prysm-pulse/beacon-chain/p2p/connection_gater.go

package p2p

import (
	"net"
	"runtime"

	"github.com/libp2p/go-libp2p-core/control"
	"github.com/libp2p/go-libp2p-core/network"
	"github.com/libp2p/go-libp2p-core/peer"
	"github.com/multiformats/go-multiaddr"
	manet "github.com/multiformats/go-multiaddr/net"
	"github.com/sirupsen/logrus"
)

const (
	// Limit for rate limiter when processing new inbound dials.
	ipLimit = 4

	// Burst limit for inbound dials.
	ipBurst = 8

	// High watermark buffer signifies the buffer till which
	// we will handle inbound requests.
	highWatermarkBuffer = 10
)

// InterceptPeerDial tests whether we're permitted to Dial the specified peer.
func (s *Service) InterceptPeerDial(_ peer.ID) (allow bool) {
	return true
}

// InterceptAddrDial tests whether we're permitted to dial the specified
// multiaddr for the given peer.
func (s *Service) InterceptAddrDial(pid peer.ID, m multiaddr.Multiaddr) (allow bool) {
	// Disallow bad peers from dialing in.
	if s.peers.IsBad(pid) {
		return false
	}
	return filterConnections(s.addrFilter, m)
}

// InterceptAccept checks whether the incidental inbound connection is allowed.
func (s *Service) InterceptAccept(n network.ConnMultiaddrs) (allow bool) {
	if !s.validateDial(n.RemoteMultiaddr()) {
		// Allow other go-routines to run in the event
		// we receive a large amount of junk connections.
		runtime.Gosched()
		log.WithFields(logrus.Fields{"peer": n.RemoteMultiaddr(),
			"reason": "exceeded dial limit"}).Trace("Not accepting inbound dial from ip address")
		return false
	}
	if s.isPeerAtLimit(true /* inbound */) {
		log.WithFields(logrus.Fields{"peer": n.RemoteMultiaddr(),
			"reason": "at peer limit"}).Trace("Not accepting inbound dial")
		return false
	}
	return filterConnections(s.addrFilter, n.RemoteMultiaddr())
}

// InterceptSecured tests whether a given connection, now authenticated,
// is allowed.
func (s *Service) InterceptSecured(_ network.Direction, _ peer.ID, _ network.ConnMultiaddrs) (allow bool) {
	return true
}

// InterceptUpgraded tests whether a fully capable connection is allowed.
func (s *Service) InterceptUpgraded(_ network.Conn) (allow bool, reason control.DisconnectReason) {
	return true, 0
}

func (s *Service) validateDial(addr multiaddr.Multiaddr) bool {
	ip, err := manet.ToIP(addr)
	if err != nil {
		return false
	}
	remaining := s.ipLimiter.Remaining(ip.String())
	if remaining <= 0 {
		return false
	}
	s.ipLimiter.Add(ip.String(), 1)
	return true
}

// configureFilter looks at the provided allow lists and
// deny lists to appropriately create a filter.
func configureFilter(cfg *Config) (*multiaddr.Filters, error) {
	addrFilter := multiaddr.NewFilters()
	// Configure from provided allow list in the config.
	if cfg.AllowListCIDR != "" {
		_, ipnet, err := net.ParseCIDR(cfg.AllowListCIDR)
		if err != nil {
			return nil, err
		}
		addrFilter.AddFilter(*ipnet, multiaddr.ActionAccept)
	}
	// Configure from provided deny list in the config.
	if len(cfg.DenyListCIDR) > 0 {
		for _, cidr := range cfg.DenyListCIDR {
			_, ipnet, err := net.ParseCIDR(cidr)
			if err != nil {
				return nil, err
			}
			addrFilter.AddFilter(*ipnet, multiaddr.ActionDeny)
		}
	}
	return addrFilter, nil
}

// filterConnections checks the appropriate ip subnets from our
// filter and decides what to do with them. By default libp2p
// accepts all incoming dials, so if we have an allow list
// we will reject all inbound dials except for those in the
// appropriate ip subnets.
func filterConnections(f *multiaddr.Filters, a multiaddr.Multiaddr) bool {
	acceptedNets := f.FiltersForAction(multiaddr.ActionAccept)
	restrictConns := len(acceptedNets) != 0

	// If we have an allow list added in, we by default reject all
	// connection attempts except for those coming in from the
	// appropriate ip subnets.
	if restrictConns {
		ip, err := manet.ToIP(a)
		if err != nil {
			log.Tracef("Multiaddress has invalid ip: %v", err)
			return false
		}
		found := false
		for _, ipnet := range acceptedNets {
			if ipnet.Contains(ip) {
				found = true
				break
			}
		}
		return found
	}
	return !f.AddrBlocked(a)
}
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`package p2p`

