Skip to content
module

neo3.network.ipfilter

A module for filtering IPs via black and whitelists on P2P nodes (NeoNode).

A global instance ipfilter can be imported directly from the module and is taken into account by default in the NeoNode class when connections are established.

Classes
class

neo3.network.ipfilter.IPFilter()

Filtering rules.

  • The whitelist has precedence over the blacklist settings.
  • Host masks can be applied.
  • When using host masks do not set host bits (leave them to 0) or an exception will occur.

The following are configuration examples for common scenario's.

  1. Accept only specific trusted IPs.

    {
    'blacklist': [
        '0.0.0.0/0'
    ],
    'whitelist': [
        '10.10.10.10',
        '15.15.15.15'
    ]
}

  2. Accept only a range of trusted IPs.

    # Accepts any IP in the range of 10.10.10.0 - 10.10.10.255

{
    'blacklist': [
        '0.0.0.0/0'
    ],
    'whitelist': [
        '10.10.10.0/24',
    ]
}

  3. Accept all except specific IPs.

    # Can be used for banning bad actors

{
    'blacklist': [
        '12.12.12.12',
        '13.13.13.13'
    ],
    'whitelist': [
    ]
}
Methods
  • blacklist_add(address) Add an address that will not pass restriction checks.
  • blacklist_remove(address) Remove an address from the blacklist.
  • is_allowed(address) (bool) Test if a given address passes the configured restrictions.
  • load_config(config) Load filtering rules from a configuration object.
  • reset() Clear the filter rules.
  • whitelist_add(address) Add an address that will pass restriction checks.
  • whitelist_remove(address) Remove an address from the whitelist.
method

blacklist_add(address)

Add an address that will not pass restriction checks.

Parameters
  • address () an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>.
method

blacklist_remove(address)

Remove an address from the blacklist.

Parameters
  • address () an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>.
method

is_allowed(address) → bool

Test if a given address passes the configured restrictions.

Parameters
  • address () an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>.
method

load_config(config)

Load filtering rules from a configuration object.

Parameters
  • config (dict(str: list)) a _dictionary holding 2 keys, blacklist & whitelist, each having a:py:class:list <python:list> type value holding :py:class:str <python:str> type address es. See :ref:IPFilter examples. For address format refer to the :py:class:standard library <python:ipaddress.IPv4Network>.
Raises
  • ValueError if the required config keys are not found.
method

reset()

Clear the filter rules.

method

whitelist_add(address)

Add an address that will pass restriction checks.

Parameters
  • address () an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>.
method

whitelist_remove(address)

Remove an address from the whitelist.

Parameters
  • address () an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>.