Rewrote the unknown connection flood system

2025-08-11 04:31:37 +01:00 · 2003-03-18 00:19:00 +00:00 · 2003-03-18 00:19:00 +00:00 · ead651585e
commit ead651585e
parent 45a1b02ec2
4 changed files with 59 additions and 2 deletions
--- a/5
+++ b/5
@ -1983,3 +1983,8 @@ seen. gmtime warning still there
 - Implemented a ban version {} (bans users based on CTCP VERSION). It works by sending out
  a CTCP VERSION when a user connects then checking the reply. If you don't use any 
  ban version{}'s then no version request is sent so users are not inconvenienced.
+- Rewrote the "flood from unknown connection" system to kill all matching users immediately
+  and also added set::anti-flood::unknown-flood-bantime and 
+  set::anti-flood::unknown-flood-amount to set the length of time an unknown connection
+  flooder is banned for and how much data (in KB) the user must send before being banned.
+  This should fix (#0000767) reported by ora.
--- a/include/dynconf.h
+++ b/include/dynconf.h
@ -90,6 +90,8 @@ struct zConfiguration {
 #endif
 	enum UHAllowed userhost_allowed;
 	char *restrict_usermodes;
+	long unknown_flood_bantime;
+	long unknown_flood_amount;
 	aNetwork network;
 };

@ -152,3 +154,5 @@ extern aConfiguration iConf;
 #define THROTTLING_PERIOD		iConf.throttle_period
 #endif
 #define USE_BAN_VERSION			iConf.use_ban_version
+#define UNKNOWN_FLOOD_BANTIME		iConf.unknown_flood_bantime
+#define UNKNOWN_FLOOD_AMOUNT		iConf.unknown_flood_amount
--- a/src/parse.c
+++ b/src/parse.c
@ -148,6 +148,8 @@ aClient *find_person(char *name, aClient *cptr)

 void ban_flooder(aClient *cptr)
 {
+	int i;
+	aClient *acptr;
 	char hostip[128], mo[100], mo2[100];
 	char *tkllayer[9] = {
 		me.name,	/*0  server.name */
@ -165,11 +167,26 @@ void ban_flooder(aClient *cptr)

 	tkllayer[4] = hostip;
 	tkllayer[5] = me.name;
-	ircsprintf(mo, "%li", 600 + TStime());
+	ircsprintf(mo, "%li", (UNKNOWN_FLOOD_BANTIME ? UNKNOWN_FLOOD_BANTIME : 600) + TStime());
 	ircsprintf(mo2, "%li", TStime());
 	tkllayer[6] = mo;
 	tkllayer[7] = mo2;
 	tkllayer[8] = "Flood from unknown connection";
+	/* This removes all unknown clients from the specified IP, it should prevent
+ 	 * duplicate notices about the flood */
+	for (i = 0; i <= LastSlot; i++)
+	{
+		if (!(acptr = local[i]))
+			continue;
+		if (!IsUnknown(acptr))
+			continue;
+#ifndef INET6
+		if (acptr->ip.S_ADDR == cptr->ip.S_ADDR)
+#else
+		if (!bcmp(acptr->ip.S_ADDR, cptr->ip.S_ADDR, sizeof(cptr->ip.S_ADDR)))
+#endif
+			exit_client(acptr, acptr, acptr, "Flood from unknown connection");
+	}
 	m_tkl(&me, &me, 9, tkllayer);
 	return;
 }
@ -211,7 +228,7 @@ int  parse(aClient *cptr, char *buffer, char *bufend)
 	if (IsDead(cptr))
 		return 0;

-	if ((cptr->receiveK >= 4) && IsUnknown(cptr))
+	if ((cptr->receiveK >= (UNKNOWN_FLOOD_AMOUNT ? UNKNOWN_FLOOD_AMOUNT : 4)) && IsUnknown(cptr))
 	{
 		sendto_snomask(SNO_FLOOD, "Flood from unknown connection %s detected",
 			cptr->sockhost);
--- a/src/s_conf.c
+++ b/src/s_conf.c
@ -2156,6 +2156,11 @@ void report_dynconf(aClient *sptr)
 	sendto_one(sptr, ":%s %i %s :throttle::period: %s", me.name, RPL_TEXT,
 			sptr->name, pretty_time_val(THROTTLING_PERIOD ? THROTTLING_PERIOD : 15));
 #endif
+	sendto_one(sptr, ":%s %i %s :anti-flood::unknown-flood-bantime: %s", me.name, RPL_TEXT,
+			sptr->name, pretty_time_val(UNKNOWN_FLOOD_BANTIME ? UNKNOWN_FLOOD_BANTIME : 600));
+	sendto_one(sptr, ":%s %i %s :anti-flood::unknown-flood-amount: %dKB", me.name, RPL_TEXT,
+			sptr->name, UNKNOWN_FLOOD_AMOUNT ? UNKNOWN_FLOOD_AMOUNT : 4);
+	
 }

 /* Report the network file info -codemastr */
@ -4890,6 +4895,14 @@ int	_conf_set(ConfigFile *conf, ConfigEntry *ce)
 			}
 		}
 #endif
+		else if (!strcmp(cep->ce_varname, "anti-flood")) {
+			for (cepp = cep->ce_entries; cepp; cepp = cepp->ce_next) {
+				if (!strcmp(cepp->ce_varname, "unknown-flood-bantime")) 
+					tempiConf.unknown_flood_bantime = config_checkval(cepp->ce_vardata,CFG_TIME);
+				else if (!strcmp(cepp->ce_varname, "unknown-flood-amount"))
+					tempiConf.unknown_flood_amount = atol(cepp->ce_vardata);
+			}
+		}
 		else if (!strcmp(cep->ce_varname, "options")) {
 			for (cepp = cep->ce_entries; cepp; cepp = cepp->ce_next) {
 				if (!strcmp(cepp->ce_varname, "webtv-support")) {
@ -5201,6 +5214,24 @@ int	_test_set(ConfigFile *conf, ConfigEntry *ce)
 			}
 		}
 #endif
+		else if (!strcmp(cep->ce_varname, "anti-flood")) {
+			for (cepp = cep->ce_entries; cepp; cepp = cepp->ce_next) {
+				CheckNull(cepp);
+				if (!strcmp(cepp->ce_varname, "unknown-flood-bantime")) {
+				}
+				else if (!strcmp(cepp->ce_varname, "unknown-flood-amount")) {
+				}
+				else
+				{
+					config_error("%s:%i: unknown option set::anti-flood::%s",
+						cepp->ce_fileptr->cf_filename,
+						cepp->ce_varlinenum,
+						cepp->ce_varname);
+					errors++;
+					continue;
+				}
+			}
+		}
 		else if (!strcmp(cep->ce_varname, "options")) {
 			for (cepp = cep->ce_entries; cepp; cepp = cepp->ce_next) {
 				if (!strcmp(cepp->ce_varname, "webtv-support")) {