From 0fb6e0667f13cb65299f34556b5148181aa619e2 Mon Sep 17 00:00:00 2001
From: Steven Allen <steven@stebalien.com>
Date: Fri, 11 Oct 2024 14:01:29 -0700
Subject: [PATCH] test: disable NAT port mapping, outbound dials, inbound
 connections

My poor network. It deserves to be treated with respect and dignity and
doesn't deserve to be spammed.

1. Disable NAT port mapping. Because no, we don't want our integration
tests nodes to be reachable.
2. Disable all but a single localhost/quic transport. No need to do more
work than necessary.
3. Set the connection manager limits to be really high. This probably
doesn't matter, but there's no need to be killing connections in our
integration tests.
4. Reject all outbound dials to non-localhost addresses.
---
 itests/kit/ensemble.go  | 11 +++++++++
 itests/kit/node_opts.go | 52 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 63 insertions(+)

diff --git a/itests/kit/ensemble.go b/itests/kit/ensemble.go
index 1f0df3da75d..6d98304a4d0 100644
--- a/itests/kit/ensemble.go
+++ b/itests/kit/ensemble.go
@@ -16,6 +16,7 @@ import (
 	"github.com/google/uuid"
 	"github.com/ipfs/go-datastore"
 	"github.com/ipfs/go-datastore/namespace"
+	"github.com/libp2p/go-libp2p"
 	libp2pcrypto "github.com/libp2p/go-libp2p/core/crypto"
 	"github.com/libp2p/go-libp2p/core/peer"
 	mocknet "github.com/libp2p/go-libp2p/p2p/net/mock"
@@ -57,6 +58,7 @@ import (
 	"github.com/filecoin-project/lotus/node/config"
 	"github.com/filecoin-project/lotus/node/modules"
 	"github.com/filecoin-project/lotus/node/modules/dtypes"
+	"github.com/filecoin-project/lotus/node/modules/lp2p"
 	testing2 "github.com/filecoin-project/lotus/node/modules/testing"
 	"github.com/filecoin-project/lotus/node/repo"
 	"github.com/filecoin-project/lotus/storage/paths"
@@ -438,6 +440,13 @@ func (n *Ensemble) Start() *Ensemble {
 			node.If(full.options.disableLibp2p, node.MockHost(n.mn)),
 			node.Test(),
 
+			// If we're using real libp2p, disable outbound connections to all but localhost.
+			node.If(!full.options.disableLibp2p,
+				node.Override(node.ConnGaterKey, func() (opts lp2p.Libp2pOpts, err error) {
+					opts.Opts = append(opts.Opts, libp2p.ConnectionGater(new(loopbackConnGater)))
+					return
+				})),
+
 			// so that we subscribe to pubsub topics immediately
 			node.Override(new(dtypes.Bootstrapper), dtypes.Bootstrapper(true)),
 
@@ -707,6 +716,8 @@ func (n *Ensemble) Start() *Ensemble {
 			node.Repo(r),
 			node.Test(),
 
+			node.Override(node.DefaultTransportsKey, lp2p.QUIC),
+			node.Override(node.DefaultTransportsKey, lp2p.QUIC),
 			node.If(m.options.disableLibp2p, node.MockHost(n.mn)),
 			node.Override(new(v1api.RawFullNodeAPI), m.FullNode),
 			node.Override(new(*lotusminer.Miner), lotusminer.NewTestMiner(mineBlock, m.ActorAddr)),
diff --git a/itests/kit/node_opts.go b/itests/kit/node_opts.go
index 6a50e60ff79..9802ab41e27 100644
--- a/itests/kit/node_opts.go
+++ b/itests/kit/node_opts.go
@@ -2,10 +2,17 @@ package kit
 
 import (
 	"math"
+	"time"
 
 	"github.com/filecoin-project/go-f3/manifest"
 	"github.com/filecoin-project/go-state-types/abi"
 	"github.com/filecoin-project/go-state-types/big"
+	"github.com/libp2p/go-libp2p/core/connmgr"
+	"github.com/libp2p/go-libp2p/core/control"
+	"github.com/libp2p/go-libp2p/core/network"
+	"github.com/libp2p/go-libp2p/core/peer"
+	multiaddr "github.com/multiformats/go-multiaddr"
+	manet "github.com/multiformats/go-multiaddr/net"
 
 	"github.com/filecoin-project/lotus/build/buildconstants"
 	"github.com/filecoin-project/lotus/chain/lf3"
@@ -56,6 +63,40 @@ type nodeOpts struct {
 	workerName       string
 }
 
+// Libp2p connection gater that only allows outbound connections to loopback addresses.
+type loopbackConnGater struct{}
+
+// InterceptAccept implements connmgr.ConnectionGater.
+func (l *loopbackConnGater) InterceptAccept(network.ConnMultiaddrs) (allow bool) {
+	return true
+}
+
+// InterceptAddrDial implements connmgr.ConnectionGater.
+func (l *loopbackConnGater) InterceptAddrDial(p peer.ID, a multiaddr.Multiaddr) (allow bool) {
+	ip, err := manet.ToIP(a)
+	if err != nil {
+		return false
+	}
+	return ip.IsLoopback()
+}
+
+// InterceptPeerDial implements connmgr.ConnectionGater.
+func (l *loopbackConnGater) InterceptPeerDial(p peer.ID) (allow bool) {
+	return true
+}
+
+// InterceptSecured implements connmgr.ConnectionGater.
+func (l *loopbackConnGater) InterceptSecured(network.Direction, peer.ID, network.ConnMultiaddrs) (allow bool) {
+	return true
+}
+
+// InterceptUpgraded implements connmgr.ConnectionGater.
+func (l *loopbackConnGater) InterceptUpgraded(network.Conn) (allow bool, reason control.DisconnectReason) {
+	return true, 0
+}
+
+var _ connmgr.ConnectionGater = (*loopbackConnGater)(nil)
+
 // DefaultNodeOpts are the default options that will be applied to test nodes.
 var DefaultNodeOpts = nodeOpts{
 	balance:    big.Mul(big.NewInt(100000000), types.NewInt(buildconstants.FilecoinPrecision)),
@@ -69,6 +110,17 @@ var DefaultNodeOpts = nodeOpts{
 			cfg.Fevm.EnableEthRPC = true
 			cfg.Events.MaxFilterHeightRange = math.MaxInt64
 			cfg.Events.EnableActorEventsAPI = true
+
+			// Disable external networking ffs.
+			cfg.Libp2p.ListenAddresses = []string{
+				"/ip4/127.0.0.1/udp/0/quic-v1",
+			}
+			cfg.Libp2p.DisableNatPortMap = true
+
+			// Nerf the connection manager.
+			cfg.Libp2p.ConnMgrLow = 1024
+			cfg.Libp2p.ConnMgrHigh = 2048
+			cfg.Libp2p.ConnMgrGrace = config.Duration(time.Hour)
 			return nil
 		},
 	},