From a426999fc95f02f71359161ab0a07a392fc4df95 Mon Sep 17 00:00:00 2001 From: Felix Lange Date: Wed, 12 Jul 2023 12:01:38 +0200 Subject: [PATCH] p2p/discover: filter bootnodes by netrestrict (#27701) This prevents an issue where the node would attempt to contact the bootstrap nodes even if they weren't contained in the netrestrict list. --- p2p/discover/table.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/p2p/discover/table.go b/p2p/discover/table.go index b601f233d0dd..f476d2079f8c 100644 --- a/p2p/discover/table.go +++ b/p2p/discover/table.go @@ -203,12 +203,18 @@ func (tab *Table) close() { // are used to connect to the network if the table is empty and there // are no known nodes in the database. func (tab *Table) setFallbackNodes(nodes []*enode.Node) error { + nursery := make([]*node, 0, len(nodes)) for _, n := range nodes { if err := n.ValidateComplete(); err != nil { return fmt.Errorf("bad bootstrap node %q: %v", n, err) } + if tab.cfg.NetRestrict != nil && !tab.cfg.NetRestrict.Contains(n.IP()) { + tab.log.Error("Bootstrap node filtered by netrestrict", "id", n.ID(), "ip", n.IP()) + continue + } + nursery = append(nursery, wrapNode(n)) } - tab.nursery = wrapNodes(nodes) + tab.nursery = nursery return nil }