this will help us making support for native characters sets/slashes in host etc
[F] auth checker module
[F] resolver module
-[ ] Remove glines entirely
+[x] Remove glines entirely
[ ] other stuff
[?] internally split out +o/+v "ranks" into a series of permissions. this could allow for configure-defined
special access levels, halfops, etc. (would need to match globally, somehow. extra SVINFO param?)
[?] somehow hide channel operators like ircnet can do?
[x] merge m_join.c and m_sjoin.c in one module (same functions, done in ratbox3)
- [ ] merge s_gline.c and m_gline.c in one module (for pretty look, done in ratbox3)
[x] create chmode.h and put there all declarations of chm_* - this will make some modules clean
fname_operlog = "logs/operlog";
#fname_foperlog = "logs/foperlog";
fname_serverlog = "logs/serverlog";
- fname_glinelog = "logs/glinelog";
#fname_klinelog = "logs/klinelog";
fname_killlog = "logs/killlog";
fname_operspylog = "logs/operspylog";
* exceed_limit (old > flag) | allow user to exceed class user limits
* kline_exempt (old ^ flag) | exempt this user from k/g/xlines&dnsbls
* dnsbl_exempt | exempt this user from dnsbls
- * gline_exempt (old _ flag) | exempt this user from glines
* spambot_exempt | exempt this user from spambot checks
* shide_exempt | exempt this user from serverhiding
* jupe_exempt | exempt this user from generating
* remote: allows remote SQUIT and CONNECT (OLD 'R' flag)
* kline: allows KLINE and DLINE (OLD 'K' flag)
* unkline: allows UNKLINE and UNDLINE (OLD 'U' flag)
- * gline: allows GLINE (OLD 'G' flag)
* nick_changes: allows oper to see nickchanges (OLD 'N' flag)
* via snomask +n
* rehash: allows oper to REHASH config (OLD 'H' flag)
* remoteban: allows remote kline etc [DEFAULT]
* mass_notice: allows sending wallops and mass notices [DEFAULT]
*/
- flags = global_kill, remote, kline, unkline, gline,
+ flags = global_kill, remote, kline, unkline,
die, rehash, admin, xline, operwall;
};
connect_timeout = 30 seconds;
disable_auth = no;
no_oper_flood = yes;
- glines = no;
- gline_time = 1 day;
- gline_min_cidr = 16;
max_targets = 4;
client_flood = 20;
use_whois_actually = no;
O = remote oper, local target
S = server
-fname_glinelog
---------------
-<date> <time> <token> <src nick> <src username> <src host> <src server> <user> <host> <reason>
-
-Where token is one of:
- R = gline request
- T = gline trigger, always by previous three requests
-
fname_klinelog
--------------
<date> <time> [U]<token> <source> <time> <info> <reason>[|<oper_reason>]
* - operlog: /oper usage
* - foperlog: failed /oper usage
* - serverlog: server connects/disconnects
- * - glinelog: glines
* - klinelog: klines, etc
* - killlog: kills
* - operspylog: operspy usage
fname_operlog = "logs/operlog";
#fname_foperlog = "logs/foperlog";
fname_serverlog = "logs/serverlog";
- fname_glinelog = "logs/glinelog";
#fname_klinelog = "logs/klinelog";
fname_killlog = "logs/killlog";
fname_operspylog = "logs/operspylog";
* exceed_limit (old > flag) | allow user to exceed class user limits
* kline_exempt (old ^ flag) | exempt this user from k/g/xlines&dnsbls
* dnsbl_exempt | exempt this user from dnsbls
- * gline_exempt (old _ flag) | exempt this user from glines
* spambot_exempt | exempt this user from spambot checks
* shide_exempt | exempt this user from serverhiding
* jupe_exempt | exempt this user from generating
* remote: allows remote SQUIT and CONNECT (OLD 'R' flag)
* kline: allows KLINE and DLINE (OLD 'K' flag)
* unkline: allows UNKLINE and UNDLINE (OLD 'U' flag)
- * gline: allows GLINE (OLD 'G' flag)
* nick_changes: allows oper to see nickchanges (OLD 'N' flag)
* via snomask +n
* rehash: allows oper to REHASH config (OLD 'H' flag)
* remoteban: allows remote kline etc [DEFAULT]
* mass_notice: allows sending wallops and mass notices [DEFAULT]
*/
- flags = global_kill, remote, kline, unkline, gline,
+ flags = global_kill, remote, kline, unkline,
die, rehash, admin, xline, operwall;
};
*/
kline_delay = 0 seconds;
- /* kline reason: show the user the reason why they are k/d/glined
+ /* kline reason: show the user the reason why they are k/dlined
* on exit. may give away who set k/dline when set via tcm.
*/
kline_with_reason = yes;
/* no oper flood: increase flood limits for opers. */
no_oper_flood = yes;
- /* glines: enable glines, network wide temp klines */
- glines = no;
-
- /* gline time: the amount of time a gline will remain before expiring */
- gline_time = 1 day;
-
- /* gline_min_cidr: If using a CIDR gline, the minimum length the
- * mask must be
- */
- gline_min_cidr = 16;
-
/* REMOVE ME. The following line checks you've been reading. */
havent_read_conf = yes;
+----------------------------+
| 'e' | USE_EXCEPT |
|------+---------------------|
- | 'g' | NO_FAKE_GLINES |
- |------+---------------------|
- | 'G' | GLINES |
- |------+---------------------|
| 'H' | HUB |
|------+---------------------|
| 'I' | USE_INVEX |
<arg>DNS</arg>
<arg>MOTD</arg>
<arg>OMOTD</arg>
- <arg>GLINES</arg>
- <arg>PGLINES</arg>
<arg>TKLINES</arg>
<arg>TDLINES</arg>
<arg>TXLINES</arg>
<para>Reload the operator MOTD file</para>
</listitem>
</varlistentry>
- <varlistentry>
- <term>GLINES</term>
- <listitem>
- <para>Clears G:lines.</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>PGLINES</term>
- <listitem>
- <para>Clears pending G:lines.</para>
- </listitem>
- </varlistentry>
<varlistentry>
<term>TKLINES</term>
<listitem>
a temporary D:line.
</para>
</sect2>
- <sect2>
- <title>GLINE</title>
- <cmdsynopsis>
- <command>GLINE</command>
- <group>
- <arg choice=plain><replaceable>user</replaceable>@<replaceable>host</replaceable></arg>
- <arg choice=plain><replaceable>user</replaceable>@<replaceable>a</replaceable>.<replaceable>b</replaceable>.<replaceable>c</replaceable>.<replaceable>d</replaceable></arg>
- </group>
- <arg choice=plain>:<replaceable>reason</replaceable></arg>
- </cmdsynopsis>
- <para>
- Attempts to add a network-wide ban for the given mask.
- It takes three different opers on three different servers
- requesting the same G:line to have it triggered for a configured
- time.
- </para>
- <para>
- Once triggered, a G:line is similar to a temporary K:line on
- each server. No further propagation or on-disk storage is done.
- </para>
- <note><para>
- This command can be enabled or disabled in the configuration file.
- If it is disabled, no oper on the server can issue a G:line and no
- G:lined user is banned, but G:lines are still propagated to other
- servers which may have G:lines enabled.
- </para></note>
- </sect2>
- <sect2>
- <title>UNGLINE</title>
- <cmdsynopsis>
- <command>UNGLINE</command>
- <group>
- <arg choice=plain><replaceable>user</replaceable>@<replaceable>host</replaceable></arg>
- <arg choice=plain><replaceable>user</replaceable>@<replaceable>a</replaceable>.<replaceable>b</replaceable>.<replaceable>c</replaceable>.<replaceable>d</replaceable></arg>
- </group>
- </cmdsynopsis>
- <para>
- Removes the given G:line on this server.
- </para>
- </sect2>
<sect2>
<title>TESTGECOS</title>
<cmdsynopsis>
<para>Show file descriptors</para>
</listitem>
</varlistentry>
- <varlistentry>
- <term>g</term>
- <listitem>
- <para>Show pending glines</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>G</term>
- <listitem>
- <para>Show active glines</para>
- </listitem>
- </varlistentry>
<varlistentry>
<term>h</term>
<listitem>
Anything from a # to the end of a line is a comment. Blank lines are ignored. C-style comments are also supported.
