
addFormNotice(_("Peer") + " " + _peer + " " + _("is not currently banned") );
|
addFormNotice(_("Peer") + " " + _peer + " " + _("is not currently banned") );
|
||||||
|
|||||||
@@ -168,7 +168,7 @@ class ProfileOrganizerRenderer {
|
|||||||
}
|
}
|
||||||
buf.append("</td><td align=\"right\">").append(num(prof.getIntegrationValue()));
|
buf.append("</td><td align=\"right\">").append(num(prof.getIntegrationValue()));
|
||||||
buf.append("</td><td align=\"center\">");
|
buf.append("</td><td align=\"center\">");
|
||||||
if (_context.shitlist().isShitlisted(peer)) buf.append(_("Banned"));
|
if (_context.banlist().isBanlisted(peer)) buf.append(_("Banned"));
|
||||||
if (prof.getIsFailing()) buf.append(' ').append(_("Failing"));
|
if (prof.getIsFailing()) buf.append(' ').append(_("Failing"));
|
||||||
if (_context.commSystem().wasUnreachable(peer)) buf.append(' ').append(_("Unreachable"));
|
if (_context.commSystem().wasUnreachable(peer)) buf.append(' ').append(_("Unreachable"));
|
||||||
Rate failed = prof.getTunnelHistory().getFailedRate().getRate(30*60*1000);
|
Rate failed = prof.getTunnelHistory().getFailedRate().getRate(30*60*1000);
|
||||||
|
|||||||
@@ -46,7 +46,7 @@ public class ProfilesHelper extends HelperBase {
|
|||||||
renderNavBar();
|
renderNavBar();
|
||||||
} catch (IOException ioe) {}
|
} catch (IOException ioe) {}
|
||||||
if (_full == 3)
|
if (_full == 3)
|
||||||
getShitlistSummary();
|
getBanlistSummary();
|
||||||
else
|
else
|
||||||
getProfileSummary();
|
getProfileSummary();
|
||||||
return "";
|
return "";
|
||||||
@@ -64,9 +64,9 @@ public class ProfilesHelper extends HelperBase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** @return empty string, writes directly to _out */
|
/** @return empty string, writes directly to _out */
|
||||||
public String getShitlistSummary() {
|
public String getBanlistSummary() {
|
||||||
try {
|
try {
|
||||||
ShitlistRenderer rend = new ShitlistRenderer(_context);
|
BanlistRenderer rend = new BanlistRenderer(_context);
|
||||||
rend.renderStatusHTML(_out);
|
rend.renderStatusHTML(_out);
|
||||||
} catch (IOException ioe) {
|
} catch (IOException ioe) {
|
||||||
ioe.printStackTrace();
|
ioe.printStackTrace();
|
||||||
|
|||||||
@@ -282,11 +282,11 @@ public class SummaryHelper extends HelperBase {
|
|||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
/********
|
/********
|
||||||
public int getShitlistedPeers() {
|
public int getBanlistedPeers() {
|
||||||
if (_context == null)
|
if (_context == null)
|
||||||
return 0;
|
return 0;
|
||||||
else
|
else
|
||||||
return _context.shitlist().getRouterCount();
|
return _context.banlist().getRouterCount();
|
||||||
}
|
}
|
||||||
********/
|
********/
|
||||||
|
|
||||||
|
|||||||
@@ -207,7 +207,7 @@
|
|||||||
<p>
|
<p>
|
||||||
This setting causes your router identity to be regenerated every time your IP address
|
This setting causes your router identity to be regenerated every time your IP address
|
||||||
changes. If you have a dynamic IP this option can speed up your reintegration into
|
changes. If you have a dynamic IP this option can speed up your reintegration into
|
||||||
the network (since people will have shitlisted your old router identity), and, for
|
the network (since people will have banned your old router identity), and, for
|
||||||
very weak adversaries, help frustrate trivial
|
very weak adversaries, help frustrate trivial
|
||||||
<a href="http://www.i2p.net/how_threatmodel#intersection">intersection
|
<a href="http://www.i2p.net/how_threatmodel#intersection">intersection
|
||||||
attacks</a> against the NetDB. Your different router identities would only be
|
attacks</a> against the NetDB. Your different router identities would only be
|
||||||
|
|||||||
@@ -61,11 +61,11 @@
|
|||||||
<input type="text" size="8" name="capacity" value="<%=capacity%>" />
|
<input type="text" size="8" name="capacity" value="<%=capacity%>" />
|
||||||
<input type="submit" name="action" class="add" value="<%=intl._("Adjust peer bonuses")%>" /></p></div>
|
<input type="submit" name="action" class="add" value="<%=intl._("Adjust peer bonuses")%>" /></p></div>
|
||||||
</form>
|
</form>
|
||||||
<a name="shitlist"> </a><h2><%=intl._("Banned Peers")%></h2>
|
<a name="banlist"> </a><h2><%=intl._("Banned Peers")%></h2>
|
||||||
<jsp:useBean class="net.i2p.router.web.ProfilesHelper" id="profilesHelper" scope="request" />
|
<jsp:useBean class="net.i2p.router.web.ProfilesHelper" id="profilesHelper" scope="request" />
|
||||||
<jsp:setProperty name="profilesHelper" property="contextId" value="<%=(String)session.getAttribute(\"i2p.contextId\")%>" />
|
<jsp:setProperty name="profilesHelper" property="contextId" value="<%=(String)session.getAttribute(\"i2p.contextId\")%>" />
|
||||||
<% profilesHelper.storeWriter(out); %>
|
<% profilesHelper.storeWriter(out); %>
|
||||||
<jsp:getProperty name="profilesHelper" property="shitlistSummary" />
|
<jsp:getProperty name="profilesHelper" property="banlistSummary" />
|
||||||
<div class="wideload"><h2><%=intl._("Banned IPs")%></h2>
|
<div class="wideload"><h2><%=intl._("Banned IPs")%></h2>
|
||||||
<jsp:getProperty name="peerhelper" property="blocklistSummary" />
|
<jsp:getProperty name="peerhelper" property="blocklistSummary" />
|
||||||
|
|
||||||
|
|||||||
@@ -974,7 +974,7 @@ class Connection {
|
|||||||
switch (_options.getInactivityAction()) {
|
switch (_options.getInactivityAction()) {
|
||||||
case ConnectionOptions.INACTIVITY_ACTION_NOOP:
|
case ConnectionOptions.INACTIVITY_ACTION_NOOP:
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Inactivity timer expired, but we aint doin' shit");
|
_log.warn("Inactivity timer expired, not doing anything");
|
||||||
break;
|
break;
|
||||||
case ConnectionOptions.INACTIVITY_ACTION_SEND:
|
case ConnectionOptions.INACTIVITY_ACTION_SEND:
|
||||||
if (_closeSentOn <= 0 && _closeReceivedOn <= 0) {
|
if (_closeSentOn <= 0 && _closeReceivedOn <= 0) {
|
||||||
|
|||||||
@@ -353,7 +353,7 @@ public class NativeBigInteger extends BigInteger {
|
|||||||
/**
|
/**
|
||||||
* <p>Compare the BigInteger.modPow vs the NativeBigInteger.modPow of some
|
* <p>Compare the BigInteger.modPow vs the NativeBigInteger.modPow of some
|
||||||
* really big (2Kbit) numbers 100 different times and benchmark the
|
* really big (2Kbit) numbers 100 different times and benchmark the
|
||||||
* performance (or shit a brick if they don't match). </p>
|
* performance.</p>
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public static void main(String args[]) {
|
public static void main(String args[]) {
|
||||||
|
|||||||
@@ -24,12 +24,12 @@ import net.i2p.util.ConcurrentHashSet;
|
|||||||
import net.i2p.util.Log;
|
import net.i2p.util.Log;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Routers are shitlisted only if none of our transports can talk to them
|
* Routers are banlisted only if none of our transports can talk to them
|
||||||
* or their signed router info is completely screwy. Individual transports
|
* or their signed router info is completely screwy. Individual transports
|
||||||
* manage their own unreachable lists and do not generally add to the overall
|
* manage their own unreachable lists and do not generally add to the overall
|
||||||
* shitlist.
|
* banlist.
|
||||||
*/
|
*/
|
||||||
public class Shitlist {
|
public class Banlist {
|
||||||
private final Log _log;
|
private final Log _log;
|
||||||
private final RouterContext _context;
|
private final RouterContext _context;
|
||||||
private final Map<Hash, Entry> _entries;
|
private final Map<Hash, Entry> _entries;
|
||||||
@@ -37,11 +37,11 @@ public class Shitlist {
|
|||||||
public static class Entry {
|
public static class Entry {
|
||||||
/** when it should expire, per the i2p clock */
|
/** when it should expire, per the i2p clock */
|
||||||
public long expireOn;
|
public long expireOn;
|
||||||
/** why they were shitlisted */
|
/** why they were banlisted */
|
||||||
public String cause;
|
public String cause;
|
||||||
/** separate code so cause can contain {0} for translation */
|
/** separate code so cause can contain {0} for translation */
|
||||||
public String causeCode;
|
public String causeCode;
|
||||||
/** what transports they were shitlisted for (String), or null for all transports */
|
/** what transports they were banlisted for (String), or null for all transports */
|
||||||
public Set<String> transports;
|
public Set<String> transports;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -49,46 +49,46 @@ public class Shitlist {
|
|||||||
* Don't make this too long as the failure may be transient
|
* Don't make this too long as the failure may be transient
|
||||||
* due to connection limits.
|
* due to connection limits.
|
||||||
*/
|
*/
|
||||||
public final static long SHITLIST_DURATION_MS = 7*60*1000;
|
public final static long BANLIST_DURATION_MS = 7*60*1000;
|
||||||
public final static long SHITLIST_DURATION_MAX = 30*60*1000;
|
public final static long BANLIST_DURATION_MAX = 30*60*1000;
|
||||||
public final static long SHITLIST_DURATION_PARTIAL = 10*60*1000;
|
public final static long BANLIST_DURATION_PARTIAL = 10*60*1000;
|
||||||
public final static long SHITLIST_DURATION_FOREVER = 181l*24*60*60*1000; // will get rounded down to 180d on console
|
public final static long BANLIST_DURATION_FOREVER = 181l*24*60*60*1000; // will get rounded down to 180d on console
|
||||||
public final static long SHITLIST_CLEANER_START_DELAY = SHITLIST_DURATION_PARTIAL;
|
public final static long BANLIST_CLEANER_START_DELAY = BANLIST_DURATION_PARTIAL;
|
||||||
|
|
||||||
public Shitlist(RouterContext context) {
|
public Banlist(RouterContext context) {
|
||||||
_context = context;
|
_context = context;
|
||||||
_log = context.logManager().getLog(Shitlist.class);
|
_log = context.logManager().getLog(Banlist.class);
|
||||||
_entries = new ConcurrentHashMap(16);
|
_entries = new ConcurrentHashMap(16);
|
||||||
_context.jobQueue().addJob(new Cleanup(_context));
|
_context.jobQueue().addJob(new Cleanup(_context));
|
||||||
}
|
}
|
||||||
|
|
||||||
private class Cleanup extends JobImpl {
|
private class Cleanup extends JobImpl {
|
||||||
private List<Hash> _toUnshitlist;
|
private List<Hash> _toUnbanlist;
|
||||||
public Cleanup(RouterContext ctx) {
|
public Cleanup(RouterContext ctx) {
|
||||||
super(ctx);
|
super(ctx);
|
||||||
_toUnshitlist = new ArrayList(4);
|
_toUnbanlist = new ArrayList(4);
|
||||||
getTiming().setStartAfter(ctx.clock().now() + SHITLIST_CLEANER_START_DELAY);
|
getTiming().setStartAfter(ctx.clock().now() + BANLIST_CLEANER_START_DELAY);
|
||||||
}
|
}
|
||||||
public String getName() { return "Expire banned peers"; }
|
public String getName() { return "Expire banned peers"; }
|
||||||
public void runJob() {
|
public void runJob() {
|
||||||
_toUnshitlist.clear();
|
_toUnbanlist.clear();
|
||||||
long now = getContext().clock().now();
|
long now = getContext().clock().now();
|
||||||
try {
|
try {
|
||||||
for (Iterator iter = _entries.entrySet().iterator(); iter.hasNext(); ) {
|
for (Iterator iter = _entries.entrySet().iterator(); iter.hasNext(); ) {
|
||||||
Map.Entry<Hash, Entry> e = (Map.Entry) iter.next();
|
Map.Entry<Hash, Entry> e = (Map.Entry) iter.next();
|
||||||
if (e.getValue().expireOn <= now) {
|
if (e.getValue().expireOn <= now) {
|
||||||
iter.remove();
|
iter.remove();
|
||||||
_toUnshitlist.add(e.getKey());
|
_toUnbanlist.add(e.getKey());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} catch (IllegalStateException ise) {} // next time...
|
} catch (IllegalStateException ise) {} // next time...
|
||||||
for (Hash peer : _toUnshitlist) {
|
for (Hash peer : _toUnbanlist) {
|
||||||
PeerProfile prof = _context.profileOrganizer().getProfile(peer);
|
PeerProfile prof = _context.profileOrganizer().getProfile(peer);
|
||||||
if (prof != null)
|
if (prof != null)
|
||||||
prof.unshitlist();
|
prof.unbanlist();
|
||||||
_context.messageHistory().unshitlist(peer);
|
_context.messageHistory().unbanlist(peer);
|
||||||
if (_log.shouldLog(Log.INFO))
|
if (_log.shouldLog(Log.INFO))
|
||||||
_log.info("Unshitlisting router (expired) " + peer.toBase64());
|
_log.info("Unbanlisting router (expired) " + peer.toBase64());
|
||||||
}
|
}
|
||||||
|
|
||||||
requeue(30*1000);
|
requeue(30*1000);
|
||||||
@@ -100,69 +100,69 @@ public class Shitlist {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* For ShitlistRenderer in router console.
|
* For BanlistRenderer in router console.
|
||||||
* Note - may contain expired entries.
|
* Note - may contain expired entries.
