Synchronet now requires the libarchive development package (e.g. libarchive-dev on Debian-based Linux distros, libarchive.org for more info) to build successfully.

Commit c2737896 authored by rswindell's avatar rswindell

Added support for '-f' (filter bogus clients) command-line option, which

automatically adds the IP address of "bogus" anonymous/guest clients to the
IP filter file.
Bogus clients are those that send more than max_bogus_cmds (default: 10)
(e.g. requesting non-existing newsgroups or articles).
parent 2a4d85b7
...@@ -30,17 +30,23 @@ var auto_login = false; ...@@ -30,17 +30,23 @@ var auto_login = false;
var msgs_read = 0; var msgs_read = 0;
var msgs_posted = 0; var msgs_posted = 0;
var slave = false; var slave = false;
var bogus_cmd_counter = 0;
var max_bogus_cmds = 10;
var filter_bogus_clients = false;
// Parse arguments // Parse arguments
for(i=0;i<argc;i++) for(i=0;i<argc;i++) {
if(argv[i].toLowerCase()=="-d") if(argv[i].toLowerCase()=="-d")
debug = true; debug = true;
else if(argv[i].toLowerCase()=="-f")
filter_bogus_clients = true;
else if(argv[i].toLowerCase()=="-na") else if(argv[i].toLowerCase()=="-na")
no_anonymous = true; no_anonymous = true;
else if(argv[i].toLowerCase()=="-auto") { else if(argv[i].toLowerCase()=="-auto") {
no_anonymous = true; no_anonymous = true;
auto_login = true; auto_login = true;
} }
}
// Write a string to the client socket // Write a string to the client socket
function write(str) function write(str)
...@@ -281,6 +287,7 @@ while(client.socket.is_connected && !quit) { ...@@ -281,6 +287,7 @@ while(client.socket.is_connected && !quit) {
else { else {
writeln("411 no such newsgroup"); writeln("411 no such newsgroup");
log("!no such group"); log("!no such group");
bogus_cmd_counter++;
} }
break; break;
...@@ -398,10 +405,12 @@ while(client.socket.is_connected && !quit) { ...@@ -398,10 +405,12 @@ while(client.socket.is_connected && !quit) {
case "STAT": case "STAT":
if(msgbase==null) { if(msgbase==null) {
writeln("412 no newsgroup selected"); writeln("412 no newsgroup selected");
bogus_cmd_counter++;
break; break;
} }
if(cmd[1]==undefined) { if(cmd[1]==undefined) {
writeln("420 no current article has been selected"); writeln("420 no current article has been selected");
bogus_cmd_counter++;
break; break;
} }
if(cmd[1]!='') { if(cmd[1]!='') {
...@@ -644,6 +653,17 @@ while(client.socket.is_connected && !quit) { ...@@ -644,6 +653,17 @@ while(client.socket.is_connected && !quit) {
log("!unknown command"); log("!unknown command");
break; break;
} }
if(user.security.restrictions&UFLAG_G /* Only guest/anonymous logins can be "bogus" */
&& bogus_cmd_counter >= max_bogus_cmds) {
log(format("!TOO MANY BOGUS COMMANDS (%u)", bogus_cmd_counter));
if(filter_bogus_clients) {
log("!FILTERING CLIENT'S IP ADDRESS: " + client.ip_address);
system.filter_ip("NNTP","- TOO MANY BOGUS COMMANDS (Example: " + cmdline +")"
, client.host_name, client.ip_address, client.user_name);
}
break;
}
} }
// Log statistics // Log statistics
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment