@@ -486,6 +487,8 @@ void set_ip_filter(ip_filter const& filter);
connections based on their originating ip address. The default filter will allow
connections to any ip address. To build a set of rules for which addresses are
accepted and not, see
ip_filter.
+
Each time a peer is blocked because of the IP filter, a peer_blocked_alert is
+generated.
+
+
This alert is generated when a peer is blocked by the IP filter. It has the severity leve
+info. The ip member is the address that was blocked.
+
+struct peer_blocked_alert: alert
+{
+ peer_blocked_alert(address const& ip_
+ , std::string const& msg);
+
+ address ip;
+
+ virtual std::auto_ptr<alert> clone() const;
+};
+
+
The handle_alert class is defined in <libtorrent/alert.hpp>.
Examples usage:
diff --git a/docs/manual.rst b/docs/manual.rst
index c0af0d39b..211dfde74 100644
--- a/docs/manual.rst
+++ b/docs/manual.rst
@@ -345,6 +345,9 @@ connections based on their originating ip address. The default filter will allow
connections to any ip address. To build a set of rules for which addresses are
accepted and not, see ip_filter_.
+Each time a peer is blocked because of the IP filter, a peer_blocked_alert_ is
+generated.
+
status()
--------
@@ -2970,6 +2973,24 @@ resume file was rejected. It is generated at severity level ``warning``.
};
+peer_blocked_alert
+------------------
+
+This alert is generated when a peer is blocked by the IP filter. It has the severity leve
+``info``. The ``ip`` member is the address that was blocked.
+
+::
+
+ struct peer_blocked_alert: alert
+ {
+ peer_blocked_alert(address const& ip_
+ , std::string const& msg);
+
+ address ip;
+
+ virtual std::auto_ptr
clone() const;
+ };
+
dispatcher
----------
diff --git a/examples/client_test.cpp b/examples/client_test.cpp
index 7b89ae2a7..ed9c08e58 100644
--- a/examples/client_test.cpp
+++ b/examples/client_test.cpp
@@ -673,15 +673,16 @@ int main(int ac, char* av[])
if (line[0] == '#') continue;
int a, b, c, d;
char dummy;
- in >> a >> dummy >> b >> dummy >> c >> dummy >> d >> dummy;
+ std::stringstream ln(line);
+ ln >> a >> dummy >> b >> dummy >> c >> dummy >> d >> dummy;
address_v4 start((a << 24) + (b << 16) + (c << 8) + d);
- in >> a >> dummy >> b >> dummy >> c >> dummy >> d >> dummy;
+ ln >> a >> dummy >> b >> dummy >> c >> dummy >> d >> dummy;
address_v4 last((a << 24) + (b << 16) + (c << 8) + d);
int flags;
- in >> flags;
+ ln >> flags;
if (flags <= 127) flags = ip_filter::blocked;
else flags = 0;
- if (in.fail()) break;
+ if (ln.fail()) break;
filter.add_rule(start, last, flags);
}
ses.set_ip_filter(filter);
@@ -835,6 +836,10 @@ int main(int ac, char* av[])
{
event_string << "web seed '" << p->url << "': " << p->msg();
}
+ else if (peer_blocked_alert* p = dynamic_cast(a.get()))
+ {
+ event_string << "(" << p->ip << ") " << p->msg();
+ }
else
{
event_string << a->msg();
diff --git a/include/libtorrent/alert.hpp b/include/libtorrent/alert.hpp
index 759b66f29..b6b6711dc 100755
--- a/include/libtorrent/alert.hpp
+++ b/include/libtorrent/alert.hpp
@@ -57,7 +57,9 @@ POSSIBILITY OF SUCH DAMAGE.
