Enforce suspension at the network level

[clarfonthey]

Right now, suspending an instance doesn't prevent the instance from performing unauthenticated requests to the software. Ideally, suspending an instance would block all traffic going to the instance's domain, and optionally its subdomains.

Being able to suspend instances by IP in addition to host would help make this design a bit more robust.

I've mentioned this before, but this is mostly splitting off this part of the discussion from #108.

[kaniini]

banning instances by IP works to a certain extent, but masto.host (and presumably other managed providers) uses a shared IP pool, which means if you whack one masto.host instance in this way, you're potentially banning hundreds more.

the only real solution is to switch from signature authentication as an authorization method to OCAP, and (optionally) require OCAP grants for object fetching. we are actively working on both of these things in the AP standardization communities.

anyway, my only feedback is to suggest that banning instances by IP may result in other, unrelated instances being unable to federate. that may or may not be desirable, but it's information that the admin needs to know so they can make the best decision for their community.

[jhaye]

Another problem would be that this would make Mastodon capable of configuring the firewall, which makes my alarm bells go off. It might be possible to implement similar functionality using purely Mastodon's network stack, but I doubt that would be good for performance.

Maybe running a separate program for this might be desirable as an interim solution? As pointed out the problem seems to be quite complex, and this codebase is already complex enough. Having a small program that would do nothing other than read the database for suspended domains, do DNS lookups, any additional logic that would be desirable and alters the firewall accordingly, would at least separate the concerns better.

It should be stressed of course that this would only serve as an interim solution.

[Laurelai]

I wouldnt be against such a companion program.