diff options
| author | gumi <git@gumi.ca> | 2019-01-10 17:22:09 -0500 |
|---|---|---|
| committer | gumi <git@gumi.ca> | 2019-01-10 19:06:40 -0500 |
| commit | 6b70eb63ffcd46859cfce8ec7d063c3f3b1421f5 (patch) | |
| tree | ae3564205a2fae5c0d1205b0ccab3d07b0808ea9 | |
| parent | 86f28c5b69a54e630dd2a118e07cabb3d199d5b5 (diff) | |
| download | tmwa-6b70eb63ffcd46859cfce8ec7d063c3f3b1421f5.tar.gz tmwa-6b70eb63ffcd46859cfce8ec7d063c3f3b1421f5.tar.bz2 tmwa-6b70eb63ffcd46859cfce8ec7d063c3f3b1421f5.tar.xz tmwa-6b70eb63ffcd46859cfce8ec7d063c3f3b1421f5.zip | |
limit login requests to 1 per ip per X seconds
| -rw-r--r-- | src/login/login.cpp | 33 | ||||
| -rwxr-xr-x | tools/config.py | 2 |
2 files changed, 34 insertions, 1 deletions
diff --git a/src/login/login.cpp b/src/login/login.cpp index 49c2438..c8a44c2 100644 --- a/src/login/login.cpp +++ b/src/login/login.cpp @@ -139,7 +139,6 @@ struct mmo_account SEX sex; }; - //------------------------------ // Writing function of logs file //------------------------------ @@ -165,6 +164,14 @@ void delete_login(Session *sess) (void)sess; } +std::vector<IP4Address> recent_ips; + +static +void conn_limit_empty(TimerData *, tick_t) +{ + recent_ips.clear(); +} + static void delete_fromchar(Session *sess) { @@ -2413,6 +2420,22 @@ void parse_login(Session *s) break; } + if (login_conf.conn_limit_enable && !login_lan_conf.lan_subnet.covers(ip)) + { + if (std::find(recent_ips.begin(), recent_ips.end(), ip) != recent_ips.end()) + { + LOGIN_LOG_AND_ECHO("Connection refused: Login request flood detected. (REJECTED IP: %s)\n"_fmt, ip); + Packet_Fixed<0x0081> fixed_81; + fixed_81.error_code = 2; // already logged in (for lack of better error message) + send_fpacket<0x0081, 3>(s, fixed_81); + break; + } + else + { + recent_ips.push_back(ip); + } + } + result = mmo_auth(&account, s); if (result == 1) { @@ -3088,6 +3111,14 @@ int do_init(Slice<ZString> argv) ).detach(); } + if (login::login_conf.conn_limit_enable) + { + Timer(gettick() + 1_s, + login::conn_limit_empty, + login::login_conf.conn_limit_interval + ).detach(); + } + // add timer to check GM accounts file modification std::chrono::seconds j = login::login_conf.gm_account_filename_check_timer; if (j == interval_t::zero()) diff --git a/tools/config.py b/tools/config.py index 0892973..f029777 100755 --- a/tools/config.py +++ b/tools/config.py @@ -523,6 +523,8 @@ def build_config(): login_conf.opt('main_server', ServerName, '{}') login_conf.opt('userid', AccountName, '{}') login_conf.opt('passwd', AccountPass, '{}') + login_conf.opt('conn_limit_enable', bool, 'true') + login_conf.opt('conn_limit_interval', seconds, '5_s') admin_conf.opt('login_ip', IP4Address, 'IP4_LOCALHOST') |