Merge pull request filecoin-project#4849 from filecoin-project/feat/c…

…onngater Connection Gater support
EpiK-Protocol · Jan 7, 2021 · 53ef125 · 53ef125
1 parent 77ef2ec
commit 53ef125
Show file tree

Hide file tree

Showing 12 changed files with 502 additions and 5 deletions.
diff --git a/api/api_common.go b/api/api_common.go
@@ -46,6 +46,11 @@ type Common interface {
 	// usage and current rate per protocol
 	NetBandwidthStatsByProtocol(ctx context.Context) (map[protocol.ID]metrics.Stats, error)
 
+	// ConnectionGater API
+	NetBlockAdd(ctx context.Context, acl NetBlockList) error
+	NetBlockRemove(ctx context.Context, acl NetBlockList) error
+	NetBlockList(ctx context.Context) (NetBlockList, error)
+
 	// MethodGroup: Common
 
 	// ID returns peerID of libp2p node backing this API

diff --git a/api/apistruct/struct.go b/api/apistruct/struct.go
@@ -64,6 +64,9 @@ type CommonStruct struct {
 		NetBandwidthStatsByPeer     func(ctx context.Context) (map[string]metrics.Stats, error)      `perm:"read"`
 		NetBandwidthStatsByProtocol func(ctx context.Context) (map[protocol.ID]metrics.Stats, error) `perm:"read"`
 		NetAgentVersion             func(ctx context.Context, p peer.ID) (string, error)             `perm:"read"`
+		NetBlockAdd                 func(ctx context.Context, acl api.NetBlockList) error            `perm:"admin"`
+		NetBlockRemove              func(ctx context.Context, acl api.NetBlockList) error            `perm:"admin"`
+		NetBlockList                func(ctx context.Context) (api.NetBlockList, error)              `perm:"read"`
 
 		ID      func(context.Context) (peer.ID, error)     `perm:"read"`
 		Version func(context.Context) (api.Version, error) `perm:"read"`
@@ -514,6 +517,18 @@ func (c *CommonStruct) NetBandwidthStatsByProtocol(ctx context.Context) (map[pro
 	return c.Internal.NetBandwidthStatsByProtocol(ctx)
 }
 
+func (c *CommonStruct) NetBlockAdd(ctx context.Context, acl api.NetBlockList) error {
+	return c.Internal.NetBlockAdd(ctx, acl)
+}
+
+func (c *CommonStruct) NetBlockRemove(ctx context.Context, acl api.NetBlockList) error {
+	return c.Internal.NetBlockRemove(ctx, acl)
+}
+
+func (c *CommonStruct) NetBlockList(ctx context.Context) (api.NetBlockList, error) {
+	return c.Internal.NetBlockList(ctx)
+}
+
 func (c *CommonStruct) NetAgentVersion(ctx context.Context, p peer.ID) (string, error) {
 	return c.Internal.NetAgentVersion(ctx, p)
 }

diff --git a/api/types.go b/api/types.go
@@ -125,3 +125,9 @@ type ExpertInfo struct {
 	PeerId     peer.ID
 	Multiaddrs []abi.Multiaddrs
 }
+
+type NetBlockList struct {
+	Peers     []peer.ID
+	IPAddrs   []string
+	IPSubnets []string
+}
diff --git a/cli/net.go b/cli/net.go
@@ -18,6 +18,7 @@ import (
 
 	"github.com/filecoin-project/go-address"
 
+	atypes "github.com/EpiK-Protocol/go-epik/api"
 	"github.com/EpiK-Protocol/go-epik/chain/types"
 	"github.com/EpiK-Protocol/go-epik/lib/addrutil"
 )
@@ -34,6 +35,7 @@ var netCmd = &cli.Command{
 		netScores,
 		NetReachability,
 		NetBandwidthCmd,
+		NetBlockCmd,
 	},
 }
 
