The Banning Mechanics: Analysis of `Misbehaving()` and `BanMan`
7. The Banning Mechanics: Analysis of Misbehaving() and BanMan
When a peer's DoS score (Chapter 6) reaches the limit, the Diplomat calls the "High Executioner": the BanMan (Ban Manager). Banning is more than just "Disconnecting." It is a "Digital Prohibition" that prevents that specific IP address from connecting to you again for a long time (usually 24 hours).
For the Sovereign Architect, Banning is the "Final Border Control." It is the logic that ensures a persistent attacker cannot just "Reconnect" and try again.
Analyzing the Execution: BanMan
In the source code (src/banman.cpp and src/net_processing.cpp), we see how the node "Engraves" a ban into its memory.
/**
* PEDAGOGICAL ANALYSIS: THE DIGITAL PROHIBITION
* This logic ensures that a hostile actor is "Exiled" from your node.
*/
void BanMan::Ban(const CNetAddr& addr, int64_t ban_time_offset)
{
CBanEntry banEntry(GetTime() + ban_time_offset);
// 1. Add the IP to the "Blacklist" on the disk.
m_banDb.Write(addr, banEntry);
// 2. Add it to the active "Banned Map" in memory.
{
LOCK(m_cs_banned);
m_banned[addr] = banEntry;
}
}
Explaining the Execution: The Exile of the Malicious
-
CBanEntry: This is the "Record of the Exile." it includes the time the ban was issued and the time it will "Expire." Once a ban expires, the IP is allowed to try again. It is the Temporary Nature of the Punishment. -
m_banDb: Bans are "Persistent." If you restart your node, it will still remember who was banned. This information is saved in a file calledbanlist.json. It is the Memory of the Sovereign. -
"The Subnet Ban": A sophisticated attacker might use thousands of IP addresses from the same data center. The
BanManis smart enough to ban an entire "Neighborhood" (a Subnet) if it sees too much misbehavior coming from the same source. It is the Strategic Defense of the Core. -
"Manual Banning": You, the Sovereign Architect, can also "Order a Ban" manually using the
bitcoin-cli setbancommand. If you see a peer behaving suspiciously in your logs, you can exile them instantly. It is the Direct Command of the General.
The Sovereignty of the Exile
Banning is the ultimate protection for your node's sanity. By maintaining a clean "Ban List," your node ensures it isn't "Wasting Breath" on people who have already proven they don't follow the rules. As a Sovereign Architect, you are the "Master of the Exile," the one who ensures the "Digital Borders" of your machine are always free of known hostile actors.
TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation: