diff options
author | Adam Frisby | 2009-05-11 19:23:51 +0000 |
---|---|---|
committer | Adam Frisby | 2009-05-11 19:23:51 +0000 |
commit | 6dcafec22d560c50625c8a391701606a1a0bb363 (patch) | |
tree | 6e0199901946f9a0b7a9797bbc85a30c2b094288 /OpenSim/Region/CoreModules/Agent | |
parent | Add selling for $0 back to the sample economy module. This is disabled by (diff) | |
download | opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.zip opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.gz opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.bz2 opensim-SC-6dcafec22d560c50625c8a391701606a1a0bb363.tar.xz |
* Implements IP and DNS based ban facilities to OpenSim.
* User interface is ... primitive at best right now.
* Loads bans from bans.txt and region ban DB on startup, bans.txt is in the format of one per line. The following explains how they are read;
DNS bans are in the form "somewhere.com" will block ANY matching domain (including "betasomewhere.com", "beta.somewhere.com", "somewhere.com.beta") - make sure to be reasonably specific in DNS bans.
IP address bans match on first characters, so, "127.0.0.1" will ban only that address, "127.0.1" will ban "127.0.10.0" but "127.0.1." will ban only the "127.0.1.*" network
Diffstat (limited to 'OpenSim/Region/CoreModules/Agent')
-rw-r--r-- | OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs | 81 | ||||
-rw-r--r-- | OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs | 45 |
2 files changed, 126 insertions, 0 deletions
diff --git a/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs b/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs new file mode 100644 index 0000000..b904cb0 --- /dev/null +++ b/OpenSim/Region/CoreModules/Agent/IPBan/IPBanModule.cs | |||
@@ -0,0 +1,81 @@ | |||
1 | using System; | ||
2 | using System.Collections.Generic; | ||
3 | using System.IO; | ||
4 | using System.Text; | ||
5 | using Nini.Config; | ||
6 | using OpenSim.Framework; | ||
7 | using OpenSim.Region.Framework.Interfaces; | ||
8 | using OpenSim.Region.Framework.Scenes; | ||
9 | |||
10 | namespace OpenSim.Region.CoreModules.Agent.IPBan | ||
11 | { | ||
12 | public class IPBanModule : IRegionModule | ||
13 | { | ||
14 | #region Implementation of IRegionModule | ||
15 | |||
16 | private List<string> m_bans = new List<string>(); | ||
17 | |||
18 | public void Initialise(Scene scene, IConfigSource source) | ||
19 | { | ||
20 | new SceneBanner(scene, m_bans); | ||
21 | |||
22 | lock(m_bans) | ||
23 | { | ||
24 | foreach (EstateBan ban in scene.RegionInfo.EstateSettings.EstateBans) | ||
25 | { | ||
26 | if(!String.IsNullOrEmpty(ban.BannedHostIPMask)) | ||
27 | m_bans.Add(ban.BannedHostIPMask); | ||
28 | if (!String.IsNullOrEmpty(ban.BannedHostNameMask)) | ||
29 | m_bans.Add(ban.BannedHostNameMask); | ||
30 | } | ||
31 | } | ||
32 | } | ||
33 | |||
34 | public void PostInitialise() | ||
35 | { | ||
36 | if(File.Exists("bans.txt")) | ||
37 | { | ||
38 | string[] bans = File.ReadAllLines("bans.txt"); | ||
39 | foreach (string ban in bans) | ||
40 | { | ||
41 | m_bans.Add(ban); | ||
42 | } | ||
43 | } | ||
44 | } | ||
45 | |||
46 | public void Close() | ||
47 | { | ||
48 | |||
49 | } | ||
50 | |||
51 | public string Name | ||
52 | { | ||
53 | get { return "IPBanModule"; } | ||
54 | } | ||
55 | |||
56 | public bool IsSharedModule | ||
57 | { | ||
58 | get { return true; } | ||
59 | } | ||
60 | |||
61 | #endregion | ||
62 | |||
63 | /// <summary> | ||
64 | /// Bans all users from the specified network from connecting. | ||
65 | /// DNS bans are in the form "somewhere.com" will block ANY | ||
66 | /// matching domain (including "betasomewhere.com", "beta.somewhere.com", | ||
67 | /// "somewhere.com.beta") - make sure to be reasonably specific in DNS | ||
68 | /// bans. | ||
69 | /// | ||
70 | /// IP address bans match on first characters, so, | ||
71 | /// "127.0.0.1" will ban only that address, | ||
72 | /// "127.0.1" will ban "127.0.10.0" | ||
73 | /// but "127.0.1." will ban only the "127.0.1.*" network | ||
74 | /// </summary> | ||
75 | /// <param name="host">See summary for explanation of parameter</param> | ||
76 | public void Ban(string host) | ||
77 | { | ||
78 | m_bans.Add(host); | ||
79 | } | ||
80 | } | ||
81 | } | ||
diff --git a/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs b/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs new file mode 100644 index 0000000..1d8da46 --- /dev/null +++ b/OpenSim/Region/CoreModules/Agent/IPBan/SceneBanner.cs | |||
@@ -0,0 +1,45 @@ | |||
1 | using System.Collections.Generic; | ||
2 | using System.Net; | ||
3 | using OpenSim.Framework.Client; | ||
4 | using OpenSim.Region.Framework.Scenes; | ||
5 | |||
6 | namespace OpenSim.Region.CoreModules.Agent.IPBan | ||
7 | { | ||
8 | internal class SceneBanner | ||
9 | { | ||
10 | private static readonly log4net.ILog m_log | ||
11 | = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType); | ||
12 | |||
13 | private List<string> bans; | ||
14 | private SceneBase m_scene; | ||
15 | public SceneBanner(SceneBase scene, List<string> banList) | ||
16 | { | ||
17 | scene.EventManager.OnClientConnect += EventManager_OnClientConnect; | ||
18 | |||
19 | bans = banList; | ||
20 | m_scene = scene; | ||
21 | } | ||
22 | |||
23 | void EventManager_OnClientConnect(IClientCore client) | ||
24 | { | ||
25 | IClientIPEndpoint ipEndpoint; | ||
26 | if(client.TryGet(out ipEndpoint)) | ||
27 | { | ||
28 | IPAddress end = ipEndpoint.EndPoint; | ||
29 | |||
30 | IPHostEntry rDNS = Dns.GetHostEntry(end); | ||
31 | foreach (string ban in bans) | ||
32 | { | ||
33 | if (rDNS.HostName.Contains(ban) || | ||
34 | end.ToString().StartsWith(ban)) | ||
35 | { | ||
36 | client.Disconnect("Banned - network \"" + ban + "\" is not allowed to connect to this server."); | ||
37 | m_log.Warn("[IPBAN] Disconnected '" + end + "' due to '" + ban + "' ban."); | ||
38 | return; | ||
39 | } | ||
40 | } | ||
41 | m_log.Warn("[IPBAN] User '" + end + "' not in any ban lists. Allowing connection."); | ||
42 | } | ||
43 | } | ||
44 | } | ||
45 | } | ||