summaryrefslogtreecommitdiff
path: root/src/modules/m_connectban.cpp
diff options
context:
space:
mode:
authorw00t <w00t@e03df62e-2008-0410-955e-edbf42e46eb7>2008-07-12 14:37:24 +0000
committerw00t <w00t@e03df62e-2008-0410-955e-edbf42e46eb7>2008-07-12 14:37:24 +0000
commit7ae8ab4a17f8ffaee1916faa93ccd0fd9e250e56 (patch)
treefdac7286f878ce0041b62a6673368e2ba72429d2 /src/modules/m_connectban.cpp
parentd19f03dc3a7bc0e6146039ef09297c3f5ec39d63 (diff)
Add CIDR mask use to m_connectban, detection and banning may now happen over IP ranges instead of individual IPs.
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@9982 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src/modules/m_connectban.cpp')
-rw-r--r--src/modules/m_connectban.cpp39
1 files changed, 33 insertions, 6 deletions
diff --git a/src/modules/m_connectban.cpp b/src/modules/m_connectban.cpp
index 8c39ae8ba..fc8b9aeaa 100644
--- a/src/modules/m_connectban.cpp
+++ b/src/modules/m_connectban.cpp
@@ -22,6 +22,8 @@ class ModuleQuitBan : public Module
clonemap connects;
unsigned int threshold;
unsigned int banduration;
+ unsigned int ipv4_cidr;
+ unsigned int ipv6_cidr;
public:
ModuleQuitBan(InspIRCd* Me) : Module(Me)
{
@@ -44,6 +46,14 @@ class ModuleQuitBan : public Module
ConfigReader Conf(ServerInstance);
std::string duration;
+ ipv4_cidr = Conf.ReadInteger("connectban", "ipv4cidr", 0, true);
+ if (ipv4_cidr == 0)
+ ipv4_cidr = 32;
+
+ ipv6_cidr = Conf.ReadInteger("connectban", "ipv6cidr", 0, true);
+ if (ipv6_cidr == 0)
+ ipv6_cidr = 128;
+
threshold = Conf.ReadInteger("connectban", "threshold", 0, true);
if (threshold == 0)
@@ -59,30 +69,47 @@ class ModuleQuitBan : public Module
virtual void OnUserConnect(User *u)
{
- clonemap::iterator i = connects.find(u->GetIPString());
+ int range = 32;
+ clonemap::iterator i;
+
+ switch (u->GetProtocolFamily())
+ {
+ #ifdef SUPPORT_IP6LINKS
+ case AF_INET6:
+ {
+ range = ipv6_cidr;
+ }
+ break;
+ #endif
+ case AF_INET:
+ {
+ range = ipv4_cidr;
+ }
+ break;
+ }
+
+ i = connects.find(u->GetCIDRMask(range));
if (i != connects.end())
{
i->second++;
- ServerInstance->Logs->Log("m_connectban",DEBUG, "Count for IP is now %d", i->second);
if (i->second >= threshold)
{
// Create zline for set duration.
- ZLine* zl = new ZLine(ServerInstance, ServerInstance->Time(), banduration, ServerInstance->Config->ServerName, "Connect flooding", u->GetIPString());
+ ZLine* zl = new ZLine(ServerInstance, ServerInstance->Time(), banduration, ServerInstance->Config->ServerName, "Connect flooding", u->GetCIDRMask(range));
if (ServerInstance->XLines->AddLine(zl,NULL))
ServerInstance->XLines->ApplyLines();
else
delete zl;
- ServerInstance->SNO->WriteToSnoMask('x', "Connect flooding from IP %s (%d)", u->GetIPString(), threshold);
+ ServerInstance->SNO->WriteToSnoMask('x', "Connect flooding from IP range %s (%d)", u->GetCIDRMask(range), threshold);
connects.erase(i);
}
}
else
{
- connects[u->GetIPString()] = 1;
- ServerInstance->Logs->Log("m_quitban",DEBUG, "Added new record");
+ connects[u->GetCIDRMask(range)] = 1;
}
}