#include "inspircd.h"
#include "xline.h"
-#ifndef WINDOWS
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#endif
-
/* $ModDesc: Provides handling of DNS blacklists */
/* Class holding data for a single entry */
-class DNSBLConfEntry
+class DNSBLConfEntry : public refcountbase
{
public:
enum EnumBanaction { I_UNKNOWN, I_KILL, I_ZLINE, I_KLINE, I_GLINE, I_MARK };
std::string theiruid;
LocalStringExt& nameExt;
LocalIntExt& countExt;
- DNSBLConfEntry *ConfEntry;
+ reference<DNSBLConfEntry> ConfEntry;
public:
- DNSBLResolver(Module *me, LocalStringExt& match, LocalIntExt& ctr, const std::string &hostname, LocalUser* u, DNSBLConfEntry *conf, bool &cached)
+ DNSBLResolver(Module *me, LocalStringExt& match, LocalIntExt& ctr, const std::string &hostname, LocalUser* u, reference<DNSBLConfEntry> conf, bool &cached)
: Resolver(hostname, DNS_QUERY_A, cached, me), theiruid(u->uuid), nameExt(match), countExt(ctr), ConfEntry(conf)
{
}
{
case DNSBLConfEntry::I_KILL:
{
- ServerInstance->Users->QuitUser(them, std::string("Killed (") + reason + ")");
+ ServerInstance->Users->QuitUser(them, "Killed (" + reason + ")");
break;
}
case DNSBLConfEntry::I_MARK:
"*", them->GetIPString());
if (ServerInstance->XLines->AddLine(kl,NULL))
{
- ServerInstance->SNO->WriteGlobalSno('x',"K:line added due to DNSBL match on *@%s to expire on %s: %s",
- them->GetIPString(), ServerInstance->TimeString(kl->expiry).c_str(), reason.c_str());
+ std::string timestr = ServerInstance->TimeString(kl->expiry);
+ ServerInstance->SNO->WriteGlobalSno('x',"K:line added due to DNSBL match on *@%s to expire on %s: %s",
+ them->GetIPString(), timestr.c_str(), reason.c_str());
ServerInstance->XLines->ApplyLines();
}
else
+ {
delete kl;
+ return;
+ }
break;
}
case DNSBLConfEntry::I_GLINE:
"*", them->GetIPString());
if (ServerInstance->XLines->AddLine(gl,NULL))
{
- ServerInstance->SNO->WriteGlobalSno('x',"G:line added due to DNSBL match on *@%s to expire on %s: %s",
- them->GetIPString(), ServerInstance->TimeString(gl->expiry).c_str(), reason.c_str());
+ std::string timestr = ServerInstance->TimeString(gl->expiry);
+ ServerInstance->SNO->WriteGlobalSno('x',"G:line added due to DNSBL match on *@%s to expire on %s: %s",
+ them->GetIPString(), timestr.c_str(), reason.c_str());
ServerInstance->XLines->ApplyLines();
}
else
+ {
delete gl;
+ return;
+ }
break;
}
case DNSBLConfEntry::I_ZLINE:
them->GetIPString());
if (ServerInstance->XLines->AddLine(zl,NULL))
{
- ServerInstance->SNO->WriteGlobalSno('x',"Z:line added due to DNSBL match on *@%s to expire on %s: %s",
- them->GetIPString(), ServerInstance->TimeString(zl->expiry).c_str(), reason.c_str());
+ std::string timestr = ServerInstance->TimeString(zl->expiry);
+ ServerInstance->SNO->WriteGlobalSno('x',"Z:line added due to DNSBL match on *@%s to expire on %s: %s",
+ them->GetIPString(), timestr.c_str(), reason.c_str());
ServerInstance->XLines->ApplyLines();
}
else
+ {
delete zl;
+ return;
+ }
break;
}
case DNSBLConfEntry::I_UNKNOWN:
break;
}
- ServerInstance->SNO->WriteGlobalSno('a', "Connecting user %s detected as being on a DNS blacklist (%s) with result %d", them->GetFullRealHost().c_str(), ConfEntry->domain.c_str(), (ConfEntry->type==DNSBLConfEntry::A_BITMASK) ? bitmask : record);
+ ServerInstance->SNO->WriteGlobalSno('a', "Connecting user %s%s detected as being on a DNS blacklist (%s) with result %d", them->nick.empty() ? "<unknown>" : "", them->GetFullRealHost().c_str(), ConfEntry->domain.c_str(), (ConfEntry->type==DNSBLConfEntry::A_BITMASK) ? bitmask : record);
}
else
ConfEntry->stats_misses++;
class ModuleDNSBL : public Module
{
- std::vector<DNSBLConfEntry *> DNSBLConfEntries;
+ std::vector<reference<DNSBLConfEntry> > DNSBLConfEntries;
LocalStringExt nameExt;
LocalIntExt countExt;
ServerInstance->Modules->AddService(nameExt);
ServerInstance->Modules->AddService(countExt);
Implementation eventlist[] = { I_OnRehash, I_OnSetUserIP, I_OnStats, I_OnSetConnectClass, I_OnCheckReady };
- ServerInstance->Modules->Attach(eventlist, this, 5);
- }
-
- virtual ~ModuleDNSBL()
- {
- ClearEntries();
+ ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
}
Version GetVersion()
return Version("Provides handling of DNS blacklists", VF_VENDOR);
}
- /** Clear entries and free the mem it was using
- */
- void ClearEntries()
- {
- for (std::vector<DNSBLConfEntry *>::iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); i++)
- delete *i;
- DNSBLConfEntries.clear();
- }
-
/** Fill our conf vector with data
*/
void ReadConf()
{
- ClearEntries();
+ DNSBLConfEntries.clear();
ConfigTagList dnsbls = ServerInstance->Config->ConfTags("dnsbl");
for(ConfigIter i = dnsbls.first; i != dnsbls.second; ++i)
