|
|
|
## HUSH Seeder
|
|
|
|
|
|
|
|
hush-seeder is a crawler for the HUSH network, based on [bitcoin-seeder](https://github.com/sipa/bitcoin-seeder), which exposes a list
|
|
|
|
of reliable nodes via a built-in DNS server.
|
|
|
|
|
|
|
|
Features:
|
|
|
|
* regularly revisits known nodes to check their availability
|
|
|
|
* bans nodes after enough failures, or bad behaviour
|
|
|
|
* accepts nodes down to protocol version 170002
|
|
|
|
* keeps statistics over (exponential) windows of 2 hours, 8 hours,
|
|
|
|
1 day and 1 week, to base decisions on.
|
|
|
|
* very low memory (a few tens of megabytes) and cpu requirements.
|
|
|
|
* crawlers run in parallel (by default 96 threads simultaneously).
|
|
|
|
|
|
|
|
## REQUIREMENTS
|
|
|
|
|
|
|
|
sudo apt-get install build-essential libboost-all-dev libssl-dev
|
|
|
|
|
|
|
|
## USAGE
|
|
|
|
|
|
|
|
* NOTE *You cannot run this seeder on the same machine as a Hush full
|
|
|
|
node, as both require port 18030.*
|
|
|
|
|
|
|
|
Assuming you want to run a dns seed on dnsseed.example.com, you will
|
|
|
|
need an authorative NS record in example.com's domain record, pointing
|
|
|
|
to for example vps.example.com:
|
|
|
|
|
|
|
|
dig -t NS dnsseed.example.com
|
|
|
|
|
|
|
|
;; ANSWER SECTION
|
|
|
|
dnsseed.example.com. 86400 IN NS vps.example.com.
|
|
|
|
|
|
|
|
On the system vps.example.com, you can now run dnsseed:
|
|
|
|
|
|
|
|
./dnsseed -h dnsseed.example.com -n vps.example.com
|
|
|
|
|
|
|
|
If you want the DNS server to report SOA records, please provide an
|
|
|
|
e-mail address (with the @ part replaced by .) using -m.
|
|
|
|
|
|
|
|
## COMPILING
|
|
|
|
|
|
|
|
Compiling will require boost and ssl. On debian systems, these are provided
|
|
|
|
by `libboost-dev` and `libssl-dev` respectively.
|
|
|
|
|
|
|
|
sudo apt-get install libboost-dev libssl-dev
|
|
|
|
git clone https://git.hush.is/hush/hush-seeder
|
|
|
|
cd hush-seeder
|
|
|
|
make
|
|
|
|
|
|
|
|
This will produce the `dnsseed` binary.
|
|
|
|
|
|
|
|
## RUNNING AS NON-ROOT
|
|
|
|
|
|
|
|
Typically, you'll need root privileges to listen to port 53 (name service).
|
|
|
|
|
|
|
|
One solution is using an iptables rule (Linux only) to redirect it to
|
|
|
|
a non-privileged port:
|
|
|
|
|
|
|
|
iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-port 5353
|
|
|
|
|
|
|
|
If properly configured, this will allow you to run dnsseed in userspace, using
|
|
|
|
the -p 5353 option.
|
|
|
|
|
|
|
|
## LICENSE
|
|
|
|
|
|
|
|
GPLv3
|
|
|
|
|
|
|
|
## CONTRIBUTORS
|
|
|
|
|
|
|
|
See a list of people who contributed to this code in AUTHORS. If you have made
|
|
|
|
contributions to this code, you are welcome to submit a PR adding yourself to this
|
|
|
|
file.
|