Skip to content

P
plugin
Commit 2c011ced authored by libangzhu's avatar libangzhu Committed by vipwzw
Browse files
Options

增加grpc server端对黑名单Ip的拦截

parent 71252687
Hide whitespace changes
Inline Side-by-side
Showing with 21 additions and 16 deletions
plugin/p2p/gossip/common.go
View file @ 2c011ced
...@@ -30,30 +30,30 @@ var P2pComm Comm ...@@ -30,30 +30,30 @@ var P2pComm Comm
type Comm struct{} type Comm struct{}
//CheckNetAddr check addr or ip format //CheckNetAddr check addr or ip format
func (Comm) CheckNetAddr(addr string) error { func (Comm) CheckNetAddr(addr string) ( string, int64, error) {
//check peerAddr //check peerAddr
if !strings.Contains(addr, ":") { //only ip if !strings.Contains(addr, ":") { //only ip
if net.ParseIP(addr) == nil { if net.ParseIP(addr) == nil {
return errors.New("invalid ip") return "", 0,errors.New("invalid ip")
} }
return nil return addr,0,nil
} }
host, port, err := net.SplitHostPort(addr) host, port, err := net.SplitHostPort(addr)
if err != nil { if err != nil {
return err return "",0, err
} }
iport, err := strconv.ParseInt(port, 10, 32) iport, err := strconv.ParseInt(port, 10, 32)
if err != nil || iport > 65535 { if err != nil || iport > 65535 {
return errors.New("invalid port") return "",0,errors.New("invalid port")
} }
if net.ParseIP(host) == nil { if net.ParseIP(host) == nil {
return errors.New("invalid ip") return "",0,errors.New("invalid ip")
} }
return nil return host,iport ,nil
} }
......
plugin/p2p/gossip/p2p_test.go
View file @ 2c011ced
...@@ -494,18 +494,18 @@ func TestBytesToInt32(t *testing.T) { ...@@ -494,18 +494,18 @@ func TestBytesToInt32(t *testing.T) {
} }
func TestComm_CheckNetAddr(t *testing.T) { func TestComm_CheckNetAddr(t *testing.T) {
err:= P2pComm.CheckNetAddr("192.16666.0.1") _,_, err:= P2pComm.CheckNetAddr("192.16666.0.1")
assert.NotNil(t, err) assert.NotNil(t, err)
assert.Equal(t, "invalid ip",err.Error()) assert.Equal(t, "invalid ip",err.Error())
err = P2pComm.CheckNetAddr("192.169.0.1:899999") _,_, err = P2pComm.CheckNetAddr("192.169.0.1:899999")
assert.NotNil(t, err) assert.NotNil(t, err)
assert.Equal(t, "invalid port",err.Error()) assert.Equal(t, "invalid port",err.Error())
err = P2pComm.CheckNetAddr("192.169.257.1:899") _,_, err = P2pComm.CheckNetAddr("192.169.257.1:899")
assert.NotNil(t, err) assert.NotNil(t, err)
assert.Equal(t, "invalid ip",err.Error()) assert.Equal(t, "invalid ip",err.Error())
err = P2pComm.CheckNetAddr("192.169.1.1") _,_, err = P2pComm.CheckNetAddr("192.169.1.1")
assert.Nil(t, err) assert.Nil(t, err)
err = P2pComm.CheckNetAddr("192.169.1.1:123") _,_, err = P2pComm.CheckNetAddr("192.169.1.1:123")
assert.Nil(t, err) assert.Nil(t, err)
} }
......
plugin/p2p/gossip/p2pcli.go
View file @ 2c011ced
...@@ -675,12 +675,12 @@ func (m *Cli) AddPeerToBlacklist(msg *queue.Message, taskindex int64) { ...@@ -675,12 +675,12 @@ func (m *Cli) AddPeerToBlacklist(msg *queue.Message, taskindex int64) {
if blackPeer.PeerAddr != "" { //把IP或者IP:PORT加入 黑名单 if blackPeer.PeerAddr != "" { //把IP或者IP:PORT加入 黑名单
//check peerAddr //check peerAddr
err := P2pComm.CheckNetAddr(blackPeer.GetPeerAddr()) ip,_,err := P2pComm.CheckNetAddr(blackPeer.GetPeerAddr())
if err != nil { if err != nil {
msg.Reply(m.network.client.NewMessage("rpc", pb.EventReply, &pb.Reply{IsOk: false, Msg: []byte(err.Error())})) msg.Reply(m.network.client.NewMessage("rpc", pb.EventReply, &pb.Reply{IsOk: false, Msg: []byte(err.Error())}))