{
ConfigTag* tag = i->second;
- DNSBLConfEntry *e = new DNSBLConfEntry();
+ reference<DNSBLConfEntry> e = new DNSBLConfEntry();
e->name = tag->getString("name");
e->ident = tag->getString("ident");
/* yeah, logic here is a little messy */
if ((e->bitmask <= 0) && (DNSBLConfEntry::A_BITMASK == e->type))
{
- ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): invalid bitmask",tag->getTagLocation().c_str());
+ std::string location = tag->getTagLocation();
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): invalid bitmask", location.c_str());
}
else if (e->name.empty())
{
- ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid name",tag->getTagLocation().c_str());
+ std::string location = tag->getTagLocation();
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid name", location.c_str());
}
else if (e->domain.empty())
{
- ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid domain",tag->getTagLocation().c_str());
+ std::string location = tag->getTagLocation();
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid domain", location.c_str());
}
else if (e->banaction == DNSBLConfEntry::I_UNKNOWN)
{
- ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid banaction",tag->getTagLocation().c_str());
+ std::string location = tag->getTagLocation();
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid banaction", location.c_str());
}
else if (e->duration <= 0)
{
- ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid duration",tag->getTagLocation().c_str());
+ std::string location = tag->getTagLocation();
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid duration", location.c_str());
}
else
{
if (e->reason.empty())
{
- ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): empty reason, using defaults",tag->getTagLocation().c_str());
+ std::string location = tag->getTagLocation();
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): empty reason, using defaults", location.c_str());
e->reason = "Your IP has been blacklisted.";
}
/* add it, all is ok */
DNSBLConfEntries.push_back(e);
- continue;
}
-
- /* delete and drop it, error somewhere */
- delete e;
}
}
void OnSetUserIP(LocalUser* user)
{
- if (user->exempt)
+ if ((user->exempt) || (user->client_sa.sa.sa_family != AF_INET))
return;
+ if (user->MyClass)
+ {
+ if (!user->MyClass->config->getBool("usednsbl", true))
+ return;
+ }
+ else
+ ServerInstance->Logs->Log("m_dnsbl", DEBUG, "User has no connect class in OnSetUserIP");
+
unsigned char a, b, c, d;
char reversedipbuf[128];
std::string reversedip;
- if (user->client_sa.sa.sa_family != AF_INET)
- return;
-
d = (unsigned char) (user->client_sa.in4.sin_addr.s_addr >> 24) & 0xFF;
c = (unsigned char) (user->client_sa.in4.sin_addr.s_addr >> 16) & 0xFF;
b = (unsigned char) (user->client_sa.in4.sin_addr.s_addr >> 8) & 0xFF;
snprintf(reversedipbuf, 128, "%d.%d.%d.%d", d, c, b, a);
reversedip = std::string(reversedipbuf);
+ countExt.set(user, DNSBLConfEntries.size());
+
// For each DNSBL, we will run through this lookup
unsigned int i = 0;
while (i < DNSBLConfEntries.size())
bool cached;
DNSBLResolver *r = new DNSBLResolver(this, nameExt, countExt, hostname, user, DNSBLConfEntries[i], cached);
ServerInstance->AddResolver(r, cached);
+ if (user->quitting)
+ break;
i++;
}
- countExt.set(user, i);
}
ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass)
unsigned long total_hits = 0, total_misses = 0;
- for (std::vector<DNSBLConfEntry*>::iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); i++)
+ for (std::vector<reference<DNSBLConfEntry> >::const_iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); ++i)
{
total_hits += (*i)->stats_hits;
total_misses += (*i)->stats_misses;
- results.push_back(std::string(ServerInstance->Config->ServerName.c_str()) + " 304 " + user->nick + " :DNSBLSTATS DNSbl \"" + (*i)->name + "\" had " +
+ results.push_back(ServerInstance->Config->ServerName + " 304 " + user->nick + " :DNSBLSTATS DNSbl \"" + (*i)->name + "\" had " +
ConvToStr((*i)->stats_hits) + " hits and " + ConvToStr((*i)->stats_misses) + " misses");
}
- results.push_back(std::string(ServerInstance->Config->ServerName.c_str()) + " 304 " + user->nick + " :DNSBLSTATS Total hits: " + ConvToStr(total_hits));
- results.push_back(std::string(ServerInstance->Config->ServerName.c_str()) + " 304 " + user->nick + " :DNSBLSTATS Total misses: " + ConvToStr(total_misses));
+ results.push_back(ServerInstance->Config->ServerName + " 304 " + user->nick + " :DNSBLSTATS Total hits: " + ConvToStr(total_hits));
+ results.push_back(ServerInstance->Config->ServerName + " 304 " + user->nick + " :DNSBLSTATS Total misses: " + ConvToStr(total_misses));
return MOD_RES_PASSTHRU;
}