src/modules/m_connflood.cpp

   1 /*
   2  * InspIRCd -- Internet Relay Chat Daemon
   3  *
   4  *   Copyright (C) 2013, 2018-2019 Sadie Powell <sadie@witchery.services>
   5  *   Copyright (C) 2012-2013 Attila Molnar <attilamolnar@hush.com>
   6  *   Copyright (C) 2012 Robby <robby@chatbelgie.be>
   7  *   Copyright (C) 2009 Daniel De Graaf <danieldg@inspircd.org>
   8  *   Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
   9  *   Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
  10  *   Copyright (C) 2006-2007, 2010 Craig Edwards <brain@inspircd.org>
  11  *
  12  * This file is part of InspIRCd.  InspIRCd is free software: you can
  13  * redistribute it and/or modify it under the terms of the GNU General Public
  14  * License as published by the Free Software Foundation, version 2.
  15  *
  16  * This program is distributed in the hope that it will be useful, but WITHOUT
  17  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  18  * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
  19  * details.
  20  *
  21  * You should have received a copy of the GNU General Public License
  22  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  23  */
  24
  25
  26 #include "inspircd.h"
  27
  28 class ModuleConnFlood : public Module
  29 {
  30         unsigned int seconds;
  31         unsigned int timeout;
  32         unsigned int boot_wait;
  33         unsigned int conns;
  34         unsigned int maxconns;
  35         bool throttled;
  36         time_t first;
  37         std::string quitmsg;
  38
  39 public:
  40         ModuleConnFlood()
  41                 : conns(0), throttled(false)
  42         {
  43         }
  44
  45         Version GetVersion() CXX11_OVERRIDE
  46         {
  47                 return Version("Throttles excessive connections to the server.", VF_VENDOR);
  48         }
  49
  50         void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE
  51         {
  52                 /* read configuration variables */
  53                 ConfigTag* tag = ServerInstance->Config->ConfValue("connflood");
  54                 /* throttle configuration */
  55                 seconds = tag->getDuration("period", tag->getDuration("seconds", 30));
  56                 maxconns = tag->getUInt("maxconns", 3);
  57                 timeout = tag->getDuration("timeout", 30);
  58                 quitmsg = tag->getString("quitmsg");
  59
  60                 /* seconds to wait when the server just booted */
  61                 boot_wait = tag->getDuration("bootwait", 60*2);
  62
  63                 first = ServerInstance->Time();
  64         }
  65
  66         ModResult OnUserRegister(LocalUser* user) CXX11_OVERRIDE
  67         {
  68                 if (user->exempt)
  69                         return MOD_RES_PASSTHRU;
  70
  71                 time_t next = ServerInstance->Time();
  72
  73                 if ((ServerInstance->startup_time + boot_wait) > next)
  74                         return MOD_RES_PASSTHRU;
  75
  76                 /* time difference between first and latest connection */
  77                 time_t tdiff = next - first;
  78
  79                 /* increase connection count */
  80                 conns++;
  81
  82                 if (throttled)
  83                 {
  84                         if (tdiff > seconds + timeout)
  85                         {
  86                                 /* expire throttle */
  87                                 throttled = false;
  88                                 ServerInstance->SNO->WriteGlobalSno('a', "Connection throttle deactivated");
  89                                 return MOD_RES_PASSTHRU;
  90                         }
  91
  92                         ServerInstance->Users->QuitUser(user, quitmsg);
  93                         return MOD_RES_DENY;
  94                 }
  95
  96                 if (tdiff <= seconds)
  97                 {
  98                         if (conns >= maxconns)
  99                         {
 100                                 throttled = true;
 101                                 ServerInstance->SNO->WriteGlobalSno('a', "Connection throttle activated");
 102                                 ServerInstance->Users->QuitUser(user, quitmsg);
 103                                 return MOD_RES_DENY;
 104                         }
 105                 }
 106                 else
 107                 {
 108                         conns = 1;
 109                         first = next;
 110                 }
 111                 return MOD_RES_PASSTHRU;
 112         }
 113 };
 114
 115 MODULE_INIT(ModuleConnFlood)