Compare commits
No commits in common. "master" and "202101_no_strlen" have entirely different histories.
master
...
202101_no_
9 changed files with 109 additions and 168 deletions
66
README
Normal file
66
README
Normal file
|
@ -0,0 +1,66 @@
|
||||||
|
bitcoin-seeder
|
||||||
|
==============
|
||||||
|
|
||||||
|
Bitcoin-seeder is a crawler for the Bitcoin network, which exposes a list
|
||||||
|
of reliable nodes via a built-in DNS server.
|
||||||
|
|
||||||
|
Features:
|
||||||
|
* regularly revisits known nodes to check their availability
|
||||||
|
* bans nodes after enough failures, or bad behaviour
|
||||||
|
* accepts nodes down to v0.3.19 to request new IP addresses from,
|
||||||
|
but only reports good post-v0.3.24 nodes.
|
||||||
|
* keeps statistics over (exponential) windows of 2 hours, 8 hours,
|
||||||
|
1 day and 1 week, to base decisions on.
|
||||||
|
* very low memory (a few tens of megabytes) and cpu requirements.
|
||||||
|
* crawlers run in parallel (by default 24 threads simultaneously).
|
||||||
|
|
||||||
|
REQUIREMENTS
|
||||||
|
------------
|
||||||
|
|
||||||
|
$ sudo apt-get install build-essential libboost-all-dev libssl-dev
|
||||||
|
|
||||||
|
USAGE
|
||||||
|
-----
|
||||||
|
|
||||||
|
Assuming you want to run a dns seed on dnsseed.example.com, you will
|
||||||
|
need an authorative NS record in example.com's domain record, pointing
|
||||||
|
to for example vps.example.com:
|
||||||
|
|
||||||
|
$ dig -t NS dnsseed.example.com
|
||||||
|
|
||||||
|
;; ANSWER SECTION
|
||||||
|
dnsseed.example.com. 86400 IN NS vps.example.com.
|
||||||
|
|
||||||
|
On the system vps.example.com, you can now run dnsseed:
|
||||||
|
|
||||||
|
./dnsseed -h dnsseed.example.com -n vps.example.com
|
||||||
|
|
||||||
|
If you want the DNS server to report SOA records, please provide an
|
||||||
|
e-mail address (with the @ part replaced by .) using -m.
|
||||||
|
|
||||||
|
COMPILING
|
||||||
|
---------
|
||||||
|
Compiling will require boost and ssl. On debian systems, these are provided
|
||||||
|
by `libboost-dev` and `libssl-dev` respectively.
|
||||||
|
|
||||||
|
$ make
|
||||||
|
|
||||||
|
This will produce the `dnsseed` binary.
|
||||||
|
|
||||||
|
|
||||||
|
RUNNING AS NON-ROOT
|
||||||
|
-------------------
|
||||||
|
|
||||||
|
Typically, you'll need root privileges to listen to port 53 (name service).
|
||||||
|
|
||||||
|
One solution is using an iptables rule (Linux only) to redirect it to
|
||||||
|
a non-privileged port:
|
||||||
|
|
||||||
|
$ iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-port 5353
|
||||||
|
|
||||||
|
If properly configured, this will allow you to run dnsseed in userspace, using
|
||||||
|
the -p 5353 option.
