EnumBanaction banaction;
EnumType type;
long duration;
- int bitmask;
+ unsigned int bitmask;
unsigned char records[256];
unsigned long stats_hits, stats_misses;
DNSBLConfEntry(): type(A_BITMASK),duration(86400),bitmask(0),stats_hits(0), stats_misses(0) {}
if (!them)
return;
- const DNS::ResourceRecord &ans_record = r->answers[0];
+ const DNS::ResourceRecord* const ans_record = r->FindAnswerOfType(DNS::QUERY_A);
+ if (!ans_record)
+ return;
+
+ // All replies should be in 127.0.0.0/8
+ if (ans_record->rdata.compare(0, 4, "127.") != 0)
+ {
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL: %s returned address outside of acceptable subnet 127.0.0.0/8: %s", ConfEntry->domain.c_str(), ans_record->rdata.c_str());
+ ConfEntry->stats_misses++;
+ return;
+ }
int i = countExt.get(them);
if (i)
bool match = false;
in_addr resultip;
- inet_aton(ans_record.rdata.c_str(), &resultip);
+ inet_pton(AF_INET, ans_record->rdata.c_str(), &resultip);
switch (ConfEntry->type)
{
if (ServerInstance->XLines->AddLine(zl,NULL))
{
std::string timestr = InspIRCd::TimeString(zl->expiry);
- ServerInstance->SNO->WriteGlobalSno('x',"Z:line added due to DNSBL match on *@%s to expire on %s: %s",
+ ServerInstance->SNO->WriteGlobalSno('x',"Z:line added due to DNSBL match on %s to expire on %s: %s",
them->GetIPString().c_str(), timestr.c_str(), reason.c_str());
ServerInstance->XLines->ApplyLines();
}
if (tag->getString("type") == "bitmask")
{
e->type = DNSBLConfEntry::A_BITMASK;
- e->bitmask = tag->getInt("bitmask");
+ e->bitmask = tag->getInt("bitmask", 0, 0, UINT_MAX);
}
else
{
projects / user / henk / code / inspircd.git / blobdiff