</para>
</sect1>
- <sect1 id="configlines">
- <title>Specific blocks and directives</title>
- <para>
- Not all configuration blocks and directives are listed here, only the most common ones. More blocks and directives will
- be documented in later revisions of this manual.
- </para>
<sect2>
<title>loadmodule directive</title>
<synopsis>
<para>Users in this auth{} block are exempted from DNS blacklists, k:lines, g:lines and x:lines.</para>
</listitem>
</varlistentry>
- <varlistentry>
- <term>gline_exempt (_)</term>
- <listitem>
- <para>Users in this auth{} block are exempted from g:lines.</para>
- </listitem>
- </varlistentry>
<varlistentry>
<term>spambot_exempt</term>
<listitem>
or restarting the server.
</para>
</sect2>
- <sect2>
- <title>gline (G), gline</title>
- <para>
- This allows using GLINE (network wide temp bans if 3 opers agree).
- If unkline privilege is also possessed, allow UNGLINE (remove gline
- locally).
- </para>
- </sect2>
<sect2>
<title>rehash (H), rehash</title>
<para>
<sect2>
<title>unkline (U), unkline</title>
<para>
- Allows using UNKLINE and UNDLINE, and if gline privilege is also
- possessed, UNGLINE.
+ Allows using UNKLINE and UNDLINE.
</para>
</sect2>
<sect2>
EOB - supports end of burst notification (EOB token)
KLN - supports remote KLINE
UNKLN - supports remote UNKLINE
-GLN - supports hybrid7-style GLINE (:oper GLINE user host :reason)
HOPS - supports halfops (+h -- %<nick>)
HUB - denotes that the target server is a HUB
AOPS - supports anonymous ops (+a, op hiding/op status hiding)
* Possible flags:
* encrypted - password is encrypted (recommended)
* kline_exempt - k/g lines on the cgiirc ip are ignored
- * gline_exempt - glines on the cgiirc ip are ignored
* dlines are checked on the cgiirc ip (of course).
- * k/d/g/x lines, auth blocks, user limits, etc are checked using the
+ * k/d/x lines, auth blocks, user limits, etc are checked using the
* real host/ip.
* The password should be specified unencrypted in webirc_password in
* cgiirc.config
del_unknown_ip(source_p);
inetpton_sock(parv[4], (struct sockaddr *)&source_p->localClient->ip);
- /* Check dlines now, k/glines will be checked on registration */
+ /* Check dlines now, klines will be checked on registration */
if((aconf = find_dline((struct sockaddr *)&source_p->localClient->ip,
source_p->localClient->ip.ss_family)))
{
!strcmp(hdata->comment, ConfigFileEntry.kline_reason))
{
sendto_realops_snomask_from(SNO_GENERAL, L_ALL, source_p->servptr,
- "K/D/GLINE active for %s[%s@%s]",
+ "K/DLINE active for %s[%s@%s]",
source_p->name, source_p->username, source_p->host);
}
}
+++ /dev/null
-GLINE <user@host> :[reason]
-
--- if glines are enabled --
-Attempts to add a global IRC-network wide ban on
-<user@host> for the reason [reason].
-
-It takes three different opers on three different
-servers to do the same GLINE within a short interval,
-to have a GLINE triggered for a compiled time of hours.
-
-- Requires Oper Priv: G
CHALLENGE CHANTRACE CLOSE CMODE
CNOTICE CONNECT CPRIVMSG CREDITS
DIE DLINE ERROR ETRACE
-GLINE HELP INDEX INFO
-INVITE ISON JOIN KICK
-KILL KLINE KNOCK LINKS
-LIST LOCOPS LUSERS MAP
-MASKTRACE MODLIST MODLOAD MODRESTART
-MODUNLOAD MOTD NAMES NICK
-NOTICE OPER OPERSPY OPERWALL
-PART PASS PING PONG
-POST PRIVMSG QUIT REHASH
-RESTART RESV SCAN SERVER
-SET SJOIN SNOMASK SQUIT
-STATS SVINFO TESTGECOS TESTLINE
-TESTMASK TIME TOPIC TRACE
-UHELP UMODE UNDLINE UNGLINE
-UNKLINE UNREJECT UNRESV UNXLINE
-USER USERHOST USERS VERSION
-WALLOPS WHO WHOIS WHOWAS
-XLINE
+HELP INDEX INFO INVITE
+ISON JOIN KICK KILL
+KLINE KNOCK LINKS LIST
+LOCOPS LUSERS MAP MASKTRACE
+MODLIST MODLOAD MODRESTART MODUNLOAD
+MOTD NAMES NICK NOTICE
+OPER OPERSPY OPERWALL PART
+PASS PING PONG POST
+PRIVMSG QUIT REHASH RESTART
+RESV SCAN SERVER SET
+SJOIN SNOMASK SQUIT STATS
+SVINFO TESTGECOS TESTLINE TESTMASK
+TIME TOPIC TRACE UHELP
+UMODE UNDLINE UNKLINE UNREJECT
+UNRESV UNXLINE USER USERHOST
+USERS VERSION WALLOPS WHO
+WHOIS WHOWAS XLINE
[option] can be one of the following:
BANS - Re-reads kline.conf, dline.conf, resv.conf and xline.conf
DNS - Re-read the /etc/resolv.conf file
- GLINES - Clears G Lines
HELP - Re-reads help files
MOTD - Re-reads MOTD file
NICKDELAY - Clears delayed nicks
OMOTD - Re-reads Oper MOTD file
- PGLINES - Clears pending G Lines
REJECTCACHE - Clears the reject cache
TDLINES - Clears temporary D Lines
TKLINES - Clears temporary K Lines
+++ /dev/null
-UNGLINE <user@host>
-
--- if glines are enabled --
-Will attempt to remove gline matching <user@host>
-This will only remove the gline from YOUR server, it
-does not try to remove it globally.
-
-- Requires Oper Privs: G and U
/* overflow flags */
/* EARLIER FLAGS ARE IN s_newconf.h */
#define FLAGS2_EXEMPTRESV 0x00400000
-#define FLAGS2_EXEMPTGLINE 0x00800000
-#define FLAGS2_EXEMPTKLINE 0x01000000
-#define FLAGS2_EXEMPTFLOOD 0x02000000
+#define FLAGS2_EXEMPTKLINE 0x00800000
+#define FLAGS2_EXEMPTFLOOD 0x01000000
#define FLAGS2_IP_SPOOFING 0x10000000
#define FLAGS2_EXEMPTSPAMBOT 0x20000000
#define FLAGS2_EXEMPTSHIDE 0x40000000
*/
#define IsExemptKline(x) ((x)->flags2 & FLAGS2_EXEMPTKLINE)
#define SetExemptKline(x) ((x)->flags2 |= FLAGS2_EXEMPTKLINE)
-#define IsExemptGline(x) ((x)->flags2 & FLAGS2_EXEMPTGLINE)
-#define SetExemptGline(x) ((x)->flags2 |= FLAGS2_EXEMPTGLINE)
#define IsExemptFlood(x) ((x)->flags2 & FLAGS2_EXEMPTFLOOD)
#define SetExemptFlood(x) ((x)->flags2 |= FLAGS2_EXEMPTFLOOD)
#define IsExemptSpambot(x) ((x)->flags2 & FLAGS2_EXEMPTSPAMBOT)
extern void check_banned_lines(void);
extern void check_klines_event(void *unused);
extern void check_klines(void);
-extern void check_glines(void);
extern void check_dlines(void);
extern void check_xlines(void);
(x)->orighost, \
(struct sockaddr *)&(x)->localClient->ip, CONF_KILL,\
(x)->localClient->ip.ss_family, (x)->username))
-#define find_gline(x) (find_conf_by_address((x)->host, (x)->sockhost, \
- (x)->orighost, \
- (struct sockaddr *)&(x)->localClient->ip, CONF_GLINE,\
- (x)->localClient->ip.ss_family, (x)->username))
void report_Klines(struct Client *);
void report_auth(struct Client *);
* takes at most 246 bytes (including CRLF and '\0') and together with the
* quit reason should fit in 512 */
#define REASONLEN 260 /* kick/part/quit */
-#define BANREASONLEN 390 /* kline/dline/gline */
+#define BANREASONLEN 390 /* kline/dline */
#define AWAYLEN TOPICLEN
#define KILLLEN 200 /* with Killed (nick ()) added this should fit in quit */
L_SERVER,
L_KILL,
L_KLINE,
- L_GLINE,
L_OPERSPY,
L_IOERROR,
LAST_LOGFILE
#define CONF_RESV_NICK 0x0200
#define CONF_RESV (CONF_RESV_CHANNEL | CONF_RESV_NICK)
-#define CONF_GLINE 0x10000
#define CONF_DLINE 0x20000
#define CONF_EXEMPTDLINE 0x100000
#define CONF_FLAGS_SPOOF_IP 0x00000200
#define CONF_FLAGS_SPOOF_NOTICE 0x00000400
#define CONF_FLAGS_REDIR 0x00000800
-#define CONF_FLAGS_EXEMPTGLINE 0x00001000
#define CONF_FLAGS_EXEMPTRESV 0x00002000 /* exempt from resvs */
#define CONF_FLAGS_EXEMPTFLOOD 0x00004000
#define CONF_FLAGS_EXEMPTSPAMBOT 0x00008000
#define IsNeedIdentd(x) ((x)->flags & CONF_FLAGS_NEED_IDENTD)
#define IsConfExemptKline(x) ((x)->flags & CONF_FLAGS_EXEMPTKLINE)
#define IsConfExemptLimits(x) ((x)->flags & CONF_FLAGS_NOLIMIT)
-#define IsConfExemptGline(x) ((x)->flags & CONF_FLAGS_EXEMPTGLINE)
#define IsConfExemptFlood(x) ((x)->flags & CONF_FLAGS_EXEMPTFLOOD)
#define IsConfExemptSpambot(x) ((x)->flags & CONF_FLAGS_EXEMPTSPAMBOT)
#define IsConfExemptShide(x) ((x)->flags & CONF_FLAGS_EXEMPTSHIDE)
char *fname_foperlog;
char *fname_serverlog;
char *fname_killlog;
- char *fname_glinelog;
char *fname_klinelog;
char *fname_operspylog;
char *fname_ioerrorlog;
int pace_wait_simple;
int short_motd;
int no_oper_flood;
- int glines;
- int gline_time;
- int gline_min_cidr;
- int gline_min_cidr6;
int hide_server;
int hide_spoof_ips;
int hide_error_messages;
+++ /dev/null
-/*
- * ircd-ratbox: A slightly useful ircd.
