Executive Order 14042 : Implement IPRange Ban

2021-09-13 10:32:05 +02:00 · 2021-09-13 10:32:05 +02:00 · d68fb66759
commit d68fb66759
parent 30b769b282
4 changed files with 54 additions and 0 deletions
--- a/core/include/config_manager.h
+++ b/core/include/config_manager.h
@ -30,6 +30,7 @@
 #include <QUrl>
 #include <QMetaEnum>
 #include <QElapsedTimer>
+#include <QHostAddress>

 //JSON loading requirements
 #include <QJsonDocument>
@ -112,6 +113,13 @@ class ConfigManager {
     */
    static QStringList rawAreaNames();

+    /**
+     * @brief Returns a list of the IPrange bans.
+     *
+     * @return See short description.
+     */
+    static QStringList iprangeBans();
+
    /**
     * @brief Returns true if the server should advertise to the master server.
     *
--- a/core/include/server.h
+++ b/core/include/server.h
@ -195,6 +195,11 @@ class Server : public QObject {
     */
    QStringList m_backgrounds;

+    /**
+     * @brief Collection of all IPs that are banned.
+     */
+    QStringList m_ipban_list;
+
    /**
     * @brief The database manager on the server, used to store users' bans and authorisation details.
     */
@ -297,6 +302,11 @@ class Server : public QObject {
     **/
    void hookupLogger(AOClient* client);

+    /**
+     * @brief Checks if an IP is in a subnet of the IPBanlist.
+     **/
+    bool isIPBanned(QHostAddress f_remote_IP);
+
    /**
     * @brief The proxy used for WebSocket connections.
     *
--- a/core/src/config_manager.cpp
+++ b/core/src/config_manager.cpp
@ -235,6 +235,18 @@ QStringList ConfigManager::rawAreaNames()
    return m_areas->childGroups();
 }

+QStringList ConfigManager::iprangeBans()
+{
+    QStringList l_iprange_bans;
+    QFile l_file("config/iprange_bans.txt");
+    l_file.open(QIODevice::ReadOnly | QIODevice::Text);
+    while (!(l_file.atEnd())) {
+        l_iprange_bans.append(l_file.readLine().trimmed());
+    }
+    l_file.close();
+    return l_iprange_bans;
+}
+
 void ConfigManager::reloadSettings()
 {
    m_settings->sync();
--- a/core/src/server.cpp
+++ b/core/src/server.cpp
@ -99,6 +99,9 @@ void Server::start()

    //Loads the command help information. This is not stored inside the server.
    ConfigManager::loadCommandHelp();
+    
+    //Get IP bans
+    m_ipban_list = ConfigManager::iprangeBans();

    //Rate-Limiter for IC-Chat
    connect(&next_message_timer, SIGNAL(timeout()), this, SLOT(allowMessage()));
@ -145,6 +148,15 @@ void Server::clientConnected()
        return;
    }

+    if (isIPBanned(client->m_remote_ip)){
+        QString l_reason = "Your IP has been banned by a moderator.";
+        AOPacket l_ban_reason("BD", {l_reason});
+        socket->write(l_ban_reason.toUtf8());
+        client->deleteLater();
+        socket->close();
+        return;
+    }
+
    m_clients.append(client);
    connect(socket, &QTcpSocket::disconnected, client,
            &AOClient::clientDisconnected);
@ -319,6 +331,18 @@ void Server::hookupLogger(AOClient* client)
            logger, &ULogger::logModcall);
 }

+bool Server::isIPBanned(QHostAddress f_remote_IP)
+{
+    bool l_match_found = false;
+    for(const QString &l_ipban : qAsConst(m_ipban_list)) {
+        if (f_remote_IP.isInSubnet(QHostAddress::parseSubnet(l_ipban))) {
+            l_match_found = true;
+            break;
+        }
+    }
+    return l_match_found;
+}
+
 Server::~Server()
 {
    for (AOClient* client : qAsConst(m_clients)) {