From: Rudolf Polzer <divverent@alientrap.org> Date: Thu, 7 Oct 2010 13:36:25 +0000 (+0200) Subject: IPv6: new ban mask sizes to better match what ISPs do X-Git-Tag: xonotic-v0.1.0preview~308^2~1 X-Git-Url: https://git.rm.cloudns.org/?a=commitdiff_plain;h=c093bf695be4005bc2d26c5782bc46ffa1ef7f26;p=xonotic%2Fxonotic-data.pk3dir.git IPv6: new ban mask sizes to better match what ISPs do --- diff --git a/defaultXonotic.cfg b/defaultXonotic.cfg index 8a23a83e6..e00da3208 100644 --- a/defaultXonotic.cfg +++ b/defaultXonotic.cfg @@ -1260,7 +1260,7 @@ set g_keyhunt_teams 0 set cl_gravity 800 "but ignored anyway" set g_ban_default_bantime 5400 "90 minutes" -set g_ban_default_masksize 3 "whole 255.255.255.0 networks (set to 4 for single IPs); when UID support is compiled in, masksize 0 means banning by UID" +set g_ban_default_masksize 3 "masksize 0 means banning by UID only, 1 means banning by /8 (IPv6: /32) network, 2 means banning by /16 (IPv6: /48) network, 3 means banning by /24 (IPv6: /56) network, 4 means banning by single IP (IPv6: /64 network)" set g_banned_list "" "format: IP remainingtime IP remainingtime ..." alias bans "sv_cmd bans" alias ban "sv_cmd ban $*" // usage: ban address(maybe incomplete, like 1.2.3) bantime(seconds) diff --git a/qcsrc/server/ipban.qc b/qcsrc/server/ipban.qc index ad09772a5..1ec0f4d3e 100644 --- a/qcsrc/server/ipban.qc +++ b/qcsrc/server/ipban.qc @@ -335,36 +335,53 @@ float Ban_GetClientIP(entity client) float i1, i2, i3, i4; string s; +#ifdef UID + ban_uid = client.uid; +#endif + s = client.netaddress; i1 = strstrofs(s, ".", 0); if(i1 < 0) - i1 = strstrofs(s, ":", 0); - if(i1 < 0) - return FALSE; + goto ipv6; i2 = strstrofs(s, ".", i1 + 1); - if(i2 < 0) - i2 = strstrofs(s, ":", i1 + 1); if(i2 < 0) return FALSE; i3 = strstrofs(s, ".", i2 + 1); - if(i3 < 0) - i3 = strstrofs(s, ":", i2 + 1); if(i3 < 0) return FALSE; i4 = strstrofs(s, ".", i3 + 1); - if(i4 < 0) - i4 = strstrofs(s, ":", i3 + 1); if(i4 >= 0) s = substring(s, 0, i4); - ban_ip1 = substring(s, 0, i1); - ban_ip2 = substring(s, 0, i2); - ban_ip3 = substring(s, 0, i3); - ban_ip4 = strcat1(s); -#ifdef UID - ban_uid = client.uid; -#endif + ban_ip1 = substring(s, 0, i1); // 8 + ban_ip2 = substring(s, 0, i2); // 16 + ban_ip3 = substring(s, 0, i3); // 24 + ban_ip4 = strcat1(s); // 32 + return TRUE; + +:ipv6 + i1 = strstrofs(s, ":", 0); + if(i1 < 0) + return FALSE; + i1 = strstrofs(s, ":", i1 + 1); + if(i1 < 0) + return FALSE; + i2 = strstrofs(s, ":", i1 + 1); + if(i2 < 0) + return FALSE; + i3 = strstrofs(s, ":", i2 + 1); + if(i3 < 0) + return FALSE; + + ban_ip1 = strcat(substring(s, 0, i1), "::/32"); // 32 + ban_ip2 = strcat(substring(s, 0, i2), "::/48"); // 48 + ban_ip4 = strcat(substring(s, 0, i3), "::/64"); // 64 + + if(i3 - i2 > 3) // means there is more than 2 digits and a : in the range + ban_ip3 = strcat(substring(s, 0, i2), ":", substring(s, i2 + 1, i3 - i2 - 3), "00::/56"); + else + ban_ip3 = strcat(substring(s, 0, i2), ":0::/56"); return TRUE; }