- * s_gline.h: A header for the gline functions.
- *
- * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
- * Copyright (C) 1996-2002 Hybrid Development Team
- * Copyright (C) 2002-2004 ircd-ratbox development team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- * USA
- *
- * $Id: s_gline.h 6 2005-09-10 01:02:21Z nenolod $
- */
-
-#ifndef INCLUDED_s_gline_h
-#define INCLUDED_s_gline_h
-
-#include "config.h"
-#include "ircd_defs.h"
-
-struct Client;
-struct ConfItem;
-
-extern struct ConfItem *find_is_glined(const char *host, const char *name);
-extern void cleanup_glines(void *unused);
-extern void add_gline(struct ConfItem *);
-
-
-typedef struct gline_pending
-{
- char oper_nick1[NICKLEN + 1];
- char oper_user1[USERLEN + 1];
- char oper_host1[HOSTLEN + 1];
- const char *oper_server1; /* point to scache */
- char *reason1;
- time_t time_request1;
-
- char oper_nick2[NICKLEN + 1];
- char oper_user2[USERLEN + 1];
- char oper_host2[HOSTLEN + 1];
- const char *oper_server2; /* point to scache */
- char *reason2;
- time_t time_request2;
-
- time_t last_gline_time; /* for expiring entry */
- char user[USERLEN + 1];
- char host[HOSTLEN + 1];
-}
-gline_pending_t;
-
-/* how long a pending G line can be around
- * 10 minutes should be plenty
- */
-
-#define GLINE_PENDING_EXPIRE 600
-#define CLEANUP_GLINES_TIME 300
-
-rb_dlink_list pending_glines;
-extern rb_dlink_list glines;
-
-#endif
#define OPER_LOCKILL 0x00008
#define OPER_GLOBKILL 0x00010
#define OPER_REMOTE 0x00020
-#define OPER_GLINE 0x00040
#define OPER_XLINE 0x00080
#define OPER_RESV 0x00100
#define OPER_NICKS 0x00200
/* 0x400000 and above are in client.h */
#define OPER_FLAGS (OPER_KLINE|OPER_UNKLINE|OPER_LOCKILL|OPER_GLOBKILL|\
- OPER_REMOTE|OPER_GLINE|OPER_XLINE|OPER_RESV|\
+ OPER_REMOTE|OPER_XLINE|OPER_RESV|\
OPER_NICKS|OPER_REHASH|OPER_DIE|OPER_ADMIN|\
OPER_HADMIN|OPER_OPERWALL|OPER_INVIS|OPER_SPY|\
OPER_REMOTEBAN|OPER_MASSNOTICE)
#define IsOperLocalKill(x) ((x)->flags2 & OPER_LOCKILL)
#define IsOperRemote(x) ((x)->flags2 & OPER_REMOTE)
#define IsOperUnkline(x) ((x)->flags2 & OPER_UNKLINE)
-#define IsOperGline(x) ((x)->flags2 & OPER_GLINE)
#define IsOperN(x) ((x)->flags2 & OPER_NICKS)
#define IsOperK(x) ((x)->flags2 & OPER_KLINE)
#define IsOperXline(x) ((x)->flags2 & OPER_XLINE)
#define CAP_CHW 0x00008 /* Can do channel wall @# */
#define CAP_IE 0x00010 /* Can do invite exceptions */
#define CAP_KLN 0x00040 /* Can do KLINE message */
-#define CAP_GLN 0x00080 /* Can do GLINE message */
#define CAP_ZIP 0x00100 /* Can do ZIPlinks */
#define CAP_KNOCK 0x00400 /* supports KNOCK */
#define CAP_TB 0x00800 /* supports TBURST */
m_dline.c \
m_encap.c \
m_etrace.c \
- m_gline.c \
m_help.c \
m_info.c \
m_invite.c \
+++ /dev/null
-/*
- * ircd-ratbox: A slightly useful ircd.
- * m_gline.c: Votes towards globally banning a mask.