#include "libtorrent/time.hpp"
#include "libtorrent/config.hpp"
-#define TORRENT_MAX_ALERT_TYPES 10
+#ifndef TORRENT_MAX_ALERT_TYPES
+#define TORRENT_MAX_ALERT_TYPES 15
+#endif
namespace libtorrent {
@@ -72,7 +74,7 @@ namespace libtorrent {
// a timestamp is automatically created in the constructor
ptime timestamp() const;
- const std::string& msg() const;
+ std::string const& msg() const;
severity_t severity() const;
@@ -112,57 +114,45 @@ namespace libtorrent {
struct void_;
- template<
- class Handler
- , BOOST_PP_ENUM_PARAMS(TORRENT_MAX_ALERT_TYPES, class T)
- >
+ template
void handle_alert_dispatch(
- const std::auto_ptr& alert_
- , const Handler& handler
- , const std::type_info& typeid_
- , BOOST_PP_ENUM_BINARY_PARAMS(TORRENT_MAX_ALERT_TYPES, T, *p))
+ const std::auto_ptr& alert_, const Handler& handler
+ , const std::type_info& typeid_
+ , BOOST_PP_ENUM_BINARY_PARAMS(TORRENT_MAX_ALERT_TYPES, T, *p))
{
if (typeid_ == typeid(T0))
handler(*static_cast(alert_.get()));
else
- handle_alert_dispatch(
- alert_
- , handler
- , typeid_
- , BOOST_PP_ENUM_SHIFTED_PARAMS(TORRENT_MAX_ALERT_TYPES, p), (void_*)0
- );
+ handle_alert_dispatch(alert_, handler, typeid_
+ , BOOST_PP_ENUM_SHIFTED_PARAMS(
+ TORRENT_MAX_ALERT_TYPES, p), (void_*)0);
}
template
void handle_alert_dispatch(
- const std::auto_ptr& alert_
- , const Handler& handler
- , const std::type_info& typeid_
- , BOOST_PP_ENUM_PARAMS(TORRENT_MAX_ALERT_TYPES, void_* BOOST_PP_INTERCEPT))
+ const std::auto_ptr& alert_
+ , const Handler& handler
+ , const std::type_info& typeid_
+ , BOOST_PP_ENUM_PARAMS(TORRENT_MAX_ALERT_TYPES, void_* BOOST_PP_INTERCEPT))
{
throw unhandled_alert();
}
} // namespace detail
- template<
- BOOST_PP_ENUM_PARAMS_WITH_A_DEFAULT(TORRENT_MAX_ALERT_TYPES, class T, detail::void_)
- >
+ template
struct TORRENT_EXPORT handle_alert
{
template
- handle_alert(
- const std::auto_ptr& alert_
- , const Handler& handler)
+ handle_alert(const std::auto_ptr& alert_
+ , const Handler& handler)
{
#define ALERT_POINTER_TYPE(z, n, text) (BOOST_PP_CAT(T, n)*)0
- detail::handle_alert_dispatch(
- alert_
- , handler
- , typeid(*alert_)
- , BOOST_PP_ENUM(TORRENT_MAX_ALERT_TYPES, ALERT_POINTER_TYPE, _)
- );
+ detail::handle_alert_dispatch(alert_, handler, typeid(*alert_)
+ , BOOST_PP_ENUM(TORRENT_MAX_ALERT_TYPES, ALERT_POINTER_TYPE, _));
#undef ALERT_POINTER_TYPE
}
diff --git a/include/libtorrent/alert_types.hpp b/include/libtorrent/alert_types.hpp
index 5935b2415..e3e23ad05 100755
--- a/include/libtorrent/alert_types.hpp
+++ b/include/libtorrent/alert_types.hpp
@@ -280,6 +280,20 @@ namespace libtorrent
{ return std::auto_ptr(new fastresume_rejected_alert(*this)); }
};
+ struct TORRENT_EXPORT peer_blocked_alert: alert
+ {
+ peer_blocked_alert(address const& ip_
+ , std::string const& msg)
+ : alert(alert::info, msg)
+ , ip(ip_)
+ {}
+
+ address ip;
+
+ virtual std::auto_ptr clone() const
+ { return std::auto_ptr(new peer_blocked_alert(*this)); }
+ };
+
}
diff --git a/src/session_impl.cpp b/src/session_impl.cpp
index 58418828c..7094fe34c 100755
--- a/src/session_impl.cpp
+++ b/src/session_impl.cpp
@@ -597,6 +597,12 @@ namespace libtorrent { namespace detail
#if defined(TORRENT_VERBOSE_LOGGING)
(*i->second->m_logger) << "*** CONNECTION FILTERED\n";
#endif
+ if (m_alerts.should_post(alert::info))
+ {
+ m_alerts.post_alert(peer_blocked_alert(sender.address()
+ , "peer connection closed by IP filter"));
+ }
+
session_impl::connection_map::iterator j = i;
++i;
j->second->disconnect();
@@ -767,7 +773,11 @@ namespace libtorrent { namespace detail
#if defined(TORRENT_VERBOSE_LOGGING) || defined(TORRENT_LOGGING)
(*m_logger) << "filtered blocked ip\n";
#endif
- // TODO: issue an info-alert when an ip is blocked!!
