Also apply floodcount to messages to remote clients (except services).

As before, only local clients can have their message blocked.
This commit is contained in:
Jilles Tjoelker 2008-07-22 01:46:34 +02:00
parent 85b8e6497d
commit dada366b70
2 changed files with 27 additions and 19 deletions

View File

@ -168,6 +168,10 @@ struct Client
*/ */
rb_dlink_list on_allow_list; rb_dlink_list on_allow_list;
time_t first_received_message_time;
int received_number_of_privmsgs;
int flood_noticed;
local_user_t *localClient; local_user_t *localClient;
pre_client_t *preClient; pre_client_t *preClient;
}; };
@ -189,9 +193,6 @@ struct LocalUser
int oper_warn_count_down; /* warn opers of this possible int oper_warn_count_down; /* warn opers of this possible
spambot every time this gets to 0 */ spambot every time this gets to 0 */
time_t last_caller_id_time; time_t last_caller_id_time;
time_t first_received_message_time;
int received_number_of_privmsgs;
int flood_noticed;
time_t lasttime; /* last time we parsed something */ time_t lasttime; /* last time we parsed something */
time_t firsttime; /* time client was created */ time_t firsttime; /* time client was created */

View File

@ -704,7 +704,8 @@ msg_client(int p_or_n, const char *command,
form_str(ERR_NONONREG), form_str(ERR_NONONREG),
target_p->name); target_p->name);
/* Only so opers can watch for floods */ /* Only so opers can watch for floods */
(void) flood_attack_client(p_or_n, source_p, target_p); if (MyClient(source_p))
(void) flood_attack_client(p_or_n, source_p, target_p);
} }
else else
{ {
@ -731,7 +732,8 @@ msg_client(int p_or_n, const char *command,
target_p->localClient->last_caller_id_time = rb_current_time(); target_p->localClient->last_caller_id_time = rb_current_time();
} }
/* Only so opers can watch for floods */ /* Only so opers can watch for floods */
(void) flood_attack_client(p_or_n, source_p, target_p); if (MyClient(source_p))
(void) flood_attack_client(p_or_n, source_p, target_p);
} }
} }
else else
@ -767,33 +769,38 @@ flood_attack_client(int p_or_n, struct Client *source_p, struct Client *target_p
{ {
int delta; int delta;
if(GlobalSetOptions.floodcount && MyConnect(target_p) && IsClient(source_p) && source_p != target_p) /* Services could get many messages legitimately and
* can be messaged without rate limiting via aliases
* and msg user@server.
* -- jilles
*/
if(GlobalSetOptions.floodcount && IsClient(source_p) && source_p != target_p && !IsService(target_p))
{ {
if((target_p->localClient->first_received_message_time + 1) < rb_current_time()) if((target_p->first_received_message_time + 1) < rb_current_time())
{ {
delta = rb_current_time() - target_p->localClient->first_received_message_time; delta = rb_current_time() - target_p->first_received_message_time;
target_p->localClient->received_number_of_privmsgs -= delta; target_p->received_number_of_privmsgs -= delta;
target_p->localClient->first_received_message_time = rb_current_time(); target_p->first_received_message_time = rb_current_time();
if(target_p->localClient->received_number_of_privmsgs <= 0) if(target_p->received_number_of_privmsgs <= 0)
{ {
target_p->localClient->received_number_of_privmsgs = 0; target_p->received_number_of_privmsgs = 0;
target_p->localClient->flood_noticed = 0; target_p->flood_noticed = 0;
} }
} }
if((target_p->localClient->received_number_of_privmsgs >= if((target_p->received_number_of_privmsgs >=
GlobalSetOptions.floodcount) || target_p->localClient->flood_noticed) GlobalSetOptions.floodcount) || target_p->flood_noticed)
{ {
if(target_p->localClient->flood_noticed == 0) if(target_p->flood_noticed == 0)
{ {
sendto_realops_snomask(SNO_BOTS, L_NETWIDE, sendto_realops_snomask(SNO_BOTS, L_NETWIDE,
"Possible Flooder %s[%s@%s] on %s target: %s", "Possible Flooder %s[%s@%s] on %s target: %s",
source_p->name, source_p->username, source_p->name, source_p->username,
source_p->orighost, source_p->orighost,
source_p->servptr->name, target_p->name); source_p->servptr->name, target_p->name);
target_p->localClient->flood_noticed = 1; target_p->flood_noticed = 1;
/* add a bit of penalty */ /* add a bit of penalty */
target_p->localClient->received_number_of_privmsgs += 2; target_p->received_number_of_privmsgs += 2;
} }
if(MyClient(source_p) && (p_or_n != NOTICE)) if(MyClient(source_p) && (p_or_n != NOTICE))
sendto_one(source_p, sendto_one(source_p,
@ -802,7 +809,7 @@ flood_attack_client(int p_or_n, struct Client *source_p, struct Client *target_p
return 1; return 1;
} }
else else
target_p->localClient->received_number_of_privmsgs++; target_p->received_number_of_privmsgs++;
} }
return 0; return 0;