diff options
author | Adam Frisby | 2009-05-11 19:23:51 +0000 |
---|---|---|
committer | Adam Frisby | 2009-05-11 19:23:51 +0000 |
commit | 6dcafec22d560c50625c8a391701606a1a0bb363 (patch) | |
tree | 6e0199901946f9a0b7a9797bbc85a30c2b094288 | |
parent | Add selling for $0 back to the sample economy module. This is disabled by (diff) | |
download | opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.zip opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.gz opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.bz2 opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.xz |
* Implements IP and DNS based ban facilities to OpenSim.
* User interface is ... primitive at best right now.
* Loads bans from bans.txt and region ban DB on startup, bans.txt is in the format of one per line. The following explains how they are read;
DNS bans are in the form "somewhere.com" will block ANY matching domain (including "betasomewhere.com", "beta.somewhere.com", "somewhere.com.beta") - make sure to be reasonably specific in DNS bans.
IP address bans match on first characters, so, "127.0.0.1" will ban only that address, "127.0.1" will ban "127.0.10.0" but "127.0.1." will ban only the "127.0.1.*" network
-rw-r--r-- | OpenSim/Client/MXP/ClientStack/MXPClientView.cs | 11 | ||||
-rw-r--r-- | OpenSim/Framework/Client/IClientCore.cs | 9 | ||||
-rw-r--r-- | OpenSim/Framework/Client/IClientIPEndpoint.cs | 12 | ||||
-rw-r--r-- | OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs | 34 | ||||
-rw-r--r-- | OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs | 81 | ||||
-rw-r--r-- | OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs | 45 |
6 files changed, 191 insertions, 1 deletions
diff --git a/OpenSim/Client/MXP/ClientStack/MXPClientView.cs b/OpenSim/Client/MXP/ClientStack/MXPClientView.cs index c9e56e6..e5f7474 100644 --- a/OpenSim/Client/MXP/ClientStack/MXPClientView.cs +++ b/OpenSim/Client/MXP/ClientStack/MXPClientView.cs | |||
@@ -1605,6 +1605,17 @@ namespace OpenSim.Client.MXP.ClientStack | |||
1605 | return default(T); | 1605 | return default(T); |
1606 | } | 1606 | } |
1607 | 1607 | ||
1608 | public void Disconnect(string reason) | ||
1609 | { | ||
1610 | Kick(reason); | ||
1611 | Close(true); | ||
1612 | } | ||
1613 | |||
1614 | public void Disconnect() | ||
1615 | { | ||
1616 | Close(true); | ||
1617 | } | ||
1618 | |||
1608 | #endregion | 1619 | #endregion |
1609 | 1620 | ||
1610 | public void SendCreateGroupReply(UUID groupID, bool success, string message) | 1621 | public void SendCreateGroupReply(UUID groupID, bool success, string message) |
diff --git a/OpenSim/Framework/Client/IClientCore.cs b/OpenSim/Framework/Client/IClientCore.cs index 78f0411..1d08fb9 100644 --- a/OpenSim/Framework/Client/IClientCore.cs +++ b/OpenSim/Framework/Client/IClientCore.cs | |||
@@ -25,11 +25,20 @@ | |||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
26 | */ | 26 | */ |
27 | 27 | ||
28 | using OpenMetaverse; | ||
29 | |||
28 | namespace OpenSim.Framework.Client | 30 | namespace OpenSim.Framework.Client |
29 | { | 31 | { |
30 | public interface IClientCore | 32 | public interface IClientCore |
31 | { | 33 | { |
32 | bool TryGet<T>(out T iface); | 34 | bool TryGet<T>(out T iface); |
33 | T Get<T>(); | 35 | T Get<T>(); |
36 | |||
37 | // Basic Interfaces | ||
38 | UUID AgentId { get; } | ||
39 | |||
40 | void Disconnect(string reason); | ||
41 | void Disconnect(); | ||
42 | |||
34 | } | 43 | } |
35 | } \ No newline at end of file | 44 | } \ No newline at end of file |
diff --git a/OpenSim/Framework/Client/IClientIPEndpoint.cs b/OpenSim/Framework/Client/IClientIPEndpoint.cs new file mode 100644 index 0000000..b80dea5 --- /dev/null +++ b/OpenSim/Framework/Client/IClientIPEndpoint.cs | |||
@@ -0,0 +1,12 @@ | |||
