]>
Commit | Line | Data |
---|---|---|
24377f10 ER |
1 | ? src/bopm.pid |
2 | ? src/libopm | |
3 | Index: src/config-lexer.l | |
4 | =================================================================== | |
5 | RCS file: /data/cvs/bopm/src/config-lexer.l,v | |
6 | retrieving revision 1.6 | |
7 | diff -u -6 -r1.6 config-lexer.l | |
8 | --- src/config-lexer.l 19 Jun 2003 23:07:57 -0000 1.6 | |
9 | +++ src/config-lexer.l 26 Jun 2003 21:06:49 -0000 | |
10 | @@ -89,12 +89,13 @@ | |
11 | return STRING; | |
12 | } | |
13 | } | |
14 | ||
15 | } | |
16 | ||
17 | +ALERT { return ALERT; } | |
18 | AWAY { return AWAY; } | |
19 | BAN_UNKNOWN { return BAN_UNKNOWN; } | |
20 | BLACKLIST { return BLACKLIST; } | |
21 | CHANNEL { return CHANNEL; } | |
22 | CONNREGEX { return CONNREGEX; } | |
23 | DNS_FDLIMIT { return DNS_FDLIMIT; } | |
24 | @@ -132,12 +133,13 @@ | |
25 | TARGET_STRING { return TARGET_STRING;} | |
26 | TIMEOUT { return TIMEOUT; } | |
27 | TYPE { return TYPE; } | |
28 | USER { return USER; } | |
29 | USERNAME { return USERNAME; } | |
30 | VHOST { return VHOST; } | |
31 | +WHITELIST { return WHITELIST; } | |
32 | ||
33 | ||
34 | HTTP { | |
35 | yylval.number = OPM_TYPE_HTTP; | |
36 | return PROTOCOLTYPE; | |
37 | } | |
38 | Index: src/config-parser.y | |
39 | =================================================================== | |
40 | RCS file: /data/cvs/bopm/src/config-parser.y,v | |
41 | retrieving revision 1.7 | |
42 | diff -u -6 -r1.7 config-parser.y | |
43 | --- src/config-parser.y 22 Jun 2003 13:19:39 -0000 1.7 | |
44 | +++ src/config-parser.y 26 Jun 2003 21:06:49 -0000 | |
45 | @@ -30,12 +30,13 @@ | |
46 | ||
47 | int yydebug=0; | |
48 | void *tmp; /* Variable to temporarily hold nodes before insertion to list */ | |
49 | ||
50 | %} | |
51 | ||
52 | +%token ALERT | |
53 | %token AWAY | |
54 | %token BAN_UNKNOWN | |
55 | %token BLACKLIST | |
56 | %token CHANNEL | |
57 | %token CONNREGEX | |
58 | %token DNS_FDLIMIT | |
59 | @@ -74,12 +75,13 @@ | |
60 | %token TARGET_STRING | |
61 | %token TIMEOUT | |
62 | %token TYPE | |
63 | %token USERNAME | |
64 | %token USER | |
65 | %token VHOST | |
66 | +%token WHITELIST | |
67 | ||
68 | %union | |
69 | { | |
70 | int number; | |
71 | char *string; | |
72 | } | |
73 | @@ -526,12 +528,14 @@ | |
74 | ||
75 | item = MyMalloc(sizeof *item); | |
76 | ||
77 | item->name = DupString(""); | |
78 | item->kline = DupString(""); | |
79 | item->ban_unknown = 0; | |
80 | + item->whitelist = 0; | |
81 | + item->alert = 1; | |
82 | item->type = A_BITMASK; | |
83 | item->reply = list_create(); | |
84 | ||
85 | node = node_create(item); | |
86 | list_add(OpmItem->blacklists, node); | |
87 | ||
88 | @@ -542,14 +546,16 @@ | |
89 | blacklist_items: /* Empty */ | | |
90 | blacklist_items blacklist_item | | |
91 | blacklist_item; | |
92 | ||
93 | blacklist_item: blacklist_name | | |
94 | blacklist_type | | |
95 | + blacklist_whitelist | | |
96 | blacklist_kline | | |
97 | blacklist_ban_unknown | | |
98 | + blacklist_alert | | |
99 | blacklist_reply | | |
100 | error; | |
101 | ||
102 | blacklist_name: NAME '=' STRING ';' { | |
103 | struct BlacklistConf *item = tmp; | |
104 | ||
105 | @@ -570,12 +576,24 @@ | |
106 | if(strcmp("A record bitmask", $3) == 0) | |
107 | item->type = A_BITMASK; | |
108 | else if(strcmp("A record reply", $3) == 0) | |