- *
- * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
- * Copyright (C) 1996-2002 Hybrid Development Team
- * Copyright (C) 2002-2005 ircd-ratbox development team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- * USA
- *
- * $Id: m_gline.c 3225 2007-03-04 23:42:55Z jilles $
- */
-
-#include "stdinc.h"
-#include "s_gline.h"
-#include "channel.h"
-#include "client.h"
-#include "common.h"
-#include "config.h"
-#include "irc_string.h"
-#include "sprintf_irc.h"
-#include "ircd.h"
-#include "hostmask.h"
-#include "numeric.h"
-#include "s_conf.h"
-#include "s_newconf.h"
-#include "scache.h"
-#include "send.h"
-#include "msg.h"
-#include "s_serv.h"
-#include "hash.h"
-#include "parse.h"
-#include "modules.h"
-#include "logger.h"
-#include "reject.h"
-
-static int mo_gline(struct Client *, struct Client *, int, const char **);
-static int mc_gline(struct Client *, struct Client *, int, const char **);
-static int ms_gline(struct Client *, struct Client *, int, const char **);
-static int mo_ungline(struct Client *, struct Client *, int, const char **);
-
-struct Message gline_msgtab = {
- "GLINE", 0, 0, 0, MFLG_SLOW,
- {mg_unreg, mg_not_oper, {mc_gline, 3}, {ms_gline, 7}, mg_ignore, {mo_gline, 3}}
-};
-struct Message ungline_msgtab = {
- "UNGLINE", 0, 0, 0, MFLG_SLOW,
- {mg_unreg, mg_not_oper, mg_ignore, mg_ignore, mg_ignore, {mo_ungline, 2}}
-};
-
-mapi_clist_av1 gline_clist[] = { &gline_msgtab, &ungline_msgtab, NULL };
-DECLARE_MODULE_AV1(gline, NULL, NULL, gline_clist, NULL, NULL, "$Revision: 3225 $");
-
-static int majority_gline(struct Client *source_p, const char *user,
- const char *host, const char *reason);
-static void set_local_gline(struct Client *source_p, const char *user,
- const char *host, const char *reason);
-
-static int check_wild_gline(const char *, const char *);
-static int invalid_gline(struct Client *, const char *, const char *, char *);
-
-static int remove_temp_gline(const char *, const char *);
-
-
-/* mo_gline()
- *
- * inputs - The usual for a m_ function
- * output -
- * side effects - place a gline if 3 opers agree
- */
-static int
-mo_gline(struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
-{
- const char *user = NULL;
- char *host = NULL; /* user and host of GLINE "victim" */
- char *reason = NULL; /* reason for "victims" demise */
- char splat[] = "*";
- char *ptr;
-
- if(!ConfigFileEntry.glines)
- {
- sendto_one_notice(source_p, ":GLINE disabled, perhaps you want a clustered or remote KLINE?");
- return 0;
- }
-
- if(!IsOperGline(source_p))
- {
- sendto_one(source_p, form_str(ERR_NOPRIVS),
- me.name, source_p->name, "gline");
- return 0;
- }
-
- host = strchr(parv[1], '@');
-
- /* specific user@host */
- if(host != NULL)
- {
- user = parv[1];
- *(host++) = '\0';
-
- /* gline for "@host", use *@host */
- if(*user == '\0')
- user = splat;
- }
- /* just a host? */
- else
- {
- /* ok, its not a host.. abort */
- if(strchr(parv[1], '.') == NULL)
- {
- sendto_one_notice(source_p, ":Invalid parameters");
- return 0;
- }
-
- user = splat;
- host = LOCAL_COPY(parv[1]);
- }
-
- reason = LOCAL_COPY(parv[2]);
-
- if(invalid_gline(source_p, user, host, reason))
- return 0;
-
- /* Not enough non-wild characters were found, assume they are trying to gline *@*. */
- if(check_wild_gline(user, host))
- {
- if(MyClient(source_p))
- sendto_one_notice(source_p,
- ":Please include at least %d non-wildcard characters with the user@host",
- ConfigFileEntry.min_nonwildcard);
- return 0;
- }
-
- if((ptr = strchr(host, '/')) != NULL)
- {
- int bitlen;
- bitlen = strtol(++ptr, NULL, 10);
-
- /* ipv4? */
- if(strchr(host, ':') == NULL)
- {
- if(bitlen < ConfigFileEntry.gline_min_cidr)
- {
- sendto_one_notice(source_p, ":Cannot set G-Lines with cidr length < %d",
- ConfigFileEntry.gline_min_cidr);
- return 0;
- }
- }
- /* ipv6 */
- else if(bitlen < ConfigFileEntry.gline_min_cidr6)
- {
- sendto_one_notice(source_p, ":Cannot set G-Lines with cidr length < %d",
- ConfigFileEntry.gline_min_cidr6);
- return 0;
- }
- }
-
- /* inform users about the gline before we call majority_gline()
- * so already voted comes below gline request --fl
- */
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s!%s@%s on %s is requesting gline for [%s@%s] [%s]",
- source_p->name, source_p->username,
- source_p->host, me.name, user, host, reason);
- ilog(L_GLINE, "R %s %s %s %s %s %s %s",
- source_p->name, source_p->username, source_p->host,
- source_p->servptr->name, user, host, reason);
-
- /* If at least 3 opers agree this user should be G lined then do it */
- majority_gline(source_p, user, host, reason);
-
- /* 4 param version for hyb-7 servers */
- sendto_server(NULL, NULL, CAP_GLN|CAP_TS6, NOCAPS,
- ":%s GLINE %s %s :%s",
- use_id(source_p), user, host, reason);
- sendto_server(NULL, NULL, CAP_GLN, CAP_TS6,
- ":%s GLINE %s %s :%s",
- source_p->name, user, host, reason);
-
- /* 8 param for hyb-6 */
- sendto_server(NULL, NULL, NOCAPS, CAP_GLN,
- ":%s GLINE %s %s %s %s %s %s :%s",
- me.name, source_p->name, source_p->username,
- source_p->host, source_p->servptr->name,
- user, host, reason);
- return 0;
-}
-
-/* mc_gline()
- */
-static int
-mc_gline(struct Client *client_p, struct Client *source_p,
- int parc, const char *parv[])
-{
- struct Client *acptr;
- const char *user;
- const char *host;
- char *reason;
- char *ptr;
-
- /* hyb6 allows empty gline reasons */
- if(parc < 4 || EmptyString(parv[3]))
- return 0;
-
- acptr = source_p;
-
- user = parv[1];
- host = parv[2];
- reason = LOCAL_COPY(parv[3]);
-
- if(invalid_gline(acptr, user, host, reason))
- return 0;
-
- sendto_server(client_p, NULL, CAP_GLN|CAP_TS6, NOCAPS,
- ":%s GLINE %s %s :%s",
- use_id(acptr), user, host, reason);
- sendto_server(client_p, NULL, CAP_GLN, CAP_TS6,
- ":%s GLINE %s %s :%s",
- acptr->name, user, host, reason);
- sendto_server(client_p, NULL, NOCAPS, CAP_GLN,
- ":%s GLINE %s %s %s %s %s %s :%s",
- acptr->servptr->name, acptr->name,
- acptr->username, acptr->host,
- acptr->servptr->name, user, host, reason);
-
- if(!ConfigFileEntry.glines)
- return 0;
-
- /* check theres enough non-wildcard chars */
- if(check_wild_gline(user, host))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s!%s@%s on %s is requesting a gline without "
- "%d non-wildcard characters for [%s@%s] [%s]",
- acptr->name, acptr->username,
- acptr->host, acptr->servptr->name,
- ConfigFileEntry.min_nonwildcard,
- user, host, reason);
- return 0;
- }
-
- if((ptr = strchr(host, '/')) != NULL)
- {
- int bitlen;
- bitlen = strtol(++ptr, NULL, 10);
-
- /* ipv4? */
- if(strchr(host, ':') == NULL)
- {
- if(bitlen < ConfigFileEntry.gline_min_cidr)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s!%s@%s on %s is requesting a "
- "gline with a cidr mask < %d for [%s@%s] [%s]",
- acptr->name, acptr->username, acptr->host,
- acptr->servptr->name,
- ConfigFileEntry.gline_min_cidr,
- user, host, reason);
- return 0;
- }
- }
- /* ipv6 */
- else if(bitlen < ConfigFileEntry.gline_min_cidr6)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s!%s@%s on %s is requesting a "
- "gline with a cidr mask < %d for [%s@%s] [%s]",
- acptr->name, acptr->username, acptr->host,
- acptr->servptr->name,
- ConfigFileEntry.gline_min_cidr6,
- user, host, reason);
- return 0;
- }
- }
-
-
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s!%s@%s on %s is requesting gline for [%s@%s] [%s]",
- acptr->name, acptr->username, acptr->host,
- acptr->servptr->name, user, host, reason);
-
- ilog(L_GLINE, "R %s %s %s %s %s %s %s",
- source_p->name, source_p->username, source_p->host,
- source_p->servptr->name, user, host, reason);
-
- /* If at least 3 opers agree this user should be G lined then do it */
- majority_gline(acptr, user, host, reason);
-
- return 0;
-}
-
-
-/* ms_gline()
- *
- * inputs - The usual for a m_ function
- * output -
- * side effects - attempts to place a gline, if 3 opers agree
- */
-static int
-ms_gline(struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
-{
- struct Client *acptr;
- const char *user;
- const char *host;
- char *reason;
-
- /* hyb6 allows empty gline reasons */
- if(parc < 8 || EmptyString(parv[7]))
- return 0;
-
- /* client doesnt exist.. someones messing */
- if((acptr = find_client(parv[1])) == NULL)
- return 0;
-
- /* client that sent the gline, isnt on the server that sent
- * the gline out. somethings fucked.
