Skip to content
This repository was archived by the owner on Nov 15, 2023. It is now read-only.

Enable --no-private-ipv4 by default for live chains #8642

Merged
3 commits merged into from
Apr 20, 2021
Merged

Enable --no-private-ipv4 by default for live chains #8642

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b349724
Enable --no-private-ipv4 by default for live chains
tomaka Apr 20, 2021
c6c27cb
Make the selection a bit easier to read
tomaka Apr 20, 2021
12ad30f
Update client/cli/src/params/network_params.rs
tomaka Apr 20, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 18 additions & 4 deletions client/cli/src/params/network_params.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,12 +64,19 @@ pub struct NetworkParams {
#[structopt(long = "port", value_name = "PORT", conflicts_with_all = &[ "listen-addr" ])]
pub port: Option<u16>,

/// Forbid connecting to private IPv4 addresses (as specified in
/// Always forbid connecting to private IPv4 addresses (as specified in
/// [RFC1918](https://tools.ietf.org/html/rfc1918)), unless the address was passed with
/// `--reserved-nodes` or `--bootnodes`.
#[structopt(long = "no-private-ipv4")]
/// `--reserved-nodes` or `--bootnodes`. Enabled by default for chains marked as "live" in
/// their chain specifications.
#[structopt(long = "no-private-ipv4", conflicts_with_all = &["allow-private-ipv4"])]
pub no_private_ipv4: bool,

/// Always accept connecting to private IPv4 addresses (as specified in
/// [RFC1918](https://tools.ietf.org/html/rfc1918)). Enabled by default for chains marked as
/// "local" in their chain specifications, or when `--dev` is passed.
#[structopt(long = "allow-private-ipv4", conflicts_with_all = &["no-private-ipv4"])]
pub allow_private_ipv4: bool,

/// Specify the number of outgoing connections we're trying to maintain.
#[structopt(long = "out-peers", value_name = "COUNT", default_value = "25")]
pub out_peers: u32,
Expand Down Expand Up @@ -173,6 +180,13 @@ impl NetworkParams {
|| is_dev
|| matches!(chain_type, ChainType::Local | ChainType::Development);

let allow_private_ipv4 = match (self.allow_private_ipv4, self.no_private_ipv4) {
(true, true) => unreachable!("`*_private_ipv4` flags are mutually exclusive; qed"),
(true, false) => true,
(false, true) => false,
(false, false) => is_dev || matches!(chain_type, ChainType::Local | ChainType::Development),
};

NetworkConfiguration {
boot_nodes,
net_config_path,
Expand All @@ -195,7 +209,7 @@ impl NetworkParams {
client_version: client_id.to_string(),
transport: TransportConfig::Normal {
enable_mdns: !is_dev && !self.no_mdns,
allow_private_ipv4: !self.no_private_ipv4,
allow_private_ipv4,
wasm_external_transport: None,
},
max_parallel_downloads: self.max_parallel_downloads,
Expand Down