			`import (`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00			`"net"`
Harden Against DOS Attacks (#6780) * harden * gaz * trace log * Update beacon-chain/p2p/service.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * yield go-routine * Merge refs/heads/master into hardenAgainstDOS * Merge branch 'hardenAgainstDOS' of https://github.com/prysmaticlabs/geth-sharding into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS 2020-07-30 18:42:22 +00:00			`"runtime"`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`"github.com/libp2p/go-libp2p-core/control"`
			`"github.com/libp2p/go-libp2p-core/network"`
			`"github.com/libp2p/go-libp2p-core/peer"`
			`"github.com/multiformats/go-multiaddr"`
update deprecated multiaddr package (#8022) 2020-12-02 19:21:43 +00:00			`manet "github.com/multiformats/go-multiaddr/net"`
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`"github.com/sirupsen/logrus"`
			`)`

Add Buffer For Inbound Peers (#8018) * allow inbound peers * comment * gaz * gaz * Update deps.bzl Co-authored-by: Shay Zluf <thezluf@gmail.com> * add test * re-arrange imports * fix up * fix tests * gaz * Update beacon-chain/p2p/service_test.go * fmt Co-authored-by: Victor Farazdagi <simple.square@gmail.com> Co-authored-by: Shay Zluf <thezluf@gmail.com> Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> 2020-12-02 16:45:28 +00:00			`const (`
			`// Limit for rate limiter when processing new inbound dials.`
			`ipLimit = 4`
Harden Against DOS Attacks (#6780) * harden * gaz * trace log * Update beacon-chain/p2p/service.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * yield go-routine * Merge refs/heads/master into hardenAgainstDOS * Merge branch 'hardenAgainstDOS' of https://github.com/prysmaticlabs/geth-sharding into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS 2020-07-30 18:42:22 +00:00
Add Buffer For Inbound Peers (#8018) * allow inbound peers * comment * gaz * gaz * Update deps.bzl Co-authored-by: Shay Zluf <thezluf@gmail.com> * add test * re-arrange imports * fix up * fix tests * gaz * Update beacon-chain/p2p/service_test.go * fmt Co-authored-by: Victor Farazdagi <simple.square@gmail.com> Co-authored-by: Shay Zluf <thezluf@gmail.com> Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> 2020-12-02 16:45:28 +00:00			`// Burst limit for inbound dials.`
			`ipBurst = 8`

			`// High watermark buffer signifies the buffer till which`
			`// we will handle inbound requests.`
			`highWatermarkBuffer = 10`
			`)`
Harden Against DOS Attacks (#6780) * harden * gaz * trace log * Update beacon-chain/p2p/service.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * yield go-routine * Merge refs/heads/master into hardenAgainstDOS * Merge branch 'hardenAgainstDOS' of https://github.com/prysmaticlabs/geth-sharding into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS 2020-07-30 18:42:22 +00:00
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`// InterceptPeerDial tests whether we're permitted to Dial the specified peer.`
Various code inspection resolutions (#7438) * remove unused code * remove defer use in loop * Remove unused methods and constants * gofmt and gaz * nilness check * remove unused args * Add TODO for refactoring subscribeWithBase to remove unused arg. It seems too involved to include in this sweeping PR. https://github.com/prysmaticlabs/prysm/issues/7437 * replace empty slice declaration * Remove unnecessary type conversions * remove redundant type declaration * rename receivers to be consistent * Remove bootnode query tool. It is now obsolete by discv5 * Remove relay node. It is no longer used or supported * Revert "Remove relay node. It is no longer used or supported" This reverts commit 4bd7717334dad85ef4766ed9bc4da711fb5fa810. * Delete unused test directory * Delete unsupported gcp startup script * Delete old k8s script * build fixes * fix build * go mod tidy * revert slasher/db/kv/block_header.go * fix build * remove redundant nil check * combine func args Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Victor Farazdagi <simple.square@gmail.com> 2020-10-12 08:11:05 +00:00			`func (s *Service) InterceptPeerDial(_ peer.ID) (allow bool) {`
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`return true`
			`}`