109 | item->type = A_REPLY; | |
110 | else | |
111 | yyerror("Unknown blacklist type defined"); | |
112 | +}; | |
113 | + | |
114 | +blacklist_whitelist: WHITELIST '=' NUMBER ';' { | |
115 | + struct BlacklistConf *item = tmp; | |
116 | + | |
117 | + item->whitelist = $3; | |
118 | +}; | |
119 | + | |
120 | +blacklist_alert: ALERT '=' NUMBER ';' { | |
121 | + struct BlacklistConf *item = tmp; | |
122 | + | |
123 | + item->alert = $3; | |
124 | }; | |
125 | ||
126 | blacklist_ban_unknown: BAN_UNKNOWN '=' NUMBER ';' { | |
127 | struct BlacklistConf *item = tmp; | |
128 | ||
129 | item->ban_unknown = $3; | |
130 | Index: src/config.h | |
131 | =================================================================== | |
132 | RCS file: /data/cvs/bopm/src/config.h,v | |
133 | retrieving revision 1.9 | |
134 | diff -u -6 -r1.9 config.h | |
135 | --- src/config.h 21 Jun 2003 00:57:28 -0000 1.9 | |
136 | +++ src/config.h 26 Jun 2003 21:06:49 -0000 | |
137 | @@ -101,13 +101,15 @@ | |
138 | ||
139 | struct BlacklistConf | |
140 | { | |
141 | char *name; | |
142 | char *kline; | |
143 | enum BlacklistType type; | |
144 | + int whitelist; | |
145 | int ban_unknown; | |
146 | + int alert; | |
147 | list_t *reply; | |
148 | unsigned int stats_recv; | |
149 | }; | |
150 | ||
151 | struct BlacklistReplyConf | |
152 | { | |
153 | Index: src/dnsbl.c | |
154 | =================================================================== | |
155 | RCS file: /data/cvs/bopm/src/dnsbl.c,v | |
156 | retrieving revision 1.29 | |
157 | diff -u -6 -r1.29 dnsbl.c | |
158 | --- src/dnsbl.c 22 Jun 2003 18:03:41 -0000 1.29 | |
159 | +++ src/dnsbl.c 26 Jun 2003 21:06:49 -0000 | |
160 | @@ -96,17 +96,27 @@ | |
161 | ||
162 | if(res == -1 && fdns_errno != FDNS_ERR_FDLIMIT) | |
163 | { | |
164 | log_printf("DNSBL -> Error sending dns lookup for '%s': %s", lookup, firedns_strerror(fdns_errno)); | |
165 | free(ds); | |
166 | } | |
167 | - else | |
168 | + else { | |
169 | ss->scans++; /* Increase scan count - one for each blacklist */ | |
170 | + if (bl->whitelist) | |
171 | + ss->dnsbl_whitelist_count++; /* Increase whitelist count | |
172 | + * for each whitelist */ | |
173 | + } | |
174 | } | |
175 | } | |
176 | ||
177 | +/* This function gets called when: | |
178 | + * - a positive result was obtained from a blacklist | |
179 | + * - the last result from the whitelist has been received, | |
180 | + * and a previous blacklist result was positive | |
181 | + */ | |
182 | + | |
183 | static void dnsbl_positive(struct scan_struct *ss, struct BlacklistConf *bl, | |
184 | unsigned char type) | |
185 | { | |
186 | char text_type[128]; | |
187 | struct BlacklistReplyConf *item; | |
188 | node_t *p; | |
189 | @@ -142,43 +152,66 @@ | |
190 | } | |
191 | } | |
192 | ||
193 | if(text_type[0] == '\0' && bl->ban_unknown == 0) | |
194 | { | |
195 | if(OPT_DEBUG) | |
196 | - log_printf("DNSBL -> Unknown result from BL zone %s (%d)", bl->name, type); | |
197 | + log_printf("DNSBL -> Unknown result from %s zone %s (%d)", | |
198 | + (bl->whitelist ? "WL" : "BL"), bl->name, type); | |
199 | return; | |
200 | } | |
201 | ||
202 | + /* record stat */ | |
203 | + stats_dnsblrecv(bl); | |
204 | + | |
205 | + /* If this was a positive result from a whitelist, flag this user | |
206 | + * as whitelisted in the scan struct. This will prevent any future | |
