long ban_time;
char *reason;
SecurityGroup *except;
+ int recheck;
};
/* Blacklist user struct. In the c-ares DNS reply callback we need to pass
int blacklist_quit(Client *client, MessageTag *mtags, const char *comment);
int blacklist_preconnect(Client *client);
void blacklist_resolver_callback(void *arg, int status, int timeouts, struct hostent *he);
-int blacklist_start_check(Client *client);
+int blacklist_start_check(Client *client, int recheck);
int blacklist_dns_request(Client *client, Blacklist *bl);
int blacklist_rehash(void);
int blacklist_rehash_complete(void);
ConfigEntry *cep, *cepp, *ceppp;
int errors = 0;
char has_reason = 0, has_ban_time = 0, has_action = 0;
- char has_dns_type = 0, has_dns_reply = 0, has_dns_name = 0;
+ char has_dns_type = 0, has_dns_reply = 0, has_dns_name = 0, has_recheck = 0;
if (type != CONFIG_MAIN)
return 0;
}
has_reason = 1;
}
+ else if (!strcmp(cep->name, "recheck"))
+ {
+ if (has_recheck)
+ {
+ config_warn_duplicate(cep->file->filename,
+ cep->line_number, "blacklist::recheck");
+ continue;
+ }
+ has_recheck = 1;
+ }
else
{
config_error_unknown(cep->file->filename, cep->line_number,
safe_strdup(d->name, ce->value);
/* set some defaults */
d->ban_time = 3600;
+ d->recheck = 1;
/* assume dns for now ;) */
d->backend_type = BLACKLIST_BACKEND_DNS;
{
conf_match_block(cf, cep, &d->except);
}
+ else if (!strcmp(cep->name, "recheck"))
+ {
+ d->recheck = config_checkval(cep->value, CFG_YESNO);
+ }
}
AddListItem(d, conf_blacklist);
int blacklist_handshake(Client *client)
{
- blacklist_start_check(client);
+ blacklist_start_check(client, 0);
return 0;
}
int blacklist_ip_change(Client *client, const char *oldip)
{
- blacklist_start_check(client);
+ blacklist_start_check(client, 0);
return 0;
}
-int blacklist_start_check(Client *client)
+int blacklist_start_check(Client *client, int recheck)
{
Blacklist *bl;
if (!BLUSER(client))
break;
+ if (recheck && !bl->recheck)
+ continue; /* blacklist::recheck is no */
+
/* Check if user is exempt (then don't bother checking) */
if (user_allowed_by_security_group(client, bl->except))
continue;
void blacklist_recheck_user(Client *client)
{
SetLastBLCheck(client, TStime());
- if (!RCallbacks[CALLBACKTYPE_BLACKLIST_CHECK])
- return; /* blacklist module not loaded */
- RCallbacks[CALLBACKTYPE_BLACKLIST_CHECK]->func.intfunc(client);
+ blacklist_start_check(client, 1);
}
EVENT(blacklist_recheck)