package octez-shell-libs
Install
Dune Dependency
Authors
Maintainers
Sources
sha256=aa2f5bc99cc4ca2217c52a1af2a2cdfd3b383208cb859ca2e79ca0903396ca1d
sha512=d68bb3eb615e3dcccc845fddfc9901c95b3c6dc8e105e39522ce97637b1308a7fa7aa1d271351d5933febd7476b2819e1694f31198f1f0919681f1f9cc97cb3a
doc/octez-shell-libs.p2p/Tezos_p2p/P2p_acl/index.html
Module Tezos_p2p.P2p_aclSource
This module implements four Access Control Lists:
- IP greylist is a set of banned IP addresses automatically added by the P2P layer.
peer_idgreylist is a set of banned peers ids automatically added by the P2P layer.
- IP blacklist is a set of IP addresses manually added by the node admin.
- peers blacklist is a set of peers ids manually added by the node admin.
IP greylists use a time based GC to periodically remove entries from the table, while peer_id greylists are built using an LRU cache, where the least-recently grey-listed peer is evicted from the table when adding a new banned peer to a full cache. Other tables are user defined and static.
val create :
peer_id_size:int ->
ip_size:int ->
ip_cleanup_delay:Tezos_base.TzPervasives.Time.System.Span.t ->
tcreate ~peer_id_size ~ip_size is a set of four ACLs (see above) with the peer_id greylist being a LRU cache of size peer_id_size and the IP address greylist a bloom filter of size ip_size (expressed in KiB). Elements are (probabilistically) kept in the bloom filter for ip_cleanup_delay, the cleanup happens in a discrete way in sixteen steps.
banned_addr t addr is true if addr is blacklisted or greylisted.
unban_addr t addr remove the address from both the blacklist of banned addresses and the greylist of addresses
banned_peer t peer_id is true if peer with id peer_id is blacklisted or greylisted.
unban_peer t peer remove the peer from both the blacklist of banned peers and the greylist of peers
/