			`// InterceptAddrDial tests whether we're permitted to dial the specified`
			`// multiaddr for the given peer.`
Clean Up GoodByes (#7790) * clean up * cleanup * fix * fix tests * change * deepsource * fix test 2020-11-13 12:58:13 +00:00			`func (s *Service) InterceptAddrDial(pid peer.ID, m multiaddr.Multiaddr) (allow bool) {`
			`// Disallow bad peers from dialing in.`
			`if s.peers.IsBad(pid) {`
			`return false`
			`}`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00			`return filterConnections(s.addrFilter, m)`
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`}`

Clean Up GoodByes (#7790) * clean up * cleanup * fix * fix tests * change * deepsource * fix test 2020-11-13 12:58:13 +00:00			`// InterceptAccept checks whether the incidental inbound connection is allowed.`
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`func (s *Service) InterceptAccept(n network.ConnMultiaddrs) (allow bool) {`
Harden Against DOS Attacks (#6780) * harden * gaz * trace log * Update beacon-chain/p2p/service.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * yield go-routine * Merge refs/heads/master into hardenAgainstDOS * Merge branch 'hardenAgainstDOS' of https://github.com/prysmaticlabs/geth-sharding into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS 2020-07-30 18:42:22 +00:00			`if !s.validateDial(n.RemoteMultiaddr()) {`
			`// Allow other go-routines to run in the event`
			`// we receive a large amount of junk connections.`
			`runtime.Gosched()`
			`log.WithFields(logrus.Fields{"peer": n.RemoteMultiaddr(),`
			`"reason": "exceeded dial limit"}).Trace("Not accepting inbound dial from ip address")`
			`return false`
			`}`
Add Buffer For Inbound Peers (#8018) * allow inbound peers * comment * gaz * gaz * Update deps.bzl Co-authored-by: Shay Zluf <thezluf@gmail.com> * add test * re-arrange imports * fix up * fix tests * gaz * Update beacon-chain/p2p/service_test.go * fmt Co-authored-by: Victor Farazdagi <simple.square@gmail.com> Co-authored-by: Shay Zluf <thezluf@gmail.com> Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> 2020-12-02 16:45:28 +00:00			`if s.isPeerAtLimit(true /* inbound */) {`
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`log.WithFields(logrus.Fields{"peer": n.RemoteMultiaddr(),`
			`"reason": "at peer limit"}).Trace("Not accepting inbound dial")`
			`return false`
			`}`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00			`return filterConnections(s.addrFilter, n.RemoteMultiaddr())`
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`}`

			`// InterceptSecured tests whether a given connection, now authenticated,`
			`// is allowed.`
Various code inspection resolutions (#7438) * remove unused code * remove defer use in loop * Remove unused methods and constants * gofmt and gaz * nilness check * remove unused args * Add TODO for refactoring subscribeWithBase to remove unused arg. It seems too involved to include in this sweeping PR. https://github.com/prysmaticlabs/prysm/issues/7437 * replace empty slice declaration * Remove unnecessary type conversions * remove redundant type declaration * rename receivers to be consistent * Remove bootnode query tool. It is now obsolete by discv5 * Remove relay node. It is no longer used or supported * Revert "Remove relay node. It is no longer used or supported" This reverts commit 4bd7717334dad85ef4766ed9bc4da711fb5fa810. * Delete unused test directory * Delete unsupported gcp startup script * Delete old k8s script * build fixes * fix build * go mod tidy * revert slasher/db/kv/block_header.go * fix build * remove redundant nil check * combine func args Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Victor Farazdagi <simple.square@gmail.com> 2020-10-12 08:11:05 +00:00			`func (s *Service) InterceptSecured(_ network.Direction, _ peer.ID, _ network.ConnMultiaddrs) (allow bool) {`
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`return true`
			`}`