+ if (m_alerts.should_post(alert::info))
+ {
+ m_alerts.post_alert(peer_blocked_alert(endp.address()
+ , "incoming connection blocked by IP filter"));
+ }
return;
}
@@ -1018,15 +1028,13 @@ namespace libtorrent { namespace detail
catch (std::exception& exc)
{
#ifndef NDEBUG
- std::string err = exc.what();
+ std::cerr << exc.what() << std::endl;
+ assert(false);
#endif
}; // msvc 7.1 seems to require this
void session_impl::connection_completed(
- boost::intrusive_ptr const& p)
-#ifndef NDEBUG
- try
-#endif
+ boost::intrusive_ptr const& p) try
{
mutex_t::scoped_lock l(m_mutex);
@@ -1039,12 +1047,13 @@ namespace libtorrent { namespace detail
process_connection_queue();
}
-#ifndef NDEBUG
catch (std::exception& e)
{
+#ifndef NDEBUG
+ std::cerr << e.what() << std::endl;
assert(false);
- };
#endif
+ };
void session_impl::operator()()
{
diff --git a/src/torrent.cpp b/src/torrent.cpp
index c1e12aafb..39c9ec0a1 100755
--- a/src/torrent.cpp
+++ b/src/torrent.cpp
@@ -573,6 +573,12 @@ namespace libtorrent
#if defined(TORRENT_VERBOSE_LOGGING) || defined(TORRENT_LOGGING)
debug_log("blocked ip from tracker: " + i->ip);
#endif
+ if (m_ses.m_alerts.should_post(alert::info))
+ {
+ m_ses.m_alerts.post_alert(peer_blocked_alert(a.address()
+ , "peer from tracker blocked by IP filter"));
+ }
+
continue;
}
@@ -615,6 +621,12 @@ namespace libtorrent
#if defined(TORRENT_VERBOSE_LOGGING) || defined(TORRENT_LOGGING)
debug_log("blocked ip from tracker: " + host->endpoint().address().to_string());
#endif
+ if (m_ses.m_alerts.should_post(alert::info))
+ {
+ m_ses.m_alerts.post_alert(peer_blocked_alert(host->endpoint().address()
+ , "peer from tracker blocked by IP filter"));
+ }
+
return;
}
@@ -1394,13 +1406,6 @@ namespace libtorrent
if (m_ses.is_aborted()) return;
tcp::endpoint a(host->endpoint());
-
- if (m_ses.m_ip_filter.access(a.address()) & ip_filter::blocked)
- {
- // TODO: post alert: "proxy at " + a.address().to_string() + " (" + hostname + ") blocked by ip filter");
- return;
- }
-
std::string protocol;
std::string hostname;
int port;
@@ -1408,6 +1413,16 @@ namespace libtorrent
boost::tie(protocol, hostname, port, path)
= parse_url_components(url);
+ if (m_ses.m_ip_filter.access(a.address()) & ip_filter::blocked)
+ {
+ if (m_ses.m_alerts.should_post(alert::info))
+ {
+ m_ses.m_alerts.post_alert(peer_blocked_alert(a.address()
+ , "proxy (" + hostname + ") blocked by IP filter"));
+ }
+ return;
+ }
+
tcp::resolver::query q(hostname, boost::lexical_cast(port));
m_host_resolver.async_resolve(q, m_ses.m_strand.wrap(
bind(&torrent::on_name_lookup, shared_from_this(), _1, _2, url, a)));
@@ -1456,7 +1471,11 @@ namespace libtorrent
if (m_ses.m_ip_filter.access(a.address()) & ip_filter::blocked)
{
- // TODO: post alert: "web seed at " + a.address().to_string() + " blocked by ip filter");
+ if (m_ses.m_alerts.should_post(alert::info))
+ {
+ m_ses.m_alerts.post_alert(peer_blocked_alert(a.address()
+ , "web seed (" + url + ") blocked by IP filter"));
+ }
return;
}
@@ -1841,7 +1860,14 @@ namespace libtorrent
INVARIANT_CHECK;
tcp::endpoint const& a(peerinfo->ip);
if (m_ses.m_ip_filter.access(a.address()) & ip_filter::blocked)
+ {
+ if (m_ses.m_alerts.should_post(alert::info))
+ {
+ m_ses.m_alerts.post_alert(peer_blocked_alert(a.address()
+ , "peer connection blocked by IP filter"));
+ }
throw protocol_error(a.address().to_string() + " blocked by ip filter");
+ }
if (m_connections.find(a) != m_connections.end())
throw protocol_error("already connected to peer");