1 | using System; | ||
2 | using System.Collections.Generic; | ||
3 | using System.Net; | ||
4 | using System.Text; | ||
5 | |||
6 | namespace OpenSim.Framework.Client | ||
7 | { | ||
8 | public interface IClientIPEndpoint | ||
9 | { | ||
10 | IPAddress EndPoint { get; } | ||
11 | } | ||
12 | } | ||
diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs index f9db91c..a157df5 100644 --- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs +++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs | |||
@@ -54,7 +54,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
54 | /// Handles new client connections | 54 | /// Handles new client connections |
55 | /// Constructor takes a single Packet and authenticates everything | 55 | /// Constructor takes a single Packet and authenticates everything |
56 | /// </summary> | 56 | /// </summary> |
57 | public class LLClientView : IClientAPI, IClientCore, IClientIM, IClientChat, IStatsCollector | 57 | public class LLClientView : IClientAPI, IClientCore, IClientIM, IClientChat, IClientIPEndpoint, IStatsCollector |
58 | { | 58 | { |
59 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | 59 | private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); |
60 | 60 | ||
@@ -10478,6 +10478,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
10478 | { | 10478 | { |
10479 | RegisterInterface<IClientIM>(this); | 10479 | RegisterInterface<IClientIM>(this); |
10480 | RegisterInterface<IClientChat>(this); | 10480 | RegisterInterface<IClientChat>(this); |
10481 | RegisterInterface<IClientIPEndpoint>(this); | ||
10481 | } | 10482 | } |
10482 | 10483 | ||
10483 | public bool TryGet<T>(out T iface) | 10484 | public bool TryGet<T>(out T iface) |
@@ -10496,6 +10497,19 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
10496 | return (T)m_clientInterfaces[typeof(T)]; | 10497 | return (T)m_clientInterfaces[typeof(T)]; |
10497 | } | 10498 | } |
10498 | 10499 | ||
10500 | public void Disconnect(string reason) | ||
10501 | { | ||
10502 | Kick(reason); | ||
10503 | Thread.Sleep(1000); | ||
10504 | Close(true); | ||
10505 | } | ||
10506 | |||
10507 | public void Disconnect() | ||
10508 | { | ||
10509 | Close(true); | ||
10510 | } | ||
10511 | |||
10512 | |||
10499 | #endregion | 10513 | #endregion |
10500 | 10514 | ||
10501 | private void RefreshGroupMembership() | 10515 | private void RefreshGroupMembership() |
@@ -10587,5 +10601,23 @@ namespace OpenSim.Region.ClientStack.LindenUDP | |||
10587 | { | 10601 | { |
10588 | return ""; | 10602 | return ""; |
10589 | } | 10603 | } |
10604 | |||
10605 | #region IClientIPEndpoint Members | ||
10606 | |||
10607 | public IPAddress EndPoint | ||
10608 | { | ||
10609 | get | ||
10610 | { | ||
10611 | if(m_userEndPoint is IPEndPoint) | ||
10612 | { | ||
10613 | IPEndPoint ep = (IPEndPoint)m_userEndPoint; | ||
10614 | |||
10615 | return ep.Address; | ||
10616 | } | ||
10617 | return null; | ||
10618 | } | ||
10619 | } | ||
10620 | |||
10621 | #endregion | ||
10590 | } | 10622 | } |
10591 | } | 10623 | } |
diff --git a/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs b/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs new file mode 100644 index 0000000..b904cb0 --- /dev/null +++ b/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs | |||
@@ -0,0 +1,81 @@ | |||
1 | using System; | ||
2 | using System.Collections.Generic; | ||
3 | using System.IO; | ||
4 | using System.Text; | ||
5 | using Nini.Config; | ||
6 | using OpenSim.Framework; | ||
7 | using OpenSim.Region.Framework.Interfaces; | ||
8 | using OpenSim.Region.Framework.Scenes; | ||
9 | |||
10 | namespace OpenSim.Region.CoreModules.Agent.IPBan | ||
11 | { | ||
12 | public class IPBanModule : IRegionModule | ||
13 | { | ||
14 | #region Implementation of IRegionModule | ||
15 | |||
