From 2716a6e94ae3b6cb8eedd1430af1b24e2b06d0bb Mon Sep 17 00:00:00 2001 From: Hansie Odendaal Date: Fri, 6 Sep 2024 10:45:19 +0200 Subject: [PATCH] Improve universe comms - Improved universe comms by defaulting to bypass tor for outbound tcp connections. - Refrain from dialing tcp 'ConnectionManagerConfig::default().listener_address' --- base_layer/p2p/src/transport.rs | 6 +++--- common/config/presets/c_base_node_c.toml | 6 +++--- common/config/presets/d_console_wallet.toml | 6 +++--- comms/core/src/connection_manager/dialer.rs | 13 ++++++++++++- 4 files changed, 21 insertions(+), 10 deletions(-) diff --git a/base_layer/p2p/src/transport.rs b/base_layer/p2p/src/transport.rs index 939a96329e..1e7d9b4a6f 100644 --- a/base_layer/p2p/src/transport.rs +++ b/base_layer/p2p/src/transport.rs @@ -144,8 +144,8 @@ pub struct TorTransportConfig { /// When these peer addresses are encountered when dialing another peer, the tor proxy is bypassed and the /// connection is made directly over TCP. /ip4, /ip6, /dns, /dns4 and /dns6 are supported. pub proxy_bypass_addresses: Vec, - /// When set to true, outbound TCP connections bypass the tor proxy. Defaults to false for better privacy, setting - /// to true may improve network performance for TCP nodes. + /// When set to true, outbound TCP connections bypass the tor proxy. Defaults to 'true' for better network + /// performance for TCP nodes; set it to 'false' for better privacy. pub proxy_bypass_for_outbound_tcp: bool, /// If set, instructs tor to forward traffic the provided address. Otherwise, an OS-assigned port on 127.0.0.1 /// is used. @@ -196,7 +196,7 @@ impl Default for TorTransportConfig { control_auth: TorControlAuthentication::Auto, onion_port: NonZeroU16::new(18141).unwrap(), proxy_bypass_addresses: vec![], - proxy_bypass_for_outbound_tcp: false, + proxy_bypass_for_outbound_tcp: true, forward_address: None, listener_address_override: None, identity: None, diff --git a/common/config/presets/c_base_node_c.toml b/common/config/presets/c_base_node_c.toml index 61b9650adc..536ab3a6b7 100644 --- a/common/config/presets/c_base_node_c.toml +++ b/common/config/presets/c_base_node_c.toml @@ -191,9 +191,9 @@ listener_self_liveness_check_interval = 15 # When these peer addresses are encountered when dialing another peer, the tor proxy is bypassed and the connection is # made directly over TCP. /ip4, /ip6, /dns, /dns4 and /dns6 are supported. (e.g. ["/dns4/my-foo-base-node/tcp/9998"]) #tor.proxy_bypass_addresses = [] -# When using the tor transport and set to true, outbound TCP connections bypass the tor proxy. Defaults to false for -# better privacy -#tor.proxy_bypass_for_outbound_tcp = false +# When using the tor transport and set to true, outbound TCP connections bypass the tor proxy. Defaults to 'true' for +# better network performance for TCP nodes; set it to 'false' for better privacy. +#tor.proxy_bypass_for_outbound_tcp = true # If set, instructs tor to forward traffic the provided address. (e.g. "/dns4/my-base-node/tcp/32123") (default = OS-assigned port) #tor.forward_address = # If set, the listener will bind to this address instead of the forward_address. You need to make sure that this listener is connectable from the forward_address. diff --git a/common/config/presets/d_console_wallet.toml b/common/config/presets/d_console_wallet.toml index e36ffabed6..a8d3225ba0 100644 --- a/common/config/presets/d_console_wallet.toml +++ b/common/config/presets/d_console_wallet.toml @@ -239,9 +239,9 @@ event_channel_size = 3500 # When these peer addresses are encountered when dialing another peer, the tor proxy is bypassed and the connection is # made directly over TCP. /ip4, /ip6, /dns, /dns4 and /dns6 are supported. (e.g. ["/dns4/my-foo-base-node/tcp/9998"]) #tor.proxy_bypass_addresses = [] -# When using the tor transport and set to true, outbound TCP connections bypass the tor proxy. Defaults to false for -# better privacy -#tor.proxy_bypass_for_outbound_tcp = false +# When using the tor transport and set to true, outbound TCP connections bypass the tor proxy. Defaults to 'true' for +# better network performance for TCP nodes; set it to 'false' for better privacy. +#tor.proxy_bypass_for_outbound_tcp = true # If set, instructs tor to forward traffic the provided address. (e.g. "/ip4/127.0.0.1/tcp/0") (default = ) #tor.forward_address = diff --git a/comms/core/src/connection_manager/dialer.rs b/comms/core/src/connection_manager/dialer.rs index a84161c1c4..32d399bb7c 100644 --- a/comms/core/src/connection_manager/dialer.rs +++ b/comms/core/src/connection_manager/dialer.rs @@ -558,7 +558,18 @@ where DialState, Result<(NoiseSocket, Multiaddr), ConnectionManagerError>, ) { - let addresses = dial_state.peer().addresses.clone().into_vec(); + let addresses = dial_state + .peer() + .addresses + .clone() + .into_vec() + .iter() + .filter(|&a| { + a == &"/memory/0".parse::().expect("will not fail") || // Used for tests, allowed + a != &ConnectionManagerConfig::default().listener_address // Not allowed to dial the default + }) + .cloned() + .collect::>(); if addresses.is_empty() { let node_id_hex = dial_state.peer().node_id.clone().to_hex(); trace!(