207 | + * positive DNSBL blacklist result from klining. | |
208 | + */ | |
209 | + if(bl->whitelist) | |
210 | + ss->dnsbl_whitelisted = 1; /* Mark this user as whitelisted */ | |
211 | + else if(ss->dnsbl_whitelist_count > 0) /* Store data */ | |
212 | + { | |
213 | + ss->dnsbl_positive_bl = bl; | |
214 | + ss->dnsbl_positive_type = type; | |
215 | + return; /* Wait until whitelists have finished */ | |
216 | + } | |
217 | + | |
218 | if(ss->manual_target) | |
219 | { | |
220 | - irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s appears in BL zone %s (%s)", | |
221 | - ss->manual_target->name, ss->ip, bl->name, text_type); | |
222 | + irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s appears in %s zone %s (%s)", | |
223 | + ss->manual_target->name, ss->ip, (bl->whitelist ? "WL" : "BL"), | |
224 | + bl->name, text_type); | |
225 | } | |
226 | else if(!ss->positive) | |
227 | { | |
228 | - /* Only report it if no other scans have found positives yet. */ | |
229 | - scan_positive(ss, (bl->kline[0] ? bl->kline : IRCItem->kline), | |
230 | - text_type); | |
231 | - | |
232 | - irc_send_channels("DNSBL -> %s!%s@%s appears in BL zone %s (%s)", | |
233 | - ss->irc_nick, ss->irc_username, ss->irc_hostname, bl->name, | |
234 | - text_type); | |
235 | - log_printf("DNSBL -> %s!%s@%s appears in BL zone %s (%s)", | |
236 | - ss->irc_nick, ss->irc_username, ss->irc_hostname, bl->name, | |
237 | - text_type); | |
238 | + /* Only report it if no other scans have found positives yet, | |
239 | + * all whitelists are done, and the user has not been whitelisted. */ | |
240 | + if(ss->dnsbl_whitelist_count == 0 && !ss->dnsbl_whitelisted) | |
241 | + { | |
242 | + scan_positive(ss, (bl->kline[0] ? bl->kline : IRCItem->kline), text_type); | |
243 | + | |
244 | + if(bl->alert) | |
245 | + irc_send_channels("DNSBL -> %s!%s@%s appears in %s zone %s (%s)", | |
246 | + ss->irc_nick, ss->irc_username, ss->irc_hostname, | |
247 | + (bl->whitelist ? "WL" : "BL"), bl->name, text_type); | |
248 | + } | |
249 | + | |
250 | + log_printf("DNSBL -> %s!%s@%s appears in %s zone %s (%s)", | |
251 | + ss->irc_nick, ss->irc_username, ss->irc_hostname, | |
252 | + (bl->whitelist ? "WL" : "BL"), bl->name, text_type); | |
253 | } | |
254 | - | |
255 | - /* record stat */ | |
256 | - stats_dnsblrecv(bl); | |
257 | } | |
258 | ||
259 | void dnsbl_result(struct firedns_result *res) | |
260 | { | |
261 | struct dnsbl_scan *ds = res->info; | |
262 | ||
263 | + if(ds->bl->whitelist) | |
264 | + ds->ss->dnsbl_whitelist_count--; /* one less whitelist to wait for */ | |
265 | + | |
266 | if(OPT_DEBUG) | |
267 | log_printf("DNSBL -> Lookup result for %s!%s@%s (%s) %d.%d.%d.%d (error: %d)", | |
268 | ds->ss->irc_nick, | |
269 | ds->ss->irc_username, | |
270 | ds->ss->irc_hostname, | |
271 | res->lookup, | |
272 | @@ -187,15 +220,21 @@ | |
273 | (unsigned char)res->text[2], | |
274 | (unsigned char)res->text[3], fdns_errno); | |
275 | ||
276 | /* Everything is OK */ | |
277 | if(res->text[0] == '\0' && fdns_errno == FDNS_ERR_NXDOMAIN) | |
278 | { | |
279 | + /* If any previous positive blacklist result was blocked, waiting | |
280 | + * for whitelists, handle it now | |
281 | + */ | |
282 | + if(ds->bl->whitelist && ds->ss->dnsbl_whitelist_count == 0 && ds->ss->dnsbl_positive_bl != NULL) | |
