Flowee/thehub
1
Fork 0
Code Issues Pull Requests Releases 4 Wiki Activity
Files
master
thehub/hub/api/NetProtect.cpp
T
tomFlowee b4a3da2642 The 'Server' and 'Api' dirs are not libs 
These are technically static libs, but not in any way shared libs.
They are used solely only by this repo and really only by the hub.

Most important, no header files are installed and basically none of
the normal rules for reusable libraries are applied to these files.
2022-02-22 18:39:13 +01:00

80 lines
2.6 KiB
C++
Raw Permalink Blame History

/*
* This file is part of the Flowee project
* Copyright (C) 2021 Tom Zander <tom@flowee.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "NetProtect.h"
#include "NetworkConnection.h"
NetProtect::NetProtect(int maxHosts)
: m_maxHosts(maxHosts)
{
m_log.reserve(m_maxHosts * 4);
}
bool NetProtect::shouldAccept(const NetworkConnection &connection, uint32_t connectionTime)
{
EndPoint ep = connection.endPoint();
assert(!ep.ipAddress.is_unspecified()); // lets assume a cetain usage. Incoming named hosts is not supported (or likely)
if (ep.ipAddress.is_loopback())
return true;
for (const auto &ip : m_whitelist) {
if (ip == ep.ipAddress)
return true;
}
std::unique_lock<std::mutex> lock(m_lock);
int tier1, tier2, tier3, tier4;
tier1 = tier2 = tier3 = 0;
// iterate backwards. Newest are at the end
for (int i = static_cast<int>(m_log.size()) - 1; i >= 0; --i) {
const Connect &c = m_log.at(i);
const int diff = connectionTime - c.connectionTime;
assert(diff >= 0);
if (diff > 300) {
if (i > 20) {
// cut off, remove all old ones
for (int x = 0; x <= i; ++x) {
m_log.erase(m_log.begin());
}
}
break; // stop counting
}
if (c.ipAddress == ep.ipAddress) {
if (diff < 10)
++tier1;
else if (diff < 30)
++tier2;
else if (diff < 90)
++tier3;
}
}
bool ok = true;
// determine if the connects are coming in too fast, then we say "no".
if (tier1 >= 1) {// slow down bro
ok = tier1 == 1 && tier2 <= 1 && tier3 <= 2; // remember, tier-ints are not cumulative
}
if (ok)
m_log.push_back({ep.ipAddress, connectionTime});
return ok;
}
void NetProtect::addWhitelistedAddress(boost::asio::ip::address ipAddress)
{
m_whitelist.push_back(ipAddress);
}
Reference in New Issue View Git Blame Copy Permalink