return return
} }
m.network.node.nodeInfo.blacklist.Add(ip, int64(lifetime.Seconds()))
m.network.node.nodeInfo.blacklist.Add(blackPeer.PeerAddr, int64(lifetime.Seconds())) m.network.node.nodeInfo.blacklist.Add(blackPeer.PeerAddr, int64(lifetime.Seconds()))
peerName, ok := m.network.node.peerStore.Load(blackPeer.PeerAddr) peerName, ok := m.network.node.peerStore.Load(blackPeer.PeerAddr)
if ok { if ok {
...@@ -691,7 +691,10 @@ func (m *Cli) AddPeerToBlacklist(msg *queue.Message, taskindex int64) { ...@@ -691,7 +691,10 @@ func (m *Cli) AddPeerToBlacklist(msg *queue.Message, taskindex int64) {
} else if blackPeer.PeerName != "" { } else if blackPeer.PeerName != "" {
peer := m.network.node.GetRegisterPeer(blackPeer.PeerName) peer := m.network.node.GetRegisterPeer(blackPeer.PeerName)
if peer != nil { if peer != nil {
ip,_,_ := P2pComm.CheckNetAddr(peer.Addr())
m.network.node.nodeInfo.blacklist.Add(ip, int64(lifetime.Seconds()))
m.network.node.nodeInfo.blacklist.Add(peer.Addr(), int64(lifetime.Seconds())) m.network.node.nodeInfo.blacklist.Add(peer.Addr(), int64(lifetime.Seconds()))
m.network.node.nodeInfo.blacklist.addPeerStore(peer.Addr(), blackPeer.PeerName) m.network.node.nodeInfo.blacklist.addPeerStore(peer.Addr(), blackPeer.PeerName)
m.network.node.nodeInfo.blacklist.addPeerStore(blackPeer.PeerName, peer.Addr()) m.network.node.nodeInfo.blacklist.addPeerStore(blackPeer.PeerName, peer.Addr())
m.network.node.remove(blackPeer.PeerName) //close peer m.network.node.remove(blackPeer.PeerName) //close peer
...@@ -716,18 +719,20 @@ func (m *Cli) DelPeerFromBlacklist(msg *queue.Message, taskindex int64) { ...@@ -716,18 +719,20 @@ func (m *Cli) DelPeerFromBlacklist(msg *queue.Message, taskindex int64) {
blackPeer := msg.GetData().(*pb.BlackPeer) blackPeer := msg.GetData().(*pb.BlackPeer)
if blackPeer.PeerAddr != "" { if blackPeer.PeerAddr != "" {
//check peerAddr //check peerAddr
err := P2pComm.CheckNetAddr(blackPeer.GetPeerAddr()) ip,_,err := P2pComm.CheckNetAddr(blackPeer.GetPeerAddr())
if err != nil { if err != nil {
msg.Reply(m.network.client.NewMessage("rpc", pb.EventReply, &pb.Reply{IsOk: false, Msg: []byte(err.Error())})) msg.Reply(m.network.client.NewMessage("rpc", pb.EventReply, &pb.Reply{IsOk: false, Msg: []byte(err.Error())}))
return return
} }
m.network.node.nodeInfo.blacklist.Delete(ip)
m.network.node.nodeInfo.blacklist.Delete(blackPeer.PeerAddr) m.network.node.nodeInfo.blacklist.Delete(blackPeer.PeerAddr)
m.network.node.nodeInfo.blacklist.deletePeerStore(blackPeer.PeerAddr) m.network.node.nodeInfo.blacklist.deletePeerStore(blackPeer.PeerAddr)
} else if blackPeer.PeerName != "" { } else if blackPeer.PeerName != "" {
//通过pid 获取remoteAddr //通过pid 获取remoteAddr
remoteAddr, ok := m.network.node.nodeInfo.blacklist.getpeerStore(blackPeer.PeerName) remoteAddr, ok := m.network.node.nodeInfo.blacklist.getpeerStore(blackPeer.PeerName)
if ok { if ok {
ip,_,_ := P2pComm.CheckNetAddr(remoteAddr)
m.network.node.nodeInfo.blacklist.Delete(ip)
m.network.node.nodeInfo.blacklist.Delete(remoteAddr) m.network.node.nodeInfo.blacklist.Delete(remoteAddr)
m.network.node.nodeInfo.blacklist.deletePeerStore(remoteAddr) m.network.node.nodeInfo.blacklist.deletePeerStore(remoteAddr)
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment