1 /*
2 
3 Copyright (c) 2006-2018, Arvid Norberg
4 All rights reserved.
5 
6 Redistribution and use in source and binary forms, with or without
7 modification, are permitted provided that the following conditions
8 are met:
9 
10     * Redistributions of source code must retain the above copyright
11       notice, this list of conditions and the following disclaimer.
12     * Redistributions in binary form must reproduce the above copyright
13       notice, this list of conditions and the following disclaimer in
14       the documentation and/or other materials provided with the distribution.
15     * Neither the name of the author nor the names of its
16       contributors may be used to endorse or promote products derived
17       from this software without specific prior written permission.
18 
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
20 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
23 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 POSSIBILITY OF SUCH DAMAGE.
30 
31 */
32 
33 #include "libtorrent/kademlia/dos_blocker.hpp"
34 
35 #ifndef TORRENT_DISABLE_LOGGING
36 #include "libtorrent/socket_io.hpp" // for print_address
37 #include "libtorrent/kademlia/dht_observer.hpp" // for dht_logger
38 #endif
39 
40 namespace libtorrent { namespace dht {
41 
dos_blocker()42 	dos_blocker::dos_blocker()
43 		: m_message_rate_limit(5)
44 		, m_block_timeout(5 * 60)
45 	{
46 		for (auto& e : m_ban_nodes)
47 		{
48 			e.count = 0;
49 			e.limit = min_time();
50 		}
51 	}
52 
incoming(address const & addr,time_point const now,dht_logger * logger)53 	bool dos_blocker::incoming(address const& addr, time_point const now, dht_logger* logger)
54 	{
55 		TORRENT_UNUSED(logger);
56 		node_ban_entry* match = nullptr;
57 		node_ban_entry* min = m_ban_nodes;
58 		for (node_ban_entry* i = m_ban_nodes; i < m_ban_nodes + num_ban_nodes; ++i)
59 		{
60 			if (i->src == addr)
61 			{
62 				match = i;
63 				break;
64 			}
65 			if (i->count < min->count) min = i;
66 			else if (i->count == min->count
67 				&& i->limit < min->limit) min = i;
68 		}
69 
70 		if (match)
71 		{
72 			++match->count;
73 
74 			if (match->count >= m_message_rate_limit * 10)
75 			{
76 				if (now < match->limit)
77 				{
78 					if (match->count == m_message_rate_limit * 10)
79 					{
80 #ifndef TORRENT_DISABLE_LOGGING
81 						if (logger != nullptr && logger->should_log(dht_logger::tracker))
82 						{
83 							logger->log(dht_logger::tracker, "BANNING PEER [ ip: %s time: %d ms count: %d ]"
84 								, print_address(addr).c_str()
85 								, int(total_milliseconds((now - match->limit) + seconds(10)))
86 								, match->count);
87 						}
88 #else
89 						TORRENT_UNUSED(logger);
90 #endif // TORRENT_DISABLE_LOGGING
91 						// we've received too many messages in less than 10 seconds
92 						// from this node. Ignore it until it's silent for 5 minutes
93 						match->limit = now + seconds(m_block_timeout);
94 					}
95 
96 					return false;
97 				}
98 
99 				// the messages we received from this peer took more than 10
100 				// seconds. Reset the counter and the timer
101 				match->count = 0;
102 				match->limit = now + seconds(10);
103 			}
104 		}
105 		else
106 		{
107 			min->count = 1;
108 			min->limit = now + seconds(10);
109 			min->src = addr;
110 		}
111 		return true;
112 	}
113 }}
114