]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/m_connectban.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Allow Channel::WriteNotice send to other servers and status ranks.
[user/henk/code/inspircd.git] / src / modules / m_connectban.cpp
diff --git a/src/modules/m_connectban.cpp b/src/modules/m_connectban.cpp
index b3cabd18acd50fa7037af4a4a15af3f2957874a2..dd9ae4f5450158180cdc98aca7467b1f9dcd3133 100644 (file)
--- a/src/modules/m_connectban.cpp
+++ b/src/modules/m_connectban.cpp
@@ -19,8 +19,11 @@
 
 #include "inspircd.h"
 #include "xline.h"
+#include "modules/webirc.h"
 
-class ModuleConnectBan : public Module
+class ModuleConnectBan
+       : public Module
+       , public WebIRC::EventListener
 {
        typedef std::map<irc::sockets::cidr_mask, unsigned int> ConnectMap;
        ConnectMap connects;
@@ -30,10 +33,36 @@ class ModuleConnectBan : public Module
        unsigned int ipv6_cidr;
        std::string banmessage;
 
+       unsigned char GetRange(LocalUser* user)
+       {
+               int family = user->client_sa.family();
+               switch (family)
+               {
+                       case AF_INET:
+                               return ipv4_cidr;
+
+                       case AF_INET6:
+                               return ipv6_cidr;
+
+                       case AF_UNIX:
+                               // Ranges for UNIX sockets are ignored entirely.
+                               return 0;
+               }
+
+               // If we have reached this point then we have encountered a bug.
+               ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "BUG: ModuleConnectBan::GetRange(): socket type %d is unknown!", family);
+               return 0;
+       }
+
  public:
+       ModuleConnectBan()
+               : WebIRC::EventListener(this)
+       {
+       }
+
        Version GetVersion() CXX11_OVERRIDE
        {
-               return Version("Throttles the connections of IP ranges who try to connect flood.", VF_VENDOR);
+               return Version("Throttles the connections of IP ranges who try to connect flood", VF_VENDOR);
        }
 
        void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE
@@ -47,24 +76,26 @@ class ModuleConnectBan : public Module
                banmessage = tag->getString("banmessage", "Your IP range has been attempting to connect too many times in too short a duration. Wait a while, and you will be able to connect.");
        }
 
-       void OnSetUserIP(LocalUser* u) CXX11_OVERRIDE
+       void OnWebIRCAuth(LocalUser* user, const WebIRC::FlagMap* flags) CXX11_OVERRIDE
        {
-               if (u->exempt)
+               if (user->exempt)
                        return;
 
-               unsigned char range = 32;
+               // HACK: Lower the connection attempts for the gateway IP address. The user
+               // will be rechecked for connect spamming shortly after when their IP address
+               // is changed and OnSetUserIP is called.
+               irc::sockets::cidr_mask mask(user->client_sa, GetRange(user));
+               ConnectMap::iterator iter = connects.find(mask);
+               if (iter != connects.end() && iter->second)
+                       iter->second--;
+       }
 
-               switch (u->client_sa.family())
-               {
-                       case AF_INET6:
-                               range = ipv6_cidr;
-                       break;
-                       case AF_INET:
-                               range = ipv4_cidr;
-                       break;
-               }
+       void OnSetUserIP(LocalUser* u) CXX11_OVERRIDE
+       {
+               if (u->exempt)
+                       return;
 
-               irc::sockets::cidr_mask mask(u->client_sa, range);
+               irc::sockets::cidr_mask mask(u->client_sa, GetRange(u));
                ConnectMap::iterator i = connects.find(mask);
 
                if (i != connects.end())