aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorAdam Frisby2009-05-11 19:23:51 +0000
committerAdam Frisby2009-05-11 19:23:51 +0000
commit6dcafec22d560c50625c8a391701606a1a0bb363 (patch)
tree6e0199901946f9a0b7a9797bbc85a30c2b094288
parentAdd selling for $0 back to the sample economy module. This is disabled by (diff)
downloadopensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.zip
opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.gz
opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.bz2
opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.xz
* Implements IP and DNS based ban facilities to OpenSim.
* User interface is ... primitive at best right now. * Loads bans from bans.txt and region ban DB on startup, bans.txt is in the format of one per line. The following explains how they are read; DNS bans are in the form "somewhere.com" will block ANY matching domain (including "betasomewhere.com", "beta.somewhere.com", "somewhere.com.beta") - make sure to be reasonably specific in DNS bans. IP address bans match on first characters, so, "127.0.0.1" will ban only that address, "127.0.1" will ban "127.0.10.0" but "127.0.1." will ban only the "127.0.1.*" network
-rw-r--r--OpenSim/Client/MXP/ClientStack/MXPClientView.cs11
-rw-r--r--OpenSim/Framework/Client/IClientCore.cs9
-rw-r--r--OpenSim/Framework/Client/IClientIPEndpoint.cs12
-rw-r--r--OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs34
-rw-r--r--OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs81
-rw-r--r--OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs45
6 files changed, 191 insertions, 1 deletions
diff --git a/OpenSim/Client/MXP/ClientStack/MXPClientView.cs b/OpenSim/Client/MXP/ClientStack/MXPClientView.cs
index c9e56e6..e5f7474 100644
--- a/OpenSim/Client/MXP/ClientStack/MXPClientView.cs
+++ b/OpenSim/Client/MXP/ClientStack/MXPClientView.cs
@@ -1605,6 +1605,17 @@ namespace OpenSim.Client.MXP.ClientStack
1605 return default(T); 1605 return default(T);
1606 } 1606 }
1607 1607
1608 public void Disconnect(string reason)
1609 {
1610 Kick(reason);
1611 Close(true);
1612 }
1613
1614 public void Disconnect()
1615 {
1616 Close(true);
1617 }
1618
1608 #endregion 1619 #endregion
1609 1620
1610 public void SendCreateGroupReply(UUID groupID, bool success, string message) 1621 public void SendCreateGroupReply(UUID groupID, bool success, string message)
diff --git a/OpenSim/Framework/Client/IClientCore.cs b/OpenSim/Framework/Client/IClientCore.cs
index 78f0411..1d08fb9 100644
--- a/OpenSim/Framework/Client/IClientCore.cs
+++ b/OpenSim/Framework/Client/IClientCore.cs
@@ -25,11 +25,20 @@
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */ 26 */
27 27
28using OpenMetaverse;
29
28namespace OpenSim.Framework.Client 30namespace OpenSim.Framework.Client
29{ 31{
30 public interface IClientCore 32 public interface IClientCore
31 { 33 {
32 bool TryGet<T>(out T iface); 34 bool TryGet<T>(out T iface);
33 T Get<T>(); 35 T Get<T>();
36
37 // Basic Interfaces
38 UUID AgentId { get; }
39
40 void Disconnect(string reason);
41 void Disconnect();
42
34 } 43 }
35} \ No newline at end of file 44} \ No newline at end of file
diff --git a/OpenSim/Framework/Client/IClientIPEndpoint.cs b/OpenSim/Framework/Client/IClientIPEndpoint.cs
new file mode 100644
index 0000000..b80dea5
--- /dev/null
+++ b/OpenSim/Framework/Client/IClientIPEndpoint.cs
@@ -0,0 +1,12 @@
1using System;
2using System.Collections.Generic;
3using System.Net;
4using System.Text;
5
6namespace OpenSim.Framework.Client
7{
8 public interface IClientIPEndpoint
9 {
10 IPAddress EndPoint { get; }
11 }
12}
diff --git a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
index f9db91c..a157df5 100644
--- a/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
+++ b/OpenSim/Region/ClientStack/LindenUDP/LLClientView.cs
@@ -54,7 +54,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP
54 /// Handles new client connections 54 /// Handles new client connections
55 /// Constructor takes a single Packet and authenticates everything 55 /// Constructor takes a single Packet and authenticates everything
56 /// </summary> 56 /// </summary>
57 public class LLClientView : IClientAPI, IClientCore, IClientIM, IClientChat, IStatsCollector 57 public class LLClientView : IClientAPI, IClientCore, IClientIM, IClientChat, IClientIPEndpoint, IStatsCollector
58 { 58 {
59 private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); 59 private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
60 60
@@ -10478,6 +10478,7 @@ namespace OpenSim.Region.ClientStack.LindenUDP
10478 { 10478 {
10479 RegisterInterface<IClientIM>(this); 10479 RegisterInterface<IClientIM>(this);
10480 RegisterInterface<IClientChat>(this); 10480 RegisterInterface<IClientChat>(this);
10481 RegisterInterface<IClientIPEndpoint>(this);