@@ -375,3 +377,202 @@ var NetBandwidthCmd = &cli.Command{
 
 	},
 }
+
+var NetBlockCmd = &cli.Command{
+	Name:  "block",
+	Usage: "Manage network connection gating rules",
+	Subcommands: []*cli.Command{
+		NetBlockAddCmd,
+		NetBlockRemoveCmd,
+		NetBlockListCmd,
+	},
+}
+
+var NetBlockAddCmd = &cli.Command{
+	Name:  "add",
+	Usage: "Add connection gating rules",
+	Subcommands: []*cli.Command{
+		NetBlockAddPeer,
+		NetBlockAddIP,
+		NetBlockAddSubnet,
+	},
+}
+
+var NetBlockAddPeer = &cli.Command{
+	Name:      "peer",
+	Usage:     "Block a peer",
+	ArgsUsage: "<Peer> ...",
+	Action: func(cctx *cli.Context) error {
+		api, closer, err := GetAPI(cctx)
+		if err != nil {
+			return err
+		}
+		defer closer()
+		ctx := ReqContext(cctx)
+
+		var peers []peer.ID
+		for _, s := range cctx.Args().Slice() {
+			p, err := peer.Decode(s)
+			if err != nil {
+				return err
+			}
+
+			peers = append(peers, p)
+		}
+
+		return api.NetBlockAdd(ctx, atypes.NetBlockList{Peers: peers})
+	},
+}
+
+var NetBlockAddIP = &cli.Command{
+	Name:      "ip",
+	Usage:     "Block an IP address",
+	ArgsUsage: "<IP> ...",
+	Action: func(cctx *cli.Context) error {
+		api, closer, err := GetAPI(cctx)
+		if err != nil {
+			return err
+		}
+		defer closer()
+		ctx := ReqContext(cctx)
+
+		return api.NetBlockAdd(ctx, atypes.NetBlockList{IPAddrs: cctx.Args().Slice()})
+	},
+}
+
+var NetBlockAddSubnet = &cli.Command{
+	Name:      "subnet",
+	Usage:     "Block an IP subnet",
+	ArgsUsage: "<CIDR> ...",
+	Action: func(cctx *cli.Context) error {
+		api, closer, err := GetAPI(cctx)
+		if err != nil {
+			return err
+		}
+		defer closer()
+		ctx := ReqContext(cctx)
+
+		return api.NetBlockAdd(ctx, atypes.NetBlockList{IPSubnets: cctx.Args().Slice()})
+	},
+}
+
+var NetBlockRemoveCmd = &cli.Command{
+	Name:  "remove",
+	Usage: "Remove connection gating rules",
+	Subcommands: []*cli.Command{
+		NetBlockRemovePeer,
+		NetBlockRemoveIP,
+		NetBlockRemoveSubnet,
+	},
+}
+
+var NetBlockRemovePeer = &cli.Command{
+	Name:      "peer",
+	Usage:     "Unblock a peer",
+	ArgsUsage: "<Peer> ...",
+	Action: func(cctx *cli.Context) error {
+		api, closer, err := GetAPI(cctx)
+		if err != nil {
+			return err
+		}
+		defer closer()
+		ctx := ReqContext(cctx)
+
+		var peers []peer.ID
+		for _, s := range cctx.Args().Slice() {
+			p, err := peer.Decode(s)
+			if err != nil {
+				return err
+			}
+
+			peers = append(peers, p)
+		}
+
+		return api.NetBlockRemove(ctx, atypes.NetBlockList{Peers: peers})
+	},
+}
+
+var NetBlockRemoveIP = &cli.Command{
+	Name:      "ip",
+	Usage:     "Unblock an IP address",
+	ArgsUsage: "<IP> ...",
+	Action: func(cctx *cli.Context) error {
+		api, closer, err := GetAPI(cctx)
+		if err != nil {
+			return err
+		}
+		defer closer()
+		ctx := ReqContext(cctx)
+
+		return api.NetBlockRemove(ctx, atypes.NetBlockList{IPAddrs: cctx.Args().Slice()})
+	},
+}
+
+var NetBlockRemoveSubnet = &cli.Command{
+	Name:      "subnet",
+	Usage:     "Unblock an IP subnet",
+	ArgsUsage: "<CIDR> ...",
+	Action: func(cctx *cli.Context) error {
+		api, closer, err := GetAPI(cctx)
+		if err != nil {
+			return err
+		}
+		defer closer()
+		ctx := ReqContext(cctx)
+
+		return api.NetBlockRemove(ctx, atypes.NetBlockList{IPSubnets: cctx.Args().Slice()})
+	},
+}
+
+var NetBlockListCmd = &cli.Command{
+	Name:  "list",
+	Usage: "list connection gating rules",
+	Action: func(cctx *cli.Context) error {
+		api, closer, err := GetAPI(cctx)
+		if err != nil {
+			return err
+		}
+		defer closer()
+		ctx := ReqContext(cctx)
+
+		acl, err := api.NetBlockList(ctx)
+		if err != nil {
+			return err
+		}
+
+		if len(acl.Peers) != 0 {
+			sort.Slice(acl.Peers, func(i, j int) bool {
+				return strings.Compare(string(acl.Peers[i]), string(acl.Peers[j])) > 0
+			})
+
+			fmt.Println("Blocked Peers:")
+			for _, p := range acl.Peers {
+				fmt.Printf("\t%s\n", p)
+			}
+		}
+
+		if len(acl.IPAddrs) != 0 {
+			sort.Slice(acl.IPAddrs, func(i, j int) bool {
+				return strings.Compare(acl.IPAddrs[i], acl.IPAddrs[j]) < 0
+			})
+
+			fmt.Println("Blocked IPs:")
+			for _, a := range acl.IPAddrs {
+				fmt.Printf("\t%s\n", a)
+			}
+		}
+
+		if len(acl.IPSubnets) != 0 {
+			sort.Slice(acl.IPSubnets, func(i, j int) bool {
+				return strings.Compare(acl.IPSubnets[i], acl.IPSubnets[j]) < 0
+			})
+
+			fmt.Println("Blocked Subnets:")
+			for _, n := range acl.IPSubnets {
+				fmt.Printf("\t%s\n", n)
+			}
+		}
+
+		return nil
+	},
+}
diff --git a/cmd/epik-shed/postfind.go b/cmd/epik-shed/postfind.go
@@ -3,12 +3,12 @@ package main
 import (
 	"fmt"
 
