aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMiguel Herranz <miguel@ipglider.org>2017-01-14 13:21:20 +0100
committerMiguel Herranz <miguel@ipglider.org>2017-01-15 12:11:27 +0100
commit3f269e988c9dae849208dca4167cbadbcd1ab90d (patch)
treeda7a6ea6569635a8ee08ec2f3c31c50c27cf783e
parentMerge pull request #1559 (diff)
downloadmonero-3f269e988c9dae849208dca4167cbadbcd1ab90d.tar.xz
Limit incoming connections from the same IP
-rw-r--r--src/p2p/net_node.h2
-rw-r--r--src/p2p/net_node.inl30
2 files changed, 32 insertions, 0 deletions
diff --git a/src/p2p/net_node.h b/src/p2p/net_node.h
index cc6a486d3..3f5a5ad93 100644
--- a/src/p2p/net_node.h
+++ b/src/p2p/net_node.h
@@ -227,6 +227,8 @@ namespace nodetool
bool set_rate_down_limit(const boost::program_options::variables_map& vm, int64_t limit);
bool set_rate_limit(const boost::program_options::variables_map& vm, int64_t limit);
+ bool has_too_many_connections(const uint32_t ip);
+
void kill() { ///< will be called e.g. from deinit()
_info("Killing the net_node");
is_closing = true;
diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl
index f32e7a435..e9847b64d 100644
--- a/src/p2p/net_node.inl
+++ b/src/p2p/net_node.inl
@@ -1457,6 +1457,14 @@ namespace nodetool
drop_connection(context);
return 1;
}
+
+ if(has_too_many_connections(context.m_remote_ip))
+ {
+ LOG_PRINT_CCONTEXT_L1("CONNECTION FROM " << epee::string_tools::get_ip_string_from_int32(context.m_remote_ip) << " REFUSED, too many connections from the same address");
+ drop_connection(context);
+ return 1;
+ }
+
//associate peer_id with this connection
context.peer_id = arg.node_data.peer_id;
@@ -1677,4 +1685,26 @@ namespace nodetool
return true;
}
+
+ template<class t_payload_net_handler>
+ bool node_server<t_payload_net_handler>::has_too_many_connections(const uint32_t ip)
+ {
+ const uint8_t max_connections = 3;
+ uint8_t count = 0;
+
+ m_net_server.get_config_object().foreach_connection([&](const p2p_connection_context& cntxt)
+ {
+ if (cntxt.m_is_income && cntxt.m_remote_ip == ip) {
+ count++;
+
+ if (count > max_connections) {
+ return false;
+ }
+ }
+
+ return true;
+ });
+
+ return count > max_connections;
+ }
}