EnumBanaction banaction;
long duration;
int bitmask;
- DNSBLConfEntry(): duration(86400),bitmask(0) {}
+ unsigned long stats_hits, stats_misses;
+ DNSBLConfEntry(): duration(86400),bitmask(0),stats_hits(0), stats_misses(0) {}
+ ~DNSBLConfEntry() { }
};
if(result.length())
{
unsigned int bitmask=0;
- unsigned int octetpos=0;
- std::string tmp = result;
+ in_addr resultip;
- while(tmp.length()>0)
- {
- std::string octet;
- /* Fix by brain, npos is -1, so unsigned int will never match */
- std::string::size_type lastdot = tmp.rfind(".");
-
- if (lastdot == std::string::npos)
- {
- octet=tmp;
- tmp.clear();
- }
- else
- {
- octet=tmp.substr(lastdot+1,tmp.length()-lastdot+1);
- tmp.resize(lastdot);
- }
-
- bitmask += (256 ^ octetpos) * atoi(octet.c_str());
- octetpos += 1;
- }
+ /* Convert the result to an in_addr (we can gaurantee we got ipv4)
+ * Whoever did the loop that was here before, I AM CONFISCATING
+ * YOUR CRACKPIPE. you know who you are. -- Brain
+ */
+ inet_aton(result.c_str(), &resultip);
+ bitmask = resultip.s_addr >> 24; /* Last octet (network byte order */
bitmask &= ConfEntry->bitmask;
}
ServerInstance->WriteOpers("*** Connecting user %s detected as being on a DNS blacklist (%s) with result %d", them->GetFullRealHost(), ConfEntry->name.c_str(), bitmask);
+ ConfEntry->stats_hits++;
switch (ConfEntry->banaction)
{
case DNSBLConfEntry::I_KLINE:
{
ServerInstance->AddKLine(ConfEntry->duration, ServerInstance->Config->ServerName, reason, std::string("*@") + them->GetIPString());
+ FOREACH_MOD(I_OnAddKLine,OnAddKLine(ConfEntry->duration, NULL, reason, std::string("*@") + them->GetIPString()));
break;
}
case DNSBLConfEntry::I_GLINE:
{
ServerInstance->AddGLine(ConfEntry->duration, ServerInstance->Config->ServerName, reason, std::string("*@") + them->GetIPString());
+ FOREACH_MOD(I_OnAddGLine,OnAddGLine(ConfEntry->duration, NULL, reason, std::string("*@") + them->GetIPString()));
break;
}
case DNSBLConfEntry::I_ZLINE:
{
ServerInstance->AddZLine(ConfEntry->duration, ServerInstance->Config->ServerName, reason, them->GetIPString());
+ FOREACH_MOD(I_OnAddZLine,OnAddZLine(ConfEntry->duration, NULL, reason, them->GetIPString()));
break;
}
case DNSBLConfEntry::I_UNKNOWN:
break;
}
}
+ else
+ ConfEntry->stats_misses++;
}
+ else
+ ConfEntry->stats_misses++;
}
}
void Implements(char* List)
{
- List[I_OnRehash] = List[I_OnUserRegister] = 1;
+ List[I_OnRehash] = List[I_OnUserRegister] = List[I_OnStats] = 1;
}
/** Clear entries and free the mem it was using
void ClearEntries()
{
std::vector<DNSBLConfEntry *>::iterator i;
- while ((i = DNSBLConfEntries.begin()) != DNSBLConfEntries.end())
- {
- DNSBLConfEntries.erase(i);
+ for (std::vector<DNSBLConfEntry *>::iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); i++)
delete *i;
- }
+ DNSBLConfEntries.clear();
}
/** Fill our conf vector with data
unsigned char a, b, c, d;
char reversedipbuf[128];
std::string reversedip;
+ bool success = false;
if (!inet_aton(user->GetIPString(), &in))
{
- ServerInstance->WriteOpers("Invalid IP address in m_dnsbl! Bailing check");
- return 0;
+#ifdef IPV6
+ /* We could have an ipv6 address here */
+ std::string x = user->GetIPString();
+ /* Is it a 4in6 address? (Compensate for this kernel kludge that people love) */
+ if (x.find("0::ffff:") == 0)
+ {
+ x.erase(x.begin(), x.begin() + 8);
+ if (inet_aton(x.c_str(), &in))
+ success = true;
+ }
+#endif
+ }
+ else
+ {
+ success = true;
}
+ if (!success)
+ return 0;
+
d = (unsigned char) (in.s_addr >> 24) & 0xFF;
c = (unsigned char) (in.s_addr >> 16) & 0xFF;
b = (unsigned char) (in.s_addr >> 8) & 0xFF;
for (std::vector<DNSBLConfEntry *>::iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); i++)
{
// Fill hostname with a dnsbl style host (d.c.b.a.domain.tld)
- std::string hostname=reversedip+"."+ (*i)->domain;
+ std::string hostname = reversedip + "." + (*i)->domain;
/* now we'd need to fire off lookups for `hostname'. */
bool cached;
/* don't do anything with this hot potato */
return 0;
}
+
+ virtual int OnStats(char symbol, userrec* user, string_list &results)
+ {
+ if (symbol != 'd')
+ return 0;
+
+ unsigned long total_hits = 0, total_misses = 0;
+
+ for (std::vector<DNSBLConfEntry*>::iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); i++)
+ {
+ total_hits += (*i)->stats_hits;
+ total_misses += (*i)->stats_misses;
+
+ results.push_back(std::string(ServerInstance->Config->ServerName) + " 304 " + user->nick + " :DNSBLSTATS DNSbl \"" + (*i)->name + "\" had " +
+ ConvToStr((*i)->stats_hits) + " hits and " + ConvToStr((*i)->stats_misses) + " misses");
+ }
+
+ results.push_back(std::string(ServerInstance->Config->ServerName) + " 304 " + user->nick + " :DNSBLSTATS Total hits: " + ConvToStr(total_hits));
+ results.push_back(std::string(ServerInstance->Config->ServerName) + " 304 " + user->nick + " :DNSBLSTATS Total misses: " + ConvToStr(total_misses));
+
+ return 0;
+ }
};
// stuff down here is the module-factory stuff.
projects / user / henk / code / inspircd.git / blobdiff