|
||||||
*/
|
*/
|
||||||
public Map<Hash, Entry> getEntries() {
|
public Map<Hash, Entry> getEntries() {
|
||||||
return Collections.unmodifiableMap(_entries);
|
return Collections.unmodifiableMap(_entries);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean shitlistRouter(Hash peer) {
|
public boolean banlistRouter(Hash peer) {
|
||||||
return shitlistRouter(peer, null);
|
return banlistRouter(peer, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean shitlistRouter(Hash peer, String reason) { return shitlistRouter(peer, reason, null); }
|
public boolean banlistRouter(Hash peer, String reason) { return banlistRouter(peer, reason, null); }
|
||||||
|
|
||||||
/** ick have to put the reasonCode in the front to avoid ambiguity */
|
/** ick have to put the reasonCode in the front to avoid ambiguity */
|
||||||
public boolean shitlistRouter(String reasonCode, Hash peer, String reason) {
|
public boolean banlistRouter(String reasonCode, Hash peer, String reason) {
|
||||||
return shitlistRouter(peer, reason, reasonCode, null, false);
|
return banlistRouter(peer, reason, reasonCode, null, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean shitlistRouter(Hash peer, String reason, String transport) {
|
public boolean banlistRouter(Hash peer, String reason, String transport) {
|
||||||
return shitlistRouter(peer, reason, transport, false);
|
return banlistRouter(peer, reason, transport, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean shitlistRouterForever(Hash peer, String reason) {
|
public boolean banlistRouterForever(Hash peer, String reason) {
|
||||||
return shitlistRouter(peer, reason, null, true);
|
return banlistRouter(peer, reason, null, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean shitlistRouterForever(Hash peer, String reason, String reasonCode) {
|
public boolean banlistRouterForever(Hash peer, String reason, String reasonCode) {
|
||||||
return shitlistRouter(peer, reason, reasonCode, null, true);
|
return banlistRouter(peer, reason, reasonCode, null, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean shitlistRouter(Hash peer, String reason, String transport, boolean forever) {
|
public boolean banlistRouter(Hash peer, String reason, String transport, boolean forever) {
|
||||||
return shitlistRouter(peer, reason, null, transport, forever);
|
return banlistRouter(peer, reason, null, transport, forever);
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean shitlistRouter(Hash peer, String reason, String reasonCode, String transport, boolean forever) {
|
private boolean banlistRouter(Hash peer, String reason, String reasonCode, String transport, boolean forever) {
|
||||||
if (peer == null) {
|
if (peer == null) {
|
||||||
_log.error("wtf, why did we try to shitlist null?", new Exception("shitfaced"));
|
_log.error("wtf, why did we try to banlist null?", new Exception("banfaced"));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (_context.routerHash().equals(peer)) {
|
if (_context.routerHash().equals(peer)) {
|
||||||
_log.error("wtf, why did we try to shitlist ourselves?", new Exception("shitfaced"));
|
_log.error("wtf, why did we try to banlist ourselves?", new Exception("banfaced"));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
boolean wasAlready = false;
|
boolean wasAlready = false;
|
||||||
if (_log.shouldLog(Log.INFO))
|
if (_log.shouldLog(Log.INFO))
|
||||||
_log.info("Shitlisting router " + peer.toBase64() +
|
_log.info("Banlisting router " + peer.toBase64() +
|
||||||
((transport != null) ? " on transport " + transport : ""), new Exception("Shitlist cause: " + reason));
|
((transport != null) ? " on transport " + transport : ""), new Exception("Banlist cause: " + reason));
|
||||||
|
|
||||||
Entry e = new Entry();
|
Entry e = new Entry();
|
||||||
if (forever) {
|
if (forever) {
|
||||||
e.expireOn = _context.clock().now() + SHITLIST_DURATION_FOREVER;
|
e.expireOn = _context.clock().now() + BANLIST_DURATION_FOREVER;
|
||||||
} else if (transport != null) {
|
} else if (transport != null) {
|
||||||
e.expireOn = _context.clock().now() + SHITLIST_DURATION_PARTIAL;
|
e.expireOn = _context.clock().now() + BANLIST_DURATION_PARTIAL;
|
||||||
} else {
|
} else {
|
||||||
long period = SHITLIST_DURATION_MS + _context.random().nextLong(SHITLIST_DURATION_MS / 4);
|
long period = BANLIST_DURATION_MS + _context.random().nextLong(BANLIST_DURATION_MS / 4);
|
||||||
PeerProfile prof = _context.profileOrganizer().getProfile(peer);
|
PeerProfile prof = _context.profileOrganizer().getProfile(peer);
|
||||||
if (prof != null) {
|
if (prof != null) {
|
||||||
period = SHITLIST_DURATION_MS << prof.incrementShitlists();
|
period = BANLIST_DURATION_MS << prof.incrementBanlists();
|
||||||
period += _context.random().nextLong(period);
|
period += _context.random().nextLong(period);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (period > SHITLIST_DURATION_MAX)
|
if (period > BANLIST_DURATION_MAX)
|
||||||
period = SHITLIST_DURATION_MAX;
|
period = BANLIST_DURATION_MAX;
|
||||||
e.expireOn = _context.clock().now() + period;
|
e.expireOn = _context.clock().now() + period;
|
||||||
}
|
}
|
||||||
e.cause = reason;
|
e.cause = reason;
|
||||||
@@ -202,28 +202,28 @@ public class Shitlist {
|
|||||||
//_context.tunnelManager().peerFailed(peer);
|
//_context.tunnelManager().peerFailed(peer);
|
||||||
//_context.messageRegistry().peerFailed(peer);
|
//_context.messageRegistry().peerFailed(peer);
|
||||||
if (!wasAlready)
|
if (!wasAlready)
|
||||||
_context.messageHistory().shitlist(peer, reason);
|
_context.messageHistory().banlist(peer, reason);
|
||||||
return wasAlready;
|
return wasAlready;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void unshitlistRouter(Hash peer) {
|
public void unbanlistRouter(Hash peer) {
|
||||||
unshitlistRouter(peer, true);
|
unbanlistRouter(peer, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void unshitlistRouter(Hash peer, boolean realUnshitlist) { unshitlistRouter(peer, realUnshitlist, null); }
|
private void unbanlistRouter(Hash peer, boolean realUnbanlist) { unbanlistRouter(peer, realUnbanlist, null); }
|
||||||
|
|
||||||
public void unshitlistRouter(Hash peer, String transport) { unshitlistRouter(peer, true, transport); }
|
public void unbanlistRouter(Hash peer, String transport) { unbanlistRouter(peer, true, transport); }
|
||||||
|
|
||||||
private void unshitlistRouter(Hash peer, boolean realUnshitlist, String transport) {
|
private void unbanlistRouter(Hash peer, boolean realUnbanlist, String transport) {
|
||||||
if (peer == null) return;
|
if (peer == null) return;
|
||||||
if (_log.shouldLog(Log.DEBUG))
|
if (_log.shouldLog(Log.DEBUG))
|
||||||
_log.debug("Calling unshitlistRouter " + peer.toBase64()
|
_log.debug("Calling unbanlistRouter " + peer.toBase64()
|
||||||
+ (transport != null ? "/" + transport : ""));
|
+ (transport != null ? "/" + transport : ""));
|
||||||
boolean fully = false;
|
boolean fully = false;
|
||||||
|
|
||||||
Entry e = _entries.remove(peer);
|
Entry e = _entries.remove(peer);
|
||||||
if ( (e == null) || (e.transports == null) || (transport == null) || (e.transports.size() <= 1) ) {
|
if ( (e == null) || (e.transports == null) || (transport == null) || (e.transports.size() <= 1) ) {
|
||||||
// fully unshitlisted
|
// fully unbanlisted
|
||||||
fully = true;
|
fully = true;
|
||||||
} else {
|
} else {
|
||||||
e.transports.remove(transport);
|
e.transports.remove(transport);
|
||||||
@@ -234,30 +234,30 @@ public class Shitlist {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (fully) {
|
if (fully) {
|
||||||
if (realUnshitlist) {
|
if (realUnbanlist) {
|
||||||
PeerProfile prof = _context.profileOrganizer().getProfile(peer);
|
PeerProfile prof = _context.profileOrganizer().getProfile(peer);
|
||||||
if (prof != null)
|
if (prof != null)
|
||||||
prof.unshitlist();
|
prof.unbanlist();
|
||||||
}
|
}
|
||||||
_context.messageHistory().unshitlist(peer);
|
_context.messageHistory().unbanlist(peer);
|
||||||
if (_log.shouldLog(Log.INFO) && e != null)
|
if (_log.shouldLog(Log.INFO) && e != null)
|
||||||
_log.info("Unshitlisting router " + peer.toBase64()
|
_log.info("Unbanlisting router " + peer.toBase64()
|
||||||
+ (transport != null ? "/" + transport : ""));
|
+ (transport != null ? "/" + transport : ""));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean isShitlisted(Hash peer) { return isShitlisted(peer, null); }
|
public boolean isBanlisted(Hash peer) { return isBanlisted(peer, null); }
|
||||||
|
|
||||||
public boolean isShitlisted(Hash peer, String transport) {
|
public boolean isBanlisted(Hash peer, String transport) {
|
||||||
boolean rv = false;
|
boolean rv = false;
|
||||||
boolean unshitlist = false;
|
boolean unbanlist = false;
|
||||||
|
|
||||||
Entry entry = _entries.get(peer);
|
Entry entry = _entries.get(peer);
|
||||||
if (entry == null) {
|
if (entry == null) {
|
||||||
rv = false;
|
rv = false;
|
||||||
} else if (entry.expireOn <= _context.clock().now()) {
|
} else if (entry.expireOn <= _context.clock().now()) {
|
||||||
_entries.remove(peer);
|
_entries.remove(peer);
|
||||||
unshitlist = true;
|
unbanlist = true;
|
||||||
rv = false;
|
rv = false;
|
||||||
} else if (entry.transports == null) {
|
} else if (entry.transports == null) {
|
||||||
rv = true;
|
rv = true;
|
||||||
@@ -265,21 +265,21 @@ public class Shitlist {
|
|||||||
rv = entry.transports.contains(transport);
|
rv = entry.transports.contains(transport);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (unshitlist) {
|
if (unbanlist) {
|
||||||
PeerProfile prof = _context.profileOrganizer().getProfile(peer);
|
PeerProfile prof = _context.profileOrganizer().getProfile(peer);
|
||||||
if (prof != null)
|
if (prof != null)
|
||||||
prof.unshitlist();
|
prof.unbanlist();
|
||||||
_context.messageHistory().unshitlist(peer);
|
_context.messageHistory().unbanlist(peer);
|
||||||
if (_log.shouldLog(Log.INFO))
|
if (_log.shouldLog(Log.INFO))
|
||||||
_log.info("Unshitlisting router (expired) " + peer.toBase64());
|
_log.info("Unbanlisting router (expired) " + peer.toBase64());
|
||||||
}
|
}
|
||||||
|
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean isShitlistedForever(Hash peer) {
|
public boolean isBanlistedForever(Hash peer) {
|
||||||
Entry entry = _entries.get(peer);
|
Entry entry = _entries.get(peer);
|
||||||
return entry != null && entry.expireOn > _context.clock().now() + SHITLIST_DURATION_MAX;
|
return entry != null && entry.expireOn > _context.clock().now() + BANLIST_DURATION_MAX;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** @deprecated moved to router console */
|
/** @deprecated moved to router console */
|
||||||
@@ -35,18 +35,18 @@ import net.i2p.util.Log;
|
|||||||
import net.i2p.util.Translate;
|
import net.i2p.util.Translate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Manage blocking by IP address, in a manner similar to the Shitlist,
|
* Manage blocking by IP address, in a manner similar to the Banlist,
|
||||||
* which blocks by router hash.
|
* which blocks by router hash.
|
||||||
*
|
*
|
||||||
* We also try to keep the two lists in sync: if a router at a given IP is
|
* We also try to keep the two lists in sync: if a router at a given IP is
|
||||||
* blocked, we will also shitlist it "forever" (until the next reboot).
|
* blocked, we will also banlist it "forever" (until the next reboot).
|
||||||
*
|
*
|
||||||
* While the reverse case (blocking the IP of a router shitlisted forever)
|
* While the reverse case (blocking the IP of a router banlisted forever)
|
||||||
* is not automatic, the transports will call add() below to block the IP,
|
* is not automatic, the transports will call add() below to block the IP,
|
||||||
* which allows the transports to terminate an inbound connection before
|
* which allows the transports to terminate an inbound connection before
|
||||||
* the router ident handshake.
|
* the router ident handshake.
|
||||||
*
|
*
|
||||||
* And the on-disk blocklist can also contain router hashes to be shitlisted.
|
* And the on-disk blocklist can also contain router hashes to be banlisted.
|
||||||
*
|
*
|
||||||
* So, this class maintains three separate lists:
|
* So, this class maintains three separate lists:
|
||||||
*<pre>
|
*<pre>
|
||||||
@@ -58,9 +58,9 @@ import net.i2p.util.Translate;
|
|||||||
* Read in the IP blocklist from a file, store it in-memory as efficiently
|
* Read in the IP blocklist from a file, store it in-memory as efficiently
|
||||||
* as we can, and perform tests against it as requested.
|
* as we can, and perform tests against it as requested.
|
||||||
*
|
*
|
||||||
* When queried for a peer that is blocklisted but isn't shitlisted,
|
* When queried for a peer that is blocklisted but isn't banlisted,
|
||||||
* shitlist it forever, then go back to the file to get the original
|
* banlist it forever, then go back to the file to get the original
|
||||||
* entry so we can add the reason to the shitlist text.
|
* entry so we can add the reason to the banlist text.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public class Blocklist {
|
public class Blocklist {
|
||||||
@@ -128,7 +128,7 @@ public class Blocklist {
|
|||||||
reason = _x("Banned by router hash: {0}");
|
reason = _x("Banned by router hash: {0}");
|
||||||
else
|
else
|
||||||
reason = _x("Banned by router hash");
|
reason = _x("Banned by router hash");
|
||||||
_context.shitlist().shitlistRouterForever(peer, reason, comment);
|
_context.banlist().banlistRouterForever(peer, reason, comment);
|
||||||
}
|
}
|
||||||
_peerBlocklist = null;
|
_peerBlocklist = null;
|
||||||
|
|
||||||
@@ -487,16 +487,16 @@ public class Blocklist {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Does the peer's IP address appear in the blocklist?
|
* Does the peer's IP address appear in the blocklist?
|
||||||
* If so, and it isn't shitlisted, shitlist it forever...