|
||||||
|
|
||||||
|
Another solution is allowing a binary to bind to ports < 1024 with setcap (IPv6 access-safe)
|
||||||
|
|
||||||
|
$ setcap 'cap_net_bind_service=+ep' /path/to/dnsseed
|
|
@ -80,7 +80,7 @@ class CNode {
|
||||||
CAddress me(CService("0.0.0.0"));
|
CAddress me(CService("0.0.0.0"));
|
||||||
BeginMessage("version");
|
BeginMessage("version");
|
||||||
int nBestHeight = GetRequireHeight();
|
int nBestHeight = GetRequireHeight();
|
||||||
string ver = "/lbry-seeder:0.01/";
|
string ver = "/bitcoin-seeder:0.01/";
|
||||||
uint8_t fRelayTxs = 0;
|
uint8_t fRelayTxs = 0;
|
||||||
vSend << PROTOCOL_VERSION << nLocalServices << nTime << you << me << nLocalNonce << ver << nBestHeight << fRelayTxs;
|
vSend << PROTOCOL_VERSION << nLocalServices << nTime << you << me << nLocalNonce << ver << nBestHeight << fRelayTxs;
|
||||||
EndMessage();
|
EndMessage();
|
||||||
|
@ -314,3 +314,4 @@ int main(void) {
|
||||||
printf("ret=%s ban=%i vAddr.size()=%i\n", ret ? "good" : "bad", ban, (int)vAddr.size());
|
printf("ret=%s ban=%i vAddr.size()=%i\n", ret ? "good" : "bad", ban, (int)vAddr.size());
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
|
@ -58,7 +58,7 @@ for my $file (@ARGV) {
|
||||||
}
|
}
|
||||||
|
|
||||||
for my $addr (sort { $res->{$b} <=> $res->{$a} } (keys %{$res})) {
|
for my $addr (sort { $res->{$b} <=> $res->{$a} } (keys %{$res})) {
|
||||||
if ($addr =~ /\A(\d+)\.(\d+)\.(\d+)\.(\d+):9246/) {
|
if ($addr =~ /\A(\d+)\.(\d+)\.(\d+)\.(\d+):8333/) {
|
||||||
my $a = $1*0x1000000 + $2*0x10000 + $3*0x100 + $4;
|
my $a = $1*0x1000000 + $2*0x10000 + $3*0x100 + $4;
|
||||||
printf "0x%08x %s %g%%\n",$a,$addr,(1-((1-$res->{$addr}) ** (1/$n)))*100;
|
printf "0x%08x %s %g%%\n",$a,$addr,(1-((1-$res->{$addr}) ** (1/$n)))*100;
|
||||||
}
|
}
|
||||||
|
|
6
db.h
6
db.h
|
@ -12,11 +12,11 @@
|
||||||
|
|
||||||
#define MIN_RETRY 1000
|
#define MIN_RETRY 1000
|
||||||
|
|
||||||
#define REQUIRE_VERSION 70015
|
#define REQUIRE_VERSION 70001
|
||||||
|
|
||||||
static inline int GetRequireHeight(const bool testnet = fTestNet)
|
static inline int GetRequireHeight(const bool testnet = fTestNet)
|
||||||
{
|
{
|
||||||
return testnet ? 1000 : 940000;
|
return testnet ? 500000 : 350000;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::string static inline ToString(const CService &ip) {
|
std::string static inline ToString(const CService &ip) {
|
||||||
|
@ -119,7 +119,7 @@ public:
|
||||||
}
|
}
|
||||||
int GetBanTime() const {
|
int GetBanTime() const {
|
||||||
if (IsGood()) return 0;
|
if (IsGood()) return 0;
|
||||||
if (clientVersion && clientVersion < 31800) { return 604800; }
|
if (clientVersion && clientVersion < 31900) { return 604800; }
|
||||||
if (stat1M.reliability - stat1M.weight + 1.0 < 0.15 && stat1M.count > 32) { return 30*86400; }
|
if (stat1M.reliability - stat1M.weight + 1.0 < 0.15 && stat1M.count > 32) { return 30*86400; }
|
||||||
if (stat1W.reliability - stat1W.weight + 1.0 < 0.10 && stat1W.count > 16) { return 7*86400; }
|
if (stat1W.reliability - stat1W.weight + 1.0 < 0.10 && stat1W.count > 16) { return 7*86400; }
|
||||||
if (stat1D.reliability - stat1D.weight + 1.0 < 0.05 && stat1D.count > 8) { return 1*86400; }
|