- */
- if(acptr->servptr != source_p)
- return 0;
-
- user = parv[5];
- host = parv[6];
- reason = LOCAL_COPY(parv[7]);
-
- if(invalid_gline(acptr, user, host, reason))
- return 0;
-
- sendto_server(client_p, NULL, CAP_GLN|CAP_TS6, NOCAPS,
- ":%s GLINE %s %s :%s",
- use_id(acptr), user, host, reason);
- sendto_server(client_p, NULL, CAP_GLN, CAP_TS6,
- ":%s GLINE %s %s :%s",
- acptr->name, user, host, reason);
- sendto_server(client_p, NULL, NOCAPS, CAP_GLN,
- ":%s GLINE %s %s %s %s %s %s :%s",
- acptr->servptr->name, acptr->name,
- acptr->username, acptr->host,
- acptr->servptr->name, user, host, reason);
-
- if(!ConfigFileEntry.glines)
- return 0;
-
- /* check theres enough non-wildcard chars */
- if(check_wild_gline(user, host))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s!%s@%s on %s is requesting a gline without "
- "%d non-wildcard characters for [%s@%s] [%s]",
- acptr->name, acptr->username,
- acptr->host, acptr->servptr->name,
- ConfigFileEntry.min_nonwildcard,
- user, host, reason);
- return 0;
- }
-
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s!%s@%s on %s is requesting gline for [%s@%s] [%s]",
- acptr->name, acptr->username, acptr->host,
- acptr->servptr->name, user, host, reason);
-
- ilog(L_GLINE, "R %s %s %s %s %s %s %s",
- acptr->name, acptr->username, acptr->host,
- acptr->servptr->name, user, host, reason);
-
- /* If at least 3 opers agree this user should be G lined then do it */
- majority_gline(acptr, user, host, reason);
-
- return 0;
-}
-
-/* mo_ungline()
- *
- * parv[0] = sender nick
- * parv[1] = gline to remove
- */
-static int
-mo_ungline(struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
-{
- const char *user;
- char *h = LOCAL_COPY(parv[1]);
- char *host;
- char splat[] = "*";
-
- if(!ConfigFileEntry.glines)
- {
- sendto_one_notice(source_p, ":UNGLINE disabled, perhaps you want UNKLINE?");
- return 0;
- }
-
- if(!IsOperUnkline(source_p) || !IsOperGline(source_p))
- {
- sendto_one(source_p, form_str(ERR_NOPRIVS),
- me.name, source_p->name, "unkline");
- return 0;
- }
-
- if((host = strchr(h, '@')) || *h == '*')
- {
- /* Explicit user@host mask given */
-
- if(host)
- {
- *host++ = '\0';
-
- /* check for @host */
- if(*h)
- user = h;
- else
- user = splat;
-
- if(!*host)
- host = splat;
- }
- else
- {
- user = splat;
- host = h;
- }
- }
- else
- {
- sendto_one_notice(source_p, ":Invalid parameters");
- return 0;
- }
-
- if(remove_temp_gline(user, host))
- {
- sendto_one_notice(source_p, ":Un-glined [%s@%s]", user, host);
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s has removed the G-Line for: [%s@%s]",
- get_oper_name(source_p), user, host);
- ilog(L_GLINE, "U %s %s %s %s %s %s",
- source_p->name, source_p->username, source_p->host,
- source_p->servptr->name, user, host);
- }
- else
- {
- sendto_one_notice(source_p, ":No G-Line for %s@%s", user, host);
- }
-
- return 0;
-}
-
-/*
- * check_wild_gline
- *
- * inputs - user, host of gline
- * output - 1 if not enough non-wildchar char's, 0 if ok
- * side effects - NONE
- */
-static int
-check_wild_gline(const char *user, const char *host)
-{
- const char *p;
- char tmpch;
- int nonwild;
-
- nonwild = 0;
- p = user;
-
- while ((tmpch = *p++))
- {
- if(!IsKWildChar(tmpch))
- {
- /* enough of them, break */
- if(++nonwild >= ConfigFileEntry.min_nonwildcard)
- break;
- }
- }
-
- if(nonwild < ConfigFileEntry.min_nonwildcard)
- {
- /* user doesnt, try host */
- p = host;
- while ((tmpch = *p++))
- {
- if(!IsKWildChar(tmpch))
- if(++nonwild >= ConfigFileEntry.min_nonwildcard)
- break;
- }
- }
-
- if(nonwild < ConfigFileEntry.min_nonwildcard)
- return 1;
- else
- return 0;
-}
-
-/* invalid_gline
- *
- * inputs - pointer to source client, ident, host and reason
- * outputs - 1 if invalid, 0 if valid
- * side effects -
- */
-static int
-invalid_gline(struct Client *source_p, const char *luser,
- const char *lhost, char *lreason)
-{
- if(strchr(luser, '!'))
- {
- sendto_one_notice(source_p, ":Invalid character '!' in gline");
- return 1;
- }
-
- if(strlen(lreason) > BANREASONLEN)
- lreason[BANREASONLEN] = '\0';
-
- return 0;
-}
-
-/*
- * set_local_gline
- *
- * inputs - pointer to oper nick/username/host/server,
- * victim user/host and reason
- * output - NONE
- * side effects -
- */
-static void
-set_local_gline(struct Client *source_p, const char *user,
- const char *host, const char *reason)
-{
- char buffer[IRCD_BUFSIZE];
- struct ConfItem *aconf;
- const char *current_date;
- char *my_reason;
- char *oper_reason;
-
- current_date = smalldate();
-
- my_reason = LOCAL_COPY(reason);
-
- aconf = make_conf();
- aconf->status = CONF_GLINE;
- aconf->flags |= CONF_FLAGS_TEMPORARY;
-
- if(strlen(my_reason) > BANREASONLEN)
- my_reason[BANREASONLEN-1] = '\0';
-
- if((oper_reason = strchr(my_reason, '|')) != NULL)
- {
- *oper_reason = '\0';
- oper_reason++;
-
- if(!EmptyString(oper_reason))
- aconf->spasswd = rb_strdup(oper_reason);
- }
-
- rb_snprintf(buffer, sizeof(buffer), "%s (%s)", reason, current_date);
-
- aconf->passwd = rb_strdup(buffer);
- aconf->user = rb_strdup(user);
- aconf->host = rb_strdup(host);
- aconf->hold = rb_current_time() + ConfigFileEntry.gline_time;
- add_gline(aconf);
-
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s!%s@%s on %s has triggered gline for [%s@%s] [%s]",
- source_p->name, source_p->username,
- source_p->host, source_p->servptr->name,
- user, host, reason);
- ilog(L_GLINE, "T %s %s %s %s %s %s %s",
- source_p->name, source_p->username, source_p->host,
- source_p->servptr->name, user, host, reason);
-
- check_glines();
-}
-
-/* majority_gline()
- *
- * input - client doing gline, user, host and reason of gline
- * output - YES if there are 3 different opers/servers agree, else NO
- * side effects -
- */
-static int
-majority_gline(struct Client *source_p, const char *user,
- const char *host, const char *reason)
-{
- rb_dlink_node *pending_node;
- struct gline_pending *pending;
-
- /* to avoid desync.. --fl */
- cleanup_glines(NULL);
-
- /* if its already glined, why bother? :) -- fl_ */
- if(find_is_glined(host, user))
- return NO;
-
- RB_DLINK_FOREACH(pending_node, pending_glines.head)
- {
- pending = pending_node->data;
-
- if((irccmp(pending->user, user) == 0) &&
- (irccmp(pending->host, host) == 0))
- {
- /* check oper or server hasnt already voted */
- if(((irccmp(pending->oper_user1, source_p->username) == 0) ||
- (irccmp(pending->oper_host1, source_p->host) == 0)))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "oper has already voted");
- return NO;
- }
- else if(irccmp(pending->oper_server1, source_p->servptr->name) == 0)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "server has already voted");
- return NO;
- }
-
- if(pending->oper_user2[0] != '\0')
- {
- /* if two other opers on two different servers have voted yes */
