The attempt list can be view with sbbscon->'a' command or sbbsctrl->view->Login
Attempt List...
Delay/throttle/hacklog/and auto-filter values/thresholds are now configurable
in sbbs.ini.

recent), and automatically filter IPs of obvious hackers
(100 consecutive unique failed login attempts).

from the same host (but not necessarily the same connection).
No login retry is allowed for suspected hackers (one authentication attempt per
connection).
New-connections from suspected hack hosts are now delayed increasingly with
the number of failed login attempts.

from the same host (but not necessarily the same connection).
No login retry is allowed for suspected hackers (one authentication attempt per
connection).
Other FTP hack.log entries contain a little more detail about the type of
suspected hack attempt (e.g. "FTP BOUNCE").

of configured upload requirements) and exceed the "max files" settings per dir.

commonly modified by multiple threads, potentially simultaneously, resulting in
bad values (e.g. active_clients = -1).
Updated copyright date to 2011.
Fixed Win32 compile bug in main.cpp introduced in last commit.
Eliminated some unused variables and updated some times (e.g. ulong in place
fo uint32_t).

warning C4018: '!=' : signed/unsigned mismatch

ftp://yourbbs.com/00index.txt (or .html) - implemented EPSV (and EPRT) commands
and SIZE command no longer fails with error 500 on dynamic files (reports size
of 0 bytes instead).

Fixes crashes with 64-bit off_t in ftpsrvr.c

(potentially) non-blank for external JS modules configured in SCFG->External
Programs, as well as those executed from jsexec. If the startup_dir is
specified in SCFG and no path is given for the .js file, it will look in the
startup_dir first. js.startup_dir will be an empty string for all other cases
(currently).

warning log level.
Added more debug log output.

error counting/logging/messages to be handled by front-end (e.g. control panel)
regardless of log_level setting.
Mail server now filters blocked-subjects before applying DNSBL tag.
Received message header TO and FROM fields are no longer checked against the
email.can file for SMTP-authenticated clients.
SMTP MAIL FROM and RCTP TO addresses are no longer checked against the
email.can file for SMTP-authenticated clients.
Statistics are displayed in a more legible manner when the mail server is
terminated.
The msgs_received stats counter now includes blocked and ignored messages too.

system (in a multi-computer BBS) the error occurred.
For the mail server:
- keep track of the number of times each mailproc handled a message
- display counters when blocking/filtering messages in log output
- advertise 8BITMIME in the ESMTP EHLO response
- do not route mail to mailproc when the execution requirements are not met
  (e.g. ARS, DNSBL, SPAM, etc.)

path enhancement to work (e.g. now finds "exec/load/sbbsdefs.js").

created:
js.exec_path - full path and filename of file executed
js.exec_dir - directory of executed file
js.exec_file - filename executed (with no path)

Configurable via ctrl/sbbs.ini file JavaScriptLoadPath key value
(comma-separate listed of search directories), default value is "load".
This list is exposed in the JS object model via the js.load_path_list array
(may be modified by scripts).
For JSexec, the default load path list may be over-ridden with the '-i' option.
For relative load paths (e.g. not beginning with '/' or '\'), the path is
assumed to be a sub-directory of the (configurable) mods or exec directories
and is searched accordingly.
So, by default, load("somefile.js") will search in this order:
mods/load/somefile.js
exec/load/somefile.js
mods/somefile.js
exec/somefile.js

thread-safe. This needs to be done for the mail server do, but major
(unrelated) changes are pending.

instance (e.g. sbbs->useron) - this should solve the problem with an online
Guest user not getting account changes made via JS scripts (e.g. logon.js).
This may create other unforeseen problems. :-)

Added HOST and IP keywords to allow restricted access/privileges to/for
specific remote hostnames or IP addresses (wildcards allowed).
All string-argument type ARS keywords (e.g. SHELL, PROT, etc.) now support .can
style wildcards.
The current remote client is now used for protocol, host, and IP ARS checking,
when available, so this requires passing the client pointer around (which
explains why so many files are touched by this change) and takes care of a
long standing to-do item (the user's 'modem' value was used for the PROT
value checking, which was not always correct).

current working directory to the "ctrl" directory during initialization.

immediately and delete semaphore file.

Constified the arguments.
Created exascii_to_ascii_char().
Created ctrl_a_to_ascii_char().
strip_ctrl() and prep_file_desc() now takes 2 args.
strip_ctrl(), strip_exascii() and prep_file_desc() now strdup() the input
string and if the dest arg is NULL, returns the allocated and modified copy.
sbbs_t::bputs() now handles ^AZ.
Change Ctrl-A code message network exporting:
1. ^AL, ^A<, ^A[, and ^A] are always translated to ASCII equivalents.
2. ^AZ will terminate the message body prematurely if found.
3. Ex-ASCII (CP437) chars will be translated to ASCII equivalents (rather than
'*') for "ASCII Only" subs.
For import, don't allow Ctrl-AP or Ctrl-AL.
For SBBSecho:
Added support for specifying a link's address on the command-line (e.g. for
use with -h).
Mail server now strips Ctrl-A codes from message bodies for sending via POP3
or SMTP.

data/error.log file.
Also, fixed the possible infinite loop in main.cpp output_thread() when send()
fails for the system output socket.

Also, on FreeBSD, SetThreadName() will silently fail if the name is more
than 19 bytes long (not including terminating null) truncate as needed.

Some overhaul of log levels in web server.

Eliminated some bcc32-reported warnings.