/**
* @file transport/gnunet-service-transport_blacklist.c
* @brief blacklisting implementation
- * @author Christian Grothoff
+ * @author Christian Grothoff, Matthias Wachs
+ * @details This is the blacklisting component of transport service. With
+ * blacklisting it is possible to deny connections to specific peers of
+ * to use a specific plugin to a specific peer. Peers can be blacklisted using
+ * the configuration or a blacklist client can be asked.
+ *
+ * To blacklist peers using the configuration you have to add a section to your
+ * configuration containing the peer id of the peer to blacklist and the plugin
+ * if required.
+ *
+ * Example:
+ * To blacklist connections to P565... on peer AG2P... using tcp add:
+ * [transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
+ * P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G = tcp
+ *
+ * To blacklist connections to P565... on peer AG2P... using all plugins add:
+ * [transport-blacklist-AG2PHES1BARB9IJCPAMJTFPVJ5V3A72S3F2A8SBUB8DAQ2V0O3V8G6G2JU56FHGFOHMQVKBSQFV98TCGTC3RJ1NINP82G0RC00N1520]
+ * P565723JO1C2HSN6J29TAQ22MN6CI8HTMUU55T0FUQG4CMDGGEQ8UCNBKUMB94GC8R9G4FB2SF9LDOBAJ6AMINBP4JHHDD6L7VD801G =
+ *
+ * You can also add a blacklist client usign the blacklist api. On a blacklist
+ * check, blacklisting first checks internally if the peer is blacklisted and
+ * if not, it asks the blacklisting clients. Clients are asked if it is OK to
+ * connect to a peer ID, the plugin is omitted.
+ *
+ * On blacklist check for (peer, plugin)
+ * - Do we have a local blacklist entry for this peer and this plugin?
+ * - YES: disallow connection
+ * - Do we have a local blacklist entry for this peer and all plugins?
+ * - YES: disallow connection
+ * - Does one of the clients disallow?
+ * - YES: disallow connection
+ *
*/
#include "platform.h"
#include "gnunet-service-transport.h"
#include "gnunet-service-transport_neighbours.h"
#include "transport.h"
-
/**
* Size of the blacklist hash map.
*/
static void
connect_timeout (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Peers not connected, next stage\n");
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Peers not connected, next stage\n");
timeout_task = GNUNET_SCHEDULER_NO_TASK;
stage_task = GNUNET_SCHEDULER_add_now (&run_stage, NULL);
}
char *sender_c = GNUNET_strdup (GNUNET_i2s (&p1->id));
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Test tries to connect peer %u (`%s') -> peer %u (`%s')\n",
p1->no, sender_c, p2->no, GNUNET_i2s (&p2->id));
GNUNET_free (sender_c);
if (GNUNET_SCHEDULER_NO_TASK != die_task)
GNUNET_SCHEDULER_cancel (die_task);
die_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT, &end_badly, NULL);
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Running stage %u\n", stage);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Running stage %u\n", stage);
if (0 == stage)
{
p2 = NULL;
}
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Done in stage %u: Peers %s and %s!\n", stage,
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Done in stage %u: Peers %s and %s!\n", stage,
(GNUNET_NO == started) ? "NOT STARTED" : "STARTED",
(GNUNET_YES == connected) ? "CONNECTED" : "NOT CONNECTED");
{
connected = GNUNET_NO;
stage = 0;
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Running test `%s'!\n", test_name);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Running test `%s'!\n", test_name);
stage_task = GNUNET_SCHEDULER_add_now (&run_stage, NULL);
}