- if(((irccmp(pending->oper_user2, source_p->username) == 0) ||
- (irccmp(pending->oper_host2, source_p->host) == 0)))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "oper has already voted");
- return NO;
- }
- else if(irccmp(pending->oper_server2, source_p->servptr->name) == 0)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "server has already voted");
- return NO;
- }
-
- /* trigger the gline using the original reason --fl */
- set_local_gline(source_p, user, host,
- pending->reason1);
-
- cleanup_glines(NULL);
- return YES;
- }
- else
- {
- strlcpy(pending->oper_nick2, source_p->name,
- sizeof(pending->oper_nick2));
- strlcpy(pending->oper_user2, source_p->username,
- sizeof(pending->oper_user2));
- strlcpy(pending->oper_host2, source_p->host,
- sizeof(pending->oper_host2));
- pending->reason2 = rb_strdup(reason);
- pending->oper_server2 = scache_get_name(source_p->servptr->serv->nameinfo);
- pending->last_gline_time = rb_current_time();
- pending->time_request2 = rb_current_time();
- return NO;
- }
- }
- }
-
- /* no pending gline, create a new one */
- pending = (struct gline_pending *)
- rb_malloc(sizeof(struct gline_pending));
-
- strlcpy(pending->oper_nick1, source_p->name,
- sizeof(pending->oper_nick1));
- strlcpy(pending->oper_user1, source_p->username,
- sizeof(pending->oper_user1));
- strlcpy(pending->oper_host1, source_p->host,
- sizeof(pending->oper_host1));
-
- pending->oper_server1 = scache_get_name(source_p->servptr->serv->nameinfo);
-
- strlcpy(pending->user, user, sizeof(pending->user));
- strlcpy(pending->host, host, sizeof(pending->host));
- pending->reason1 = rb_strdup(reason);
- pending->reason2 = NULL;
-
- pending->last_gline_time = rb_current_time();
- pending->time_request1 = rb_current_time();
-
- rb_dlinkAddAlloc(pending, &pending_glines);
-
- return NO;
-}
-
-/* remove_temp_gline()
- *
- * inputs - username, hostname to ungline
- * outputs -
- * side effects - tries to ungline anything that matches
- */
-static int
-remove_temp_gline(const char *user, const char *host)
-{
- struct ConfItem *aconf;
- rb_dlink_node *ptr;
- struct rb_sockaddr_storage addr, caddr;
- int bits, cbits;
- int mtype, gtype;
-
- mtype = parse_netmask(host, (struct sockaddr *)&addr, &bits);
-
- RB_DLINK_FOREACH(ptr, glines.head)
- {
- aconf = ptr->data;
-
- gtype = parse_netmask(aconf->host, (struct sockaddr *)&caddr, &cbits);
-
- if(gtype != mtype || (user && irccmp(user, aconf->user)))
- continue;
-
- if(gtype == HM_HOST)
- {
- if(irccmp(aconf->host, host))
- continue;
- }
- else if(bits != cbits ||
- !comp_with_mask_sock((struct sockaddr *)&addr,
- (struct sockaddr *)&caddr, bits))
- continue;
-
- rb_dlinkDestroy(ptr, &glines);
- remove_reject_mask(aconf->user, aconf->host);
- delete_one_address_conf(aconf->host, aconf);
- return YES;
- }
-
- return NO;
-}
&ConfigFileEntry.fname_klinelog,
"KLINE etc log file"
},
- {
- "fname_glinelog",
- OUTPUT_STRING,
- &ConfigFileEntry.fname_glinelog,
- "GLINE log file"
- },
{
"fname_operspylog",
OUTPUT_STRING,
&ConfigFileEntry.fname_ioerrorlog,
"IO error log file"
},
- {
- "glines",
- OUTPUT_BOOLEAN,
- &ConfigFileEntry.glines,
- "G-line (network-wide K-line) support"
- },
- {
- "gline_time",
- OUTPUT_DECIMAL,
- &ConfigFileEntry.gline_time,
- "Expiry time for G-lines"
- },
- {
- "gline_min_cidr",
- OUTPUT_DECIMAL,
- &ConfigFileEntry.gline_min_cidr,
- "Minimum CIDR bitlen for ipv4 glines"
- },
- {
- "gline_min_cidr6",
- OUTPUT_DECIMAL,
- &ConfigFileEntry.gline_min_cidr6,
- "Minimum CIDR bitlen for ipv6 glines"
- },
{
"global_snotices",
OUTPUT_BOOLEAN_YN,
{"remote", OPER_REMOTE },
{"kline", OPER_KLINE },
{"unkline", OPER_UNKLINE },
- {"gline", OPER_GLINE },
{"nick_changes", OPER_NICKS },
{"rehash", OPER_REHASH },
{"die", OPER_DIE },
/* there is no such table like this anywhere else */
static struct mode_table auth_client_table[] = {
{"resv_exempt", FLAGS2_EXEMPTRESV },
- {"gline_exempt", FLAGS2_EXEMPTGLINE },
{"kline_exempt", FLAGS2_EXEMPTKLINE },
{"flood_exempt", FLAGS2_EXEMPTFLOOD },
{"spambot_exempt", FLAGS2_EXEMPTSPAMBOT },
#include "common.h"
#include "irc_string.h"
#include "ircd.h"
-#include "s_gline.h"
#include "s_serv.h"
#include "numeric.h"
#include "res.h"
oper_motd = cache_file(OPATH, "opers.motd", 0);
}
-static void
-rehash_glines(struct Client *source_p)
-{
- struct ConfItem *aconf;
- rb_dlink_node *ptr, *next_ptr;
-
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s is clearing G-lines",
- get_oper_name(source_p));
-
- RB_DLINK_FOREACH_SAFE(ptr, next_ptr, glines.head)
- {
- aconf = ptr->data;
-
- delete_one_address_conf(aconf->host, aconf);
- rb_dlinkDestroy(ptr, &glines);
- }
-}
-
-static void
-rehash_pglines(struct Client *source_p)
-{
- struct gline_pending *glp_ptr;
- rb_dlink_node *ptr;
- rb_dlink_node *next_ptr;
-
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s is clearing pending glines",
- get_oper_name(source_p));
-
- RB_DLINK_FOREACH_SAFE(ptr, next_ptr, pending_glines.head)
- {
- glp_ptr = ptr->data;
-
- rb_free(glp_ptr->reason1);
- rb_free(glp_ptr->reason2);
- rb_free(glp_ptr);
- rb_dlinkDestroy(ptr, &pending_glines);
- }
-}
-
static void
rehash_tklines(struct Client *source_p)
{
{"DNS", rehash_dns },
{"MOTD", rehash_motd },
{"OMOTD", rehash_omotd },
- {"GLINES", rehash_glines },
- {"PGLINES", rehash_pglines },
{"TKLINES", rehash_tklines },
{"TDLINES", rehash_tdlines },
{"TXLINES", rehash_txlines },
#include "irc_string.h"
#include "ircd.h" /* me */
#include "listener.h" /* show_ports */
-#include "s_gline.h"
#include "msg.h" /* Message */
#include "hostmask.h" /* report_mtrie_conf_links */
#include "numeric.h" /* ERR_xxx */
static void stats_deny(struct Client *);
static void stats_exempt(struct Client *);
static void stats_events(struct Client *);
-static void stats_glines(struct Client *);
-static void stats_pending_glines(struct Client *);
static void stats_hubleaf(struct Client *);
static void stats_auth(struct Client *);
static void stats_tklines(struct Client *);
{'E', stats_events, 1, 1, },
{'f', stats_comm, 1, 1, },
{'F', stats_comm, 1, 1, },
- {'g', stats_pending_glines, 1, 0, },
- {'G', stats_glines, 1, 0, },
{'h', stats_hubleaf, 0, 0, },
{'H', stats_hubleaf, 0, 0, },
{'i', stats_auth, 0, 0, },
rb_dump_events(stats_events_cb, source_p);
}
-/* stats_pending_glines()
- *
- * input - client pointer
- * output - none
- * side effects - client is shown list of pending glines
- */
-static void
-stats_pending_glines (struct Client *source_p)
-{
- if(ConfigFileEntry.glines)
- {
- rb_dlink_node *pending_node;
- struct gline_pending *glp_ptr;
- char timebuffer[MAX_DATE_STRING];
- struct tm *tmptr;
-
- RB_DLINK_FOREACH (pending_node, pending_glines.head)
- {
- glp_ptr = pending_node->data;
-
- tmptr = localtime (&glp_ptr->time_request1);
- strftime (timebuffer, MAX_DATE_STRING, "%Y/%m/%d %H:%M:%S", tmptr);
-