283 | + dnsbl_positive(ds->ss, ds->ss->dnsbl_positive_bl, ds->ss->dnsbl_positive_type); | |
284 | + | |
285 | if(ds->ss->manual_target != NULL) | |
286 | - irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s does not appear in BL zone %s", | |
287 | - ds->ss->manual_target->name, ds->ss->ip, | |
288 | + irc_send("PRIVMSG %s :CHECK -> DNSBL -> %s does not appear in %s zone %s", | |
289 | + ds->ss->manual_target->name, ds->ss->ip, (ds->bl->whitelist ? "WL" : "BL"), | |
290 | (strlen(ds->ss->ip) < strlen(res->lookup)) | |
291 | ? (res->lookup + strlen(ds->ss->ip) + 1) | |
292 | : res->lookup); | |
293 | ||
294 | ||
295 | ds->ss->scans--; /* we are done with ss here */ | |
296 | @@ -207,12 +246,18 @@ | |
297 | /* Either an error, or a positive lookup */ | |
298 | ||
299 | if(fdns_errno == FDNS_ERR_NONE) | |
300 | dnsbl_positive(ds->ss, ds->bl, (unsigned char)res->text[3]); | |
301 | else | |
302 | { | |
303 | + /* If any previous positive blacklist result was blocked, waiting | |
304 | + * for whitelists, handle it now | |
305 | + */ | |
306 | + if(ds->bl->whitelist && ds->ss->dnsbl_whitelist_count == 0 && ds->ss->dnsbl_positive_bl != NULL) | |
307 | + dnsbl_positive(ds->ss, ds->ss->dnsbl_positive_bl, ds->ss->dnsbl_positive_type); | |
308 | + | |
309 | log_printf("DNSBL -> Lookup error on %s: %s", res->lookup, | |
310 | firedns_strerror(fdns_errno)); | |
311 | if(fdns_errno != FDNS_ERR_TIMEOUT) | |
312 | irc_send_channels("DNSBL -> Lookup error on %s: %s", res->lookup, | |
313 | firedns_strerror(fdns_errno)); | |
314 | } | |
315 | Index: src/scan.c | |
316 | =================================================================== | |
317 | RCS file: /data/cvs/bopm/src/scan.c,v | |
318 | retrieving revision 1.33 | |
319 | diff -u -6 -r1.33 scan.c | |
320 | --- src/scan.c 22 Jun 2003 17:05:30 -0000 1.33 | |
321 | +++ src/scan.c 26 Jun 2003 21:06:49 -0000 | |
322 | @@ -477,13 +477,18 @@ | |
323 | ss->ip = (char *) DupString(user[3]); | |
324 | ss->proof = (char *) DupString(msg); | |
325 | ||
326 | ss->remote = opm_remote_create(ss->ip); | |
327 | ss->scans = 0; | |
328 | ss->positive = 0; | |
329 | - | |
330 | + | |
331 | + ss->dnsbl_whitelist_count = 0; | |
332 | + ss->dnsbl_whitelisted = 0; | |
333 | + ss->dnsbl_positive_bl = NULL; | |
334 | + ss->dnsbl_positive_type = '\0'; | |
335 | + | |
336 | ss->manual_target = NULL; | |
337 | ||
338 | assert(ss->remote); | |
339 | return ss; | |
340 | } | |
341 | ||
342 | Index: src/scan.h | |
343 | =================================================================== | |
344 | RCS file: /data/cvs/bopm/src/scan.h,v | |
345 | retrieving revision 1.7 | |
346 | diff -u -6 -r1.7 scan.h | |
347 | --- src/scan.h 20 Jun 2003 04:18:38 -0000 1.7 | |
348 | +++ src/scan.h 26 Jun 2003 21:06:49 -0000 | |
349 | @@ -12,13 +12,17 @@ | |
350 | char *ip; | |
351 | char *proof; | |
352 | OPM_REMOTE_T *remote; | |
353 | ||
354 | unsigned short scans; | |
355 | unsigned short positive; | |
356 | - | |
357 | + unsigned short dnsbl_whitelisted; | |
358 | + unsigned short dnsbl_whitelist_count; | |
359 | + unsigned char dnsbl_positive_type; | |
360 | + struct BlacklistConf *dnsbl_positive_bl; | |
361 | + | |
362 | struct ChannelConf *manual_target; | |
363 | }; | |
364 | ||
365 | ||
366 | struct scanner_struct | |
367 | { |