diff options
-rw-r--r-- | conf/inspircd.conf.example | 26 | ||||
-rw-r--r-- | include/users.h | 23 | ||||
-rw-r--r-- | src/command_parse.cpp | 2 | ||||
-rw-r--r-- | src/commands/cmd_nick.cpp | 2 | ||||
-rw-r--r-- | src/commands/cmd_oper.cpp | 2 | ||||
-rw-r--r-- | src/configreader.cpp | 2 | ||||
-rw-r--r-- | src/modules/m_cloaking.cpp | 2 | ||||
-rw-r--r-- | src/modules/m_testnet.cpp | 4 | ||||
-rw-r--r-- | src/userprocess.cpp | 8 | ||||
-rw-r--r-- | src/users.cpp | 34 |
10 files changed, 71 insertions, 34 deletions
diff --git a/conf/inspircd.conf.example b/conf/inspircd.conf.example index 0b4099a40..baadf24d6 100644 --- a/conf/inspircd.conf.example +++ b/conf/inspircd.conf.example @@ -307,17 +307,35 @@ hardsendq="1048576" # softsendq: amount of data in a client's send queue before the server - # begins delaying their commands + # begins delaying their commands in order to allow the sendq to drain softsendq="8192" # recvq: amount of data allowed in a client's queue before they are dropped. recvq="8192" - # threshold: This specifies the seconds worth of penalty a user is allowed to have - # before fake lag is applied to them. If this value is set too low, every action will cause throttling. - # Set to 0 to disable. + # threshold: This specifies the amount of command penalty a user is allowed to have + # before being quit or fakelagged due to flood. Normal commands have a penalty of 1, + # ones such as /OPER have penalties up to 10. + # + # If you are not using fakelag, this should be at least 20 to avoid excess flood kills + # from processing some commands. threshold="10" + # commandrate: This specifies the maximum rate that commands can be processed. + # If commands are sent more rapidly, the user's penalty will increase and they will + # either be fakelagged or killed when they reach the threshold + # + # Units are millicommands per second, so 1000 means one line per second. + commandrate="1000" + + # fakelag: Use fakelag instead of killing users for excessive flood + # + # Fake lag stops command processing for a user when a flood is detected rather than + # immediately killing them; their commands are held in the recvq and processed later + # as the user's command penalty drops. Note that if this is enabled, flooders will + # quit with "RecvQ exceeded" rather than "Excess Flood". + fakelag="on" + # localmax: Maximum local connections per IP. localmax="3" diff --git a/include/users.h b/include/users.h index 5cf7669af..e1171e2c3 100644 --- a/include/users.h +++ b/include/users.h @@ -71,6 +71,9 @@ struct CoreExport ConnectClass : public refcountbase */ char type; + /** True if this class uses fake lag to manage flood, false if it kills */ + bool fakelag; + /** Connect class name */ std::string name; @@ -111,7 +114,10 @@ struct CoreExport ConnectClass : public refcountbase /** Seconds worth of penalty before penalty system activates */ - unsigned long penaltythreshold; + unsigned int penaltythreshold; + + /** Maximum rate of commands (units: millicommands per second) */ + unsigned int commandrate; /** Local max when connecting by this connection class */ @@ -188,9 +194,14 @@ struct CoreExport ConnectClass : public refcountbase /** Returns the penalty threshold value */ - unsigned long GetPenaltyThreshold() + unsigned int GetPenaltyThreshold() + { + return (penaltythreshold ? penaltythreshold : 10); + } + + unsigned int GetCommandRate() { - return penaltythreshold; + return commandrate ? commandrate : 1000; } /** Returusn the maximum number of local sessions @@ -787,10 +798,10 @@ class CoreExport LocalUser : public User */ time_t nping; - /** This value contains how far into the penalty threshold the user is. Once its over - * the penalty threshold then commands are held and processed on-timer. + /** This