andy [Fri, 23 Aug 2002 05:42:15 +0000 (05:42 +0000)]
src/negcache.[ch]:
Implementation of a patricia trie for storing IP addresses and
timestamps. This data structure will allow searches for nodes
with only log_2 N bit comparisons where N is the current number of
nodes. It also only requires as many nodes as there are IP
addresses to store.
Each node stores a key (the IP address), a timestamp, the bit
index, and left and right branches. The bit index is what makes
this different from a radix search tree, it tells us at which bit
this node's key differs from those above it in the trie.
Properties of the trie:
1) The bit index always decreases as we follow the tree from the head
to an external node.
2) Each branch of an external node points to the only node that can
contain keys that match the bit pattern. All searches terminate
at external nodes.
3) When trying to search for a bit pattern that is not present in the
tree, you will hit an external node at the place where your bit
pattern first deviates from all current nodes. You can tell this
has happened because the next node's bit index will be larger than
the current, which would be contrary to point (1).
4) Because the bit increments in each node store information about
where each node's bit pattern differs from all others in the tree,
extra nodes are not needed - unlike in a radix tree.
5) As for a radix tree, a patricia trie will always end up the
same no matter what order the nodes are inserted.
andy [Fri, 23 Aug 2002 04:41:24 +0000 (04:41 +0000)]
src/scan.c:
scans_active_for_addr() - walk the scan list and check if there are
any other scans in progress for a given IP address (as specified in
dot quad format).
When a scan fails and negative caching is enabled, check if there
are other scans in progress for the same address. If not, all
scans have failed and an entry should be added in the negcache.
Walking the list after every scan seems inefficient but I can't see
any other way to tell if there are no more scans active. So, at
the moment this is a good reason for not using negative caching.
andy [Fri, 23 Aug 2002 04:28:00 +0000 (04:28 +0000)]
src/main.c:
Periodically rebuild the negcache (if enabled) to remove entries
that are too old. Note that even though this might only happen
every 12 hours or so, old entries are ignored by nc_search()
anyway. This is just to free up some memory.
andy [Fri, 23 Aug 2002 04:17:31 +0000 (04:17 +0000)]
src/irc.c:
Upon connection to the IRC server, initialise our negative cache
(if negative caching is enabled).
When a user connection is detected, search for their IP in our
negative cache (if negative caching is enabled). If it is present,
say so in the logfile and don't bother to scan them.
Note that negative caching is only implemented for IPv4 at the
moment -- shouldn't be hard to extend it to IPv6 though.
andy [Fri, 23 Aug 2002 04:08:47 +0000 (04:08 +0000)]
bopm.conf.sample:
Documentation for new NEG_CACHE directive which determines how long
to cache negative results for (if at all). WE DO NOT RECOMMEND THE
USE OF NEGATIVE CACHING!
andy [Thu, 15 Aug 2002 17:16:16 +0000 (17:16 +0000)]
README:
Added a requirements section, specifically something about transparent
proxies. This has been mentioned on the lists before but should
probably be in the README since we have just discovered a host whose
BOPM K:lined 100% of users due to it being behind a transparent web
proxy. (!)
src/config/h:
Added new config directive type, TYPE_WILDLIST. This will be like a
linked list, but specifically for wildcards (which is the only use we
had for lists before now). They are special because they a) need
wildcards collapsed and b) don't allow duplicate wildcards.
Normal linked lists will be of TYPE_LIST.
src/config.c:
Rewrote add_to_list() and general linked list implementation as we
believe it has never worked.
Added CONF_SCAN_WARNING to hold linked list of notices from the
SCAN_WARNING config directive.
New linked list code needs an init_lists() function to allocate the
heads of all linked lists.
src/extern.h:
Added CONF_SCAN_WARNING.
src/irc.c:
Updated CONF_EXCLUDE code to match new linked list implementation.
Removed some left over debug code.
src/main.c:
Added a new function, scanwarn_timer(), in the alarm loop. This
function will get called once a second and will empty the notice
queue (described later).
src/options.h:
Added option for how many notices to send per second.
src/dlclist.[ch]:
Implementation of generic doubly-linked circular lists.
src/scanwarn.[ch]:
Maintain a queue of pending notices to be sent regarding scanning.
A doubly-linked circular list is used as a queue, new notices added
after the head and removed from before the head.
andy [Sat, 10 Aug 2002 19:07:39 +0000 (19:07 +0000)]
src/opercmd.c:
Stupidly missed a parameter off the format, which causes segfault
when a command expires (virtually never, in practice). Also got
the args to dissect_time wrong!
andy [Fri, 2 Aug 2002 19:38:30 +0000 (19:38 +0000)]
Apparently this just was not obvious enough, nicks changed to protect the
stupid:
<User> [Aug 02 19:16:23 2002] MAIN -> BOPM 2.3 started.
<User> [Aug 02 19:16:23 2002] MAIN -> Reading configuration file...
<User> [Aug 02 19:16:24 2002] IRC -> connect(): Unknown error connecting to (some.random.net)
<User> then it just ends =\
<grifferz> [andy@fullers services]$ telnet some.random.net 6667
<grifferz> Trying 4.5.6.7...
<grifferz> no response
<User> yea
<User> thats not real
<User> wait
<User> that might be why
<User> hang on
<grifferz> how did you expect it to work then?
<grifferz> ...
<User> u should make it more clear
andy [Sun, 26 May 2002 05:07:31 +0000 (05:07 +0000)]
src/main.c:
Remove option '-v' which used to be for changing the "vardir" where
config and log would go. This is now controlled by ./configure
settings.
andy [Sat, 25 May 2002 15:19:12 +0000 (15:19 +0000)]
irc.c:
Oper up after doing the other "on connect" things in an attempt to
play nice with some starnge ircd that wants all opers to be
identified to their nick first..
andy [Tue, 30 Apr 2002 23:24:38 +0000 (23:24 +0000)]
opercmd.c:
Reformatting.
opercmd.h:
Reformatting, moved some global variable declarations to opercmd.c
irc.c:
Needed an extern to get access to LAST_REAP_TIME.
andy [Tue, 30 Apr 2002 03:01:23 +0000 (03:01 +0000)]
irc.c:
Code cleanups. Added check_channel() function to check if a given
channel is one of our configured reporting channels. Made a bunch
of irc.c private fucntions have static linkage.
irc.h:
Code cleanups.