|
* If so, and it isn't banlisted, banlist it forever...
|
||||||
*/
|
*/
|
||||||
public boolean isBlocklisted(Hash peer) {
|
public boolean isBlocklisted(Hash peer) {
|
||||||
List<byte[]> ips = getAddresses(peer);
|
List<byte[]> ips = getAddresses(peer);
|
||||||
for (Iterator<byte[]> iter = ips.iterator(); iter.hasNext(); ) {
|
for (Iterator<byte[]> iter = ips.iterator(); iter.hasNext(); ) {
|
||||||
byte ip[] = iter.next();
|
byte ip[] = iter.next();
|
||||||
if (isBlocklisted(ip)) {
|
if (isBlocklisted(ip)) {
|
||||||
if (! _context.shitlist().isShitlisted(peer))
|
if (! _context.banlist().isBanlisted(peer))
|
||||||
// nice knowing you...
|
// nice knowing you...
|
||||||
shitlist(peer, ip);
|
banlist(peer, ip);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -504,7 +504,7 @@ public class Blocklist {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* calling this externally won't shitlist the peer, this is just an IP check
|
* calling this externally won't banlist the peer, this is just an IP check
|
||||||
*/
|
*/
|
||||||
public boolean isBlocklisted(String ip) {
|
public boolean isBlocklisted(String ip) {
|
||||||
byte[] pib = Addresses.getIP(ip);
|
byte[] pib = Addresses.getIP(ip);
|
||||||
@@ -513,7 +513,7 @@ public class Blocklist {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* calling this externally won't shitlist the peer, this is just an IP check
|
* calling this externally won't banlist the peer, this is just an IP check
|
||||||
*/
|
*/
|
||||||
public boolean isBlocklisted(byte ip[]) {
|
public boolean isBlocklisted(byte ip[]) {
|
||||||
if (ip.length != 4)
|
if (ip.length != 4)
|
||||||
@@ -648,10 +648,10 @@ public class Blocklist {
|
|||||||
* actual line in the blocklist file, this could take a while.
|
* actual line in the blocklist file, this could take a while.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
private void shitlist(Hash peer, byte[] ip) {
|
private void banlist(Hash peer, byte[] ip) {
|
||||||
// Temporary reason, until the job finishes
|
// Temporary reason, until the job finishes
|
||||||
String reason = _x("IP banned by blocklist.txt entry {0}");
|
String reason = _x("IP banned by blocklist.txt entry {0}");
|
||||||
_context.shitlist().shitlistRouterForever(peer, reason, Addresses.toString(ip));
|
_context.banlist().banlistRouterForever(peer, reason, Addresses.toString(ip));
|
||||||
if (! _context.getBooleanPropertyDefaultTrue(PROP_BLOCKLIST_DETAIL))
|
if (! _context.getBooleanPropertyDefaultTrue(PROP_BLOCKLIST_DETAIL))
|
||||||
return;
|
return;
|
||||||
boolean shouldRunJob;
|
boolean shouldRunJob;
|
||||||
@@ -663,23 +663,23 @@ public class Blocklist {
|
|||||||
if (!shouldRunJob)
|
if (!shouldRunJob)
|
||||||
return;
|
return;
|
||||||
// get the IPs now because it won't be in the netdb by the time the job runs
|
// get the IPs now because it won't be in the netdb by the time the job runs
|
||||||
Job job = new ShitlistJob(peer, getAddresses(peer));
|
Job job = new BanlistJob(peer, getAddresses(peer));
|
||||||
if (number > 0)
|
if (number > 0)
|
||||||
job.getTiming().setStartAfter(_context.clock().now() + (30*1000l * number));
|
job.getTiming().setStartAfter(_context.clock().now() + (30*1000l * number));
|
||||||
_context.jobQueue().addJob(job);
|
_context.jobQueue().addJob(job);
|
||||||
}
|
}
|
||||||
|
|
||||||
private class ShitlistJob extends JobImpl {
|
private class BanlistJob extends JobImpl {
|
||||||
private final Hash _peer;
|
private final Hash _peer;
|
||||||
private final List<byte[]> _ips;
|
private final List<byte[]> _ips;
|
||||||
public ShitlistJob (Hash p, List<byte[]> ips) {
|
public BanlistJob (Hash p, List<byte[]> ips) {
|
||||||
super(_context);
|
super(_context);
|
||||||
_peer = p;
|
_peer = p;
|
||||||
_ips = ips;
|
_ips = ips;
|
||||||
}
|
}
|
||||||
public String getName() { return "Ban Peer by IP"; }
|
public String getName() { return "Ban Peer by IP"; }
|
||||||
public void runJob() {
|
public void runJob() {
|
||||||
shitlistForever(_peer, _ips);
|
banlistForever(_peer, _ips);
|
||||||
synchronized (_inProcess) {
|
synchronized (_inProcess) {
|
||||||
_inProcess.remove(_peer);
|
_inProcess.remove(_peer);
|
||||||
}
|
}
|
||||||
@@ -687,7 +687,7 @@ public class Blocklist {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Look up the original record so we can record the reason in the shitlist.
|
* Look up the original record so we can record the reason in the banlist.
|
||||||
* That's the only reason to do this.
|
* That's the only reason to do this.
|
||||||
* Only synchronize to cut down on the I/O load.
|
* Only synchronize to cut down on the I/O load.
|
||||||
* Additional jobs can wait.
|
* Additional jobs can wait.
|
||||||
@@ -695,7 +695,7 @@ public class Blocklist {
|
|||||||
* So we also stagger these jobs.
|
* So we also stagger these jobs.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
private synchronized void shitlistForever(Hash peer, List<byte[]> ips) {
|
private synchronized void banlistForever(Hash peer, List<byte[]> ips) {
|
||||||
String file = _context.getProperty(PROP_BLOCKLIST_FILE, BLOCKLIST_FILE_DEFAULT);
|
String file = _context.getProperty(PROP_BLOCKLIST_FILE, BLOCKLIST_FILE_DEFAULT);
|
||||||
File BLFile = new File(file);
|
File BLFile = new File(file);
|
||||||
if (!BLFile.isAbsolute())
|
if (!BLFile.isAbsolute())
|
||||||
@@ -732,8 +732,8 @@ public class Blocklist {
|
|||||||
//}
|
//}
|
||||||
//reason = reason + " banned by " + BLOCKLIST_FILE_DEFAULT + " entry \"" + buf + "\"";
|
//reason = reason + " banned by " + BLOCKLIST_FILE_DEFAULT + " entry \"" + buf + "\"";
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Shitlisting " + peer + " " + reason);
|
_log.warn("Banlisting " + peer + " " + reason);
|
||||||
_context.shitlist().shitlistRouterForever(peer, reason, buf.toString());
|
_context.banlist().banlistRouterForever(peer, reason, buf.toString());
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -744,7 +744,7 @@ public class Blocklist {
|
|||||||
if (in != null) try { in.close(); } catch (IOException ioe) {}
|
if (in != null) try { in.close(); } catch (IOException ioe) {}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// We already shitlisted in shitlist(peer), that's good enough
|
// We already banlisted in banlist(peer), that's good enough
|
||||||
}
|
}
|
||||||
|
|
||||||
private static final int MAX_DISPLAY = 1000;
|
private static final int MAX_DISPLAY = 1000;
|
||||||
|
|||||||
@@ -391,21 +391,21 @@ public class MessageHistory {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* We shitlisted the peer
|
* We banlisted the peer
|
||||||
*/
|
*/
|
||||||
public void shitlist(Hash peer, String reason) {
|
public void banlist(Hash peer, String reason) {
|
||||||
if (!_doLog) return;
|
if (!_doLog) return;
|
||||||
if (peer == null) return;
|
if (peer == null) return;
|
||||||
addEntry("Shitlist " + peer.toBase64() + ": " + reason);
|
addEntry("Banlist " + peer.toBase64() + ": " + reason);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* We unshitlisted the peer
|
* We unbanlisted the peer
|
||||||
*/
|
*/
|
||||||
public void unshitlist(Hash peer) {
|
public void unbanlist(Hash peer) {
|
||||||
if (!_doLog) return;
|
if (!_doLog) return;
|
||||||
if (peer == null) return;
|
if (peer == null) return;
|
||||||
addEntry("Unshitlist " + peer.toBase64());
|
addEntry("Unbanlist " + peer.toBase64());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -53,7 +53,7 @@ public class RouterContext extends I2PAppContext {
|
|||||||
private TunnelManagerFacade _tunnelManager;
|
private TunnelManagerFacade _tunnelManager;
|
||||||
private TunnelDispatcher _tunnelDispatcher;
|
private TunnelDispatcher _tunnelDispatcher;
|
||||||
private StatisticsManager _statPublisher;
|
private StatisticsManager _statPublisher;
|
||||||
private Shitlist _shitlist;
|
private Banlist _banlist;
|
||||||
private Blocklist _blocklist;
|
private Blocklist _blocklist;
|
||||||
private MessageValidator _messageValidator;
|
private MessageValidator _messageValidator;
|
||||||
//private MessageStateMonitor _messageStateMonitor;
|
//private MessageStateMonitor _messageStateMonitor;
|
||||||
@@ -177,7 +177,7 @@ public class RouterContext extends I2PAppContext {
|
|||||||
_tunnelManager = new DummyTunnelManagerFacade();
|
_tunnelManager = new DummyTunnelManagerFacade();
|
||||||
_tunnelDispatcher = new TunnelDispatcher(this);
|
_tunnelDispatcher = new TunnelDispatcher(this);
|
||||||
_statPublisher = new StatisticsManager(this);
|
_statPublisher = new StatisticsManager(this);
|
||||||
_shitlist = new Shitlist(this);
|
_banlist = new Banlist(this);
|
||||||
_blocklist = new Blocklist(this);
|
_blocklist = new Blocklist(this);
|
||||||
_messageValidator = new MessageValidator(this);
|
_messageValidator = new MessageValidator(this);
|
||||||
_throttle = new RouterThrottleImpl(this);
|
_throttle = new RouterThrottleImpl(this);
|
||||||
@@ -330,7 +330,7 @@ public class RouterContext extends I2PAppContext {
|
|||||||
/**
|
/**
|
||||||
* who does this peer hate?
|
* who does this peer hate?
|
||||||
*/
|
*/
|
||||||
public Shitlist shitlist() { return _shitlist; }
|
public Banlist banlist() { return _banlist; }
|
||||||
public Blocklist blocklist() { return _blocklist; }
|
public Blocklist blocklist() { return _blocklist; }
|
||||||
/**
|
/**
|
||||||
* The router keeps track of messages it receives to prevent duplicates, as
|
* The router keeps track of messages it receives to prevent duplicates, as
|
||||||
@@ -364,7 +364,7 @@ public class RouterContext extends I2PAppContext {
|
|||||||
buf.append(_bandwidthLimiter).append('\n');
|
buf.append(_bandwidthLimiter).append('\n');
|
||||||
buf.append(_tunnelManager).append('\n');
|
buf.append(_tunnelManager).append('\n');
|
||||||
buf.append(_statPublisher).append('\n');
|
buf.append(_statPublisher).append('\n');
|
||||||
buf.append(_shitlist).append('\n');
|
buf.append(_banlist).append('\n');
|
||||||
buf.append(_messageValidator).append('\n');
|
buf.append(_messageValidator).append('\n');
|
||||||
return buf.toString();
|
return buf.toString();
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -109,11 +109,11 @@ class FloodOnlySearchJob extends FloodSearchJob {
|
|||||||
// We need to randomize our ff selection, else we stay with the same ones since
|
// We need to randomize our ff selection, else we stay with the same ones since
|
||||||
// getFloodfillPeers() is sorted by closest distance. Always using the same
|
// getFloodfillPeers() is sorted by closest distance. Always using the same
|
||||||
// ones didn't help reliability.
|
// ones didn't help reliability.
|
||||||
// Also, query the unheard-from, unprofiled, failing, unreachable and shitlisted ones last.
|
// Also, query the unheard-from, unprofiled, failing, unreachable and banlisted ones last.
|
||||||
// We should hear from floodfills pretty frequently so set a 30m time limit.
|
// We should hear from floodfills pretty frequently so set a 30m time limit.
|
||||||
// If unprofiled we haven't talked to them in a long time.
|
// If unprofiled we haven't talked to them in a long time.
|
||||||
// We aren't contacting the peer directly, so shitlist doesn't strictly matter,
|
// We aren't contacting the peer directly, so banlist doesn't strictly matter,
|
||||||
// but it's a bad sign, and we often shitlist a peer before we fail it...
|
// but it's a bad sign, and we often banlist a peer before we fail it...
|
||||||
if (floodfillPeers.size() > CONCURRENT_SEARCHES) {
|
if (floodfillPeers.size() > CONCURRENT_SEARCHES) {
|
||||||
Collections.shuffle(floodfillPeers, getContext().random());
|
Collections.shuffle(floodfillPeers, getContext().random());
|
||||||
List ffp = new ArrayList(floodfillPeers.size());
|
List ffp = new ArrayList(floodfillPeers.size());
|
||||||
@@ -123,7 +123,7 @@ class FloodOnlySearchJob extends FloodSearchJob {
|
|||||||
Hash peer = (Hash)floodfillPeers.get(i);
|
Hash peer = (Hash)floodfillPeers.get(i);
|
||||||
PeerProfile profile = getContext().profileOrganizer().getProfile(peer);
|
PeerProfile profile = getContext().profileOrganizer().getProfile(peer);
|
||||||
if (profile == null || profile.getLastHeardFrom() < before ||
|
if (profile == null || profile.getLastHeardFrom() < before ||
|
||||||
profile.getIsFailing() || getContext().shitlist().isShitlisted(peer) ||
|
profile.getIsFailing() || getContext().banlist().isBanlisted(peer) ||
|
||||||
getContext().commSystem().wasUnreachable(peer)) {
|
getContext().commSystem().wasUnreachable(peer)) {
|
||||||
failcount++;
|
failcount++;
|
||||||
ffp.add(peer);
|
ffp.add(peer);
|
||||||
@@ -135,7 +135,7 @@ class FloodOnlySearchJob extends FloodSearchJob {
|
|||||||
if (floodfillPeers.size() - failcount <= 2)
|
if (floodfillPeers.size() - failcount <= 2)
|
||||||
_shouldProcessDSRM = true;
|
_shouldProcessDSRM = true;
|
||||||
if (_log.shouldLog(Log.INFO) && failcount > 0)
|
if (_log.shouldLog(Log.INFO) && failcount > 0)
|
||||||
_log.info(getJobId() + ": " + failcount + " of " + floodfillPeers.size() + " floodfills are not heard from, unprofiled, failing, unreachable or shitlisted");
|
_log.info(getJobId() + ": " + failcount + " of " + floodfillPeers.size() + " floodfills are not heard from, unprofiled, failing, unreachable or banlisted");
|
||||||
floodfillPeers = ffp;
|
floodfillPeers = ffp;
|
||||||
} else {
|
} else {
|
||||||
_shouldProcessDSRM = true;
|
_shouldProcessDSRM = true;
|
||||||
|
|||||||
@@ -96,11 +96,11 @@ class FloodfillMonitorJob extends JobImpl {
|
|||||||
// Count the "good" ff peers.
