Also apply floodcount to messages to remote clients (except services).
As before, only local clients can have their message blocked.
This commit is contained in:
parent
351d22c09b
commit
c24efdc0b7
2 changed files with 27 additions and 19 deletions
|
@ -168,6 +168,10 @@ struct Client
|
||||||
*/
|
*/
|
||||||
rb_dlink_list on_allow_list;
|
rb_dlink_list on_allow_list;
|
||||||
|
|
||||||
|
time_t first_received_message_time;
|
||||||
|
int received_number_of_privmsgs;
|
||||||
|
int flood_noticed;
|
||||||
|
|
||||||
local_user_t *localClient;
|
local_user_t *localClient;
|
||||||
pre_client_t *preClient;
|
pre_client_t *preClient;
|
||||||
};
|
};
|
||||||
|
@ -189,9 +193,6 @@ struct LocalUser
|
||||||
int oper_warn_count_down; /* warn opers of this possible
|
int oper_warn_count_down; /* warn opers of this possible
|
||||||
spambot every time this gets to 0 */
|
spambot every time this gets to 0 */
|
||||||
time_t last_caller_id_time;
|
time_t last_caller_id_time;
|
||||||
time_t first_received_message_time;
|
|
||||||
int received_number_of_privmsgs;
|
|
||||||
int flood_noticed;
|
|
||||||
|
|
||||||
time_t lasttime; /* last time we parsed something */
|
time_t lasttime; /* last time we parsed something */
|
||||||
time_t firsttime; /* time client was created */
|
time_t firsttime; /* time client was created */
|
||||||
|
|
|
@ -704,6 +704,7 @@ msg_client(int p_or_n, const char *command,
|
||||||
form_str(ERR_NONONREG),
|
form_str(ERR_NONONREG),
|
||||||
target_p->name);
|
target_p->name);
|
||||||
/* Only so opers can watch for floods */
|
/* Only so opers can watch for floods */
|
||||||
|
if (MyClient(source_p))
|
||||||
(void) flood_attack_client(p_or_n, source_p, target_p);
|
(void) flood_attack_client(p_or_n, source_p, target_p);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -731,6 +732,7 @@ msg_client(int p_or_n, const char *command,
|
||||||
target_p->localClient->last_caller_id_time = rb_current_time();
|
target_p->localClient->last_caller_id_time = rb_current_time();
|
||||||
}
|
}
|
||||||
/* Only so opers can watch for floods */
|
/* Only so opers can watch for floods */
|
||||||
|
if (MyClient(source_p))
|
||||||
(void) flood_attack_client(p_or_n, source_p, target_p);
|
(void) flood_attack_client(p_or_n, source_p, target_p);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -767,33 +769,38 @@ flood_attack_client(int p_or_n, struct Client *source_p, struct Client *target_p
|
||||||
{
|
{
|
||||||
int delta;
|
int delta;
|
||||||
|
|
||||||
if(GlobalSetOptions.floodcount && MyConnect(target_p) && IsClient(source_p) && source_p != target_p)
|
/* Services could get many messages legitimately and
|
||||||
|
* can be messaged without rate limiting via aliases
|
||||||
|
* and msg user@server.
|
||||||
|
* -- jilles
|
||||||
|
*/
|
||||||
|
if(GlobalSetOptions.floodcount && IsClient(source_p) && source_p != target_p && !IsService(target_p))
|
||||||
{
|
{
|
||||||
if((target_p->localClient->first_received_message_time + 1) < rb_current_time())
|
if((target_p->first_received_message_time + 1) < rb_current_time())
|
||||||
{
|
{
|
||||||
delta = rb_current_time() - target_p->localClient->first_received_message_time;
|
delta = rb_current_time() - target_p->first_received_message_time;
|
||||||
target_p->localClient->received_number_of_privmsgs -= delta;
|
target_p->received_number_of_privmsgs -= delta;
|
||||||
target_p->localClient->first_received_message_time = rb_current_time();
|
target_p->first_received_message_time = rb_current_time();
|
||||||
if(target_p->localClient->received_number_of_privmsgs <= 0)
|
if(target_p->received_number_of_privmsgs <= 0)
|
||||||
{
|
{
|
||||||
target_p->localClient->received_number_of_privmsgs = 0;
|
target_p->received_number_of_privmsgs = 0;
|
||||||
target_p->localClient->flood_noticed = 0;
|
target_p->flood_noticed = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if((target_p->localClient->received_number_of_privmsgs >=
|
if((target_p->received_number_of_privmsgs >=
|
||||||
GlobalSetOptions.floodcount) || target_p->localClient->flood_noticed)
|
GlobalSetOptions.floodcount) || target_p->flood_noticed)
|
||||||
{
|
{
|
||||||
if(target_p->localClient->flood_noticed == 0)
|
if(target_p->flood_noticed == 0)
|
||||||
{
|
{
|
||||||
sendto_realops_snomask(SNO_BOTS, L_NETWIDE,
|
sendto_realops_snomask(SNO_BOTS, L_NETWIDE,
|
||||||
"Possible Flooder %s[%s@%s] on %s target: %s",
|
"Possible Flooder %s[%s@%s] on %s target: %s",
|
||||||
source_p->name, source_p->username,
|
source_p->name, source_p->username,
|
||||||
source_p->orighost,
|
source_p->orighost,
|
||||||
source_p->servptr->name, target_p->name);
|
source_p->servptr->name, target_p->name);
|
||||||
target_p->localClient->flood_noticed = 1;
|
target_p->flood_noticed = 1;
|
||||||
/* add a bit of penalty */
|
/* add a bit of penalty */
|
||||||
target_p->localClient->received_number_of_privmsgs += 2;
|
target_p->received_number_of_privmsgs += 2;
|
||||||
}
|
}
|
||||||
if(MyClient(source_p) && (p_or_n != NOTICE))
|
if(MyClient(source_p) && (p_or_n != NOTICE))
|
||||||
sendto_one(source_p,
|
sendto_one(source_p,
|
||||||
|
@ -802,7 +809,7 @@ flood_attack_client(int p_or_n, struct Client *source_p, struct Client *target_p
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
target_p->localClient->received_number_of_privmsgs++;
|
target_p->received_number_of_privmsgs++;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
|
Loading…
Reference in a new issue