diff options
| author | Felix Lange <fjl@twurst.com> | 2016-11-23 03:51:59 +0800 |
|---|---|---|
| committer | Felix Lange <fjl@twurst.com> | 2016-11-23 05:21:18 +0800 |
| commit | a47341cf96498332e2f0f67c1a6456c67831a5d0 (patch) | |
| tree | 92e3c89aa1060e210cc288a68dddaa24be161181 /p2p/discv5/net.go | |
| parent | e46bda50935cfad5bfc51130e4ea802f518917e7 (diff) | |
| download | dexon-a47341cf96498332e2f0f67c1a6456c67831a5d0.tar dexon-a47341cf96498332e2f0f67c1a6456c67831a5d0.tar.gz dexon-a47341cf96498332e2f0f67c1a6456c67831a5d0.tar.bz2 dexon-a47341cf96498332e2f0f67c1a6456c67831a5d0.tar.lz dexon-a47341cf96498332e2f0f67c1a6456c67831a5d0.tar.xz dexon-a47341cf96498332e2f0f67c1a6456c67831a5d0.tar.zst dexon-a47341cf96498332e2f0f67c1a6456c67831a5d0.zip | |
p2p, p2p/discover, p2p/discv5: add IP network restriction feature
The p2p packages can now be configured to restrict all communication to
a certain subset of IP networks. This feature is meant to be used for
private networks.
Diffstat (limited to 'p2p/discv5/net.go')
| -rw-r--r-- | p2p/discv5/net.go | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/p2p/discv5/net.go b/p2p/discv5/net.go index b7e4a0bee..d1c48904e 100644 --- a/p2p/discv5/net.go +++ b/p2p/discv5/net.go @@ -31,6 +31,7 @@ import ( "github.com/ethereum/go-ethereum/logger" "github.com/ethereum/go-ethereum/logger/glog" "github.com/ethereum/go-ethereum/p2p/nat" + "github.com/ethereum/go-ethereum/p2p/netutil" "github.com/ethereum/go-ethereum/rlp" ) @@ -63,8 +64,9 @@ func debugLog(s string) { // Network manages the table and all protocol interaction. type Network struct { - db *nodeDB // database of known nodes - conn transport + db *nodeDB // database of known nodes + conn transport + netrestrict *netutil.Netlist closed chan struct{} // closed when loop is done closeReq chan struct{} // 'request to close' @@ -133,7 +135,7 @@ type timeoutEvent struct { node *Node } -func newNetwork(conn transport, ourPubkey ecdsa.PublicKey, natm nat.Interface, dbPath string) (*Network, error) { +func newNetwork(conn transport, ourPubkey ecdsa.PublicKey, natm nat.Interface, dbPath string, netrestrict *netutil.Netlist) (*Network, error) { ourID := PubkeyID(&ourPubkey) var db *nodeDB @@ -148,6 +150,7 @@ func newNetwork(conn transport, ourPubkey ecdsa.PublicKey, natm nat.Interface, d net := &Network{ db: db, conn: conn, + netrestrict: netrestrict, tab: tab, topictab: newTopicTable(db, tab.self), ticketStore: newTicketStore(), @@ -696,6 +699,9 @@ func (net *Network) internNodeFromNeighbours(sender *net.UDPAddr, rn rpcNode) (n if n == nil { // We haven't seen this node before. n, err = nodeFromRPC(sender, rn) + if net.netrestrict != nil && !net.netrestrict.Contains(n.IP) { + return n, errors.New("not contained in netrestrict whitelist") + } if err == nil { n.state = unknown net.nodes[n.ID] = n |