Bitcoin Core  27.99.0
P2P Digital Currency
Go to the documentation of this file.
1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2022 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or
8 #include <addrdb.h>
9 #include <common/bloom.h>
10 #include <net_types.h> // For banmap_t
11 #include <sync.h>
12 #include <util/fs.h>
14 #include <chrono>
15 #include <cstdint>
16 #include <memory>
18 // NOTE: When adjusting this, update rpcnet:setban's help ("24h")
19 static constexpr unsigned int DEFAULT_MISBEHAVING_BANTIME = 60 * 60 * 24; // Default 24-hour ban
22 static constexpr std::chrono::minutes DUMP_BANS_INTERVAL{15};
24 class CClientUIInterface;
25 class CNetAddr;
26 class CSubNet;
28 // Banman manages two related but distinct concepts:
29 //
30 // 1. Banning. This is configured manually by the user, through the setban RPC.
31 // If an address or subnet is banned, we never accept incoming connections from
32 // it and never create outgoing connections to it. We won't gossip its address
33 // to other peers in addr messages. Banned addresses and subnets are stored to
34 // disk on shutdown and reloaded on startup. Banning can be used to
35 // prevent connections with spy nodes or other griefers.
36 //
37 // 2. Discouragement. If a peer misbehaves enough (see Misbehaving() in
38 // net_processing.cpp), we'll mark that address as discouraged. We still allow
39 // incoming connections from them, but they're preferred for eviction when
40 // we receive new incoming connections. We never make outgoing connections to
41 // them, and do not gossip their address to other peers. This is implemented as
42 // a bloom filter. We can (probabilistically) test for membership, but can't
43 // list all discouraged addresses or unmark them as discouraged. Discouragement
44 // can prevent our limited connection slots being used up by incompatible
45 // or broken peers.
46 //
47 // Neither banning nor discouragement are protections against denial-of-service
48 // attacks, since if an attacker has a way to waste our resources and we
49 // disconnect from them and ban that address, it's trivial for them to
50 // reconnect from another IP address.
51 //
52 // Attempting to automatically disconnect or ban any class of peer carries the
53 // risk of splitting the network. For example, if we banned/disconnected for a
54 // transaction that fails a policy check and a future version changes the
55 // policy check so the transaction is accepted, then that transaction could
56 // cause the network to split between old nodes and new nodes.
58 class BanMan
59 {
60 public:
61  ~BanMan();
62  BanMan(fs::path ban_file, CClientUIInterface* client_interface, int64_t default_ban_time);
63  void Ban(const CNetAddr& net_addr, int64_t ban_time_offset = 0, bool since_unix_epoch = false) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex);
64  void Ban(const CSubNet& sub_net, int64_t ban_time_offset = 0, bool since_unix_epoch = false) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex);
77  bool Unban(const CNetAddr& net_addr) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex);
82 private:
89  bool m_is_dirty GUARDED_BY(m_banned_mutex){false};
92  const int64_t m_default_ban_time;
93  CRollingBloomFilter m_discouraged GUARDED_BY(m_banned_mutex) {50000, 0.000001};
94 };
96 #endif // BITCOIN_BANMAN_H
static constexpr unsigned int DEFAULT_MISBEHAVING_BANTIME
Definition: banman.h:19
static constexpr std::chrono::minutes DUMP_BANS_INTERVAL
How often to dump banned addresses/subnets to disk.
Definition: banman.h:22
Definition: banman.h:59
void DumpBanlist() EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Definition: banman.cpp:48
void Ban(const CNetAddr &net_addr, int64_t ban_time_offset=0, bool since_unix_epoch=false) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Definition: banman.cpp:118
BanMan(fs::path ban_file, CClientUIInterface *client_interface, int64_t default_ban_time)
Definition: banman.cpp:17
void SweepBanned() EXCLUSIVE_LOCKS_REQUIRED(m_banned_mutex)
clean unused entries (if bantime has expired)
Definition: banman.cpp:182
const int64_t m_default_ban_time
Definition: banman.h:92
bool IsBanned(const CNetAddr &net_addr) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Return whether net_addr is banned.
Definition: banman.cpp:89
banmap_t m_banned GUARDED_BY(m_banned_mutex)
void GetBanned(banmap_t &banmap) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Definition: banman.cpp:174
Mutex m_banned_mutex
Definition: banman.h:87
void ClearBanned() EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Definition: banman.cpp:72
CRollingBloomFilter m_discouraged GUARDED_BY(m_banned_mutex)
Definition: banman.h:93
void LoadBanlist() EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Definition: banman.cpp:29
CClientUIInterface * m_client_interface
Definition: banman.h:90
CBanDB m_ban_db
Definition: banman.h:91
bool Unban(const CNetAddr &net_addr) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Definition: banman.cpp:156
bool IsDiscouraged(const CNetAddr &net_addr) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Return whether net_addr is discouraged.
Definition: banman.cpp:83
void Discourage(const CNetAddr &net_addr) EXCLUSIVE_LOCKS_REQUIRED(!m_banned_mutex)
Definition: banman.cpp:124
Definition: banman.cpp:24
bool m_is_dirty GUARDED_BY(m_banned_mutex)
Definition: banman.h:89
Access to the banlist database (banlist.json)
Definition: addrdb.h:29
Signals for UI communication.
Definition: interface_ui.h:25
Network address.
Definition: netaddress.h:112
RollingBloomFilter is a probabilistic "keep track of most recently inserted" set.
Definition: bloom.h:109
Path class wrapper to block calls to the fs::path(std::string) implicit constructor and the fs::path:...
Definition: fs.h:33
std::map< CSubNet, CBanEntry > banmap_t
Definition: net_types.h:41
Definition: threadsafety.h:49