From 7bef381cc60df4b67aa402ef0b9fadb4e099b617 Mon Sep 17 00:00:00 2001 From: stskeeps Date: Fri, 21 Jun 2002 10:23:16 +0000 Subject: [PATCH] - Added set::scan::bind-ip, set::scan::message, on request of RaYmAn, documented in example.conf --- Changes | 2 ++ doc/example.conf | 12 ++++++++++ src/modules/scan.c | 49 +++++++++++++++++++++++++++++++++++----- src/modules/scan_http.c | 11 +++++++++ src/modules/scan_socks.c | 20 +++++++++------- 5 files changed, 80 insertions(+), 14 deletions(-) diff --git a/Changes b/Changes index 7e8d283cb..7d073a0c7 100644 --- a/Changes +++ b/Changes @@ -1350,3 +1350,5 @@ seen. gmtime warning still there or +H was specified in modes-on-oper. - Fix a minor stupid in m_quit.c. - Added /who +R which shows real host to opers. +- Added set::scan::bind-ip, set::scan::message, on request of RaYmAn, documented + in example.conf diff --git a/doc/example.conf b/doc/example.conf index c6f7545c7..d1449e6f7 100644 --- a/doc/example.conf +++ b/doc/example.conf @@ -704,6 +704,18 @@ set { scan { ban-message "Insecure SOCKS server"; quit-message "Insecure SOCKS server"; + /* Choose this to be some IP and some port that's always open and + * reachable by the proxies + */ + endpoint [ip]:port; + /* + * What IP should the scanners bind to before connecting + */ + bind-ip "ip"; + /* + * What message should we NOTICE to the users when we scan them + */ + message " (admin didn't edit config correctly)"; ban-time "4d"; }; maxchannelsperuser 10; diff --git a/src/modules/scan.c b/src/modules/scan.c index 00352eccf..13422744a 100644 --- a/src/modules/scan.c +++ b/src/modules/scan.c @@ -55,9 +55,11 @@ #include "modules/scan.h" /* IRCd will fill with a pointer to this module */ struct SOCKADDR_IN Scan_endpoint; +struct IN_ADDR Scan_bind; int Scan_BanTime = 0, Scan_TimeOut = 0; static Scan_AddrStruct *Scannings = NULL; MUTEX Scannings_lock; +static char *scan_message; DLLFUNC int h_scan_connect(aClient *sptr); DLLFUNC int h_config_set_scan(void); @@ -92,11 +94,13 @@ int m_scan_Init(ModuleInfo *modinfo) #endif { int id; + scan_message = NULL; bcopy(modinfo,&ScanModInfo,modinfo->size); ScanHost = (Hooktype *)HooktypeAdd(modinfo->handle, "HOOKTYPE_SCAN_HOST", &HOOKTYPE_SCAN_HOST); LocConnect = HookAddEx(ScanModInfo.handle, HOOKTYPE_LOCAL_CONNECT, h_scan_connect); ConfUnknown = HookAddEx(ScanModInfo.handle, HOOKTYPE_CONFIG_UNKNOWN, h_config_set_scan); ServerStats = HookAddEx(ScanModInfo.handle, HOOKTYPE_STATS, h_stats_scan); + bzero(&Scan_bind, sizeof(Scan_bind)); IRCCreateMutex(Scannings_lock); return MOD_SUCCESS; } @@ -132,14 +136,14 @@ int m_scan_Load(int module_load) Scan_endpoint.SIN_PORT = htons(conf_listen->port); Scan_endpoint.SIN_FAMILY = AFINET; } + if (Scan_BanTime == 0) Scan_BanTime = 86400; if (Scan_TimeOut == 0) Scan_TimeOut = 20; LockEventSystem(); - Scannings_clean = EventAddEx(ScanModInfo.handle, "e_scannings_clean", 0, 0, e_scannings_clean, -NULL); + Scannings_clean = EventAddEx(ScanModInfo.handle, "e_scannings_clean", 0, 0, e_scannings_clean, NULL); UnlockEventSystem(); return MOD_SUCCESS; } @@ -177,6 +181,8 @@ int m_scan_Unload(void) EventDel(Scannings_clean); UnlockEventSystem(); IRCMutexDestroy(Scannings_lock); + if (scan_message) + free(scan_message); } return ret; } @@ -307,7 +313,9 @@ DLLFUNC int h_scan_connect(aClient *sptr) if (Scan_IsBeingChecked(&sptr->ip)) return 0; - + if (scan_message) + sendto_one(sptr, ":%s NOTICE %s :%s", + me.name, sptr->name, scan_message); sr = MyMalloc(sizeof(Scan_AddrStruct)); sr->in = sptr->ip; sr->refcnt = 0; @@ -363,6 +371,7 @@ DLLFUNC int h_config_set_scan(void) } Scan_BanTime = atime(ce->ce_vardata); } + else if (!strcmp(ce->ce_varname, "timeout")) { if (!ce->ce_vardata) { config_status("%s:%i: set::scan::timeout has no value", @@ -371,7 +380,7 @@ DLLFUNC int h_config_set_scan(void) } Scan_TimeOut = atime(ce->ce_vardata); } - + else if (!strcmp(ce->ce_varname, "endpoint")) { if (!ce->ce_vardata) @@ -408,8 +417,32 @@ DLLFUNC int h_config_set_scan(void) Scan_endpoint.SIN_PORT = htons(iport); Scan_endpoint.SIN_FAMILY = AFINET; } - - + else if (!strcmp(ce->ce_varname, "bind-ip")) + { + if (!ce->ce_vardata) + { + config_status("%s:%i: set::scan::bind: syntax [ip]", + ce->ce_fileptr->cf_filename, ce->ce_varlinenum); + break; + } +#ifndef INET6 + Scan_bind.S_ADDR = inet_addr(ce->ce_vardata); +#else + inet_pton(AFINET, ce->ce_vardata, Scan_bind.S_ADDR); +#endif + } + else if (!strcmp(ce->ce_varname, "message")) + { + if (!ce->ce_vardata) + { + config_status("%s:%i: set::scan::message requires an argument", + ce->ce_fileptr->cf_filename, ce->ce_varlinenum); + break; + } + if (scan_message) + free(scan_message); + scan_message = strdup(ce->ce_vardata); + } } del_ConfigItem(sets, conf_unknown_set); } @@ -425,6 +458,10 @@ DLLFUNC int h_stats_scan(aClient *sptr, char *stats) { Scan_BanTime); sendto_one(sptr, ":%s %i %s :scan::timeout: %d", me.name, RPL_TEXT, sptr->name, Scan_TimeOut); + sendto_one(sptr, ":%s %i %s :scan::bind-ip: %s", + me.name, RPL_TEXT, Inet_ia2p(&Scan_bind)); + sendto_one(sptr, ":%s %i %s :scan::message: %s", + me.name, RPL_TEXT, scan_message ? scan_message : ""); } return 0; } diff --git a/src/modules/scan_http.c b/src/modules/scan_http.c index 11f19696f..bc74793ac 100644 --- a/src/modules/scan_http.c +++ b/src/modules/scan_http.c @@ -63,6 +63,7 @@ struct _hsstruct static vFP xEadd_scan = NULL; static struct SOCKADDR_IN *xScan_endpoint = NULL; +static struct IN_ADDR *xScan_bind = NULL; static int *xScan_TimeOut = 0; static Hook *HttpScanHost = NULL; static int HOOKTYPE_SCAN_HOST; @@ -76,6 +77,7 @@ static Mod_SymbolDepTable modsymdep[] = { MOD_Dep(Eadd_scan, xEadd_scan, "src/modules/scan.so"), MOD_Dep(Scan_endpoint, xScan_endpoint, "src/modules/scan.so"), + MOD_Dep(Scan_bind, xScan_bind, "src/modules/scan.so"), MOD_Dep(Scan_TimeOut, xScan_TimeOut, "src/modules/scan.so"), {NULL, NULL} }; @@ -188,6 +190,7 @@ void scan_http_scan_port(HSStruct *z) unsigned char *cp; #endif struct SOCKADDR_IN sin; + struct SOCKADDR_IN bin; SOCKET fd; unsigned char httpbuf[160]; fd_set rfds; @@ -218,6 +221,14 @@ void scan_http_scan_port(HSStruct *z) goto exituniverse; return; } +#ifndef INET6 + bin.SIN_ADDR = *xScan_bind; +#else + bcopy((char *)xScan_bind, (char *)&bin.SIN_ADDR, sizeof(struct IN_ADDR)); +#endif + bin.SIN_FAMILY = AFINET; + bin.SIN_PORT = 0; + bind(fd, (struct SOCKADDR *)&bin, sizeof(bin)); sin.SIN_PORT = htons((unsigned short)z->port); sin.SIN_FAMILY = AFINET; diff --git a/src/modules/scan_socks.c b/src/modules/scan_socks.c index 8ac7ff9e9..70866face 100644 --- a/src/modules/scan_socks.c +++ b/src/modules/scan_socks.c @@ -59,6 +59,7 @@ static Hook *SocksScanHost = NULL; static vFP xEadd_scan = NULL; static struct SOCKADDR_IN *xScan_endpoint = NULL; +static struct IN_ADDR *xScan_bind = NULL; static int *xScan_TimeOut = 0; #ifdef STATIC_LINKING extern void Eadd_scan(); @@ -74,6 +75,7 @@ static Mod_SymbolDepTable modsymdep[] = { MOD_Dep(Eadd_scan, xEadd_scan, "src/modules/scan.so"), MOD_Dep(Scan_endpoint, xScan_endpoint, "src/modules/scan.so"), + MOD_Dep(Scan_bind, xScan_bind, "src/modules/scan.so"), MOD_Dep(Scan_TimeOut, xScan_TimeOut, "src/modules/scan.so"), {NULL, NULL} }; @@ -167,6 +169,7 @@ void scan_socks4_scan(Scan_AddrStruct *h) unsigned char *cp; #endif struct SOCKADDR_IN sin; + struct SOCKADDR_IN bin; struct in_addr ia4; SOCKET fd; unsigned char socksbuf[10]; @@ -184,15 +187,7 @@ void scan_socks4_scan(Scan_AddrStruct *h) bcopy(sin.SIN_ADDR.S_ADDR, h->in.S_ADDR, sizeof(h->in.S_ADDR)); #endif IRCMutexUnlock((h->lock)); - /* IPv6 ?*/ #ifdef INET6 - IRCMutexLock((h->lock)); -#ifndef INET6 - sin.SIN_ADDR.S_ADDR = h->in.S_ADDR; -#else - bcopy(sin.SIN_ADDR.S_ADDR, h->in.S_ADDR, sizeof(h->in.S_ADDR)); -#endif - IRCMutexUnlock((h->lock)); /* ::ffff:ip hack */ cp = (u_char *)&h->in.s6_addr; if (!(cp[0] == 0 && cp[1] == 0 && cp[2] == 0 && cp[3] == 0 && cp[4] == 0 @@ -207,6 +202,15 @@ void scan_socks4_scan(Scan_AddrStruct *h) goto exituniverse; return; } + +#ifndef INET6 + bin.SIN_ADDR = *xScan_bind; +#else + bcopy((char *)xScan_bind, (char *)&bin.SIN_ADDR, sizeof(struct IN_ADDR)); +#endif + bin.SIN_FAMILY = AFINET; + bin.SIN_PORT = 0; + bind(fd, (struct SOCKADDR *)&bin, sizeof(bin)); sin.SIN_PORT = htons((unsigned short)SCAN_ON_PORT); sin.SIN_FAMILY = AFINET; /* We do this non-blocking to prevent a hang of the entire ircd with newer