if (stat1D.reliability - stat1D.weight + 1.0 < 0.05 && stat1D.count > 8) { return 1*86400; }
|
||||||
|
|
20
main.cpp
20
main.cpp
|
@ -36,7 +36,7 @@ public:
|
||||||
CDnsSeedOpts() : nThreads(96), nDnsThreads(4), ip_addr("::"), nPort(53), mbox(NULL), ns(NULL), host(NULL), tor(NULL), fUseTestNet(false), fWipeBan(false), fWipeIgnore(false), ipv4_proxy(NULL), ipv6_proxy(NULL) {}
|
CDnsSeedOpts() : nThreads(96), nDnsThreads(4), ip_addr("::"), nPort(53), mbox(NULL), ns(NULL), host(NULL), tor(NULL), fUseTestNet(false), fWipeBan(false), fWipeIgnore(false), ipv4_proxy(NULL), ipv6_proxy(NULL) {}
|
||||||
|
|
||||||
void ParseCommandLine(int argc, char **argv) {
|
void ParseCommandLine(int argc, char **argv) {
|
||||||
static const char *help = "LBRY-seeder\n"
|
static const char *help = "Bitcoin-seeder\n"
|
||||||
"Usage: %s -h <host> -n <ns> [-m <mbox>] [-t <threads>] [-p <port>]\n"
|
"Usage: %s -h <host> -n <ns> [-m <mbox>] [-t <threads>] [-p <port>]\n"
|
||||||
"\n"
|
"\n"
|
||||||
"Options:\n"
|
"Options:\n"
|
||||||
|
@ -78,7 +78,7 @@ public:
|
||||||
{0, 0, 0, 0}
|
{0, 0, 0, 0}
|
||||||
};
|
};
|
||||||
int option_index = 0;
|
int option_index = 0;
|
||||||
int c = getopt_long(argc, argv, "h:n:m:t:a:p:d:o:i:k:w:?", long_options, &option_index);
|
int c = getopt_long(argc, argv, "h:n:m:t:a:p:d:o:i:k:w:", long_options, &option_index);
|
||||||
if (c == -1) break;
|
if (c == -1) break;
|
||||||
switch (c) {
|
switch (c) {
|
||||||
case 'h': {
|
case 'h': {
|
||||||
|
@ -418,9 +418,11 @@ extern "C" void* ThreadStats(void*) {
|
||||||
return nullptr;
|
return nullptr;
|
||||||
}
|
}
|
||||||
|
|
||||||
static const string mainnet_seeds[] = {"dnsseed1.lbry.io", "dnsseed2.lbry.io", "dnsseed3.lbry.io", ""};
|
static const string mainnet_seeds[] = {"dnsseed.bluematt.me", "bitseed.xf2.org", "dnsseed.bitcoin.dashjr.org", "seed.bitcoin.sipa.be", ""};
|
||||||
static const string testnet_seeds[] = {"testdnsseed1.lbry.io",
|
static const string testnet_seeds[] = {"testnet-seed.alexykot.me",
|
||||||
"testdnsseed2.lbry.io",
|
"testnet-seed.bitcoin.petertodd.org",
|
||||||
|
"testnet-seed.bluematt.me",
|
||||||
|
"testnet-seed.bitcoin.schildbach.de",
|
||||||
""};
|
""};
|
||||||
static const string *seeds = mainnet_seeds;
|
static const string *seeds = mainnet_seeds;
|
||||||
|
|
||||||
|
@ -478,10 +480,10 @@ int main(int argc, char **argv) {
|
||||||
bool fDNS = true;
|
bool fDNS = true;
|
||||||
if (opts.fUseTestNet) {
|
if (opts.fUseTestNet) {
|
||||||
printf("Using testnet.\n");
|
printf("Using testnet.\n");
|
||||||
pchMessageStart[0] = 0xfa;
|
pchMessageStart[0] = 0x0b;
|
||||||
pchMessageStart[1] = 0xe4;
|
pchMessageStart[1] = 0x11;
|
||||||
pchMessageStart[2] = 0xaa;
|
pchMessageStart[2] = 0x09;
|
||||||
pchMessageStart[3] = 0xe1;
|
pchMessageStart[3] = 0x07;
|
||||||
seeds = testnet_seeds;
|
seeds = testnet_seeds;
|
||||||
fTestNet = true;
|
fTestNet = true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -22,7 +22,7 @@ static const char* ppszTypeName[] =
|
||||||
"block",
|
"block",
|
||||||
};
|
};
|
||||||
|
|
||||||
unsigned char pchMessageStart[4] = { 0xfa, 0xe4, 0xaa, 0xf1 };
|
unsigned char pchMessageStart[4] = { 0xf9, 0xbe, 0xb4, 0xd9 };
|
||||||
|
|
||||||
CMessageHeader::CMessageHeader()
|
