Add fine-grained command flood controls

This reintrouces "Excess Flood" quits for those that prefer it to fakelag,
and allows the maximum command rate to be set in the connect block.

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@12093 e03df62e-2008-0410-955e-edbf42e46eb7

8 files changed, 32 insertions, 24 deletions

diff --git a/src/command_parse.cpp b/src/command_parse.cpp
index 772b23117..86f801d3e 100644
--- a/src/command_parse.cpp
+++ b/src/command_parse.cpp
@@ -252,7 +252,7 @@ bool CommandParser::ProcessCommand(User *user, std::string &cmd)
 	if (IS_LOCAL(user) && !user->HasPrivPermission("users/flood/no-throttle"))
 	{
 		// If it *doesn't* exist, give it a slightly heftier penalty than normal to deter flooding us crap
-		IS_LOCAL(user)->Penalty += cm != cmdlist.end() ? cm->second->Penalty : 2;
+		IS_LOCAL(user)->CommandFloodPenalty += cm != cmdlist.end() ? cm->second->Penalty * 1000 : 2000;
 	}
 
 
diff --git a/src/commands/cmd_nick.cpp b/src/commands/cmd_nick.cpp
index 489551dd1..eccf2327e 100644
--- a/src/commands/cmd_nick.cpp
+++ b/src/commands/cmd_nick.cpp
@@ -203,7 +203,7 @@ CmdResult CommandNick::Handle (const std::vector<std::string>& parameters, User
 	if (user->registered == REG_ALL)
 	{
 		if (IS_LOCAL(user))
-			IS_LOCAL(user)->Penalty += 10;
+			IS_LOCAL(user)->CommandFloodPenalty += 5000;
 		FOREACH_MOD(I_OnUserPostNick,OnUserPostNick(user, oldnick));
 	}
 
diff --git a/src/commands/cmd_oper.cpp b/src/commands/cmd_oper.cpp
index 42ea0c07d..378db4303 100644
--- a/src/commands/cmd_oper.cpp
+++ b/src/commands/cmd_oper.cpp
@@ -89,7 +89,7 @@ CmdResult CommandOper::HandleLocal(const std::vector<std::string>& parameters, L
 
 	// tell them they suck, and lag them up to help prevent brute-force attacks
 	user->WriteNumeric(491, "%s :Invalid oper credentials",user->nick.c_str());
-	user->Penalty += 10;
+	user->CommandFloodPenalty += 10000;
 
 	snprintf(broadcast, MAXBUF, "WARNING! Failed oper attempt by %s!%s@%s using login '%s': The following fields do not match: %s", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), parameters[0].c_str(), fields.c_str());
 	ServerInstance->SNO->WriteToSnoMask('o',std::string(broadcast));
diff --git a/src/configreader.cpp b/src/configreader.cpp
index f81283dc7..aebf85ca8 100644
--- a/src/configreader.cpp
+++ b/src/configreader.cpp
@@ -366,6 +366,8 @@ void ServerConfig::CrossCheckConnectBlocks(ServerConfig* current)
 			me->hardsendqmax = tag->getInt("hardsendq", me->hardsendqmax);
 			me->recvqmax = tag->getInt("recvq", me->recvqmax);
 			me->penaltythreshold = tag->getInt("threshold", me->penaltythreshold);
+			me->commandrate = tag->getInt("commandrate", me->commandrate);
+			me->fakelag = tag->getBool("fakelag", me->fakelag);
 			me->maxlocal = tag->getInt("localmax", me->maxlocal);
 			me->maxglobal = tag->getInt("globalmax", me->maxglobal);
 			me->port = tag->getInt("port", me->port);
diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp
index 263e28210..0a4e58edf 100644
--- a/src/modules/m_cloaking.cpp
+++ b/src/modules/m_cloaking.cpp
@@ -57,7 +57,7 @@ class CloakUser : public ModeHandler
 		}
 
