Executive Order 14042 : Implement IPRange Ban

core/include/config_manager.h

@@ -30,6 +30,7 @@
 #include <QUrl>
 #include <QMetaEnum>
 #include <QElapsedTimer>
+#include <QHostAddress>
 
 //JSON loading requirements
 #include <QJsonDocument>
@@ -112,6 +113,13 @@ class ConfigManager {
      */
     static QStringList rawAreaNames();
 
+    /**
+     * @brief Returns a list of the IPrange bans.
+     *
+     * @return See short description.
+     */
+    static QStringList iprangeBans();
+
     /**
      * @brief Returns true if the server should advertise to the master server.
      *

core/include/server.h

@@ -195,6 +195,11 @@ class Server : public QObject {
      */
     QStringList m_backgrounds;
 
+    /**
+     * @brief Collection of all IPs that are banned.
+     */
+    QStringList m_ipban_list;
+
     /**
      * @brief The database manager on the server, used to store users' bans and authorisation details.
      */
@@ -297,6 +302,11 @@ class Server : public QObject {
      **/
     void hookupLogger(AOClient* client);
 
+    /**
+     * @brief Checks if an IP is in a subnet of the IPBanlist.
+     **/
+    bool isIPBanned(QHostAddress f_remote_IP);
+
     /**
      * @brief The proxy used for WebSocket connections.
      *

core/src/config_manager.cpp

@@ -235,6 +235,18 @@ QStringList ConfigManager::rawAreaNames()
     return m_areas->childGroups();
 }
 
+QStringList ConfigManager::iprangeBans()
+{
+    QStringList l_iprange_bans;
+    QFile l_file("config/iprange_bans.txt");
+    l_file.open(QIODevice::ReadOnly | QIODevice::Text);
+    while (!(l_file.atEnd())) {
+        l_iprange_bans.append(l_file.readLine().trimmed());
+    }
+    l_file.close();
+    return l_iprange_bans;
+}
+
 void ConfigManager::reloadSettings()
 {
     m_settings->sync();

core/src/server.cpp

@@ -99,6 +99,9 @@ void Server::start()
 
     //Loads the command help information. This is not stored inside the server.
     ConfigManager::loadCommandHelp();
+    
+    //Get IP bans
+    m_ipban_list = ConfigManager::iprangeBans();
 
     //Rate-Limiter for IC-Chat
     connect(&next_message_timer, SIGNAL(timeout()), this, SLOT(allowMessage()));
@@ -145,6 +148,15 @@ void Server::clientConnected()
         return;
     }
 
+    if (isIPBanned(client->m_remote_ip)){
+        QString l_reason = "Your IP has been banned by a moderator.";
+        AOPacket l_ban_reason("BD", {l_reason});
+        socket->write(l_ban_reason.toUtf8());
+        client->deleteLater();
+        socket->close();
+        return;
+    }
+
     m_clients.append(client);
     connect(socket, &QTcpSocket::disconnected, client,
             &AOClient::clientDisconnected);
@@ -319,6 +331,18 @@ void Server::hookupLogger(AOClient* client)
             logger, &ULogger::logModcall);
 }
 
+bool Server::isIPBanned(QHostAddress f_remote_IP)
+{
+    bool l_match_found = false;
+    for(const QString &l_ipban : qAsConst(m_ipban_list)) {
+        if (f_remote_IP.isInSubnet(QHostAddress::parseSubnet(l_ipban))) {
+            l_match_found = true;
+            break;
+        }
+    }
+    return l_match_found;
+}
+
 Server::~Server()
 {
     for (AOClient* client : qAsConst(m_clients)) {