CMessageHeader::CMessageHeader()
|
||||||
{
|
{
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
extern bool fTestNet;
|
extern bool fTestNet;
|
||||||
static inline unsigned short GetDefaultPort(const bool testnet = fTestNet)
|
static inline unsigned short GetDefaultPort(const bool testnet = fTestNet)
|
||||||
{
|
{
|
||||||
return testnet ? 19246 : 9246;
|
return testnet ? 18333 : 8333;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
|
@ -44,7 +44,7 @@ class CMessageHeader
|
||||||
READWRITE(FLATDATA(pchMessageStart));
|
READWRITE(FLATDATA(pchMessageStart));
|
||||||
READWRITE(FLATDATA(pchCommand));
|
READWRITE(FLATDATA(pchCommand));
|
||||||
READWRITE(nMessageSize);
|
READWRITE(nMessageSize);
|
||||||
if (nVersion >= 1)
|
if (nVersion >= 209)
|
||||||
READWRITE(nChecksum);
|
READWRITE(nChecksum);
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
128
readme.md
128
readme.md
|
@ -1,128 +0,0 @@
|
||||||
# seeder
|
|
||||||
|
|
||||||
seeder is a crawler for the LBRY network, which exposes a list
|
|
||||||
of reliable nodes via a built-in DNS server.
|
|
||||||
|
|
||||||
Features:
|
|
||||||
* regularly revisits known nodes to check their availability
|
|
||||||
* bans nodes after enough failures, or bad behaviour
|
|
||||||
* accepts nodes down to v0.3.19 to request new IP addresses from,
|
|
||||||
but only reports good post-v0.3.24 nodes.
|
|
||||||
* keeps statistics over (exponential) windows of 2 hours, 8 hours,
|
|
||||||
1 day and 1 week, to base decisions on.
|
|
||||||
* very low memory (a few tens of megabytes) and cpu requirements.
|
|
||||||
* crawlers run in parallel (by default 24 threads simultaneously).
|
|
||||||
|
|
||||||
|
|
||||||
## Build
|
|
||||||
|
|
||||||
```
|
|
||||||
sudo apt-get install build-essential libboost-dev libssl-dev
|
|
||||||
make
|
|
||||||
```
|
|
||||||
|
|
||||||
## Use
|
|
||||||
|
|
||||||
Assumptions:
|
|
||||||
|
|
||||||
- lbrycrd will use the domain `seed.example.com` to find peer nodes
|
|
||||||
- you will be running this seeder on a server at domain `vps.example.com`
|
|
||||||
|
|
||||||
### Configure DNS
|
|
||||||
|
|
||||||
You will need two DNS records:
|
|
||||||
|
|
||||||
type | name | value
|
|
||||||
-----|------------------| ---------------
|
|
||||||
NS | seed.example.com | vps.example.com
|
|
||||||
A | vps.example.com | 1.2.3.4
|
|
||||||
|
|
||||||
|
|
||||||
Test your DNS records
|
|
||||||
|
|
||||||
```
|
|
||||||
$ dig -t NS seed.example.com
|
|
||||||
|
|
||||||
;; ANSWER SECTION
|
|
||||||
seed.example.com. 86400 IN NS vps.example.com.
|
|
||||||
```
|
|
||||||
|
|
||||||
### Disable systemd resolver (Ubuntu 18.04+)
|
|
||||||
|
|
||||||
You only need this if you want to run the seeder on port 53 and it's taken by
|
|
||||||
Ubuntu's resolved. Run the following to turn the resolver off and prevent
|
|
||||||
it from starting on reboot
|
|
||||||
|
|
||||||
```
|
|
||||||
sudo systemctl stop systemd-resolved.service
|
|
||||||
sudo systemctl disable systemd-resolved.service
|
|
||||||
|
|
||||||
```
|
|
||||||
|
|
||||||
### Open firewall port
|
|
||||||
|
|
||||||
For example, if using UFW, run `ufw allow 53`. Some VPS providers also
|
|
||||||
have their own firewall that you'll need to configure.
