|
@@ -31,12 +31,10 @@ import (
|
31
|
31
|
)
|
32
|
32
|
|
33
|
33
|
var (
|
34
|
|
- // cached because this may be used lots
|
35
|
|
- tooManyClientsMsg = ircmsg.MakeMessage(nil, "", "ERROR", "Too many clients from your network")
|
36
|
|
- tooManyClientsBytes, _ = tooManyClientsMsg.Line()
|
37
|
|
-
|
38
|
|
- bannedFromServerMsg = ircmsg.MakeMessage(nil, "", "ERROR", "You are banned from this server (%s)")
|
39
|
|
- bannedFromServerBytes, _ = bannedFromServerMsg.Line()
|
|
34
|
+ // common error responses
|
|
35
|
+ tooManyClientsMsg, _ = (&[]ircmsg.IrcMessage{ircmsg.MakeMessage(nil, "", "ERROR", "Too many clients from your network")}[0]).Line()
|
|
36
|
+ couldNotParseIPMsg, _ = (&[]ircmsg.IrcMessage{ircmsg.MakeMessage(nil, "", "ERROR", "Unable to parse your IP address")}[0]).Line()
|
|
37
|
+ bannedFromServerMsg, _ = (&[]ircmsg.IrcMessage{ircmsg.MakeMessage(nil, "", "ERROR", "You are banned from this server (%s)")}[0]).Line()
|
40
|
38
|
|
41
|
39
|
errDbOutOfDate = errors.New("Database schema is old")
|
42
|
40
|
)
|
|
@@ -430,58 +428,61 @@ func (server *Server) Run() {
|
430
|
428
|
case conn := <-server.newConns:
|
431
|
429
|
// check connection limits
|
432
|
430
|
ipaddr := net.ParseIP(IPString(conn.Conn.RemoteAddr()))
|
433
|
|
- if ipaddr != nil {
|
434
|
|
- // check DLINEs
|
435
|
|
- isBanned, info := server.dlines.CheckIP(ipaddr)
|
436
|
|
- if isBanned {
|
437
|
|
- banMessage := fmt.Sprintf(bannedFromServerBytes, info.Reason)
|
438
|
|
- if info.Time != nil {
|
439
|
|
- banMessage += fmt.Sprintf(" [%s]", info.Time.Duration.String())
|
440
|
|
- }
|
441
|
|
- conn.Conn.Write([]byte(banMessage))
|
442
|
|
- conn.Conn.Close()
|
443
|
|
- continue
|
444
|
|
- }
|
445
|
|
-
|
446
|
|
- // check connection limits
|
447
|
|
- server.connectionLimitsMutex.Lock()
|
448
|
|
- err := server.connectionLimits.AddClient(ipaddr, false)
|
449
|
|
- server.connectionLimitsMutex.Unlock()
|
450
|
|
- if err != nil {
|
451
|
|
- // too many connections from one client, tell the client and close the connection
|
452
|
|
- // this might not show up properly on some clients, but our objective here is just to close it out before it has a load impact on us
|
453
|
|
- conn.Conn.Write([]byte(tooManyClientsBytes))
|
454
|
|
- conn.Conn.Close()
|
455
|
|
- continue
|
|
431
|
+ if ipaddr == nil {
|
|
432
|
+ conn.Conn.Write([]byte(couldNotParseIPMsg))
|
|
433
|
+ conn.Conn.Close()
|
|
434
|
+ continue
|
|
435
|
+ }
|
|
436
|
+ // check DLINEs
|
|
437
|
+ isBanned, info := server.dlines.CheckIP(ipaddr)
|
|
438
|
+ if isBanned {
|
|
439
|
+ banMessage := fmt.Sprintf(bannedFromServerMsg, info.Reason)
|
|
440
|
+ if info.Time != nil {
|
|
441
|
+ banMessage += fmt.Sprintf(" [%s]", info.Time.Duration.String())
|
456
|
442
|
}
|
|
443
|
+ conn.Conn.Write([]byte(banMessage))
|
|
444
|
+ conn.Conn.Close()
|
|
445
|
+ continue
|
|
446
|
+ }
|
457
|
447
|
|
458
|
|
- // check connection throttle
|
459
|
|
- server.connectionThrottleMutex.Lock()
|
460
|
|
- err = server.connectionThrottle.AddClient(ipaddr)
|
461
|
|
- server.connectionThrottleMutex.Unlock()