value contains how far into the penalty threshold the user is. + * This is used either to enable fake lag or for excess flood quits */ - int Penalty; + unsigned int CommandFloodPenalty; /** Stored reverse lookup from res_forward. Should not be used after resolution. */ diff --git a/src/command_parse.cpp b/src/command_parse.cpp index 772b23117..86f801d3e 100644 --- a/src/command_parse.cpp +++ b/src/command_parse.cpp @@ -252,7 +252,7 @@ bool CommandParser::ProcessCommand(User *user, std::string &cmd) if (IS_LOCAL(user) && !user->HasPrivPermission("users/flood/no-throttle")) { // If it *doesn't* exist, give it a slightly heftier penalty than normal to deter flooding us crap - IS_LOCAL(user)->Penalty += cm != cmdlist.end() ? cm->second->Penalty : 2; + IS_LOCAL(user)->CommandFloodPenalty += cm != cmdlist.end() ? cm->second->Penalty * 1000 : 2000; } diff --git a/src/commands/cmd_nick.cpp b/src/commands/cmd_nick.cpp index 489551dd1..eccf2327e 100644 --- a/src/commands/cmd_nick.cpp +++ b/src/commands/cmd_nick.cpp @@ -203,7 +203,7 @@ CmdResult CommandNick::Handle (const std::vector<std::string>& parameters, User if (user->registered == REG_ALL) { if (IS_LOCAL(user)) - IS_LOCAL(user)->Penalty += 10; + IS_LOCAL(user)->CommandFloodPenalty += 5000; FOREACH_MOD(I_OnUserPostNick,OnUserPostNick(user, oldnick)); } diff --git a/src/commands/cmd_oper.cpp b/src/commands/cmd_oper.cpp index 42ea0c07d..378db4303 100644 --- a/src/commands/cmd_oper.cpp +++ b/src/commands/cmd_oper.cpp @@ -89,7 +89,7 @@ CmdResult CommandOper::HandleLocal(const std::vector<std::string>& parameters, L // tell them they suck, and lag them up to help prevent brute-force attacks user->WriteNumeric(491, "%s :Invalid oper credentials",user->nick.c_str()); - user->Penalty += 10; + user->CommandFloodPenalty += 10000; snprintf(broadcast, MAXBUF, "WARNING! Failed oper attempt by %s!%s@%s using login '%s': The following fields do not match: %s", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), parameters[0].c_str(), fields.c_str()); ServerInstance->SNO->WriteToSnoMask('o',std::string(broadcast)); diff --git a/src/configreader.cpp b/src/configreader.cpp index f81283dc7..aebf85ca8 100644 --- a/src/configreader.cpp +++ b/src/configreader.cpp @@ -366,6 +366,8 @@ void ServerConfig::CrossCheckConnectBlocks(ServerConfig* current) me->hardsendqmax = tag->getInt("hardsendq", me->hardsendqmax); me->recvqmax = tag->getInt("recvq", me->recvqmax); me->penaltythreshold = tag->getInt("threshold", me->penaltythreshold); + me->commandrate = tag->getInt("commandrate", me->commandrate); + me->fakelag = tag->getBool("fakelag", me->fakelag); me->maxlocal = tag->getInt("localmax", me->maxlocal); me->maxglobal = tag->getInt("globalmax", me->maxglobal); me->port = tag->getInt("port", me->port); diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp index 263e28210..0a4e58edf 100644 --- a/src/modules/m_cloaking.cpp +++ b/src/modules/m_cloaking.cpp @@ -57,7 +57,7 @@ class CloakUser : public ModeHandler } /* don't allow this user to spam modechanges */ - IS_LOCAL(dest)->Penalty += 5; + IS_LOCAL(dest)->CommandFloodPenalty += 5000; if (adding) { diff --git a/src/modules/m_testnet.cpp b/src/modules/m_testnet.cpp index ff37adf3c..0bc33f002 100644 --- a/src/modules/m_testnet.cpp +++ b/src/modules/m_testnet.cpp @@ -190,9 +190,9 @@ class CommandTest : public Command for(unsigned int i=0; i < count; i++) user->Write(line); } - else if (parameters[0] == "freeze" && IS_LOCAL(user)) + else if (parameters[0] == "freeze" && IS_LOCAL(user) && parameters.size() > 1) { - IS_LOCAL(user)->Penalty += 100; + IS_LOCAL(user)->CommandFloodPenalty += atoi(parameters[1].c_str()); } else if (parameters[0] == "shutdown" && IS_LOCAL(user)) { diff --git a/src/userprocess.cpp b/src/userprocess.cpp