1 Index: doc/example.conf
2 ===================================================================
3 RCS file: /home/coder-com/cvs/ircu2.10/doc/example.conf,v
4 retrieving revision 1.15.2.5
5 diff -b -u -d -r1.15.2.5 example.conf
6 --- doc/example.conf 2002/05/17 16:42:18 1.15.2.5
7 +++ doc/example.conf 2002/07/17 22:17:54
13 +# Opers may wish to hide their IP mask and hostname, even if they are on
14 +# a bnc. This can prevent the risk of opers or their providers getting
15 +# dos'd or whatever the case may be.
17 +# When a client connects, his or her IP is compared to the incoming_IP in
18 +# each of the S:lines in the conf. If it finds an exact match (NOT a mask
19 +# match, but a simple comparison), it will substitute the client's ip with
20 +# modified_IP and the client's real hostname with modified_hostname (as
24 +# S:<incoming_IP>:<modified_IP>:<modifed_hostname>
27 +# S:193.178.138.13:192.168.128.1:undernet.org
29 +# If a user connects to the server with the IP 193.178.138.13, it is
30 +# automatically changed to 192.168.128.1 and the user's host is set to
33 +# If no modified_IP is provided, only the host is modified.
37 # When your server gets more full, you will notice delays when trying to
38 # connect to your server's primary listening port. It is possible via the
39 Index: include/client.h
40 ===================================================================
41 RCS file: /home/coder-com/cvs/ircu2.10/include/client.h,v
42 retrieving revision 1.23.2.4
43 diff -b -u -d -r1.23.2.4 client.h
44 --- include/client.h 2002/07/17 21:07:01 1.23.2.4
45 +++ include/client.h 2002/07/17 22:17:56
47 #define FLAGS_DOID 0x00040000 /* I-lines say must use ident return */
48 #define FLAGS_NONL 0x00080000 /* No \n in buffer */
49 #define FLAGS_TS8 0x00100000 /* Why do you want to know? */
50 +#define FLAGS_SLINE 0x00200000 /* User is S-lined */
51 #define FLAGS_MAP 0x00800000 /* Show server on the map */
52 #define FLAGS_JUNCTION 0x01000000 /* Junction causing the net.burst */
53 #define FLAGS_DEAF 0x02000000 /* Makes user deaf */
55 #define IsAccount(x) (cli_flags(x) & FLAGS_ACCOUNT)
56 #define IsHiddenHost(x) (cli_flags(x) & FLAGS_HIDDENHOST)
57 #define HasHiddenHost(x) (IsAccount(x) && IsHiddenHost(x))
58 +#define HasSLine(x) (cli_flags(x) & FLAGS_SLINE)
60 #define IsPrivileged(x) (IsAnOper(x) || IsServer(x))
63 #define SetService(x) (cli_flags(x) |= FLAGS_SERVICE)
64 #define SetAccount(x) (cli_flags(x) |= FLAGS_ACCOUNT)
65 #define SetHiddenHost(x) (cli_flags(x) |= FLAGS_HIDDENHOST)
66 +#define SetSLined(x) (cli_flags(x) |= FLAGS_SLINE)
68 #define ClearAccess(x) (cli_flags(x) &= ~FLAGS_CHKACCESS)
69 #define ClearBurst(x) (cli_flags(x) &= ~FLAGS_BURST)
70 Index: include/s_conf.h
71 ===================================================================
72 RCS file: /home/coder-com/cvs/ircu2.10/include/s_conf.h,v
73 retrieving revision 1.15.2.1
74 diff -b -u -d -r1.15.2.1 s_conf.h
75 --- include/s_conf.h 2002/05/17 16:42:19 1.15.2.1
76 +++ include/s_conf.h 2002/07/17 22:17:57
79 #define CONF_ILLEGAL 0x80000000
80 #define CONF_MATCH 0x40000000
81 +#define CONF_SPOOF 0x20000000
82 #define CONF_CLIENT 0x0002
83 #define CONF_SERVER 0x0004
84 #define CONF_LOCOP 0x0010
86 ===================================================================
87 RCS file: /home/coder-com/cvs/ircu2.10/ircd/s_auth.c,v
88 retrieving revision 1.21.2.5
89 diff -b -u -d -r1.21.2.5 s_auth.c
90 --- ircd/s_auth.c 2002/07/10 16:22:47 1.21.2.5
91 +++ ircd/s_auth.c 2002/07/17 22:17:59
93 #include "querycmds.h"
