From b808adf9d300a2bee5aa39f390ab759f9cae26da Mon Sep 17 00:00:00 2001 From: jilles Date: Fri, 18 May 2007 13:31:33 -0700 Subject: [PATCH] [svn] - fold conf_connect_allowed() into accept_connection() - extend add_connection() so that exempt{}s apply to max unregistered connections per ip from ratbox --- ChangeLog | 10 ++++++++++ doc/example.conf | 4 ++-- doc/reference.conf | 4 ++-- doc/sgml/oper-guide/config.sgml | 3 ++- include/s_conf.h | 4 +--- include/serno.h | 2 +- src/listener.c | 23 +++++++++++++++-------- 7 files changed, 33 insertions(+), 17 deletions(-) diff --git a/ChangeLog b/ChangeLog index 50cf1fa48..0f020bf82 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +jilles 2007/05/18 19:51:22 UTC (20070518-3458) + Log: + m_webirc: call del_unknown_ip() otherwise the unknown will + never be subtracted from the cgiirc ip + + + Changes: Modified: + +2 -0 trunk/extensions/m_webirc.c (File Modified) + + jilles 2007/05/18 19:14:18 UTC (20070518-3456) Log: Remove s_assert in del_unknown_ip() supposedly if the ip diff --git a/doc/example.conf b/doc/example.conf index 0a0927f49..5e261e34e 100755 --- a/doc/example.conf +++ b/doc/example.conf @@ -4,7 +4,7 @@ * Copyright (C) 2002-2005 ircd-ratbox development team * Copyright (C) 2005-2006 charybdis development team * - * $Id: example.conf 3446 2007-05-14 22:21:16Z jilles $ + * $Id: example.conf 3460 2007-05-18 20:31:33Z jilles $ * * See reference.conf for more information. */ @@ -260,7 +260,7 @@ shared { flags = all, rehash; }; -/* exempt {}: IPs that are exempt from Dlines. (OLD d:) */ +/* exempt {}: IPs that are exempt from Dlines and rejectcache. (OLD d:) */ exempt { ip = "127.0.0.1"; }; diff --git a/doc/reference.conf b/doc/reference.conf index be0c3a16a..b821e2d7a 100755 --- a/doc/reference.conf +++ b/doc/reference.conf @@ -6,7 +6,7 @@ * * Written by ejb, wcampbel, db, leeh and others * - * $Id: reference.conf 3446 2007-05-14 22:21:16Z jilles $ + * $Id: reference.conf 3460 2007-05-18 20:31:33Z jilles $ */ /* IMPORTANT NOTES: @@ -555,7 +555,7 @@ shared { flags = tkline; }; -/* exempt {}: IPs that are exempt from Dlines. (OLD d:) */ +/* exempt {}: IPs that are exempt from Dlines and rejectcache. (OLD d:) */ exempt { ip = "192.168.0.0/16"; diff --git a/doc/sgml/oper-guide/config.sgml b/doc/sgml/oper-guide/config.sgml index e3c095035..1dba228a0 100644 --- a/doc/sgml/oper-guide/config.sgml +++ b/doc/sgml/oper-guide/config.sgml @@ -436,7 +436,8 @@ exempt { ip = "ip"; }; - An exempt block specifies IP addresses which are exempt from D:lines. + An exempt block specifies IP addresses which are exempt from D:lines + and throttling. Multiple addresses can be specified in one block. Clients coming from these addresses can still be K/G/X:lined or banned by a DNS blacklist unless diff --git a/include/s_conf.h b/include/s_conf.h index 29bc389a7..9e7dab2f8 100644 --- a/include/s_conf.h +++ b/include/s_conf.h @@ -21,7 +21,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: s_conf.h 3446 2007-05-14 22:21:16Z jilles $ + * $Id: s_conf.h 3460 2007-05-18 20:31:33Z jilles $ */ #ifndef INCLUDED_s_conf_h @@ -353,8 +353,6 @@ extern int check_client(struct Client *client_p, struct Client *source_p, const extern int detach_conf(struct Client *); -extern struct ConfItem *conf_connect_allowed(struct sockaddr *addr, int); - extern struct ConfItem *find_tkline(const char *, const char *, struct sockaddr *); extern char *show_iline_prefix(struct Client *, struct ConfItem *, char *); extern void get_printable_conf(struct ConfItem *, diff --git a/include/serno.h b/include/serno.h index 15f0cac76..1201aa51c 100644 --- a/include/serno.h +++ b/include/serno.h @@ -1 +1 @@ -#define SERNO "20070518-3456" +#define SERNO "20070518-3458" diff --git a/src/listener.c b/src/listener.c index 7b92a6cab..953f2b386 100644 --- a/src/listener.c +++ b/src/listener.c @@ -21,7 +21,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: listener.c 3446 2007-05-14 22:21:16Z jilles $ + * $Id: listener.c 3460 2007-05-18 20:31:33Z jilles $ */ #include "stdinc.h" @@ -41,6 +41,8 @@ #include "memory.h" #include "s_auth.h" #include "reject.h" +#include "s_conf.h" +#include "hostmask.h" #ifndef INADDR_NONE #define INADDR_NONE ((unsigned int) 0xffffffff) @@ -440,7 +442,7 @@ close_listeners() * any client list yet. */ static void -add_connection(listener_t *listener, int fd, struct sockaddr *sai) +add_connection(listener_t *listener, int fd, struct sockaddr *sai, int exempt) { struct Client *new_client; s_assert(NULL != listener); @@ -475,10 +477,13 @@ add_connection(listener_t *listener, int fd, struct sockaddr *sai) new_client->localClient->listener = listener; ++listener->ref_count; - if(check_reject(new_client)) - return; - if(add_unknown_ip(new_client)) - return; + if(!exempt) + { + if(check_reject(new_client)) + return; + if(add_unknown_ip(new_client)) + return; + } start_auth(new_client); } @@ -550,7 +555,9 @@ accept_connection(int pfd, void *data) /* Do an initial check we aren't connecting too fast or with too many * from this IP... */ - if((aconf = conf_connect_allowed((struct sockaddr *)&sai, sai.ss_family)) != NULL) + aconf = find_dline((struct sockaddr *) &sai, sai.ss_family); + /* check it wasn't an exempt */ + if (aconf != NULL && (aconf->status & CONF_EXEMPTDLINE) == 0) { ServerStats->is_ref++; @@ -576,7 +583,7 @@ accept_connection(int pfd, void *data) } ServerStats->is_ac++; - add_connection(listener, fd, (struct sockaddr *)&sai); + add_connection(listener, fd, (struct sockaddr *)&sai, aconf ? 1 : 0); /* Re-register a new IO request for the next accept .. */ comm_setselect(listener->fd, FDLIST_SERVICE, COMM_SELECT_READ,