16 | private List<string> m_bans = new List<string>(); | ||
17 | |||
18 | public void Initialise(Scene scene, IConfigSource source) | ||
19 | { | ||
20 | new SceneBanner(scene, m_bans); | ||
21 | |||
22 | lock(m_bans) | ||
23 | { | ||
24 | foreach (EstateBan ban in scene.RegionInfo.EstateSettings.EstateBans) | ||
25 | { | ||
26 | if(!String.IsNullOrEmpty(ban.BannedHostIPMask)) | ||
27 | m_bans.Add(ban.BannedHostIPMask); | ||
28 | if (!String.IsNullOrEmpty(ban.BannedHostNameMask)) | ||
29 | m_bans.Add(ban.BannedHostNameMask); | ||
30 | } | ||
31 | } | ||
32 | } | ||
33 | |||
34 | public void PostInitialise() | ||
35 | { | ||
36 | if(File.Exists("bans.txt")) | ||
37 | { | ||
38 | string[] bans = File.ReadAllLines("bans.txt"); | ||
39 | foreach (string ban in bans) | ||
40 | { | ||
41 | m_bans.Add(ban); | ||
42 | } | ||
43 | } | ||
44 | } | ||
45 | |||
46 | public void Close() | ||
47 | { | ||
48 | |||
49 | } | ||
50 | |||
51 | public string Name | ||
52 | { | ||
53 | get { return "IPBanModule"; } | ||
54 | } | ||
55 | |||
56 | public bool IsSharedModule | ||
57 | { | ||
58 | get { return true; } | ||
59 | } | ||
60 | |||
61 | #endregion | ||
62 | |||
63 | /// <summary> | ||
64 | /// Bans all users from the specified network from connecting. | ||
65 | /// DNS bans are in the form "somewhere.com" will block ANY | ||
66 | /// matching domain (including "betasomewhere.com", "beta.somewhere.com", | ||
67 | /// "somewhere.com.beta") - make sure to be reasonably specific in DNS | ||
68 | /// bans. | ||
69 | /// | ||
70 | /// IP address bans match on first characters, so, | ||
71 | /// "127.0.0.1" will ban only that address, | ||
72 | /// "127.0.1" will ban "127.0.10.0" | ||
73 | /// but "127.0.1." will ban only the "127.0.1.*" network | ||
74 | /// </summary> | ||
75 | /// <param name="host">See summary for explanation of parameter</param> | ||
76 | public void Ban(string host) | ||
77 | { | ||
78 | m_bans.Add(host); | ||
79 | } | ||
80 | } | ||
81 | } | ||
diff --git a/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs b/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs new file mode 100644 index 0000000..1d8da46 --- /dev/null +++ b/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs | |||
@@ -0,0 +1,45 @@ | |||
1 | using System.Collections.Generic; | ||
2 | using System.Net; | ||
3 | using OpenSim.Framework.Client; | ||
4 | using OpenSim.Region.Framework.Scenes; | ||
5 | |||
6 | namespace OpenSim.Region.CoreModules.Agent.IPBan | ||
7 | { | ||
8 | internal class SceneBanner | ||
9 | { | ||
10 | private static readonly log4net.ILog m_log | ||
11 | = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); | ||
12 | |||
13 | private List<string> bans; | ||
14 | private SceneBase m_scene; | ||
15 | public SceneBanner(SceneBase scene, List<string> banList) | ||
16 | { | ||
17 | scene.EventManager.OnClientConnect += EventManager_OnClientConnect; | ||
18 | |||
19 | bans = banList; | ||
20 | m_scene = scene; | ||
21 | } | ||
22 | |||
23 | void EventManager_OnClientConnect(IClientCore client) | ||
24 | { | ||
25 | IClientIPEndpoint ipEndpoint; | ||
26 | if(client.TryGet(out ipEndpoint)) | ||
27 | { | ||
28 | IPAddress end = ipEndpoint.EndPoint; | ||
29 | |||
30 | IPHostEntry rDNS = Dns.GetHostEntry(end); | ||
31 | foreach (string ban in bans) | ||
32 | { | ||
33 | if (rDNS.HostName.Contains(ban) || | ||
34 | end.ToString().StartsWith(ban)) | ||
35 | { | ||
36 | client.Disconnect("Banned - network \"" + ban + "\" is not allowed to connect to this server."); | ||
37 | m_log.Warn("[IPBAN] Disconnected '" + end + "' due to '" + ban + "' ban."); | ||
38 | return; | ||
39 | } | ||
40 | } | ||
41 | m_log.Warn("[IPBAN] User '" + end + "' not in any ban lists. Allowing connection."); | ||
42 | } | ||
43 | } | ||
44 | } | ||
45 | } | ||