|
// Count the "good" ff peers.
|
||||||
//
|
//
|
||||||
// Who's not good?
|
// Who's not good?
|
||||||
// the unheard-from, unprofiled, failing, unreachable and shitlisted ones.
|
// the unheard-from, unprofiled, failing, unreachable and banlisted ones.
|
||||||
// We should hear from floodfills pretty frequently so set a 60m time limit.
|
// We should hear from floodfills pretty frequently so set a 60m time limit.
|
||||||
// If unprofiled we haven't talked to them in a long time.
|
// If unprofiled we haven't talked to them in a long time.
|
||||||
// We aren't contacting the peer directly, so shitlist doesn't strictly matter,
|
// We aren't contacting the peer directly, so banlist doesn't strictly matter,
|
||||||
// but it's a bad sign, and we often shitlist a peer before we fail it...
|
// but it's a bad sign, and we often banlist a peer before we fail it...
|
||||||
//
|
//
|
||||||
// Future: use Integration calculation
|
// Future: use Integration calculation
|
||||||
//
|
//
|
||||||
@@ -110,7 +110,7 @@ class FloodfillMonitorJob extends JobImpl {
|
|||||||
for (Hash peer : floodfillPeers) {
|
for (Hash peer : floodfillPeers) {
|
||||||
PeerProfile profile = getContext().profileOrganizer().getProfile(peer);
|
PeerProfile profile = getContext().profileOrganizer().getProfile(peer);
|
||||||
if (profile == null || profile.getLastHeardFrom() < before ||
|
if (profile == null || profile.getLastHeardFrom() < before ||
|
||||||
profile.getIsFailing() || getContext().shitlist().isShitlisted(peer) ||
|
profile.getIsFailing() || getContext().banlist().isBanlisted(peer) ||
|
||||||
getContext().commSystem().wasUnreachable(peer))
|
getContext().commSystem().wasUnreachable(peer))
|
||||||
failcount++;
|
failcount++;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -180,7 +180,7 @@ public class FloodfillNetworkDatabaseFacade extends KademliaNetworkDatabaseFacad
|
|||||||
for (int i = 0; i < peers.size(); i++) {
|
for (int i = 0; i < peers.size(); i++) {
|
||||||
Hash peer = peers.get(i);
|
Hash peer = peers.get(i);
|
||||||
RouterInfo target = lookupRouterInfoLocally(peer);
|
RouterInfo target = lookupRouterInfoLocally(peer);
|
||||||
if ( (target == null) || (_context.shitlist().isShitlisted(peer)) )
|
if ( (target == null) || (_context.banlist().isBanlisted(peer)) )
|
||||||
continue;
|
continue;
|
||||||
// Don't flood a RI back to itself
|
// Don't flood a RI back to itself
|
||||||
// Not necessary, a ff will do its own flooding (reply token == 0)
|
// Not necessary, a ff will do its own flooding (reply token == 0)
|
||||||
|
|||||||
@@ -94,7 +94,7 @@ class FloodfillPeerSelector extends PeerSelector {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return all floodfills not shitlisted forever.
|
* @return all floodfills not banlisted forever.
|
||||||
* List will not include our own hash.
|
* List will not include our own hash.
|
||||||
* List is not sorted and not shuffled.
|
* List is not sorted and not shuffled.
|
||||||
*/
|
*/
|
||||||
@@ -105,7 +105,7 @@ class FloodfillPeerSelector extends PeerSelector {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @param toIgnore can be null
|
* @param toIgnore can be null
|
||||||
* @return all floodfills not shitlisted forever.
|
* @return all floodfills not banlisted forever.
|
||||||
* List MAY INCLUDE our own hash.
|
* List MAY INCLUDE our own hash.
|
||||||
* List is not sorted and not shuffled.
|
* List is not sorted and not shuffled.
|
||||||
*/
|
*/
|
||||||
@@ -122,7 +122,7 @@ class FloodfillPeerSelector extends PeerSelector {
|
|||||||
List<Hash> rv = new ArrayList(set.size());
|
List<Hash> rv = new ArrayList(set.size());
|
||||||
for (Hash h : set) {
|
for (Hash h : set) {
|
||||||
if ((toIgnore != null && toIgnore.contains(h)) ||
|
if ((toIgnore != null && toIgnore.contains(h)) ||
|
||||||
_context.shitlist().isShitlistedForever(h))
|
_context.banlist().isBanlistedForever(h))
|
||||||
continue;
|
continue;
|
||||||
rv.add(h);
|
rv.add(h);
|
||||||
}
|
}
|
||||||
@@ -135,7 +135,7 @@ class FloodfillPeerSelector extends PeerSelector {
|
|||||||
* searches and stores won't work well.
|
* searches and stores won't work well.
|
||||||
* List will not include our own hash.
|
* List will not include our own hash.
|
||||||
*
|
*
|
||||||
* @return floodfills closest to the key that are not shitlisted forever
|
* @return floodfills closest to the key that are not banlisted forever
|
||||||
* @param key the ROUTING key (NOT the original key)
|
* @param key the ROUTING key (NOT the original key)
|
||||||
* @param maxNumRouters max to return
|
* @param maxNumRouters max to return
|
||||||
* Sorted by closest to the key if > maxNumRouters, otherwise not
|
* Sorted by closest to the key if > maxNumRouters, otherwise not
|
||||||
@@ -299,11 +299,11 @@ class FloodfillPeerSelector extends PeerSelector {
|
|||||||
return;
|
return;
|
||||||
//if (entry.equals(_context.routerHash()))
|
//if (entry.equals(_context.routerHash()))
|
||||||
// return;
|
// return;
|
||||||
// it isn't direct, so who cares if they're shitlisted
|
// it isn't direct, so who cares if they're banlisted
|
||||||
//if (_context.shitlist().isShitlisted(entry))
|
//if (_context.banlist().isBanlisted(entry))
|
||||||
// return;
|
// return;
|
||||||
// ... unless they are really bad
|
// ... unless they are really bad
|
||||||
if (_context.shitlist().isShitlistedForever(entry))
|
if (_context.banlist().isBanlistedForever(entry))
|
||||||
return;
|
return;
|
||||||
RouterInfo info = _context.netDb().lookupRouterInfoLocally(entry);
|
RouterInfo info = _context.netDb().lookupRouterInfoLocally(entry);
|
||||||
//if (info == null)
|
//if (info == null)
|
||||||
@@ -330,7 +330,7 @@ class FloodfillPeerSelector extends PeerSelector {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return list of all with the 'f' mark in their netdb except for shitlisted ones.
|
* @return list of all with the 'f' mark in their netdb except for banlisted ones.
|
||||||
* Will return non-floodfills only if there aren't enough floodfills.
|
* Will return non-floodfills only if there aren't enough floodfills.
|
||||||
*
|
*
|
||||||
* The list is in 3 groups - unsorted (shuffled) within each group.
|
* The list is in 3 groups - unsorted (shuffled) within each group.
|
||||||
@@ -348,7 +348,7 @@ class FloodfillPeerSelector extends PeerSelector {
|
|||||||
long now = _context.clock().now();
|
long now = _context.clock().now();
|
||||||
// Only add in "good" floodfills here...
|
// Only add in "good" floodfills here...
|
||||||
// Let's say published in last 3h and no failed sends in last 30m
|
// Let's say published in last 3h and no failed sends in last 30m
|
||||||
// (Forever shitlisted ones are excluded in add() above)
|
// (Forever banlisted ones are excluded in add() above)
|
||||||
for (Iterator<Hash> iter = new RandomIterator(_floodfillMatches); (found < howMany) && iter.hasNext(); ) {
|
for (Iterator<Hash> iter = new RandomIterator(_floodfillMatches); (found < howMany) && iter.hasNext(); ) {
|
||||||
Hash entry = iter.next();
|
Hash entry = iter.next();
|
||||||
RouterInfo info = _context.netDb().lookupRouterInfoLocally(entry);
|
RouterInfo info = _context.netDb().lookupRouterInfoLocally(entry);
|
||||||
|
|||||||
@@ -138,7 +138,7 @@ public class HandleFloodfillDatabaseStoreMessageJob extends JobImpl {
|
|||||||
// Check new routerinfo address against blocklist
|
// Check new routerinfo address against blocklist
|
||||||
if (wasNew) {
|
if (wasNew) {
|
||||||
if (prevNetDb == null) {
|
if (prevNetDb == null) {
|
||||||
if ((!getContext().shitlist().isShitlistedForever(key)) &&
|
if ((!getContext().banlist().isBanlistedForever(key)) &&
|
||||||
getContext().blocklist().isBlocklisted(key) &&
|
getContext().blocklist().isBlocklisted(key) &&
|
||||||
_log.shouldLog(Log.WARN))
|
_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Blocklisting new peer " + key + ' ' + ri);
|
_log.warn("Blocklisting new peer " + key + ' ' + ri);
|
||||||
@@ -146,7 +146,7 @@ public class HandleFloodfillDatabaseStoreMessageJob extends JobImpl {
|
|||||||
Collection<RouterAddress> oldAddr = prevNetDb.getAddresses();
|
Collection<RouterAddress> oldAddr = prevNetDb.getAddresses();
|
||||||
Collection<RouterAddress> newAddr = ri.getAddresses();
|
Collection<RouterAddress> newAddr = ri.getAddresses();
|
||||||
if ((!newAddr.equals(oldAddr)) &&
|
if ((!newAddr.equals(oldAddr)) &&
|
||||||
(!getContext().shitlist().isShitlistedForever(key)) &&
|
(!getContext().banlist().isBanlistedForever(key)) &&
|
||||||
getContext().blocklist().isBlocklisted(key) &&
|
getContext().blocklist().isBlocklisted(key) &&
|
||||||
_log.shouldLog(Log.WARN))
|
_log.shouldLog(Log.WARN))
|
||||||
_log.warn("New address received, Blocklisting old peer " + key + ' ' + ri);
|
_log.warn("New address received, Blocklisting old peer " + key + ' ' + ri);
|
||||||
|
|||||||
@@ -270,7 +270,7 @@ class IterativeSearchJob extends FloodSearchJob {
|
|||||||
RouterInfo ri = getContext().netDb().lookupRouterInfoLocally(peer);
|
RouterInfo ri = getContext().netDb().lookupRouterInfoLocally(peer);
|
||||||
if (!FloodfillNetworkDatabaseFacade.isFloodfill(ri))
|
if (!FloodfillNetworkDatabaseFacade.isFloodfill(ri))
|
||||||
return;
|
return;
|
||||||
if (getContext().shitlist().isShitlistedForever(peer))
|
if (getContext().banlist().isBanlistedForever(peer))
|
||||||
return;
|
return;
|
||||||
synchronized (this) {
|
synchronized (this) {
|
||||||
if (_failedPeers.contains(peer) ||
|
if (_failedPeers.contains(peer) ||
|
||||||
|
|||||||
@@ -106,7 +106,7 @@ public class KademliaNetworkDatabaseFacade extends NetworkDatabaseFacade {
|
|||||||
public final static String DEFAULT_DB_DIR = "netDb";
|
public final static String DEFAULT_DB_DIR = "netDb";
|
||||||
|
|
||||||
/** if we have less than this many routers left, don't drop any more,
|
/** if we have less than this many routers left, don't drop any more,
|
||||||
* even if they're failing or doing bad shit.
|
* even if they're failing or doing bad stuff.
|
||||||
*/
|
*/
|
||||||
protected final static int MIN_REMAINING_ROUTERS = 25;
|
protected final static int MIN_REMAINING_ROUTERS = 25;
|
||||||
|
|
||||||
@@ -747,7 +747,7 @@ public class KademliaNetworkDatabaseFacade extends NetworkDatabaseFacade {
|
|||||||
return "Invalid routerInfo signature on " + key.toBase64();
|
return "Invalid routerInfo signature on " + key.toBase64();
|
||||||
} else if (upLongEnough && !routerInfo.isCurrent(adjustedExpiration)) {
|
} else if (upLongEnough && !routerInfo.isCurrent(adjustedExpiration)) {
|
||||||
if (routerInfo.getNetworkId() != Router.NETWORK_ID) {
|
if (routerInfo.getNetworkId() != Router.NETWORK_ID) {
|
||||||
_context.shitlist().shitlistRouter(key, "Peer is not in our network");
|
_context.banlist().banlistRouter(key, "Peer is not in our network");
|
||||||
return "Peer is not in our network (" + routerInfo.getNetworkId() + ", wants "
|
return "Peer is not in our network (" + routerInfo.getNetworkId() + ", wants "
|
||||||
+ Router.NETWORK_ID + "): " + routerInfo.calculateHash().toBase64();
|
+ Router.NETWORK_ID + "): " + routerInfo.calculateHash().toBase64();
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -309,8 +309,8 @@ class SearchJob extends JobImpl {
|
|||||||
if (onlyFloodfill)
|
if (onlyFloodfill)
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (ri.isHidden()) {// || // allow querying shitlisted, since its indirect
|
if (ri.isHidden()) {// || // allow querying banlisted, since its indirect
|
||||||
//getContext().shitlist().isShitlisted(peer)) {
|
//getContext().banlist().isBanlisted(peer)) {
|
||||||
// dont bother
|
// dont bother
|
||||||
} else {
|
} else {
|
||||||
_state.addPending(peer);
|
_state.addPending(peer);
|
||||||
@@ -413,8 +413,8 @@ class SearchJob extends JobImpl {
|
|||||||
}
|
}
|
||||||
TunnelId inTunnelId = inTunnel.getReceiveTunnelId(0);
|
TunnelId inTunnelId = inTunnel.getReceiveTunnelId(0);
|
||||||
|
|
||||||
// this will fail if we've shitlisted our inbound gateway, but the gw may not necessarily
|
// this will fail if we've banlisted our inbound gateway, but the gw may not necessarily
|
||||||
// be shitlisted by whomever needs to contact them, so we don't need to check this
|
// be banlisted by whomever needs to contact them, so we don't need to check this
|
||||||
|
|
||||||
//RouterInfo inGateway = getContext().netDb().lookupRouterInfoLocally(inTunnel.getPeer(0));
|
//RouterInfo inGateway = getContext().netDb().lookupRouterInfoLocally(inTunnel.getPeer(0));
|
||||||
//if (inGateway == null) {
|
//if (inGateway == null) {
|
||||||
|
|||||||
@@ -23,7 +23,7 @@ class SearchReplyJob extends JobImpl {
|
|||||||
* Peer who we think sent us the reply. Note: could be spoofed! If the
|
* Peer who we think sent us the reply. Note: could be spoofed! If the
|
||||||
* attacker knew we were searching for a particular key from a
|
* attacker knew we were searching for a particular key from a
|
||||||
* particular peer, they could send us some searchReply messages with
|
* particular peer, they could send us some searchReply messages with
|
||||||
* shitty values, trying to get us to consider that peer unreliable.
