This repository has been archived by the owner on Nov 6, 2020. It is now read-only.
Refactor --allow-ips to handle custom ip-ranges #6144
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 15 commits
July 17, 2017 20:03
100.64.0.0/10 and 240.0.0.0/4 are both reserved but not currently filtered.
192.0.0.0/24 - Used for the IANA IPv4 Special Purpose Address Registry
* Add checks for all ipv4 special use addresses * Add comprehensive ipv4 test cases
* Add IpFilter struct to wrap predefined filter (AllowIP) with custom allow/block filters. * Refactor parsing of --allow-ips to handle custom filters. * Move AllowIP/IpFilter from ethsync to ethcore-network where they are used.
* Add "none" as a valid argument for --allow-ips to allow narrow custom ranges, eg.: --allow-ips="none 10.0.0.0/8" * Add tests for parsing filter arguments and node endpoints. * Add ipnetwork crate to dev dependencies for testing.
sjeohp-zz
added
A0-pleasereview 🤓
|
Please re-format changed files to use tabs instead of spaces. We use tabs consistently in our codebase. The only exception is |
arkpar
reviewed
Jul 26, 2017
util/network/src/lib.rs
Outdated
| } | ||
|
|
||
| impl IpFilter { | ||
| pub fn new() -> IpFilter { |
There was a problem hiding this comment.
I'd name it default or none or empty to show that it creates an empty filter
arkpar
reviewed
Jul 26, 2017
util/network/src/lib.rs
Outdated
| "none" => filter.predefined = AllowIP::Non, | ||
| custom => { | ||
| if custom.starts_with("-") { | ||
| match IpNetwork::from_str(&custom.to_owned().split_off(1)) { |
There was a problem hiding this comment.
Could be just filter.custom_block.push(IpNetwork::from_str(&custom.to_owned().split_off(1)?); Same for the match below.
arkpar
reviewed
Jul 26, 2017
util/network/src/lib.rs
Outdated
| pub enum AllowIP { | ||
| /// Connect to any address | ||
| All, | ||
| /// Connect to private network only | ||
| Private, | ||
| /// Connect to public network only | ||
| Public, | ||
|
|
||
| Non, |
There was a problem hiding this comment.
No, I didn't want it to be confused with Option::None but reading it now I can see that it might be more confusing :-p
|
Looks great apart from minor style issues. |
arkpar
added
A5-grumble 🔥
sjeohp-zz
added
A0-pleasereview 🤓
sjeohp-zz
added
A3-inprogress ⏳
added 2 commits
July 27, 2017 13:36
sjeohp-zz
added
A0-pleasereview 🤓
arkpar
added
A8-looksgood 🦄
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Filter some additional reserved ranges from the predefined
publicandprivatelists, as in #5872. Also:--allow-ips FILTERsupports everything it did before but accepts more args:Accepts one predefined symbol (public, private, all, or none) and unlimited custom ranges. Could potentially support combinations of predefined like "public private ..." but not sure it would be useful/worthwhile.