monero-project · 0xFFFC0000 · Nov 24, 2024
diff --git a/contrib/epee/include/net/net_utils_base.h b/contrib/epee/include/net/net_utils_base.h
@@ -89,7 +89,7 @@ namespace net_utils
 		bool is_local() const;
 		static constexpr address_type get_type_id() noexcept { return address_type::ipv4; }
 		static constexpr zone get_zone() noexcept { return zone::public_; }
-		static constexpr bool is_blockable() noexcept { return true; }
+		static constexpr bool is_bannable() noexcept { return true; }
 
 		BEGIN_KV_SERIALIZE_MAP()
 			if (is_store)
@@ -145,7 +145,7 @@ namespace net_utils
 		bool is_local() const;
 		static constexpr address_type get_type_id() noexcept { return address_type::invalid; }
 		static constexpr zone get_zone() noexcept { return zone::public_; }
-		static constexpr bool is_blockable() noexcept { return true; }
+		static constexpr bool is_bannable() noexcept { return true; }
 
 		BEGIN_KV_SERIALIZE_MAP()
 			KV_SERIALIZE(m_ip)
@@ -195,7 +195,7 @@ namespace net_utils
 		bool is_local() const;
 		static constexpr address_type get_type_id() noexcept { return address_type::ipv6; }
 		static constexpr zone get_zone() noexcept { return zone::public_; }
-		static constexpr bool is_blockable() noexcept { return true; }
+		static constexpr bool is_bannable() noexcept { return true; }
 
 		static const uint8_t ID = 2;
 		BEGIN_KV_SERIALIZE_MAP()
@@ -235,7 +235,7 @@ namespace net_utils
 			virtual bool is_local() const = 0;
 			virtual address_type get_type_id() const = 0;
 			virtual zone get_zone() const = 0;
-			virtual bool is_blockable() const = 0;
+			virtual bool is_bannable() const = 0;
 			virtual std::uint16_t port() const = 0;
 		};
 
@@ -266,7 +266,7 @@ namespace net_utils
 			virtual bool is_local() const override { return value.is_local(); }
 			virtual address_type get_type_id() const override { return value.get_type_id(); }
 			virtual zone get_zone() const override { return value.get_zone(); }
-			virtual bool is_blockable() const override { return value.is_blockable(); }
+			virtual bool is_bannable() const override { return value.is_bannable(); }
 			virtual std::uint16_t port() const override { return value.port(); }
 		};
 
@@ -313,7 +313,7 @@ namespace net_utils
 		bool is_local() const { return self ? self->is_local() : false; }
 		address_type get_type_id() const { return self ? self->get_type_id() : address_type::invalid; }
 		zone get_zone() const { return self ? self->get_zone() : zone::invalid; }
-		bool is_blockable() const { return self ? self->is_blockable() : false; }
+		bool is_bannable() const { return self ? self->is_bannable() : false; }
 		std::uint16_t port() const { return self ? self->port() : 0; }
 		template<typename Type> const Type &as() const { return as_mutable<const Type>(); }
 

diff --git a/src/cryptonote_config.h b/src/cryptonote_config.h
@@ -149,14 +149,14 @@
 #define P2P_DEFAULT_LIMIT_RATE_DOWN                     8192       // kB/s
 
 #define P2P_FAILED_ADDR_FORGET_SECONDS                  (60*60)     //1 hour
-#define P2P_IP_BLOCKTIME                                (60*60*24)  //24 hour
-#define P2P_IP_FAILS_BEFORE_BLOCK                       10
+#define P2P_IP_BANTIME                                (60*60*24)  //24 hour
+#define P2P_IP_FAILS_BEFORE_BAN                       10
 #define P2P_IDLE_CONNECTION_KILL_INTERVAL               (5*60) //5 minutes
 
 #define P2P_SUPPORT_FLAG_FLUFFY_BLOCKS                  0x01
 #define P2P_SUPPORT_FLAGS                               P2P_SUPPORT_FLAG_FLUFFY_BLOCKS
 
-#define RPC_IP_FAILS_BEFORE_BLOCK                       3
+#define RPC_IP_FAILS_BEFORE_BAN                       3
 
 #define CRYPTONOTE_NAME                         "bitmonero"
 #define CRYPTONOTE_BLOCKCHAINDATA_FILENAME      "data.mdb"
@@ -205,7 +205,7 @@
 
 #define RPC_CREDITS_PER_HASH_SCALE ((float)(1<<24))
 
-#define DNS_BLOCKLIST_LIFETIME (86400 * 8)
+#define DNS_BANLIST_LIFETIME (86400 * 8)
 
 //The limit is enough for the mandatory transaction content with 16 outputs (547 bytes),
 //a custom tag (1 byte) and up to 32 bytes of custom data for each recipient.