|
* bad values, trying to get us to consider that peer unreliable.
|
||||||
* Potential fixes include either authenticated 'from' address or use a
|
* Potential fixes include either authenticated 'from' address or use a
|
||||||
* nonce in the search + searchReply (and check for it in the selector).
|
* nonce in the search + searchReply (and check for it in the selector).
|
||||||
*
|
*
|
||||||
@@ -85,12 +85,12 @@ class SearchReplyJob extends JobImpl {
|
|||||||
if (!sendsBadInfo) {
|
if (!sendsBadInfo) {
|
||||||
// we don't need to search for everthing we're given here - only ones that
|
// we don't need to search for everthing we're given here - only ones that
|
||||||
// are next in our search path...
|
// are next in our search path...
|
||||||
// note: no need to think about shitlisted targets in the netdb search, given
|
// note: no need to think about banlisted targets in the netdb search, given
|
||||||
// the floodfill's behavior
|
// the floodfill's behavior
|
||||||
// This keeps us from continually chasing blocklisted floodfills
|
// This keeps us from continually chasing blocklisted floodfills
|
||||||
if (getContext().shitlist().isShitlisted(peer)) {
|
if (getContext().banlist().isBanlisted(peer)) {
|
||||||
// if (_log.shouldLog(Log.INFO))
|
// if (_log.shouldLog(Log.INFO))
|
||||||
// _log.info("Not looking for a shitlisted peer...");
|
// _log.info("Not looking for a banlisted peer...");
|
||||||
// getContext().statManager().addRateData("netDb.searchReplyValidationSkipped", 1, 0);
|
// getContext().statManager().addRateData("netDb.searchReplyValidationSkipped", 1, 0);
|
||||||
} else {
|
} else {
|
||||||
//getContext().netDb().lookupRouterInfo(peer, new ReplyVerifiedJob(getContext(), peer), new ReplyNotVerifiedJob(getContext(), peer), _timeoutMs);
|
//getContext().netDb().lookupRouterInfo(peer, new ReplyVerifiedJob(getContext(), peer), new ReplyNotVerifiedJob(getContext(), peer), _timeoutMs);
|
||||||
|
|||||||
@@ -183,10 +183,10 @@ class StoreJob extends JobImpl {
|
|||||||
// _state.addSkipped(peer);
|
// _state.addSkipped(peer);
|
||||||
//}
|
//}
|
||||||
|
|
||||||
// we don't want to filter out peers based on our local shitlist, as that opens an avenue for
|
// we don't want to filter out peers based on our local banlist, as that opens an avenue for
|
||||||
// manipulation (since a peer can get us to shitlist them by, well, being shitty, and that
|
// manipulation (since a peer can get us to banlist them, and that
|
||||||
// in turn would let them assume that a netDb store received didn't come from us)
|
// in turn would let them assume that a netDb store received didn't come from us)
|
||||||
//if (getContext().shitlist().isShitlisted(((RouterInfo)ds).getIdentity().calculateHash())) {
|
//if (getContext().banlist().isBanlisted(((RouterInfo)ds).getIdentity().calculateHash())) {
|
||||||
// _state.addSkipped(peer);
|
// _state.addSkipped(peer);
|
||||||
//} else {
|
//} else {
|
||||||
//
|
//
|
||||||
|
|||||||
@@ -60,7 +60,7 @@ public class PeerProfile {
|
|||||||
// does this peer profile contain expanded data, or just the basics?
|
// does this peer profile contain expanded data, or just the basics?
|
||||||
private boolean _expanded;
|
private boolean _expanded;
|
||||||
private boolean _expandedDB;
|
private boolean _expandedDB;
|
||||||
private int _consecutiveShitlists;
|
private int _consecutiveBanlists;
|
||||||
private final int _distance;
|
private final int _distance;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -109,8 +109,8 @@ public class PeerProfile {
|
|||||||
public boolean getIsExpanded() { return _expanded; }
|
public boolean getIsExpanded() { return _expanded; }
|
||||||
public boolean getIsExpandedDB() { return _expandedDB; }
|
public boolean getIsExpandedDB() { return _expandedDB; }
|
||||||
|
|
||||||
public int incrementShitlists() { return _consecutiveShitlists++; }
|
public int incrementBanlists() { return _consecutiveBanlists++; }
|
||||||
public void unshitlist() { _consecutiveShitlists = 0; }
|
public void unbanlist() { _consecutiveBanlists = 0; }
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Is this peer active at the moment (sending/receiving messages within the last
|
* Is this peer active at the moment (sending/receiving messages within the last
|
||||||
|
|||||||
@@ -1342,10 +1342,10 @@ public class ProfileOrganizer {
|
|||||||
// the CLI shouldn't depend upon the netDb
|
// the CLI shouldn't depend upon the netDb
|
||||||
if (netDb == null) return true;
|
if (netDb == null) return true;
|
||||||
if (_context.router() == null) return true;
|
if (_context.router() == null) return true;
|
||||||
if ( (_context.shitlist() != null) && (_context.shitlist().isShitlisted(peer)) ) {
|
if ( (_context.banlist() != null) && (_context.banlist().isBanlisted(peer)) ) {
|
||||||
// if (_log.shouldLog(Log.DEBUG))
|
// if (_log.shouldLog(Log.DEBUG))
|
||||||
// _log.debug("Peer " + peer.toBase64() + " is shitlisted, dont select it");
|
// _log.debug("Peer " + peer.toBase64() + " is banlisted, dont select it");
|
||||||
return false; // never select a shitlisted peer
|
return false; // never select a banlisted peer
|
||||||
}
|
}
|
||||||
|
|
||||||
RouterInfo info = _context.netDb().lookupRouterInfoLocally(peer);
|
RouterInfo info = _context.netDb().lookupRouterInfoLocally(peer);
|
||||||
@@ -1395,7 +1395,7 @@ public class ProfileOrganizer {
|
|||||||
|
|
||||||
_notFailingPeers.put(profile.getPeer(), profile);
|
_notFailingPeers.put(profile.getPeer(), profile);
|
||||||
_notFailingPeersList.add(profile.getPeer());
|
_notFailingPeersList.add(profile.getPeer());
|
||||||
// if not selectable for a tunnel (shitlisted for example),
|
// if not selectable for a tunnel (banlisted for example),
|
||||||
// don't allow them in the high-cap pool, what would the point of that be?
|
// don't allow them in the high-cap pool, what would the point of that be?
|
||||||
if (_thresholdCapacityValue <= profile.getCapacityValue() &&
|
if (_thresholdCapacityValue <= profile.getCapacityValue() &&
|
||||||
isSelectable(profile.getPeer())) {
|
isSelectable(profile.getPeer())) {
|
||||||
|
|||||||
@@ -409,7 +409,7 @@ public class CommSystemFacadeImpl extends CommSystemFacade {
|
|||||||
*
|
*
|
||||||
* This is only used in the router console for now, but we put it here because
|
* This is only used in the router console for now, but we put it here because
|
||||||
* 1) it's a lot easier, and 2) we could use it in the future for peer selection,
|
* 1) it's a lot easier, and 2) we could use it in the future for peer selection,
|
||||||
* tunnel selection, shitlisting, etc.
|
* tunnel selection, banlisting, etc.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* We hope the routerinfos are read in and things have settled down by now, but it's not required to be so */
|
/* We hope the routerinfos are read in and things have settled down by now, but it's not required to be so */
|
||||||
|
|||||||
@@ -43,11 +43,11 @@ class GetBidsJob extends JobImpl {
|
|||||||
Hash to = msg.getTarget().getIdentity().getHash();
|
Hash to = msg.getTarget().getIdentity().getHash();
|
||||||
msg.timestamp("bid");
|
msg.timestamp("bid");
|
||||||
|
|
||||||
if (context.shitlist().isShitlisted(to)) {
|
if (context.banlist().isBanlisted(to)) {
|
||||||
if (log.shouldLog(Log.WARN))
|
if (log.shouldLog(Log.WARN))
|
||||||
log.warn("Attempt to send a message to a shitlisted peer - " + to);
|
log.warn("Attempt to send a message to a banlisted peer - " + to);
|
||||||
//context.messageRegistry().peerFailed(to);
|
//context.messageRegistry().peerFailed(to);
|
||||||
context.statManager().addRateData("transport.bidFailShitlisted", msg.getLifetime(), 0);
|
context.statManager().addRateData("transport.bidFailBanlisted", msg.getLifetime(), 0);
|
||||||
fail(context, msg);
|
fail(context, msg);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -67,7 +67,7 @@ class GetBidsJob extends JobImpl {
|
|||||||
if (failedCount == 0) {
|
if (failedCount == 0) {
|
||||||
context.statManager().addRateData("transport.bidFailNoTransports", msg.getLifetime(), 0);
|
context.statManager().addRateData("transport.bidFailNoTransports", msg.getLifetime(), 0);
|
||||||
// This used to be "no common transports" but it is almost always no transports at all
|
// This used to be "no common transports" but it is almost always no transports at all
|
||||||
context.shitlist().shitlistRouter(to, _x("No transports (hidden or starting up?)"));
|
context.banlist().banlistRouter(to, _x("No transports (hidden or starting up?)"));
|
||||||
} else if (failedCount >= facade.getTransportCount()) {
|
} else if (failedCount >= facade.getTransportCount()) {
|
||||||
context.statManager().addRateData("transport.bidFailAllTransports", msg.getLifetime(), 0);
|
context.statManager().addRateData("transport.bidFailAllTransports", msg.getLifetime(), 0);
|
||||||
// fail after all transports were unsuccessful
|
// fail after all transports were unsuccessful
|
||||||
|
|||||||
@@ -550,8 +550,8 @@ public abstract class TransportImpl implements Transport {
|
|||||||
}
|
}
|
||||||
/** called when we establish a peer connection (outbound or inbound) */
|
/** called when we establish a peer connection (outbound or inbound) */
|
||||||
public void markReachable(Hash peer, boolean isInbound) {
|
public void markReachable(Hash peer, boolean isInbound) {
|
||||||
// if *some* transport can reach them, then we shouldn't shitlist 'em
|
// if *some* transport can reach them, then we shouldn't banlist 'em
|
||||||
_context.shitlist().unshitlistRouter(peer);
|
_context.banlist().unbanlistRouter(peer);
|
||||||
synchronized (_unreachableEntries) {
|
synchronized (_unreachableEntries) {
|
||||||
_unreachableEntries.remove(peer);
|
_unreachableEntries.remove(peer);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -57,9 +57,9 @@ public class TransportManager implements TransportEventListener {
|
|||||||
public TransportManager(RouterContext context) {
|
public TransportManager(RouterContext context) {
|
||||||
_context = context;
|
_context = context;
|
||||||
_log = _context.logManager().getLog(TransportManager.class);
|
_log = _context.logManager().getLog(TransportManager.class);
|
||||||
_context.statManager().createRateStat("transport.shitlistOnUnreachable", "Add a peer to the shitlist since none of the transports can reach them", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
_context.statManager().createRateStat("transport.banlistOnUnreachable", "Add a peer to the banlist since none of the transports can reach them", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
||||||
_context.statManager().createRateStat("transport.noBidsYetNotAllUnreachable", "Add a peer to the shitlist since none of the transports can reach them", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
_context.statManager().createRateStat("transport.noBidsYetNotAllUnreachable", "Add a peer to the banlist since none of the transports can reach them", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
||||||
_context.statManager().createRateStat("transport.bidFailShitlisted", "Could not attempt to bid on message, as they were shitlisted", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
_context.statManager().createRateStat("transport.bidFailBanlisted", "Could not attempt to bid on message, as they were banlisted", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
||||||
_context.statManager().createRateStat("transport.bidFailSelf", "Could not attempt to bid on message, as it targeted ourselves", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
_context.statManager().createRateStat("transport.bidFailSelf", "Could not attempt to bid on message, as it targeted ourselves", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
||||||
_context.statManager().createRateStat("transport.bidFailNoTransports", "Could not attempt to bid on message, as none of the transports could attempt it", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
_context.statManager().createRateStat("transport.bidFailNoTransports", "Could not attempt to bid on message, as none of the transports could attempt it", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
||||||
_context.statManager().createRateStat("transport.bidFailAllTransports", "Could not attempt to bid on message, as all of the transports had failed", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
_context.statManager().createRateStat("transport.bidFailAllTransports", "Could not attempt to bid on message, as all of the transports had failed", "Transport", new long[] { 60*1000, 10*60*1000, 60*60*1000 });
|
||||||
@@ -418,8 +418,8 @@ public class TransportManager implements TransportEventListener {
|
|||||||
for (Transport t : _transports.values()) {
|
for (Transport t : _transports.values()) {
|
||||||
if (t.isUnreachable(peer)) {
|
if (t.isUnreachable(peer)) {
|
||||||
unreachableTransports++;
|
unreachableTransports++;
|
||||||
// this keeps GetBids() from shitlisting for "no common transports"
|
// this keeps GetBids() from banlisting for "no common transports"
|
||||||
// right after we shitlisted for "unreachable on any transport" below...
|
// right after we banlisted for "unreachable on any transport" below...
|
||||||
msg.transportFailed(t.getStyle());
|
msg.transportFailed(t.getStyle());
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@@ -434,7 +434,7 @@ public class TransportManager implements TransportEventListener {
|
|||||||
TransportBid bid = t.bid(msg.getTarget(), msg.getMessageSize());
|
TransportBid bid = t.bid(msg.getTarget(), msg.getMessageSize());
|
||||||
if (bid != null) {
|
if (bid != null) {
|
||||||
if (bid.getLatencyMs() == TransportBid.TRANSIENT_FAIL)
|
if (bid.getLatencyMs() == TransportBid.TRANSIENT_FAIL)
|
||||||
// this keeps GetBids() from shitlisting for "no common transports"
|
// this keeps GetBids() from banlisting for "no common transports"
|
||||||
msg.transportFailed(t.getStyle());
|
msg.transportFailed(t.getStyle());
|
||||||
else if ( (rv == null) || (rv.getLatencyMs() > bid.getLatencyMs()) )
|
else if ( (rv == null) || (rv.getLatencyMs() > bid.getLatencyMs()) )
|
||||||
rv = bid;
|
rv = bid;
|
||||||
@@ -449,10 +449,10 @@ public class TransportManager implements TransportEventListener {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (unreachableTransports >= _transports.size()) {
|
if (unreachableTransports >= _transports.size()) {
|
||||||
// Don't shitlist if we aren't talking to anybody, as we may have a network connection issue
|
// Don't banlist if we aren't talking to anybody, as we may have a network connection issue
|
||||||
if (unreachableTransports >= _transports.size() && countActivePeers() > 0) {
|
if (unreachableTransports >= _transports.size() && countActivePeers() > 0) {
|
||||||
_context.statManager().addRateData("transport.shitlistOnUnreachable", msg.getLifetime(), msg.getLifetime());
|
_context.statManager().addRateData("transport.banlistOnUnreachable", msg.getLifetime(), msg.getLifetime());
|
||||||
_context.shitlist().shitlistRouter(peer, _x("Unreachable on any transport"));
|
_context.banlist().banlistRouter(peer, _x("Unreachable on any transport"));
|
||||||
}
|
}
|
||||||
} else if (rv == null) {
|
} else if (rv == null) {
|
||||||
_context.statManager().addRateData("transport.noBidsYetNotAllUnreachable", unreachableTransports, msg.getLifetime());
|
_context.statManager().addRateData("transport.noBidsYetNotAllUnreachable", unreachableTransports, msg.getLifetime());
|
||||||
|
|||||||
@@ -395,8 +395,8 @@ class EstablishState {
|
|||||||
} else if (diff >= Router.CLOCK_FUDGE_FACTOR) {
|
} else if (diff >= Router.CLOCK_FUDGE_FACTOR) {
|
||||||
_context.statManager().addRateData("ntcp.invalidOutboundSkew", diff, 0);
|
_context.statManager().addRateData("ntcp.invalidOutboundSkew", diff, 0);
|
||||||
_transport.markReachable(_con.getRemotePeer().calculateHash(), false);
|
_transport.markReachable(_con.getRemotePeer().calculateHash(), false);
|
||||||
// Only shitlist if we know what time it is
|
// Only banlist if we know what time it is
|
||||||
_context.shitlist().shitlistRouter(DataHelper.formatDuration(diff),
|
_context.banlist().banlistRouter(DataHelper.formatDuration(diff),
|
||||||
_con.getRemotePeer().calculateHash(),
|
_con.getRemotePeer().calculateHash(),
|
||||||
_x("Excessive clock skew: {0}"));
|
_x("Excessive clock skew: {0}"));
|
||||||
_transport.setLastBadSkew(_tsA- _tsB);
|
_transport.setLastBadSkew(_tsA- _tsB);
|
||||||
@@ -586,14 +586,14 @@ class EstablishState {
|
|||||||
// get inet-addr
|
// get inet-addr
|
||||||
InetAddress addr = this._con.getChannel().socket().getInetAddress();
|
InetAddress addr = this._con.getChannel().socket().getInetAddress();
|
||||||
byte[] ip = (addr == null) ? null : addr.getAddress();
|
byte[] ip = (addr == null) ? null : addr.getAddress();
|
||||||
if (_context.shitlist().isShitlistedForever(alice.calculateHash())) {
|
if (_context.banlist().isBanlistedForever(alice.calculateHash())) {
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Dropping inbound connection from permanently shitlisted peer: " + alice.calculateHash().toBase64());
|
_log.warn("Dropping inbound connection from permanently banlisted peer: " + alice.calculateHash().toBase64());
|
||||||
// So next time we will not accept the con from this IP,
|
// So next time we will not accept the con from this IP,
|
||||||
// rather than doing the whole handshake
|
// rather than doing the whole handshake
|
||||||
if(ip != null)
|
if(ip != null)
|
||||||
_context.blocklist().add(ip);
|
_context.blocklist().add(ip);
|
||||||
fail("Peer is shitlisted forever: " + alice.calculateHash().toBase64());
|
fail("Peer is banlisted forever: " + alice.calculateHash().toBase64());
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if(ip != null)
|
if(ip != null)
|
||||||
@@ -612,8 +612,8 @@ class EstablishState {
|
|||||||
} else if (diff >= Router.CLOCK_FUDGE_FACTOR) {
|
} else if (diff >= Router.CLOCK_FUDGE_FACTOR) {
|
||||||
_context.statManager().addRateData("ntcp.invalidInboundSkew", diff, 0);
|
_context.statManager().addRateData("ntcp.invalidInboundSkew", diff, 0);
|
||||||
_transport.markReachable(alice.calculateHash(), true);
|
_transport.markReachable(alice.calculateHash(), true);
|
||||||
// Only shitlist if we know what time it is
|
// Only banlist if we know what time it is
|
||||||
_context.shitlist().shitlistRouter(DataHelper.formatDuration(diff),
|
_context.banlist().banlistRouter(DataHelper.formatDuration(diff),
|
||||||
alice.calculateHash(),
|
alice.calculateHash(),
|
||||||
_x("Excessive clock skew: {0}"));
|
_x("Excessive clock skew: {0}"));
|
||||||
_transport.setLastBadSkew(tsA- _tsB);
|
_transport.setLastBadSkew(tsA- _tsB);
|
||||||
|
|||||||
@@ -535,7 +535,7 @@ class EventPumper implements Runnable {
|
|||||||
if (_log.shouldLog(Log.INFO))
|
if (_log.shouldLog(Log.INFO))
|
||||||
_log.info("Failed outbound " + con, ioe);
|
_log.info("Failed outbound " + con, ioe);
|
||||||
con.close();
|
con.close();
|
||||||
//_context.shitlist().shitlistRouter(con.getRemotePeer().calculateHash(), "Error connecting", NTCPTransport.STYLE);
|
//_context.banlist().banlistRouter(con.getRemotePeer().calculateHash(), "Error connecting", NTCPTransport.STYLE);
|
||||||
_transport.markUnreachable(con.getRemotePeer().calculateHash());
|
_transport.markUnreachable(con.getRemotePeer().calculateHash());
|
||||||
_context.statManager().addRateData("ntcp.connectFailedTimeoutIOE", 1);
|
_context.statManager().addRateData("ntcp.connectFailedTimeoutIOE", 1);
|
||||||
} catch (NoConnectionPendingException ncpe) {
|
} catch (NoConnectionPendingException ncpe) {
|
||||||
@@ -790,10 +790,10 @@ class EventPumper implements Runnable {
|
|||||||
_context.statManager().addRateData("ntcp.connectFailedIOE", 1);
|
_context.statManager().addRateData("ntcp.connectFailedIOE", 1);
|
||||||
_transport.markUnreachable(con.getRemotePeer().calculateHash());
|
_transport.markUnreachable(con.getRemotePeer().calculateHash());
|
||||||
//if (ntcpOnly(con)) {
|
//if (ntcpOnly(con)) {
|
||||||
// _context.shitlist().shitlistRouter(con.getRemotePeer().calculateHash(), "unable to connect: " + ioe.getMessage());
|
// _context.banlist().banlistRouter(con.getRemotePeer().calculateHash(), "unable to connect: " + ioe.getMessage());
|
||||||
// con.close(false);
|
// con.close(false);
|
||||||
//} else {
|
//} else {
|
||||||
// _context.shitlist().shitlistRouter(con.getRemotePeer().calculateHash(), "unable to connect: " + ioe.getMessage(), NTCPTransport.STYLE);
|
// _context.banlist().banlistRouter(con.getRemotePeer().calculateHash(), "unable to connect: " + ioe.getMessage(), NTCPTransport.STYLE);
|
||||||
con.close(true);
|
con.close(true);
|
||||||
//}
|
//}
|
||||||
} catch (UnresolvedAddressException uae) {
|
} catch (UnresolvedAddressException uae) {
|
||||||
@@ -801,10 +801,10 @@ class EventPumper implements Runnable {
|
|||||||
_context.statManager().addRateData("ntcp.connectFailedUnresolved", 1);
|
_context.statManager().addRateData("ntcp.connectFailedUnresolved", 1);
|
||||||
_transport.markUnreachable(con.getRemotePeer().calculateHash());
|
_transport.markUnreachable(con.getRemotePeer().calculateHash());
|
||||||
//if (ntcpOnly(con)) {
|
//if (ntcpOnly(con)) {
|
||||||
// _context.shitlist().shitlistRouter(con.getRemotePeer().calculateHash(), "unable to connect/resolve: " + uae.getMessage());
|
// _context.banlist().banlistRouter(con.getRemotePeer().calculateHash(), "unable to connect/resolve: " + uae.getMessage());
|
||||||
// con.close(false);
|
// con.close(false);
|
||||||
//} else {
|
//} else {
|
||||||
// _context.shitlist().shitlistRouter(con.getRemotePeer().calculateHash(), "unable to connect/resolve: " + uae.getMessage(), NTCPTransport.STYLE);
|
// _context.banlist().banlistRouter(con.getRemotePeer().calculateHash(), "unable to connect/resolve: " + uae.getMessage(), NTCPTransport.STYLE);
|
||||||
con.close(true);
|
con.close(true);
|
||||||
//}
|
//}
|
||||||
} catch (CancelledKeyException cke) {
|
} catch (CancelledKeyException cke) {
|
||||||
@@ -823,7 +823,7 @@ class EventPumper implements Runnable {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If the other peer only supports ntcp, we should shitlist them when we can't reach 'em,
|
* If the other peer only supports ntcp, we should banlist them when we can't reach 'em,
|
||||||
* but if they support other transports (eg ssu) we should allow those transports to be
|
* but if they support other transports (eg ssu) we should allow those transports to be
|
||||||
* tried as well.
|
* tried as well.
