From 84e8d5467fcec3b7c8ce950cd7a3e7e7b24452a3 Mon Sep 17 00:00:00 2001
From: Adam Jonas <jonas@chaincode.com>
Date: Tue, 15 Dec 2020 20:37:32 -0500
Subject: doc: warn that incoming conns are unlikely when not using default
 ports

Github-Pull: #20668
Rebased-From: 010eed3ce03cf4fc622a48f40fc4d589383f7a44
---
 src/net.cpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/net.cpp')

diff --git a/src/net.cpp b/src/net.cpp
index cf987b699..1fd913eb6 100644
--- a/src/net.cpp
+++ b/src/net.cpp
@@ -2050,7 +2050,11 @@ void CConnman::ThreadOpenConnections(const std::vector<std::string> connect)
                 continue;
             }
 
-            // do not allow non-default ports, unless after 50 invalid addresses selected already
+            // Do not allow non-default ports, unless after 50 invalid
+            // addresses selected already. This is to prevent malicious peers
+            // from advertising themselves as a service on another host and
+            // port, causing a DoS attack as nodes around the network attempt
+            // to connect to it fruitlessly.
             if (addr.GetPort() != Params().GetDefaultPort() && nTries < 50)
                 continue;
 
-- 
cgit v1.2.3