index 8aa76a1fd..781f8ae52 100644 --- a/src/userprocess.cpp +++ b/src/userprocess.cpp @@ -55,9 +55,13 @@ void InspIRCd::DoBackgroundUserStuff() if (curr->quitting) continue; - if (curr->Penalty) + if (curr->CommandFloodPenalty) { - curr->Penalty--; + unsigned int rate = curr->MyClass->GetCommandRate(); + if (curr->CommandFloodPenalty > rate) + curr->CommandFloodPenalty -= rate; + else + curr->CommandFloodPenalty = 0; curr->eh.OnDataReady(); } diff --git a/src/users.cpp b/src/users.cpp index ec6fd0571..98c362f95 100644 --- a/src/users.cpp +++ b/src/users.cpp @@ -244,7 +244,7 @@ LocalUser::LocalUser(int myfd, irc::sockets::sockaddrs* client, irc::sockets::so { bytes_in = bytes_out = cmds_in = cmds_out = 0; server_sa.sa.sa_family = AF_UNSPEC; - Penalty = 0; + CommandFloodPenalty = 0; lastping = nping = 0; eh.SetFd(myfd); memcpy(&client_sa, client, sizeof(irc::sockets::sockaddrs)); @@ -509,11 +509,11 @@ void UserIOHandler::OnDataReady() unsigned long sendqmax = ULONG_MAX; if (!user->HasPrivPermission("users/flood/increased-buffers")) sendqmax = user->MyClass->GetSendqSoftMax(); - int penaltymax = user->MyClass->GetPenaltyThreshold(); - if (penaltymax == 0 || user->HasPrivPermission("users/flood/no-fakelag")) - penaltymax = INT_MAX; + unsigned long penaltymax = ULONG_MAX; + if (!user->HasPrivPermission("users/flood/no-fakelag")) + penaltymax = user->MyClass->GetPenaltyThreshold() * 1000; - while (user->Penalty < penaltymax && getSendQSize() < sendqmax) + while (user->CommandFloodPenalty < penaltymax && getSendQSize() < sendqmax) { std::string line; line.reserve(MAXBUF); @@ -550,8 +550,10 @@ eol_found: return; } // Add pseudo-penalty so that we continue processing after sendq recedes - if (user->Penalty == 0 && getSendQSize() >= sendqmax) - user->Penalty++; + if (user->CommandFloodPenalty == 0 && getSendQSize() >= sendqmax) + user->CommandFloodPenalty++; + if (user->CommandFloodPenalty >= penaltymax && !user->MyClass->fakelag) + ServerInstance->Users->QuitUser(user, "Excess Flood"); } void UserIOHandler::AddWriteBuf(const std::string &data) @@ -1689,19 +1691,19 @@ const std::string& FakeUser::GetFullRealHost() } ConnectClass::ConnectClass(ConfigTag* tag, char t, const std::string& mask) - : config(tag), type(t), name("unnamed"), registration_timeout(0), host(mask), - pingtime(0), pass(""), hash(""), softsendqmax(0), hardsendqmax(0), - recvqmax(0), penaltythreshold(0), maxlocal(0), maxglobal(0), maxchans(0), port(0), limit(0) + : config(tag), type(t), fakelag(true), name("unnamed"), registration_timeout(0), host(mask), + pingtime(0), pass(""), hash(""), softsendqmax(0), hardsendqmax(0), recvqmax(0), + penaltythreshold(0), commandrate(0), maxlocal(0), maxglobal(0), maxchans(0), port(0), limit(0) { } ConnectClass::ConnectClass(ConfigTag* tag, char t, const std::string& mask, const ConnectClass& parent) - : config(tag), type(t), name("unnamed"), - registration_timeout(parent.registration_timeout), host(mask), - pingtime(parent.pingtime), pass(parent.pass), hash(parent.hash), - softsendqmax(parent.softsendqmax), hardsendqmax(parent.hardsendqmax), - recvqmax(parent.recvqmax), penaltythreshold(parent.penaltythreshold), maxlocal(parent.maxlocal), - maxglobal(parent.maxglobal), maxchans(parent.maxchans), + : config(tag), type(t), fakelag(parent.fakelag), name("unnamed"), + registration_timeout(parent.registration_timeout), host(mask), pingtime(parent.pingtime), + pass(parent.pass), hash(parent.hash), softsendqmax(parent.softsendqmax), + hardsendqmax(parent.hardsendqmax), recvqmax(parent.recvqmax), + penaltythreshold(parent.penaltythreshold), commandrate(parent.commandrate), + maxlocal(parent.maxlocal), maxglobal(parent.maxglobal), maxchans(parent.maxchans), port(parent.port), limit(parent.limit) { } |