+	lapi "github.com/EpiK-Protocol/go-epik/api"
+	"github.com/EpiK-Protocol/go-epik/chain/types"
+	lcli "github.com/EpiK-Protocol/go-epik/cli"
 	"github.com/filecoin-project/go-address"
 	"github.com/filecoin-project/go-state-types/abi"
 	"github.com/filecoin-project/go-state-types/big"
-	lapi "github.com/filecoin-project/lotus/api"
-	"github.com/filecoin-project/lotus/chain/types"
-	lcli "github.com/filecoin-project/lotus/cli"
 	"github.com/filecoin-project/specs-actors/v2/actors/builtin"
 	"github.com/urfave/cli/v2"
 )

diff --git a/documentation/en/api-methods-miner.md b/documentation/en/api-methods-miner.md
@@ -53,6 +53,9 @@
   * [NetBandwidthStats](#NetBandwidthStats)
   * [NetBandwidthStatsByPeer](#NetBandwidthStatsByPeer)
   * [NetBandwidthStatsByProtocol](#NetBandwidthStatsByProtocol)
+  * [NetBlockAdd](#NetBlockAdd)
+  * [NetBlockList](#NetBlockList)
+  * [NetBlockRemove](#NetBlockRemove)
   * [NetConnect](#NetConnect)
   * [NetConnectedness](#NetConnectedness)
   * [NetDisconnect](#NetDisconnect)
@@ -798,6 +801,58 @@ Response:
 }
 ```
 
+### NetBlockAdd
+
+
+Perms: admin
+
+Inputs:
+```json
+[
+  {
+    "Peers": null,
+    "IPAddrs": null,
+    "IPSubnets": null
+  }
+]
+```
+
+Response: `{}`
+
+### NetBlockList
+
+
+Perms: read
+
+Inputs: `null`
+
+Response:
+```json
+{
+  "Peers": null,
+  "IPAddrs": null,
+  "IPSubnets": null
+}
+```
+
+### NetBlockRemove
+
+
+Perms: admin
+
+Inputs:
+```json
+[
+  {
+    "Peers": null,
+    "IPAddrs": null,
+    "IPSubnets": null
+  }
+]
+```
+
+Response: `{}`
+
 ### NetConnect