|
||||||
*/
|
*/
|
||||||
|
|||||||
@@ -490,7 +490,7 @@ class NTCPConnection implements FIFOBandwidthLimiter.CompleteListener {
|
|||||||
_establishedOn = System.currentTimeMillis();
|
_establishedOn = System.currentTimeMillis();
|
||||||
_establishState = null;
|
_establishState = null;
|
||||||
_transport.markReachable(getRemotePeer().calculateHash(), false);
|
_transport.markReachable(getRemotePeer().calculateHash(), false);
|
||||||
//_context.shitlist().unshitlistRouter(getRemotePeer().calculateHash(), NTCPTransport.STYLE);
|
//_context.banlist().unbanlistRouter(getRemotePeer().calculateHash(), NTCPTransport.STYLE);
|
||||||
boolean msgs = !_outbound.isEmpty();
|
boolean msgs = !_outbound.isEmpty();
|
||||||
_nextMetaTime = System.currentTimeMillis() + (META_FREQUENCY / 2) + _context.random().nextInt(META_FREQUENCY);
|
_nextMetaTime = System.currentTimeMillis() + (META_FREQUENCY / 2) + _context.random().nextInt(META_FREQUENCY);
|
||||||
_nextInfoTime = System.currentTimeMillis() + (INFO_FREQUENCY / 2) + _context.random().nextInt(INFO_FREQUENCY);
|
_nextInfoTime = System.currentTimeMillis() + (INFO_FREQUENCY / 2) + _context.random().nextInt(INFO_FREQUENCY);
|
||||||
|
|||||||
@@ -94,7 +94,7 @@ public class NTCPTransport extends TransportImpl {
|
|||||||
_context.statManager().createRateStat("ntcp.failsafeCloses", "How many times do we need to proactively close an idle connection to a peer at any given failsafe pass?", "ntcp", RATES);
|
_context.statManager().createRateStat("ntcp.failsafeCloses", "How many times do we need to proactively close an idle connection to a peer at any given failsafe pass?", "ntcp", RATES);
|
||||||
_context.statManager().createRateStat("ntcp.failsafeInvalid", "How many times do we close a connection to a peer to work around a JVM bug?", "ntcp", RATES);
|
_context.statManager().createRateStat("ntcp.failsafeInvalid", "How many times do we close a connection to a peer to work around a JVM bug?", "ntcp", RATES);
|
||||||
_context.statManager().createRateStat("ntcp.accept", "", "ntcp", RATES);
|
_context.statManager().createRateStat("ntcp.accept", "", "ntcp", RATES);
|
||||||
_context.statManager().createRateStat("ntcp.attemptShitlistedPeer", "", "ntcp", RATES);
|
_context.statManager().createRateStat("ntcp.attemptBanlistedPeer", "", "ntcp", RATES);
|
||||||
_context.statManager().createRateStat("ntcp.attemptUnreachablePeer", "", "ntcp", RATES);
|
_context.statManager().createRateStat("ntcp.attemptUnreachablePeer", "", "ntcp", RATES);
|
||||||
_context.statManager().createRateStat("ntcp.closeOnBacklog", "", "ntcp", RATES);
|
_context.statManager().createRateStat("ntcp.closeOnBacklog", "", "ntcp", RATES);
|
||||||
_context.statManager().createRateStat("ntcp.connectFailedIOE", "", "ntcp", RATES);
|
_context.statManager().createRateStat("ntcp.connectFailedIOE", "", "ntcp", RATES);
|
||||||
@@ -167,7 +167,7 @@ public class NTCPTransport extends TransportImpl {
|
|||||||
void inboundEstablished(NTCPConnection con) {
|
void inboundEstablished(NTCPConnection con) {
|
||||||
_context.statManager().addRateData("ntcp.inboundEstablished", 1);
|
_context.statManager().addRateData("ntcp.inboundEstablished", 1);
|
||||||
markReachable(con.getRemotePeer().calculateHash(), true);
|
markReachable(con.getRemotePeer().calculateHash(), true);
|
||||||
//_context.shitlist().unshitlistRouter(con.getRemotePeer().calculateHash());
|
//_context.banlist().unbanlistRouter(con.getRemotePeer().calculateHash());
|
||||||
NTCPConnection old;
|
NTCPConnection old;
|
||||||
synchronized (_conLock) {
|
synchronized (_conLock) {
|
||||||
old = _conByIdent.put(con.getRemotePeer().calculateHash(), con);
|
old = _conByIdent.put(con.getRemotePeer().calculateHash(), con);
|
||||||
@@ -281,10 +281,10 @@ public class NTCPTransport extends TransportImpl {
|
|||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
Hash peer = toAddress.getIdentity().calculateHash();
|
Hash peer = toAddress.getIdentity().calculateHash();
|
||||||
if (_context.shitlist().isShitlisted(peer, STYLE)) {
|
if (_context.banlist().isBanlisted(peer, STYLE)) {
|
||||||
// we aren't shitlisted in general (since we are trying to get a bid), but we have
|
// we aren't banlisted in general (since we are trying to get a bid), but we have
|
||||||
// recently shitlisted the peer on the NTCP transport, so don't try it
|
// recently banlisted the peer on the NTCP transport, so don't try it
|
||||||
_context.statManager().addRateData("ntcp.attemptShitlistedPeer", 1);
|
_context.statManager().addRateData("ntcp.attemptBanlistedPeer", 1);
|
||||||
return null;
|
return null;
|
||||||
} else if (isUnreachable(peer)) {
|
} else if (isUnreachable(peer)) {
|
||||||
_context.statManager().addRateData("ntcp.attemptUnreachablePeer", 1);
|
_context.statManager().addRateData("ntcp.attemptUnreachablePeer", 1);
|
||||||
@@ -302,7 +302,7 @@ public class NTCPTransport extends TransportImpl {
|
|||||||
if (addr == null) {
|
if (addr == null) {
|
||||||
markUnreachable(peer);
|
markUnreachable(peer);
|
||||||
//_context.statManager().addRateData("ntcp.bidRejectedNoNTCPAddress", 1);
|
//_context.statManager().addRateData("ntcp.bidRejectedNoNTCPAddress", 1);
|
||||||
//_context.shitlist().shitlistRouter(toAddress.getIdentity().calculateHash(), "No NTCP address", STYLE);
|
//_context.banlist().banlistRouter(toAddress.getIdentity().calculateHash(), "No NTCP address", STYLE);
|
||||||
if (_log.shouldLog(Log.DEBUG))
|
if (_log.shouldLog(Log.DEBUG))
|
||||||
_log.debug("no bid when trying to send to " + peer + " as they don't have an ntcp address");
|
_log.debug("no bid when trying to send to " + peer + " as they don't have an ntcp address");
|
||||||
return null;
|
return null;
|
||||||
@@ -311,7 +311,7 @@ public class NTCPTransport extends TransportImpl {
|
|||||||
if ( (addr.getPort() < MIN_PEER_PORT) || (ip == null) ) {
|
if ( (addr.getPort() < MIN_PEER_PORT) || (ip == null) ) {
|
||||||
_context.statManager().addRateData("ntcp.connectFailedInvalidPort", 1);
|
_context.statManager().addRateData("ntcp.connectFailedInvalidPort", 1);
|
||||||
markUnreachable(peer);
|
markUnreachable(peer);
|
||||||
//_context.shitlist().shitlistRouter(toAddress.getIdentity().calculateHash(), "Invalid NTCP address", STYLE);
|
//_context.banlist().banlistRouter(toAddress.getIdentity().calculateHash(), "Invalid NTCP address", STYLE);
|
||||||
if (_log.shouldLog(Log.DEBUG))
|
if (_log.shouldLog(Log.DEBUG))
|
||||||
_log.debug("no bid when trying to send to " + peer + " as they don't have a valid ntcp address");
|
_log.debug("no bid when trying to send to " + peer + " as they don't have a valid ntcp address");
|
||||||
return null;
|
return null;
|
||||||
|
|||||||
@@ -233,7 +233,7 @@ class EstablishmentManager {
|
|||||||
RouterIdentity toIdentity = toRouterInfo.getIdentity();
|
RouterIdentity toIdentity = toRouterInfo.getIdentity();
|
||||||
Hash toHash = toIdentity.calculateHash();
|
Hash toHash = toIdentity.calculateHash();
|
||||||
if (toRouterInfo.getNetworkId() != Router.NETWORK_ID) {
|
if (toRouterInfo.getNetworkId() != Router.NETWORK_ID) {
|
||||||
_context.shitlist().shitlistRouter(toHash);
|
_context.banlist().banlistRouter(toHash);
|
||||||
_transport.markUnreachable(toHash);
|
_transport.markUnreachable(toHash);
|
||||||
_transport.failed(msg, "Remote peer is on the wrong network, cannot establish");
|
_transport.failed(msg, "Remote peer is on the wrong network, cannot establish");
|
||||||
return;
|
return;
|
||||||
@@ -252,7 +252,7 @@ class EstablishmentManager {
|
|||||||
Arrays.equals(maybeTo.getIP(), _transport.getExternalIP())) {
|
Arrays.equals(maybeTo.getIP(), _transport.getExternalIP())) {
|
||||||
_transport.failed(msg, "Remote peer's IP isn't valid");
|
_transport.failed(msg, "Remote peer's IP isn't valid");
|
||||||
_transport.markUnreachable(toHash);
|
_transport.markUnreachable(toHash);
|
||||||
//_context.shitlist().shitlistRouter(msg.getTarget().getIdentity().calculateHash(), "Invalid SSU address", UDPTransport.STYLE);
|
//_context.banlist().banlistRouter(msg.getTarget().getIdentity().calculateHash(), "Invalid SSU address", UDPTransport.STYLE);
|
||||||
_context.statManager().addRateData("udp.establishBadIP", 1);
|
_context.statManager().addRateData("udp.establishBadIP", 1);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -707,15 +707,15 @@ class EstablishmentManager {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* dont send our info immediately, just send a small data packet, and 5-10s later,
|
* dont send our info immediately, just send a small data packet, and 5-10s later,
|
||||||
* if the peer isnt shitlisted, *then* send them our info. this will help kick off
|
* if the peer isnt banlisted, *then* send them our info. this will help kick off
|
||||||
* the oldnet
|
* the oldnet
|
||||||
* The "oldnet" was < 0.6.1.10, it is long gone.
|
* The "oldnet" was < 0.6.1.10, it is long gone.
|
||||||
* The delay really slows down the network.
|
* The delay really slows down the network.
|
||||||
* The peer is unshitlisted and marked reachable by addRemotePeerState() which calls markReachable()
|
* The peer is unbanlisted and marked reachable by addRemotePeerState() which calls markReachable()
|
||||||
* so the check below is fairly pointless.
|
* so the check below is fairly pointless.
|
||||||
* If for some strange reason an oldnet router (NETWORK_ID == 1) does show up,
|
* If for some strange reason an oldnet router (NETWORK_ID == 1) does show up,
|
||||||
* it's handled in UDPTransport.messageReceived()
|
* it's handled in UDPTransport.messageReceived()
|
||||||
* (where it will get dropped, marked unreachable and shitlisted at that time).
|
* (where it will get dropped, marked unreachable and banlisted at that time).
|
||||||
*/
|
*/
|
||||||
private void sendInboundComplete(PeerState peer) {
|
private void sendInboundComplete(PeerState peer) {
|
||||||
// SimpleTimer.getInstance().addEvent(new PublishToNewInbound(peer), 10*1000);
|
// SimpleTimer.getInstance().addEvent(new PublishToNewInbound(peer), 10*1000);
|
||||||
@@ -733,15 +733,15 @@ class EstablishmentManager {
|
|||||||
//_context.simpleScheduler().addEvent(new PublishToNewInbound(peer), 0);
|
//_context.simpleScheduler().addEvent(new PublishToNewInbound(peer), 0);
|
||||||
|
|
||||||
Hash hash = peer.getRemotePeer();
|
Hash hash = peer.getRemotePeer();
|
||||||
if ((hash != null) && (!_context.shitlist().isShitlisted(hash)) && (!_transport.isUnreachable(hash))) {
|
if ((hash != null) && (!_context.banlist().isBanlisted(hash)) && (!_transport.isUnreachable(hash))) {
|
||||||
// ok, we are fine with them, send them our latest info
|
// ok, we are fine with them, send them our latest info
|
||||||
//if (_log.shouldLog(Log.INFO))
|
//if (_log.shouldLog(Log.INFO))
|
||||||
// _log.info("Publishing to the peer after confirm plus delay (without shitlist): " + peer);
|
// _log.info("Publishing to the peer after confirm plus delay (without banlist): " + peer);
|
||||||
sendOurInfo(peer, true);
|
sendOurInfo(peer, true);
|
||||||
} else {
|
} else {
|
||||||
// nuh uh.
|
// nuh uh.
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("NOT publishing to the peer after confirm plus delay (WITH shitlist): " + (hash != null ? hash.toString() : "unknown"));
|
_log.warn("NOT publishing to the peer after confirm plus delay (WITH banlist): " + (hash != null ? hash.toString() : "unknown"));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1103,9 +1103,9 @@ class EstablishmentManager {
|
|||||||
case IB_STATE_CONFIRMED_COMPLETELY:
|
case IB_STATE_CONFIRMED_COMPLETELY:
|
||||||
RouterIdentity remote = inboundState.getConfirmedIdentity();
|
RouterIdentity remote = inboundState.getConfirmedIdentity();
|
||||||
if (remote != null) {
|
if (remote != null) {
|
||||||
if (_context.shitlist().isShitlistedForever(remote.calculateHash())) {
|
if (_context.banlist().isBanlistedForever(remote.calculateHash())) {
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Dropping inbound connection from permanently shitlisted peer: " + remote.calculateHash());
|
_log.warn("Dropping inbound connection from permanently banlisted peer: " + remote.calculateHash());
|
||||||
// So next time we will not accept the con, rather than doing the whole handshake
|
// So next time we will not accept the con, rather than doing the whole handshake
|
||||||
_context.blocklist().add(inboundState.getSentIP());
|
_context.blocklist().add(inboundState.getSentIP());
|
||||||
inboundState.fail();
|
inboundState.fail();
|
||||||
@@ -1299,7 +1299,7 @@ class EstablishmentManager {
|
|||||||
}
|
}
|
||||||
String err = "Took too long to establish OB connection, state = " + outboundState.getState();
|
String err = "Took too long to establish OB connection, state = " + outboundState.getState();
|
||||||
Hash peer = outboundState.getRemoteIdentity().calculateHash();
|
Hash peer = outboundState.getRemoteIdentity().calculateHash();
|
||||||
//_context.shitlist().shitlistRouter(peer, err, UDPTransport.STYLE);
|
//_context.banlist().banlistRouter(peer, err, UDPTransport.STYLE);
|
||||||
_transport.markUnreachable(peer);
|
_transport.markUnreachable(peer);
|
||||||
_transport.dropPeer(peer, false, err);
|
_transport.dropPeer(peer, false, err);
|
||||||
//_context.profileManager().commErrorOccurred(peer);
|
//_context.profileManager().commErrorOccurred(peer);
|
||||||
|
|||||||
@@ -143,7 +143,7 @@ class IntroductionManager {
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if ( /* _context.profileOrganizer().isFailing(cur.getRemotePeer()) || */
|
if ( /* _context.profileOrganizer().isFailing(cur.getRemotePeer()) || */
|
||||||
_context.shitlist().isShitlisted(cur.getRemotePeer()) ||
|
_context.banlist().isBanlisted(cur.getRemotePeer()) ||
|
||||||
_transport.wasUnreachable(cur.getRemotePeer())) {
|
_transport.wasUnreachable(cur.getRemotePeer())) {
|
||||||
if (_log.shouldLog(Log.INFO))
|
if (_log.shouldLog(Log.INFO))
|
||||||
_log.info("Peer is failing, shistlisted or was unreachable: " + cur);
|
_log.info("Peer is failing, shistlisted or was unreachable: " + cur);
|
||||||
@@ -255,7 +255,7 @@ class IntroductionManager {
|
|||||||
try {
|
try {
|
||||||
to = InetAddress.getByAddress(ip);
|
to = InetAddress.getByAddress(ip);
|
||||||
} catch (UnknownHostException uhe) {
|
} catch (UnknownHostException uhe) {
|
||||||
// shitlist Bob?
|
// banlist Bob?