- sendto_one_notice(source_p,
- ":1) %s!%s@%s on %s requested gline at %s for %s@%s [%s]",
- glp_ptr->oper_nick1,
- glp_ptr->oper_user1, glp_ptr->oper_host1,
- glp_ptr->oper_server1, timebuffer,
- glp_ptr->user, glp_ptr->host, glp_ptr->reason1);
-
- if(glp_ptr->oper_nick2[0])
- {
- tmptr = localtime (&glp_ptr->time_request2);
- strftime (timebuffer, MAX_DATE_STRING, "%Y/%m/%d %H:%M:%S", tmptr);
- sendto_one_notice(source_p,
- ":2) %s!%s@%s on %s requested gline at %s for %s@%s [%s]",
- glp_ptr->oper_nick2,
- glp_ptr->oper_user2, glp_ptr->oper_host2,
- glp_ptr->oper_server2, timebuffer,
- glp_ptr->user, glp_ptr->host, glp_ptr->reason2);
- }
- }
-
- if(rb_dlink_list_length (&pending_glines) > 0)
- sendto_one_notice(source_p, ":End of Pending G-lines");
- }
- else
- sendto_one_notice(source_p, ":This server does not support G-Lines");
-
-}
-
-/* stats_glines()
- *
- * input - client pointer
- * output - none
- * side effects - client is shown list of glines
- */
-static void
-stats_glines (struct Client *source_p)
-{
- if(ConfigFileEntry.glines)
- {
- rb_dlink_node *gline_node;
- struct ConfItem *kill_ptr;
-
- RB_DLINK_FOREACH_PREV (gline_node, glines.tail)
- {
- kill_ptr = gline_node->data;
-
- sendto_one_numeric(source_p, RPL_STATSKLINE,
- form_str(RPL_STATSKLINE), 'G',
- kill_ptr->host ? kill_ptr->host : "*",
- kill_ptr->user ? kill_ptr->user : "*",
- kill_ptr->passwd ? kill_ptr->passwd : "No Reason",
- kill_ptr->spasswd ? "|" : "",
- kill_ptr->spasswd ? kill_ptr->spasswd : "");
- }
- }
- else
- sendto_one_notice(source_p, ":This server does not support G-Lines");
-}
-
-
static void
stats_hubleaf(struct Client *source_p)
{
buf, aconf->passwd);
return 0;
}
- else if(aconf->status & CONF_GLINE)
- {
- rb_snprintf(buf, sizeof(buf), "%s@%s",
- aconf->user, aconf->host);
- sendto_one(source_p, form_str(RPL_TESTLINE),
- me.name, source_p->name,
- 'G', (long) ((aconf->hold - rb_current_time()) / 60),
- buf, aconf->passwd);
- return 0;
- }
}
/* they asked us to check a nick, so hunt for resvs.. */
/*
* m_testmask.c: Shows the number of matching local and global clients
- * for a user@host mask, helpful when setting GLINE's
+ * for a user@host mask
*
* Copyright (C) 2003 by W. Campbell
* Coypright (C) 2004 ircd-ratbox development team
if(ConfigChannel.use_except)
*p++ = 'e';
- if(ConfigFileEntry.glines)
- *p++ = 'g';
- *p++ = 'G';
-
/* might wanna hide this :P */
if(ServerInfo.hub)
*p++ = 'H';
s_auth.c \
s_conf.c \
s_newconf.c \
- s_gline.c \
s_serv.c \
s_user.c \
scache.c \
#include "irc_string.h"
#include "sprintf_irc.h"
#include "ircd.h"
-#include "s_gline.h"
#include "numeric.h"
#include "packet.h"
#include "s_auth.h"
* check_banned_lines
* inputs - NONE
* output - NONE
- * side effects - Check all connections for a pending k/d/gline against the
+ * side effects - Check all connections for a pending k/dline against the
* client, exit the client if found.
*/
void
notify_banned_client(client_p, aconf, K_LINED);
continue;
}
- else if((aconf = find_gline(client_p)) != NULL)
- {
- if(IsExemptKline(client_p))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "GLINE over-ruled for %s, client is kline_exempt [%s@%s]",
- get_client_name(client_p, HIDE_IP),
- aconf->user, aconf->host);
- continue;
- }
-
- if(IsExemptGline(client_p))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "GLINE over-ruled for %s, client is gline_exempt [%s@%s]",
- get_client_name(client_p, HIDE_IP),
- aconf->user, aconf->host);
- continue;
- }
-
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "GLINE active for %s",
- get_client_name(client_p, HIDE_IP));
-
- notify_banned_client(client_p, aconf, G_LINED);
- continue;
- }
else if((aconf = find_xline(client_p->info, 1)) != NULL)
{
if(IsExemptKline(client_p))
}
}
-/* check_glines()
- *
- * inputs -
- * outputs -
- * side effects - all clients will be checked for glines
- */
-void
-check_glines(void)
-{
- struct Client *client_p;
- struct ConfItem *aconf;
- rb_dlink_node *ptr;
- rb_dlink_node *next_ptr;
-
- RB_DLINK_FOREACH_SAFE(ptr, next_ptr, lclient_list.head)
- {
- client_p = ptr->data;
-
- if(IsMe(client_p) || !IsPerson(client_p))
- continue;
-
- if((aconf = find_gline(client_p)) != NULL)
- {
- if(IsExemptKline(client_p))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "GLINE over-ruled for %s, client is kline_exempt",
- get_client_name(client_p, HIDE_IP));
- continue;
- }
-
- if(IsExemptGline(client_p))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "GLINE over-ruled for %s, client is gline_exempt",
- get_client_name(client_p, HIDE_IP));
- continue;
- }
-
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "GLINE active for %s",
- get_client_name(client_p, HIDE_IP));
-
- notify_banned_client(client_p, aconf, K_LINED);
- continue;
- }
- }
-}
-
/* check_dlines()
*
* inputs -
return kconf;
}
- /* hunt for a gline */
- if(ConfigFileEntry.glines)
- {
- kconf = find_conf_by_address(host, sockhost, NULL, ip, CONF_GLINE, aftype, user);
-
- if((kconf != NULL) && !IsConfExemptGline(iconf))
- return kconf;
- }
-
return iconf;
}
*prefix_ptr++ = '=';
if(IsOper(sptr) && IsConfExemptFlood(aconf))
*prefix_ptr++ = '|';
- if(IsOper(sptr) && IsConfExemptGline(aconf) && !IsConfExemptKline(aconf))
- *prefix_ptr++ = '_';
if(IsOper(sptr) && IsConfExemptDNSBL(aconf) && !IsConfExemptKline(aconf))
*prefix_ptr++ = '$';
if(IsOper(sptr) && IsConfExemptKline(aconf))
#include "irc_string.h"
#include "ircd_signal.h"
#include "sprintf_irc.h"
-#include "s_gline.h"
#include "msg.h" /* msgtab */
#include "hostmask.h"
#include "numeric.h"
ilog(L_MAIN, "Server Ready");
- rb_event_addish("cleanup_glines", cleanup_glines, NULL, CLEANUP_GLINES_TIME);
-
/* We want try_connections to be called as soon as possible now! -- adrian */
/* No, 'cause after a restart it would cause all sorts of nick collides */
/* um. by waiting even longer, that just means we have even *more*
static FILE *log_foper;
static FILE *log_server;
static FILE *log_kill;
-static FILE *log_gline;
static FILE *log_kline;
static FILE *log_operspy;
static FILE *log_ioerror;
{ &ConfigFileEntry.fname_serverlog, &log_server },
{ &ConfigFileEntry.fname_killlog, &log_kill },
{ &ConfigFileEntry.fname_klinelog, &log_kline },
- { &ConfigFileEntry.fname_glinelog, &log_gline },
{ &ConfigFileEntry.fname_operspylog, &log_operspy },
{ &ConfigFileEntry.fname_ioerrorlog, &log_ioerror }
};
{"remote", OPER_REMOTE },
{"kline", OPER_KLINE },
{"unkline", OPER_UNKLINE },
- {"gline", OPER_GLINE },
{"nick_changes", OPER_NICKS },
{"rehash", OPER_REHASH },
{"die", OPER_DIE },
{"exceed_limit", CONF_FLAGS_NOLIMIT },
{"dnsbl_exempt", CONF_FLAGS_EXEMPTDNSBL },
{"kline_exempt", CONF_FLAGS_EXEMPTKLINE },
- {"gline_exempt", CONF_FLAGS_EXEMPTGLINE },
{"flood_exempt", CONF_FLAGS_EXEMPTFLOOD },
{"spambot_exempt", CONF_FLAGS_EXEMPTSPAMBOT },
{"shide_exempt", CONF_FLAGS_EXEMPTSHIDE },