|
462
|
|
- if err != nil {
|
463
|
|
- // too many connections too quickly from client, tell them and close the connection
|
464
|
|
- length := &IPRestrictTime{
|
465
|
|
- Duration: server.connectionThrottle.BanDuration,
|
466
|
|
- Expires: time.Now().Add(server.connectionThrottle.BanDuration),
|
467
|
|
- }
|
468
|
|
- server.dlines.AddIP(ipaddr, length, server.connectionThrottle.BanMessage, "Exceeded automated connection throttle")
|
469
|
|
-
|
470
|
|
- // reset ban on connectionThrottle
|
471
|
|
- server.connectionThrottle.ResetFor(ipaddr)
|
|
448
|
+ // check connection limits
|
|
449
|
+ server.connectionLimitsMutex.Lock()
|
|
450
|
+ err := server.connectionLimits.AddClient(ipaddr, false)
|
|
451
|
+ server.connectionLimitsMutex.Unlock()
|
|
452
|
+ if err != nil {
|
|
453
|
+ // too many connections from one client, tell the client and close the connection
|
|
454
|
+ // this might not show up properly on some clients, but our objective here is just to close it out before it has a load impact on us
|
|
455
|
+ conn.Conn.Write([]byte(tooManyClientsMsg))
|
|
456
|
+ conn.Conn.Close()
|
|
457
|
+ continue
|
|
458
|
+ }
|
472
|
459
|
|
473
|
|
- // this might not show up properly on some clients, but our objective here is just to close it out before it has a load impact on us
|
474
|
|
- conn.Conn.Write([]byte(server.connectionThrottle.BanMessageBytes))
|
475
|
|
- conn.Conn.Close()
|
476
|
|
- continue
|
|
460
|
+ // check connection throttle
|
|
461
|
+ server.connectionThrottleMutex.Lock()
|
|
462
|
+ err = server.connectionThrottle.AddClient(ipaddr)
|
|
463
|
+ server.connectionThrottleMutex.Unlock()
|
|
464
|
+ if err != nil {
|
|
465
|
+ // too many connections too quickly from client, tell them and close the connection
|
|
466
|
+ length := &IPRestrictTime{
|
|
467
|
+ Duration: server.connectionThrottle.BanDuration,
|
|
468
|
+ Expires: time.Now().Add(server.connectionThrottle.BanDuration),
|
477
|
469
|
}
|
|
470
|
+ server.dlines.AddIP(ipaddr, length, server.connectionThrottle.BanMessage, "Exceeded automated connection throttle")
|
478
|
471
|
|
479
|
|
- server.logger.Debug("localconnect-ip", fmt.Sprintf("Client connecting from %v", ipaddr))
|
480
|
|
- // prolly don't need to alert snomasks on this, only on connection reg
|
|
472
|
+ // reset ban on connectionThrottle
|
|
473
|
+ server.connectionThrottle.ResetFor(ipaddr)
|
481
|
474
|
|
482
|
|
- go NewClient(server, conn.Conn, conn.IsTLS)
|
|
475
|
+ // this might not show up properly on some clients, but our objective here is just to close it out before it has a load impact on us
|
|
476
|
+ conn.Conn.Write([]byte(server.connectionThrottle.BanMessageBytes))
|
|
477
|
+ conn.Conn.Close()
|
483
|
478
|
continue
|
484
|
479
|
}
|
|
480
|
+
|
|
481
|
+ server.logger.Debug("localconnect-ip", fmt.Sprintf("Client connecting from %v", ipaddr))
|
|
482
|
+ // prolly don't need to alert snomasks on this, only on connection reg
|
|
483
|
+
|
|
484
|
+ go NewClient(server, conn.Conn, conn.IsTLS)
|
|
485
|
+ continue
|
485
|
486
|
}
|
486
|
487
|
}
|
487
|
488
|
}
|