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("IP for alice to hole punch to is invalid", uhe);
|
_log.warn("IP for alice to hole punch to is invalid", uhe);
|
||||||
_context.statManager().addRateData("udp.relayBadIP", 1);
|
_context.statManager().addRateData("udp.relayBadIP", 1);
|
||||||
|
|||||||
@@ -1071,7 +1071,7 @@ class PacketBuilder {
|
|||||||
if (_log.shouldLog(_log.WARN))
|
if (_log.shouldLog(_log.WARN))
|
||||||
_log.warn("Cannot build a relay request to " + state.getRemoteIdentity().calculateHash()
|
_log.warn("Cannot build a relay request to " + state.getRemoteIdentity().calculateHash()
|
||||||
+ ", as their UDP address is invalid: addr=" + addr + " index=" + i);
|
+ ", as their UDP address is invalid: addr=" + addr + " index=" + i);
|
||||||
// TODO implement some sort of introducer shitlist
|
// TODO implement some sort of introducer banlist
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
rv.add(buildRelayRequest(iaddr, iport, ikey, tag, ourIntroKey, state.getIntroNonce(), true));
|
rv.add(buildRelayRequest(iaddr, iport, ikey, tag, ourIntroKey, state.getIntroNonce(), true));
|
||||||
|
|||||||
@@ -563,7 +563,7 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
_log.error("The router " + from + " told us we have an invalid IP - "
|
_log.error("The router " + from + " told us we have an invalid IP - "
|
||||||
+ Addresses.toString(ourIP, ourPort) + ". Lets throw tomatoes at them");
|
+ Addresses.toString(ourIP, ourPort) + ". Lets throw tomatoes at them");
|
||||||
markUnreachable(from);
|
markUnreachable(from);
|
||||||
//_context.shitlist().shitlistRouter(from, "They said we had an invalid IP", STYLE);
|
//_context.banlist().banlistRouter(from, "They said we had an invalid IP", STYLE);
|
||||||
return;
|
return;
|
||||||
} else if (inboundRecent && _externalListenPort > 0 && _externalListenHost != null) {
|
} else if (inboundRecent && _externalListenPort > 0 && _externalListenHost != null) {
|
||||||
// use OS clock since its an ordering thing, not a time thing
|
// use OS clock since its an ordering thing, not a time thing
|
||||||
@@ -913,7 +913,7 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
|
|
||||||
_activeThrottle.unchoke(peer.getRemotePeer());
|
_activeThrottle.unchoke(peer.getRemotePeer());
|
||||||
markReachable(peer.getRemotePeer(), peer.isInbound());
|
markReachable(peer.getRemotePeer(), peer.isInbound());
|
||||||
//_context.shitlist().unshitlistRouter(peer.getRemotePeer(), STYLE);
|
//_context.banlist().unbanlistRouter(peer.getRemotePeer(), STYLE);
|
||||||
|
|
||||||
//if (SHOULD_FLOOD_PEERS)
|
//if (SHOULD_FLOOD_PEERS)
|
||||||
// _flooder.addPeer(peer);
|
// _flooder.addPeer(peer);
|
||||||
@@ -956,13 +956,13 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
if (remoteIdentHash != null) {
|
if (remoteIdentHash != null) {
|
||||||
_context.shitlist().shitlistRouter(remoteIdentHash, "Sent us a peer from the wrong network");
|
_context.banlist().banlistRouter(remoteIdentHash, "Sent us a peer from the wrong network");
|
||||||
dropPeer(remoteIdentHash);
|
dropPeer(remoteIdentHash);
|
||||||
if (_log.shouldLog(Log.ERROR))
|
if (_log.shouldLog(Log.ERROR))
|
||||||
_log.error("Dropping the peer " + remoteIdentHash
|
_log.error("Dropping the peer " + remoteIdentHash
|
||||||
+ " because they are in the wrong net");
|
+ " because they are in the wrong net");
|
||||||
} else if (remoteIdent != null) {
|
} else if (remoteIdent != null) {
|
||||||
_context.shitlist().shitlistRouter(remoteIdent.calculateHash(), "Sent us a peer from the wrong network");
|
_context.banlist().banlistRouter(remoteIdent.calculateHash(), "Sent us a peer from the wrong network");
|
||||||
dropPeer(remoteIdent.calculateHash());
|
dropPeer(remoteIdent.calculateHash());
|
||||||
if (_log.shouldLog(Log.ERROR))
|
if (_log.shouldLog(Log.ERROR))
|
||||||
_log.error("Dropping the peer " + remoteIdent.calculateHash()
|
_log.error("Dropping the peer " + remoteIdent.calculateHash()
|
||||||
@@ -978,8 +978,8 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
_context.simpleScheduler().addEvent(new RemoveDropList(remote), DROPLIST_PERIOD);
|
_context.simpleScheduler().addEvent(new RemoveDropList(remote), DROPLIST_PERIOD);
|
||||||
}
|
}
|
||||||
markUnreachable(peerHash);
|
markUnreachable(peerHash);
|
||||||
_context.shitlist().shitlistRouter(peerHash, "Part of the wrong network, version = " + ((RouterInfo) entry).getOption("router.version"));
|
_context.banlist().banlistRouter(peerHash, "Part of the wrong network, version = " + ((RouterInfo) entry).getOption("router.version"));
|
||||||
//_context.shitlist().shitlistRouter(peerHash, "Part of the wrong network", STYLE);
|
//_context.banlist().banlistRouter(peerHash, "Part of the wrong network", STYLE);
|
||||||
dropPeer(peerHash, false, "wrong network");
|
dropPeer(peerHash, false, "wrong network");
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Dropping the peer " + peerHash + " because they are in the wrong net: " + entry);
|
_log.warn("Dropping the peer " + peerHash + " because they are in the wrong net: " + entry);
|
||||||
@@ -1013,13 +1013,13 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
|
|
||||||
boolean isInDropList(RemoteHostId peer) { return _dropList.contains(peer); }
|
boolean isInDropList(RemoteHostId peer) { return _dropList.contains(peer); }
|
||||||
|
|
||||||
void dropPeer(Hash peer, boolean shouldShitlist, String why) {
|
void dropPeer(Hash peer, boolean shouldBanlist, String why) {
|
||||||
PeerState state = getPeerState(peer);
|
PeerState state = getPeerState(peer);
|
||||||
if (state != null)
|
if (state != null)
|
||||||
dropPeer(state, shouldShitlist, why);
|
dropPeer(state, shouldBanlist, why);
|
||||||
}
|
}
|
||||||
|
|
||||||
void dropPeer(PeerState peer, boolean shouldShitlist, String why) {
|
void dropPeer(PeerState peer, boolean shouldBanlist, String why) {
|
||||||
if (_log.shouldLog(Log.INFO)) {
|
if (_log.shouldLog(Log.INFO)) {
|
||||||
long now = _context.clock().now();
|
long now = _context.clock().now();
|
||||||
StringBuilder buf = new StringBuilder(4096);
|
StringBuilder buf = new StringBuilder(4096);
|
||||||
@@ -1028,7 +1028,7 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
long timeSinceAck = now - peer.getLastACKSend();
|
long timeSinceAck = now - peer.getLastACKSend();
|
||||||
long timeSinceSendOK = now - peer.getLastSendFullyTime();
|
long timeSinceSendOK = now - peer.getLastSendFullyTime();
|
||||||
int consec = peer.getConsecutiveFailedSends();
|
int consec = peer.getConsecutiveFailedSends();
|
||||||
buf.append("Dropping remote peer: ").append(peer.toString()).append(" shitlist? ").append(shouldShitlist);
|
buf.append("Dropping remote peer: ").append(peer.toString()).append(" banlist? ").append(shouldBanlist);
|
||||||
buf.append(" lifetime: ").append(now - peer.getKeyEstablishedTime());
|
buf.append(" lifetime: ").append(now - peer.getKeyEstablishedTime());
|
||||||
buf.append(" time since send/fully/recv/ack: ").append(timeSinceSend).append(" / ");
|
buf.append(" time since send/fully/recv/ack: ").append(timeSinceSend).append(" / ");
|
||||||
buf.append(timeSinceSendOK).append(" / ");
|
buf.append(timeSinceSendOK).append(" / ");
|
||||||
@@ -1067,13 +1067,13 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
_log.info(buf.toString(), new Exception("Dropped by"));
|
_log.info(buf.toString(), new Exception("Dropped by"));
|
||||||
}
|
}
|
||||||
synchronized(_addDropLock) {
|
synchronized(_addDropLock) {
|
||||||
locked_dropPeer(peer, shouldShitlist, why);
|
locked_dropPeer(peer, shouldBanlist, why);
|
||||||
}
|
}
|
||||||
if (needsRebuild())
|
if (needsRebuild())
|
||||||
rebuildExternalAddress();
|
rebuildExternalAddress();
|
||||||
}
|
}
|
||||||
|
|
||||||
private void locked_dropPeer(PeerState peer, boolean shouldShitlist, String why) {
|
private void locked_dropPeer(PeerState peer, boolean shouldBanlist, String why) {
|
||||||
peer.dropOutbound();
|
peer.dropOutbound();
|
||||||
peer.expireInboundMessages();
|
peer.expireInboundMessages();
|
||||||
_introManager.remove(peer);
|
_introManager.remove(peer);
|
||||||
@@ -1083,9 +1083,9 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
if (peer.getRemotePeer() != null) {
|
if (peer.getRemotePeer() != null) {
|
||||||
dropPeerCapacities(peer);
|
dropPeerCapacities(peer);
|
||||||
|
|
||||||
if (shouldShitlist) {
|
if (shouldBanlist) {
|
||||||
markUnreachable(peer.getRemotePeer());
|
markUnreachable(peer.getRemotePeer());
|
||||||
//_context.shitlist().shitlistRouter(peer.getRemotePeer(), "dropped after too many retries", STYLE);
|
//_context.banlist().banlistRouter(peer.getRemotePeer(), "dropped after too many retries", STYLE);
|
||||||
}
|
}
|
||||||
long now = _context.clock().now();
|
long now = _context.clock().now();
|
||||||
_context.statManager().addRateData("udp.droppedPeer", now - peer.getLastReceiveTime(), now - peer.getKeyEstablishedTime());
|
_context.statManager().addRateData("udp.droppedPeer", now - peer.getLastReceiveTime(), now - peer.getKeyEstablishedTime());
|
||||||
@@ -1110,8 +1110,8 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
_expireEvent.remove(peer);
|
_expireEvent.remove(peer);
|
||||||
|
|
||||||
// deal with races to make sure we drop the peers fully
|
// deal with races to make sure we drop the peers fully
|
||||||
if ( (altByIdent != null) && (peer != altByIdent) ) locked_dropPeer(altByIdent, shouldShitlist, "recurse");
|
if ( (altByIdent != null) && (peer != altByIdent) ) locked_dropPeer(altByIdent, shouldBanlist, "recurse");
|
||||||
if ( (altByHost != null) && (peer != altByHost) ) locked_dropPeer(altByHost, shouldShitlist, "recurse");
|
if ( (altByHost != null) && (peer != altByHost) ) locked_dropPeer(altByHost, shouldBanlist, "recurse");
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean needsRebuild() {
|
private boolean needsRebuild() {
|
||||||
@@ -2253,7 +2253,7 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
|
|||||||
buf.append("</i>");
|
buf.append("</i>");
|
||||||
appended = true;
|
appended = true;
|
||||||
}
|
}
|
||||||
if (_context.shitlist().isShitlisted(peer.getRemotePeer(), STYLE)) {
|
if (_context.banlist().isBanlisted(peer.getRemotePeer(), STYLE)) {
|
||||||
if (!appended) buf.append("<br>");
|
if (!appended) buf.append("<br>");
|
||||||
buf.append(" <i>").append(_("Banned")).append("</i>");
|
buf.append(" <i>").append(_("Banned")).append("</i>");
|
||||||
appended = true;
|
appended = true;
|
||||||
|
|||||||
@@ -659,7 +659,7 @@ public class TunnelPoolManager implements TunnelManagerFacade {
|
|||||||
int len = tun.getLength();
|
int len = tun.getLength();
|
||||||
if (len > 1 && tun.getPeer(1).equals(peer)) {
|
if (len > 1 && tun.getPeer(1).equals(peer)) {
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Removing OB tunnel, first hop shitlisted: " + tun);
|
_log.warn("Removing OB tunnel, first hop banlisted: " + tun);
|
||||||
pool.tunnelFailed(tun, peer);
|
pool.tunnelFailed(tun, peer);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -675,7 +675,7 @@ public class TunnelPoolManager implements TunnelManagerFacade {
|
|||||||
int len = tun.getLength();
|
int len = tun.getLength();
|
||||||
if (len > 1 && tun.getPeer(len - 2).equals(peer)) {
|
if (len > 1 && tun.getPeer(len - 2).equals(peer)) {
|
||||||
if (_log.shouldLog(Log.WARN))
|
if (_log.shouldLog(Log.WARN))
|
||||||
_log.warn("Removing IB tunnel, prev. hop shitlisted: " + tun);
|
_log.warn("Removing IB tunnel, prev. hop banlisted: " + tun);
|
||||||
pool.tunnelFailed(tun, peer);
|
pool.tunnelFailed(tun, peer);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -57,7 +57,7 @@ public class SSUDemo {
|
|||||||
// we want SNTP synchronization for replay prevention
|
// we want SNTP synchronization for replay prevention
|
||||||
envProps.setProperty("time.disabled", "false");
|
envProps.setProperty("time.disabled", "false");
|
||||||
// allow 127.0.0.1/10.0.0.1/etc (useful for testing). If this is false,
|
// allow 127.0.0.1/10.0.0.1/etc (useful for testing). If this is false,
|
||||||
// peers who say they're on an invalid IP are shitlisted
|
// peers who say they're on an invalid IP are banlisted
|
||||||
envProps.setProperty("i2np.udp.allowLocal", "true");
|
envProps.setProperty("i2np.udp.allowLocal", "true");
|
||||||
// explicit IP+port. at least one router on the net has to have their IP+port
|
// explicit IP+port. at least one router on the net has to have their IP+port
|
||||||
// set, since there has to be someone to detect one's IP off. most don't need
|
// set, since there has to be someone to detect one's IP off. most don't need
|
||||||
@@ -173,9 +173,9 @@ public class SSUDemo {
|
|||||||
out.setOnSendJob(new AfterACK());
|
out.setOnSendJob(new AfterACK());
|
||||||
// queue up the message, establishing a new SSU session if necessary, using
|
// queue up the message, establishing a new SSU session if necessary, using
|
||||||
// their direct SSU address if they have one, or their indirect SSU addresses
|
// their direct SSU address if they have one, or their indirect SSU addresses
|
||||||
// if they don't. If we cannot contact them, we will 'shitlist' their address,
|
// if they don't. If we cannot contact them, we will 'banlist' their address,
|
||||||
// during which time we will not even attempt to send messages to them. We also
|
// during which time we will not even attempt to send messages to them. We also
|
||||||
// drop their netDb info when we shitlist them, in case their info is no longer
|
// drop their netDb info when we banlist them, in case their info is no longer
|
||||||
// correct. Since the netDb is disabled for all meaningful purposes, the SSUDemo
|
// correct. Since the netDb is disabled for all meaningful purposes, the SSUDemo
|
||||||
// will be responsible for fetching such information.
|
// will be responsible for fetching such information.
|
||||||
_us.outNetMessagePool().add(out);
|
_us.outNetMessagePool().add(out);
|
||||||
@@ -278,4 +278,4 @@ public class SSUDemo {
|
|||||||
}
|
}
|
||||||
public String getName() { return "Handle netDb store"; }
|
public String getName() { return "Handle netDb store"; }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user