diff --git a/src/cryptonote_protocol/cryptonote_protocol_handler.inl b/src/cryptonote_protocol/cryptonote_protocol_handler.inl
@@ -519,7 +519,7 @@ namespace cryptonote
     if(bvc.m_verifivation_failed)
     {
       LOG_PRINT_CCONTEXT_L0("Block verification failed, dropping connection");
-      drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BLOCK : 1, false);
+      drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BAN : 1, false);
       return 1;
     }
     if(bvc.m_added_to_main_chain)
@@ -802,7 +802,7 @@ namespace cryptonote
         if( bvc.m_verifivation_failed )
         {
           LOG_PRINT_CCONTEXT_L0("Block verification failed, dropping connection");
-          drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BLOCK : 1, false);
+          drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BAN : 1, false);
           return 1;
         }
         if( bvc.m_added_to_main_chain )
@@ -1605,7 +1605,7 @@ namespace cryptonote
               drop_connections(span_origin);
               if (!m_p2p->for_connection(span_connection_id, [&](cryptonote_connection_context& context, nodetool::peerid_type peer_id, uint32_t f)->bool{
                 LOG_PRINT_CCONTEXT_L1("Block verification failed, dropping connection");
-                drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BLOCK : 1, true);
+                drop_connection_with_score(context, bvc.m_bad_pow ? P2P_IP_FAILS_BEFORE_BAN : 1, true);
                 return 1;
               }))
                 LOG_ERROR_CCONTEXT("span connection id not found");

diff --git a/src/daemon/command_parser_executor.cpp b/src/daemon/command_parser_executor.cpp
@@ -660,7 +660,7 @@ bool t_command_parser_executor::ban(const std::vector<std::string>& args)
     std::cout << "Invalid syntax: Expects one or two parameters. For more details, use the help command." << std::endl;
     return true;
   }
-  time_t seconds = P2P_IP_BLOCKTIME;
+  time_t seconds = P2P_IP_BANTIME;
   if (args.size() > 1)
   {
     try

diff --git a/src/daemon/rpc_command_executor.cpp b/src/daemon/rpc_command_executor.cpp
@@ -192,7 +192,7 @@ bool t_rpc_command_executor::print_peer_list(bool white, bool gray, size_t limit
 
   std::string failure_message = "Couldn't retrieve peer list";
 
-  req.include_blocked = true;
+  req.include_banned = req.include_blocked = true;
 
   if (m_is_rpc)
   {
@@ -240,7 +240,7 @@ bool t_rpc_command_executor::print_peer_list_stats() {
   std::string failure_message = "Couldn't retrieve peer list";
 
   req.public_only = false;
-  req.include_blocked = true;
+  req.include_banned = req.include_blocked = true;
 
   if (m_is_rpc)
   {

diff --git a/src/net/i2p_address.h b/src/net/i2p_address.h
@@ -119,7 +119,7 @@ namespace net
         }
 
         //! \return `!is_unknown()`.
-        bool is_blockable() const noexcept { return !is_unknown(); }
+        bool is_bannable() const noexcept { return !is_unknown(); }
     };
 
     inline bool operator==(const i2p_address& lhs, const i2p_address& rhs) noexcept

diff --git a/src/net/tor_address.h b/src/net/tor_address.h
@@ -121,7 +121,7 @@ namespace net
         }
 
         //! \return `!is_unknown()`.
-        bool is_blockable() const noexcept { return !is_unknown(); }
+        bool is_bannable() const noexcept { return !is_unknown(); }
     };
 
     inline bool operator==(const tor_address& lhs, const tor_address& rhs) noexcept

diff --git a/src/p2p/net_node.cpp b/src/p2p/net_node.cpp
@@ -152,7 +152,8 @@ namespace nodetool
     const command_line::arg_descriptor<std::string> arg_ban_list = {"ban-list", "Specify ban list file, one IP address per line"};
     const command_line::arg_descriptor<bool> arg_p2p_hide_my_port   =    {"hide-my-port", "Do not announce yourself as peerlist candidate", false, true};
     const command_line::arg_descriptor<bool> arg_no_sync = {"no-sync", "Don't synchronize the blockchain with other peers", false};
-    const command_line::arg_descriptor<bool> arg_enable_dns_blocklist = {"enable-dns-blocklist", "Apply realtime blocklist from DNS", false};
+    const command_line::arg_descriptor<bool> arg_enable_dns_banlist = {"enable-dns-banlist", "Apply realtime banlist from DNS", false};
+    const command_line::arg_descriptor<bool> arg_enable_dns_blocklist = {"enable-dns-blocklist", "Apply realtime banlist from DNS, alias for --enable-dns-banlist flag", false};
 
     const command_line::arg_descriptor<bool>        arg_no_igd  = {"no-igd", "Disable UPnP port mapping"};
     const command_line::arg_descriptor<std::string> arg_igd = {"igd", "UPnP port mapping (disabled, enabled, delayed)", "delayed"};

