module
neo3.network.ipfilter
A module for filtering IPs via black and whitelists on P2P nodes (NeoNode
).
A global instance ipfilter
can be imported directly from the module and is taken into account by default in the
NeoNode
class when connections are established.
Classes
IPFilter
— Filtering rules.
class
neo3.network.ipfilter.
IPFilter
(
)
Filtering rules.
- The whitelist has precedence over the blacklist settings.
- Host masks can be applied.
- When using host masks do not set host bits (leave them to 0) or an exception will occur.
The following are configuration
examples for common scenario's.
-
Accept only specific trusted IPs.
{ 'blacklist': [ '0.0.0.0/0' ], 'whitelist': [ '10.10.10.10', '15.15.15.15' ] }
-
Accept only a range of trusted IPs.
# Accepts any IP in the range of 10.10.10.0 - 10.10.10.255 { 'blacklist': [ '0.0.0.0/0' ], 'whitelist': [ '10.10.10.0/24', ] }
-
Accept all except specific IPs.
# Can be used for banning bad actors { 'blacklist': [ '12.12.12.12', '13.13.13.13' ], 'whitelist': [ ] }
Methods
blacklist_add
(
address
)
— Add an address that will not pass restriction checks.blacklist_remove
(
address
)
— Remove an address from the blacklist.is_allowed
(
address
)
(bool) — Test if a given address passes the configured restrictions.load_config
(
config
)
— Load filtering rules from a configuration object.reset
(
)
— Clear the filter rules.whitelist_add
(
address
)
— Add an address that will pass restriction checks.whitelist_remove
(
address
)
— Remove an address from the whitelist.
method
blacklist_add
(
address
)
Add an address that will not pass restriction checks.
Parameters
address
() — an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>
.
method
blacklist_remove
(
address
)
Remove an address from the blacklist.
Parameters
address
() — an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>
.
method
is_allowed
(
address
)
→ bool
Test if a given address passes the configured restrictions.
Parameters
address
() — an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>
.
method
load_config
(
config
)
Load filtering rules from a configuration object.
Parameters
config
(dict(str: list)) — a _dictionary holding 2 keys,blacklist
&whitelist
, each having a:py:class:list <python:list>
type value holding :py:class:str <python:str>
typeaddress
es. See :ref:IPFilter examples
. Foraddress
format refer to the :py:class:standard library <python:ipaddress.IPv4Network>
.
Raises
ValueError
— if the required config keys are not found.
method
reset
(
)
Clear the filter rules.
method
whitelist_add
(
address
)
Add an address that will pass restriction checks.
Parameters
address
() — an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>
.
method
whitelist_remove
(
address
)
Remove an address from the whitelist.
Parameters
address
() — an IPv4 address as defined in the :py:class:standard library <python:ipaddress.IPv4Network>
.