			`// InterceptUpgraded tests whether a fully capable connection is allowed.`
Various code inspection resolutions (#7438) * remove unused code * remove defer use in loop * Remove unused methods and constants * gofmt and gaz * nilness check * remove unused args * Add TODO for refactoring subscribeWithBase to remove unused arg. It seems too involved to include in this sweeping PR. https://github.com/prysmaticlabs/prysm/issues/7437 * replace empty slice declaration * Remove unnecessary type conversions * remove redundant type declaration * rename receivers to be consistent * Remove bootnode query tool. It is now obsolete by discv5 * Remove relay node. It is no longer used or supported * Revert "Remove relay node. It is no longer used or supported" This reverts commit 4bd7717334dad85ef4766ed9bc4da711fb5fa810. * Delete unused test directory * Delete unsupported gcp startup script * Delete old k8s script * build fixes * fix build * go mod tidy * revert slasher/db/kv/block_header.go * fix build * remove redundant nil check * combine func args Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Victor Farazdagi <simple.square@gmail.com> 2020-10-12 08:11:05 +00:00			`func (s *Service) InterceptUpgraded(_ network.Conn) (allow bool, reason control.DisconnectReason) {`
Use Connection Gater to Manage Peer Connections (#6243) * use gater * Merge branch 'master' into connGater * Update beacon-chain/p2p/testing/p2p.go * fmt * gaz 2020-06-14 07:35:05 +00:00			`return true, 0`
			`}`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00
Harden Against DOS Attacks (#6780) * harden * gaz * trace log * Update beacon-chain/p2p/service.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * yield go-routine * Merge refs/heads/master into hardenAgainstDOS * Merge branch 'hardenAgainstDOS' of https://github.com/prysmaticlabs/geth-sharding into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS 2020-07-30 18:42:22 +00:00			`func (s *Service) validateDial(addr multiaddr.Multiaddr) bool {`
			`ip, err := manet.ToIP(addr)`
			`if err != nil {`
			`return false`
			`}`
			`remaining := s.ipLimiter.Remaining(ip.String())`
			`if remaining <= 0 {`
			`return false`
			`}`
			`s.ipLimiter.Add(ip.String(), 1)`
Reform Inbound Limit (#8465) * clean up * name * comment * change back Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> 2021-02-17 17:48:44 +00:00			`return true`
Harden Against DOS Attacks (#6780) * harden * gaz * trace log * Update beacon-chain/p2p/service.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * yield go-routine * Merge refs/heads/master into hardenAgainstDOS * Merge branch 'hardenAgainstDOS' of https://github.com/prysmaticlabs/geth-sharding into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS * Merge refs/heads/master into hardenAgainstDOS 2020-07-30 18:42:22 +00:00			`}`

Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00			`// configureFilter looks at the provided allow lists and`
			`// deny lists to appropriately create a filter.`
Remove duplicate package imports (#8104) * remove duplicate imports * remove unused lookupLimit Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> 2020-12-14 22:22:55 +00:00			`func configureFilter(cfg Config) (multiaddr.Filters, error) {`
			`addrFilter := multiaddr.NewFilters()`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00			`// Configure from provided allow list in the config.`
			`if cfg.AllowListCIDR != "" {`
			`_, ipnet, err := net.ParseCIDR(cfg.AllowListCIDR)`
			`if err != nil {`
			`return nil, err`
			`}`
Remove duplicate package imports (#8104) * remove duplicate imports * remove unused lookupLimit Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> 2020-12-14 22:22:55 +00:00			`addrFilter.AddFilter(*ipnet, multiaddr.ActionAccept)`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00			`}`
			`// Configure from provided deny list in the config.`
			`if len(cfg.DenyListCIDR) > 0 {`
			`for _, cidr := range cfg.DenyListCIDR {`
			`_, ipnet, err := net.ParseCIDR(cidr)`
			`if err != nil {`
			`return nil, err`
			`}`
Remove duplicate package imports (#8104) * remove duplicate imports * remove unused lookupLimit Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> 2020-12-14 22:22:55 +00:00			`addrFilter.AddFilter(*ipnet, multiaddr.ActionDeny)`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00			`}`
			`}`
			`return addrFilter, nil`
			`}`

			`// filterConnections checks the appropriate ip subnets from our`
			`// filter and decides what to do with them. By default libp2p`
			`// accepts all incoming dials, so if we have an allow list`
			`// we will reject all inbound dials except for those in the`
			`// appropriate ip subnets.`
Remove duplicate package imports (#8104) * remove duplicate imports * remove unused lookupLimit Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> 2020-12-14 22:22:55 +00:00			`func filterConnections(f *multiaddr.Filters, a multiaddr.Multiaddr) bool {`
			`acceptedNets := f.FiltersForAction(multiaddr.ActionAccept)`
Filter Peers Properly With Connection Gater (#6251) * add new filtering * add new tests * gaz * shay's review * Merge branch 'master' into fixFiltering 2020-06-14 14:47:58 +00:00			`restrictConns := len(acceptedNets) != 0`

			`// If we have an allow list added in, we by default reject all`
			`// connection attempts except for those coming in from the`
			`// appropriate ip subnets.`
			`if restrictConns {`
			`ip, err := manet.ToIP(a)`
			`if err != nil {`
			`log.Tracef("Multiaddress has invalid ip: %v", err)`
			`return false`
			`}`
			`found := false`
			`for _, ipnet := range acceptedNets {`
			`if ipnet.Contains(ip) {`
			`found = true`
			`break`
			`}`
			`}`
			`return found`
			`}`
			`return !f.AddrBlocked(a)`
			`}`