{ "fname_foperlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_foperlog },
{ "fname_serverlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_serverlog },
{ "fname_killlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_killlog },
- { "fname_glinelog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_glinelog },
{ "fname_klinelog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_klinelog },
{ "fname_operspylog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_operspylog },
{ "fname_ioerrorlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_ioerrorlog },
{ "disable_auth", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_auth },
{ "dots_in_ident", CF_INT, NULL, 0, &ConfigFileEntry.dots_in_ident },
{ "failed_oper_notice", CF_YESNO, NULL, 0, &ConfigFileEntry.failed_oper_notice },
- { "glines", CF_YESNO, NULL, 0, &ConfigFileEntry.glines },
- { "gline_min_cidr", CF_INT, NULL, 0, &ConfigFileEntry.gline_min_cidr },
- { "gline_min_cidr6", CF_INT, NULL, 0, &ConfigFileEntry.gline_min_cidr6 },
- { "gline_time", CF_TIME, NULL, 0, &ConfigFileEntry.gline_time },
{ "global_snotices", CF_YESNO, NULL, 0, &ConfigFileEntry.global_snotices },
{ "hide_spoof_ips", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_spoof_ips },
{ "dline_with_reason", CF_YESNO, NULL, 0, &ConfigFileEntry.dline_with_reason },
#include "numeric.h"
#include "logger.h"
#include "send.h"
-#include "s_gline.h"
#include "reject.h"
#include "cache.h"
#include "blacklist.h"
add_reject(client_p, aconf->user, aconf->host);
return (BANNED_CLIENT);
}
- else if(aconf->status & CONF_GLINE)
- {
- sendto_one_notice(client_p, ":*** G-lined");
-
- if(ConfigFileEntry.kline_with_reason)
- sendto_one(client_p,
- form_str(ERR_YOUREBANNEDCREEP),
- me.name, client_p->name, aconf->passwd);
-
- add_reject(client_p, aconf->user, aconf->host);
- return (BANNED_CLIENT);
- }
return NOT_AUTHORISED;
}
ConfigFileEntry.fname_operlog = NULL;
ConfigFileEntry.fname_foperlog = NULL;
ConfigFileEntry.fname_serverlog = NULL;
- ConfigFileEntry.fname_glinelog = NULL;
ConfigFileEntry.fname_klinelog = NULL;
ConfigFileEntry.fname_operspylog = NULL;
ConfigFileEntry.fname_ioerrorlog = NULL;
- ConfigFileEntry.glines = NO;
ConfigFileEntry.use_egd = NO;
- ConfigFileEntry.gline_time = 12 * 3600;
- ConfigFileEntry.gline_min_cidr = 16;
- ConfigFileEntry.gline_min_cidr6 = 48;
ConfigFileEntry.hide_spoof_ips = YES;
ConfigFileEntry.hide_error_messages = 1;
ConfigFileEntry.dots_in_ident = 0;
+++ /dev/null
-/*
- * ircd-ratbox: A slightly useful ircd.
- * s_gline.c: GLine global ban functions.
- *
- * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
- * Copyright (C) 1996-2002 Hybrid Development Team
- * Copyright (C) 2002-2005 ircd-ratbox development team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
- * USA
- *
- * $Id: s_gline.c 254 2005-09-21 23:35:12Z nenolod $
- */
-
-#include "stdinc.h"
-#include "channel.h"
-#include "client.h"
-#include "common.h"
-#include "config.h"
-#include "irc_string.h"
-#include "ircd.h"
-#include "hostmask.h"
-#include "numeric.h"
-#include "s_conf.h"
-#include "scache.h"
-#include "send.h"
-#include "msg.h"
-#include "s_serv.h"
-#include "s_gline.h"
-#include "hash.h"
-
-rb_dlink_list glines;
-
-static void expire_glines(void);
-static void expire_pending_glines(void);
-
-/* add_gline
- *
- * inputs - pointer to struct ConfItem
- * output - none
- * Side effects - links in given struct ConfItem into gline link list
- */
-void
-add_gline(struct ConfItem *aconf)
-{
- rb_dlinkAddTailAlloc(aconf, &glines);
- add_conf_by_address(aconf->host, CONF_GLINE, aconf->user, aconf);
-}
-
-/*
- * find_is_glined
- * inputs - hostname
- * - username
- * output - pointer to struct ConfItem if user@host glined
- * side effects -
- */
-struct ConfItem *
-find_is_glined(const char *host, const char *user)
-{
- rb_dlink_node *gline_node;
- struct ConfItem *kill_ptr;
-
- RB_DLINK_FOREACH(gline_node, glines.head)
- {
- kill_ptr = gline_node->data;
- if((kill_ptr->user && (!user || match(kill_ptr->user, user)))
- && (kill_ptr->host && (!host || match(kill_ptr->host, host))))
- {
- return (kill_ptr);
- }
- }
-
- return (NULL);
-}
-
-/*
- * cleanup_glines
- *
- * inputs - NONE
- * output - NONE
- * side effects - expire gline lists
- * This is an event started off in ircd.c
- */
-void
-cleanup_glines(void *unused)
-{
- expire_glines();
- expire_pending_glines();
-}
-
-/*
- * expire_glines
- *
- * inputs - NONE
- * output - NONE
- * side effects -
- *
- * Go through the gline list, expire any needed.
- */
-static void
-expire_glines()
-{
- rb_dlink_node *gline_node;
- rb_dlink_node *next_node;
- struct ConfItem *kill_ptr;
-
- RB_DLINK_FOREACH_SAFE(gline_node, next_node, glines.head)
- {
- kill_ptr = gline_node->data;
-
- /* these are in chronological order */
- if(kill_ptr->hold > rb_current_time())
- break;
-
- rb_dlinkDestroy(gline_node, &glines);
- delete_one_address_conf(kill_ptr->host, kill_ptr);
- }
-}
-
-/*
- * expire_pending_glines
- *
- * inputs - NONE
- * output - NONE
- * side effects -
- *
- * Go through the pending gline list, expire any that haven't had
- * enough "votes" in the time period allowed
- */
-static void
-expire_pending_glines()
-{
- rb_dlink_node *pending_node;
- rb_dlink_node *next_node;
- struct gline_pending *glp_ptr;
-
- RB_DLINK_FOREACH_SAFE(pending_node, next_node, pending_glines.head)
- {
- glp_ptr = pending_node->data;
-
- if(((glp_ptr->last_gline_time + GLINE_PENDING_EXPIRE) <=
- rb_current_time()) || find_is_glined(glp_ptr->host, glp_ptr->user))
-
- {
- rb_free(glp_ptr->reason1);
- rb_free(glp_ptr->reason2);
- rb_free(glp_ptr);
- rb_dlinkDestroy(pending_node, &pending_glines);
- }
- }
-}
};
static struct oper_flags oper_flagtable[] =
{
- { OPER_GLINE, 'G', 'g' },
{ OPER_KLINE, 'K', 'k' },
{ OPER_XLINE, 'X', 'x' },
{ OPER_RESV, 'Q', 'q' },
sendto_one_notice(source_p, ":*** You are exempt from K/G/X lines. congrats.");
}
- if(IsConfExemptGline(aconf))
- {
- SetExemptGline(source_p);
-
- /* dont send both a kline and gline exempt notice */
- if(!IsConfExemptKline(aconf))
- sendto_one_notice(source_p, ":*** You are exempt from G lines.");
- }
-
if(IsConfExemptDNSBL(aconf))
/* kline exempt implies this, don't send both */
if(!IsConfExemptKline(aconf))
#define FLAGS_RESTRICTED 0x001
#define FLAGS_EXCEEDLIMIT 0x002
#define FLAGS_KLINEEXEMPT 0x004
-#define FLAGS_GLINEEXEMPT 0x008
#define FLAGS_NEEDIDENT 0x010
#define FLAGS_NOTILDE 0x020
{ "restricted", FLAGS_RESTRICTED },
{ "exceed_limit", FLAGS_EXCEEDLIMIT },
{ "kline_exempt", FLAGS_KLINEEXEMPT },
- { "gline_exempt", FLAGS_GLINEEXEMPT },
{ "need_ident", FLAGS_NEEDIDENT },
{ "no_tilde", FLAGS_NOTILDE },
{ NULL, 0 }
ptr->special = 1;
break;
- case '_':
- ptr->flags |= FLAGS_GLINEEXEMPT;
- ptr->special = 1;
- break;
-
case '!':
case '$':
case '%':