|
|
||||||
|
|
||||||
### Run the seeder
|
|
||||||
|
|
||||||
On the system vps.example.com, you can now run dnsseed:
|
|
||||||
|
|
||||||
```
|
|
||||||
./dnsseed -h seed.example.com -n vps.example.com
|
|
||||||
```
|
|
||||||
|
|
||||||
If you want the DNS server to report SOA records, please provide an
|
|
||||||
e-mail address (with the @ part replaced by .) using `-m`.
|
|
||||||
|
|
||||||
|
|
||||||
### Running as non-root
|
|
||||||
|
|
||||||
Typically, you'll need root privileges to listen to port 53 (name service).
|
|
||||||
|
|
||||||
One solution is using an iptables rule (Linux only) to redirect it to
|
|
||||||
a non-privileged port:
|
|
||||||
|
|
||||||
```
|
|
||||||
iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-port 5353
|
|
||||||
```
|
|
||||||
|
|
||||||
If properly configured, this will allow you to run dnsseed in userspace, using
|
|
||||||
the -p 5353 option.
|
|
||||||
|
|
||||||
Another solution is allowing a binary to bind to ports < 1024 with setcap (IPv6 access-safe)
|
|
||||||
|
|
||||||
```
|
|
||||||
setcap 'cap_net_bind_service=+ep' /path/to/dnsseed
|
|
||||||
```
|
|
||||||
|
|
||||||
## Debugging
|
|
||||||
|
|
||||||
### Server-side
|
|
||||||
|
|
||||||
On the server, run `sudo tcpdump port 53`. This will show you all traffic on port 53. As
|
|
||||||
you send DNS queries, you should see `A` requests come in and response IPs go out.
|
|
||||||
|
|
||||||
- no incoming responses: DNS or firewall issues, or DNS request is cached client-side
|
|
||||||
- no responses: seeder is not running, or running on the wrong port, or broken
|
|
||||||
- empty responses: requested domain doesn't match configured domain in seeder
|
|
||||||
|
|
||||||
You can also look at the output of the running seeder. It looks like this
|
|
||||||
|
|
||||||
```
|
|
||||||
[21-04-12 19:30:49] 28/104 available (104 tried in 994s, 1 new, 30 active), 0 banned; 38 DNS requests, 1 db queries
|
|
||||||
```
|
|
||||||
|
|
||||||
- if # of DNS requests is not going up as you send them, then seeder is not getting your requests
|
|
||||||
- if DNS requests are increasing but db queries are not, then the -h domain doesn't match
|
|
||||||
- if seeder didn't find any nodes, then it can't contact the nodes it itself is seeded with
|
|
||||||
|
|
||||||
### Client-side
|
|
||||||
|
|
||||||
Try `dig +short seed.example.com`. If you get node IPs, your setup is working.
|
|
||||||
|
|
||||||
Other things to try
|
|
||||||
|
|
||||||
- `dig @1.2.3.4 seed.example.com` to bypass local DNS cache or incorrect DNS records
|
|
||||||
- `dig +trace seed.example.com` for detailed routing info
|
|
||||||
|
|
|
@ -60,7 +60,7 @@ class CDataStream;
|
||||||
class CAutoFile;
|
class CAutoFile;
|
||||||
static const unsigned int MAX_SIZE = 0x02000000;
|
static const unsigned int MAX_SIZE = 0x02000000;
|
||||||
|
|
||||||
static const int PROTOCOL_VERSION = 70015;
|
static const int PROTOCOL_VERSION = 60000;
|
||||||
|
|
||||||
// Used to bypass the rule against non-const reference to temporary
|
// Used to bypass the rule against non-const reference to temporary
|
||||||
// where it makes sense with wrappers such as CFlatData or CTxDB
|
// where it makes sense with wrappers such as CFlatData or CTxDB
|
||||||
|
|
Loading…
Add table
Reference in a new issue