10481 } 10482 }
10482 10483
10483 public bool TryGet<T>(out T iface) 10484 public bool TryGet<T>(out T iface)
@@ -10496,6 +10497,19 @@ namespace OpenSim.Region.ClientStack.LindenUDP
10496 return (T)m_clientInterfaces[typeof(T)]; 10497 return (T)m_clientInterfaces[typeof(T)];
10497 } 10498 }
10498 10499
10500 public void Disconnect(string reason)
10501 {
10502 Kick(reason);
10503 Thread.Sleep(1000);
10504 Close(true);
10505 }
10506
10507 public void Disconnect()
10508 {
10509 Close(true);
10510 }
10511
10512
10499 #endregion 10513 #endregion
10500 10514
10501 private void RefreshGroupMembership() 10515 private void RefreshGroupMembership()
@@ -10587,5 +10601,23 @@ namespace OpenSim.Region.ClientStack.LindenUDP
10587 { 10601 {
10588 return ""; 10602 return "";
10589 } 10603 }
10604
10605 #region IClientIPEndpoint Members
10606
10607 public IPAddress EndPoint
10608 {
10609 get
10610 {
10611 if(m_userEndPoint is IPEndPoint)
10612 {
10613 IPEndPoint ep = (IPEndPoint)m_userEndPoint;
10614
10615 return ep.Address;
10616 }
10617 return null;
10618 }
10619 }
10620
10621 #endregion
10590 } 10622 }
10591} 10623}
diff --git a/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs b/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs
new file mode 100644
index 0000000..b904cb0
--- /dev/null
+++ b/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs
@@ -0,0 +1,81 @@
1using System;
2using System.Collections.Generic;
3using System.IO;
4using System.Text;
5using Nini.Config;
6using OpenSim.Framework;
7using OpenSim.Region.Framework.Interfaces;
8using OpenSim.Region.Framework.Scenes;
9
10namespace OpenSim.Region.CoreModules.Agent.IPBan
11{
12 public class IPBanModule : IRegionModule
13 {
14 #region Implementation of IRegionModule
15
16 private List<string> m_bans = new List<string>();
17
18 public void Initialise(Scene scene, IConfigSource source)
19 {
20 new SceneBanner(scene, m_bans);
21
22 lock(m_bans)
23 {
24 foreach (EstateBan ban in scene.RegionInfo.EstateSettings.EstateBans)
25 {
26 if(!String.IsNullOrEmpty(ban.BannedHostIPMask))
27 m_bans.Add(ban.BannedHostIPMask);
28 if (!String.IsNullOrEmpty(ban.BannedHostNameMask))
29 m_bans.Add(ban.BannedHostNameMask);
30 }
31 }
32 }
33
34 public void PostInitialise()
35 {
36 if(File.Exists("bans.txt"))
37 {
38 string[] bans = File.ReadAllLines("bans.txt");
39 foreach (string ban in bans)
40 {
41 m_bans.Add(ban);
42 }
43 }
44 }
45
46 public void Close()
47 {
48
49 }
50
51 public string Name
52 {
53 get { return "IPBanModule"; }
54 }
55
56 public bool IsSharedModule
57 {
58 get { return true; }
59 }
60
61 #endregion
62
63 /// <summary>
64 /// Bans all users from the specified network from connecting.
65 /// DNS bans are in the form "somewhere.com" will block ANY
66 /// matching domain (including "betasomewhere.com", "beta.somewhere.com",
67 /// "somewhere.com.beta") - make sure to be reasonably specific in DNS
68 /// bans.
69 ///
70 /// IP address bans match on first characters, so,
71 /// "127.0.0.1" will ban only that address,
72 /// "127.0.1" will ban "127.0.10.0"
73 /// but "127.0.1." will ban only the "127.0.1.*" network
74 /// </summary>
75 /// <param name="host">See summary for explanation of parameter</param>
76 public void Ban(string host)
77 {
78 m_bans.Add(host);
79 }
80 }
81}
diff --git a/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs b/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs
new file mode 100644
index 0000000..1d8da46
--- /dev/null
+++ b/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs
@@ -0,0 +1,45 @@
1using System.Collections.Generic;
2using System.Net;
3using OpenSim.Framework.Client;
4using OpenSim.Region.Framework.Scenes;
5
6namespace OpenSim.Region.CoreModules.Agent.IPBan
7{
8 internal class SceneBanner
9 {
10 private static readonly log4net.ILog m_log
11 = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
12
13 private List<string> bans;
14 private SceneBase m_scene;
15 public SceneBanner(SceneBase scene, List<string> banList)
16 {
17 scene.EventManager.OnClientConnect += EventManager_OnClientConnect;
18
19 bans = banList;
20 m_scene = scene;
21 }
22
23 void EventManager_OnClientConnect(IClientCore client)
24 {
25 IClientIPEndpoint ipEndpoint;
26 if(client.TryGet(out ipEndpoint))
27 {
28 IPAddress end = ipEndpoint.EndPoint;
29
30 IPHostEntry rDNS = Dns.GetHostEntry(end);
31 foreach (string ban in bans)
32 {
33 if (rDNS.HostName.Contains(ban) ||
34 end.ToString().StartsWith(ban))
35 {
36 client.Disconnect("Banned - network \"" + ban + "\" is not allowed to connect to this server.");
37 m_log.Warn("[IPBAN] Disconnected '" + end + "' due to '" + ban + "' ban.");
38 return;
39 }
40 }
41 m_log.Warn("[IPBAN] User '" + end + "' not in any ban lists. Allowing connection.");
42 }
43 }
44 }
45}