Tezos_p2p.P2p_aclThis module implements four Access Control Lists:
peer_id greylist is a set of banned peers ids automatically added by the P2P layer.IP greylists use a time based GC to periodically remove entries from the table, while peer_id greylists are built using an LRU cache, where the least-recently grey-listed peer is evicted from the table when adding a new banned peer to a full cache. Other tables are user defined and static.
val create :
peer_id_size:int ->
ip_size:int ->
ip_cleanup_delay:Tezos_base.TzPervasives.Time.System.Span.t ->
tcreate ~peer_id_size ~ip_size is a set of four ACLs (see above) with the peer_id greylist being a LRU cache of size peer_id_size and the IP address greylist a bloom filter of size ip_size (expressed in KiB). Elements are (probabilistically) kept in the bloom filter for ip_cleanup_delay, the cleanup happens in a discrete way in sixteen steps.
val banned_addr : t -> Tezos_base.TzPervasives.P2p_addr.t -> boolbanned_addr t addr is true if addr is blacklisted or greylisted.
val unban_addr : t -> Tezos_base.TzPervasives.P2p_addr.t -> unitunban_addr t addr remove the address from both the blacklist of banned addresses and the greylist of addresses
val banned_peer : t -> Tezos_base.TzPervasives.P2p_peer.Id.t -> boolbanned_peer t peer_id is true if peer with id peer_id is blacklisted or greylisted.
val unban_peer : t -> Tezos_base.TzPervasives.P2p_peer.Id.t -> unitunban_peer t peer remove the peer from both the blacklist of banned peers and the greylist of peers
val clear : t -> unitclear t clears all four ACLs.
module IPGreylist : sig ... endmodule IPBlacklist : sig ... endmodule PeerBlacklist : sig ... endmodule PeerGreylist : sig ... end/
module Internal_for_tests : sig ... end