Send a rate-limited server notice if a blacklist gives a non-127.0.0.x reply.

diff --git a/include/blacklist.h b/include/blacklist.h
index 2fde255e905b94a7d28a6a733d84550e86b5efa4..ce3aec4d68ff40f6a9c011c447a9edf3463e63f7 100644 (file)
--- a/include/blacklist.h
+++ b/include/blacklist.h
@@ -32,6 +32,7 @@ struct Blacklist {
        char host[HOSTLEN];
        char reject_reason[IRCD_BUFSIZE];
        unsigned int hits;
+       time_t lastwarning;
 };
 
 /* A lookup in progress for a particular DNSBL for a particular client */

diff --git a/src/blacklist.c b/src/blacklist.c
index 62be2dcc9dd4b09dc367904d06b7a75ca0f2b8e1..766807f057fbea53869605dca60f59b0b6f615c5 100644 (file)
--- a/src/blacklist.c
+++ b/src/blacklist.c
@@ -81,8 +81,16 @@ static void blacklist_dns_callback(void *vptr, struct DNSReply *reply)
        if (reply != NULL)
        {
                /* only accept 127.0.0.x as a listing */
-               listed = reply->addr.ss_family == AF_INET &&
-                               !memcmp(&((struct sockaddr_in *)&reply->addr)->sin_addr, "\177\0\0", 3);
+               if (reply->addr.ss_family == AF_INET &&
+                               !memcmp(&((struct sockaddr_in *)&reply->addr)->sin_addr, "\177\0\0", 3))
+                       listed = TRUE;
+               else if (blcptr->blacklist->lastwarning + 3600 < CurrentTime)
+               {
+                       sendto_realops_snomask(SNO_GENERAL, L_ALL,
+                                       "Garbage reply from blacklist %s",
+                                       blcptr->blacklist->host);
+                       blcptr->blacklist->lastwarning = CurrentTime;
+               }
        }
 
        /* they have a blacklist entry for this client */
@@ -150,6 +158,7 @@ struct Blacklist *new_blacklist(char *name, char *reject_reason)
                blptr->status &= ~CONF_ILLEGAL;
        strlcpy(blptr->host, name, HOSTLEN);
        strlcpy(blptr->reject_reason, reject_reason, IRCD_BUFSIZE);
+       blptr->lastwarning = 0;
 
        return blptr;
 }