101 { "NOTICE AUTH :*** No ident response\r\n", 36 },
102 { "NOTICE AUTH :*** Your forward and reverse DNS do not match, " \
103 "ignoring hostname.\r\n", 80 },
104 + { "NOTICE AUTH :*** Using S-line privilege\r\n", 41 },
105 { "NOTICE AUTH :*** Invalid hostname\r\n", 35 }
112 + REPORT_USING_SLINE,
117 struct AuthRequest* auth = 0;
121 + if (conf_check_slines(client)) {
122 + sendheader(client, REPORT_USING_SLINE);
124 + release_auth_client(client);
128 auth = make_auth_request(client);
131 ===================================================================
132 RCS file: /home/coder-com/cvs/ircu2.10/ircd/s_conf.c,v
133 retrieving revision 1.44.2.3
134 diff -b -u -d -r1.44.2.3 s_conf.c
135 --- ircd/s_conf.c 2002/05/17 16:42:19 1.44.2.3
136 +++ ircd/s_conf.c 2002/07/17 22:18:03
137 @@ -1158,6 +1158,10 @@
138 conf_add_quarantine(field_vector, field_count);
139 aconf->status = CONF_ILLEGAL;
143 + aconf->status = CONF_SPOOF;
145 case 'T': /* print out different motd's */
146 case 't': /* based on hostmask - CONF_TLINES */
147 motd_add(field_vector[1], field_vector[2]);
148 @@ -1260,6 +1264,9 @@
149 if ((aconf->status == CONF_UWORLD) && (aconf->passwd) && (*aconf->passwd))
150 addNickJupes(aconf->passwd);
152 + if (aconf->status & CONF_SPOOF)
153 + lookup_confhost(aconf);
155 collapse(aconf->host);
156 collapse(aconf->name);
158 @@ -1625,6 +1632,70 @@
159 c_conf->ipnum.s_addr = cli_ip(cptr).s_addr;
161 Debug((DEBUG_DNS, "sv_cl: access ok: %s[%s]", cli_name(cptr), cli_sockhost(cptr)));
166 + * conf_check_slines()
168 + * Check S lines for the specified client, passed in cptr struct.
169 + * If the client's IP is S-lined, process the substitution here.
170 + * 1. cptr->cli_ip (cli_ip(cptr))
171 + * 2. cptr->cli_connect->con_sock_ip (cli_sock_ip(cptr))
172 + * 3. cptr->cli_connect->sockhost (cli_sockhost(cptr))
174 + * If no substitued IP are specified, only change sockhost.
180 + * 0 = No S-line found
181 + * 1 = S-line found and substitution done.
188 +conf_check_slines(struct Client *cptr)
190 + struct ConfItem* aconf;
191 + struct in_addr iptemp;
194 + for (aconf = GlobalConfList; aconf; aconf = aconf->next) {
195 + if (aconf->status != CONF_SPOOF)
197 + if ((aconf->dns_pending)
198 + || (INADDR_NONE == aconf->ipnum.s_addr)
199 + || EmptyString(aconf->name))
202 + if (cli_ip(cptr).s_addr == aconf->ipnum.s_addr) {
204 + /* Ignore user part if u@h. */
205 + if ((hostonly = strchr(aconf->name, '@')))
208 + hostonly = aconf->name;
213 + if (!EmptyString(aconf->passwd)) {
214 + iptemp.s_addr = inet_addr(aconf->passwd);
215 + if (INADDR_NONE == iptemp.s_addr)
217 + cli_ip(cptr).s_addr = iptemp.s_addr;
220 + /* Perform a luxurious ircd_ntoa for sanity. */
221 + ircd_strncpy(cli_sock_ip(cptr), ircd_ntoa((const char*) &cli_ip(cptr)), SOCKIPLEN);
222 + ircd_strncpy(cli_sockhost(cptr), hostonly, HOSTLEN);
230 ===================================================================
231 RCS file: /home/coder-com/cvs/ircu2.10/ircd/s_user.c,v
232 retrieving revision 1.52.2.10
233 diff -b -u -d -r1.52.2.10 s_user.c
234 --- ircd/s_user.c 2002/07/17 21:07:01 1.52.2.10
235 +++ ircd/s_user.c 2002/07/17 22:18:05
238 clean_user_id(user->username,
239 (cli_flags(sptr) & FLAGS_GOTID) ? cli_username(sptr) : username,
240 - (cli_flags(sptr) & FLAGS_DOID) && !(cli_flags(sptr) & FLAGS_GOTID));
241 + (cli_flags(sptr) & FLAGS_DOID) && !(cli_flags(sptr) & FLAGS_GOTID)
242 + && !(HasSLine(sptr))); /* No tilde for S-lined users. */
244 if ((user->username[0] == '\0')
245 || ((user->username[0] == '~') && (user->username[1] == '\000')))