From 5acef88ceb01104f911c07c1348a26abacd05071 Mon Sep 17 00:00:00 2001 From: Bram Matthys Date: Sun, 30 May 2021 19:09:46 +0200 Subject: [PATCH] All violatons of target-flood, nick-flood, join-flood, away-flood, invite-flood, knock-flood, max-concurrent-conversations are now reported to opers with the snomask 'f' (flood). --- doc/RELEASE-NOTES.md | 3 +++ include/h.h | 1 + src/modules/targetfloodprot.c | 2 ++ src/user.c | 20 ++++++++++++++++++++ 4 files changed, 26 insertions(+) diff --git a/doc/RELEASE-NOTES.md b/doc/RELEASE-NOTES.md index 994739b23..4ec9c1236 100644 --- a/doc/RELEASE-NOTES.md +++ b/doc/RELEASE-NOTES.md @@ -20,6 +20,9 @@ Breaking change: [security-group block](https://www.unrealircd.org/docs/Security-group_block). * See [here](https://www.unrealircd.org/docs/FAQ#new-anti-flood-block) for more information on the layout of the new set::anti-flood block. + * All violatons of target-flood, nick-flood, join-flood, away-flood, + invite-flood, knock-flood, max-concurrent-conversations are now + reported to opers with the snomask 'f' (flood). Enhancements: * Add support for database encryption. The way this works diff --git a/include/h.h b/include/h.h index b07de09c8..fde098ee5 100644 --- a/include/h.h +++ b/include/h.h @@ -1069,3 +1069,4 @@ extern int flood_limit_exceeded(Client *client, FloodOption opt); extern FloodSettings *find_floodsettings_block(const char *name); extern FloodSettings *get_floodsettings_for_user(Client *client, FloodOption opt); extern MODVAR char *floodoption_names[]; +extern void flood_limit_exceeded_log(Client *client, char *floodname); diff --git a/src/modules/targetfloodprot.c b/src/modules/targetfloodprot.c index be1e4d5b3..70f054a02 100644 --- a/src/modules/targetfloodprot.c +++ b/src/modules/targetfloodprot.c @@ -259,6 +259,7 @@ int targetfloodprot_can_send_to_channel(Client *client, Channel *channel, Member if (flood->cnt[what] >= channelcfg->cnt[what]) { /* Flood detected */ + flood_limit_exceeded_log(client, "target-flood-channel"); snprintf(errbuf, sizeof(errbuf), "Channel is being flooded. Message not delivered."); *errmsg = errbuf; return HOOK_DENY; @@ -305,6 +306,7 @@ int targetfloodprot_can_send_to_user(Client *client, Client *target, char **text if (flood->cnt[what] >= privatecfg->cnt[what]) { /* Flood detected */ + flood_limit_exceeded_log(client, "target-flood-user"); snprintf(errbuf, sizeof(errbuf), "User is being flooded. Message not delivered."); *errmsg = errbuf; return HOOK_DENY; diff --git a/src/user.c b/src/user.c index 54381b363..f01a8e2d0 100644 --- a/src/user.c +++ b/src/user.c @@ -179,6 +179,7 @@ int target_limit_exceeded(Client *client, void *target, const char *name) client->local->nexttarget += 2; /* punish them some more */ client->local->since += 2; /* lag them up as well */ + flood_limit_exceeded_log(client, "max-concurrent-conversations"); sendnumeric(client, ERR_TARGETTOOFAST, name, client->local->nexttarget - TStime()); return 1; @@ -939,6 +940,22 @@ char *get_connect_extinfo(Client *client) return retbuf; } +/** Log a message that flood protection kicked in for the client. + * This sends to the +f snomask at the moment. + * FIXME: we should provide an option to log this too? + * @param client The client to check flood for (local user) + * @param opt The flood option (eg FLD_AWAY) + */ +void flood_limit_exceeded_log(Client *client, char *floodname) +{ + sendto_snomask_global(SNO_FLOOD, "Flood blocked (%s) from %s!%s@%s [%s]", + floodname, + client->name, + client->user->username, + client->user->realhost, + GetIP(client)); +} + /** Is the flood limit exceeded for an option? eg for away-flood. * @param client The client to check flood for (local user) * @param opt The flood option (eg FLD_AWAY) @@ -972,7 +989,10 @@ int flood_limit_exceeded(Client *client, FloodOption opt) if (client->local->flood[opt].count <= f->limit[opt]) client->local->flood[opt].count++; if (client->local->flood[opt].count > f->limit[opt]) + { + flood_limit_exceeded_log(client, floodoption_names[opt]); return 1; /* Flood limit hit! */ + } return 0; }