diff --git a/src/p2p/net_node.h b/src/p2p/net_node.h
@@ -285,13 +285,13 @@ namespace nodetool
     uint32_t get_max_out_public_peers() const;
     void change_max_in_public_peers(size_t count);
     uint32_t get_max_in_public_peers() const;
-    virtual bool block_host(epee::net_utils::network_address address, time_t seconds = P2P_IP_BLOCKTIME, bool add_only = false);
-    virtual bool unblock_host(const epee::net_utils::network_address &address);
-    virtual bool block_subnet(const epee::net_utils::ipv4_network_subnet &subnet, time_t seconds = P2P_IP_BLOCKTIME);
-    virtual bool unblock_subnet(const epee::net_utils::ipv4_network_subnet &subnet);
-    virtual bool is_host_blocked(const epee::net_utils::network_address &address, time_t *seconds) { CRITICAL_REGION_LOCAL(m_blocked_hosts_lock); return !is_remote_host_allowed(address, seconds); }
-    virtual std::map<std::string, time_t> get_blocked_hosts() { CRITICAL_REGION_LOCAL(m_blocked_hosts_lock); return m_blocked_hosts; }
-    virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_blocked_subnets() { CRITICAL_REGION_LOCAL(m_blocked_hosts_lock); return m_blocked_subnets; }
+    virtual bool ban_host(epee::net_utils::network_address address, time_t seconds = P2P_IP_BANTIME, bool add_only = false);
+    virtual bool unban_host(const epee::net_utils::network_address &address);
+    virtual bool ban_subnet(const epee::net_utils::ipv4_network_subnet &subnet, time_t seconds = P2P_IP_BANTIME);
+    virtual bool unban_subnet(const epee::net_utils::ipv4_network_subnet &subnet);
+    virtual bool is_host_banned(const epee::net_utils::network_address &address, time_t *seconds) { CRITICAL_REGION_LOCAL(m_banned_hosts_lock); return !is_remote_host_allowed(address, seconds); }
+    virtual std::map<std::string, time_t> get_banned_hosts() { CRITICAL_REGION_LOCAL(m_banned_hosts_lock); return m_banned_hosts; }
+    virtual std::map<epee::net_utils::ipv4_network_subnet, time_t> get_banned_subnets() { CRITICAL_REGION_LOCAL(m_banned_hosts_lock); return m_banned_subnets; }
 
     virtual void add_used_stripe_peer(const typename t_payload_net_handler::connection_context &context);
     virtual void remove_used_stripe_peer(const typename t_payload_net_handler::connection_context &context);
@@ -366,7 +366,7 @@ namespace nodetool
     bool peer_sync_idle_maker();
     bool do_handshake_with_peer(peerid_type& pi, p2p_connection_context& context, bool just_take_peerlist = false);
     bool do_peer_timed_sync(const epee::net_utils::connection_context_base& context, peerid_type peer_id);
-    bool update_dns_blocklist();
+    bool update_dns_banlist();
 
     bool make_new_connection_from_anchor_peerlist(const std::vector<anchor_peerlist_entry>& anchor_peerlist);
     bool make_new_connection_from_peerlist(network_zone& zone, bool use_white_list);
@@ -472,7 +472,7 @@ namespace nodetool
     epee::math_helper::once_a_time_seconds<60*30, false> m_peerlist_store_interval;
     epee::math_helper::once_a_time_seconds<60> m_gray_peerlist_housekeeping_interval;
     epee::math_helper::once_a_time_seconds<3600, false> m_incoming_connections_interval;
-    epee::math_helper::once_a_time_seconds<7000> m_dns_blocklist_interval;
+    epee::math_helper::once_a_time_seconds<7000> m_dns_banlist_interval;
 
     std::list<epee::net_utils::network_address>   m_priority_peers;
     std::vector<epee::net_utils::network_address> m_exclusive_peers;
@@ -497,9 +497,9 @@ namespace nodetool
     std::map<std::string, time_t> m_conn_fails_cache;
     epee::critical_section m_conn_fails_cache_lock;
 
-    epee::critical_section m_blocked_hosts_lock; // for both hosts and subnets
-    std::map<std::string, time_t> m_blocked_hosts;
-    std::map<epee::net_utils::ipv4_network_subnet, time_t> m_blocked_subnets;
+    epee::critical_section m_banned_hosts_lock; // for both hosts and subnets
+    std::map<std::string, time_t> m_banned_hosts;
+    std::map<epee::net_utils::ipv4_network_subnet, time_t> m_banned_subnets;
 
     epee::critical_section m_host_fails_score_lock;
     std::map<std::string, uint64_t> m_host_fails_score;
@@ -513,7 +513,7 @@ namespace nodetool
     epee::net_utils::ssl_support_t m_ssl_support;
 
     bool m_enable_dns_seed_nodes;
-    bool m_enable_dns_blocklist;
+    bool m_enable_dns_banlist;
 
     uint32_t max_connections;
   };
@@ -537,6 +537,7 @@ namespace nodetool
     extern const command_line::arg_descriptor<std::string> arg_ban_list;
     extern const command_line::arg_descriptor<bool> arg_p2p_hide_my_port;
     extern const command_line::arg_descriptor<bool> arg_no_sync;
+    extern const command_line::arg_descriptor<bool> arg_enable_dns_banlist;
     extern const command_line::arg_descriptor<bool> arg_enable_dns_blocklist;
 
     extern const command_line::arg_descriptor<bool>        arg_no_igd;