 		/* don't allow this user to spam modechanges */
-		IS_LOCAL(dest)->Penalty += 5;
+		IS_LOCAL(dest)->CommandFloodPenalty += 5000;
 
 		if (adding)
 		{
diff --git a/src/modules/m_testnet.cpp b/src/modules/m_testnet.cpp
index ff37adf3c..0bc33f002 100644
--- a/src/modules/m_testnet.cpp
+++ b/src/modules/m_testnet.cpp
@@ -190,9 +190,9 @@ class CommandTest : public Command
 			for(unsigned int i=0; i < count; i++)
 				user->Write(line);
 		}
-		else if (parameters[0] == "freeze" && IS_LOCAL(user))
+		else if (parameters[0] == "freeze" && IS_LOCAL(user) && parameters.size() > 1)
 		{
-			IS_LOCAL(user)->Penalty += 100;
+			IS_LOCAL(user)->CommandFloodPenalty += atoi(parameters[1].c_str());
 		}
 		else if (parameters[0] == "shutdown" && IS_LOCAL(user))
 		{
diff --git a/src/userprocess.cpp b/src/userprocess.cpp
index 8aa76a1fd..781f8ae52 100644
--- a/src/userprocess.cpp
+++ b/src/userprocess.cpp
@@ -55,9 +55,13 @@ void InspIRCd::DoBackgroundUserStuff()
 		if (curr->quitting)
 			continue;
 
-		if (curr->Penalty)
+		if (curr->CommandFloodPenalty)
 		{
-			curr->Penalty--;
+			unsigned int rate = curr->MyClass->GetCommandRate();
+			if (curr->CommandFloodPenalty > rate)
+				curr->CommandFloodPenalty -= rate;
+			else
+				curr->CommandFloodPenalty = 0;
 			curr->eh.OnDataReady();
 		}
 
diff --git a/src/users.cpp b/src/users.cpp
index ec6fd0571..98c362f95 100644
--- a/src/users.cpp
+++ b/src/users.cpp
@@ -244,7 +244,7 @@ LocalUser::LocalUser(int myfd, irc::sockets::sockaddrs* client, irc::sockets::so
 {
 	bytes_in = bytes_out = cmds_in = cmds_out = 0;
 	server_sa.sa.sa_family = AF_UNSPEC;
-	Penalty = 0;
+	CommandFloodPenalty = 0;
 	lastping = nping = 0;
 	eh.SetFd(myfd);
 	memcpy(&client_sa, client, sizeof(irc::sockets::sockaddrs));
@@ -509,11 +509,11 @@ void UserIOHandler::OnDataReady()
 	unsigned long sendqmax = ULONG_MAX;
 	if (!user->HasPrivPermission("users/flood/increased-buffers"))
 		sendqmax = user->MyClass->GetSendqSoftMax();
-	int penaltymax = user->MyClass->GetPenaltyThreshold();
-	if (penaltymax == 0 || user->HasPrivPermission("users/flood/no-fakelag"))
-		penaltymax = INT_MAX;
+	unsigned long penaltymax = ULONG_MAX;
+	if (!user->HasPrivPermission("users/flood/no-fakelag"))
+		penaltymax = user->MyClass->GetPenaltyThreshold() * 1000;
 
-	while (user->Penalty < penaltymax && getSendQSize() < sendqmax)
+	while (user->CommandFloodPenalty < penaltymax && getSendQSize() < sendqmax)
 	{
 		std::string line;
 		line.reserve(MAXBUF);
@@ -550,8 +550,10 @@ eol_found:
 			return;
 	}
 	// Add pseudo-penalty so that we continue processing after sendq recedes
-	if (user->Penalty == 0 && getSendQSize() >= sendqmax)
-		user->Penalty++;
+	if (user->CommandFloodPenalty == 0 && getSendQSize() >= sendqmax)
+		user->CommandFloodPenalty++;
+	if (user->CommandFloodPenalty >= penaltymax && !user->MyClass->fakelag)
+		ServerInstance->Users->QuitUser(user, "Excess Flood");
 }
 
 void UserIOHandler::AddWriteBuf(const std::string &data)
@@ -1689,19 +1691,19 @@ const std::string& FakeUser::GetFullRealHost()
 }
 
 ConnectClass::ConnectClass(ConfigTag* tag, char t, const std::string& mask)
-	: config(tag), type(t), name("unnamed"), registration_timeout(0), host(mask),
-	pingtime(0), pass(""), hash(""), softsendqmax(0), hardsendqmax(0),
-	recvqmax(0), penaltythreshold(0), maxlocal(0), maxglobal(0), maxchans(0), port(0), limit(0)
+	: config(tag), type(t), fakelag(true), name("unnamed"), registration_timeout(0), host(mask),
+	pingtime(0), pass(""), hash(""), softsendqmax(0), hardsendqmax(0), recvqmax(0),
+	penaltythreshold(0), commandrate(0), maxlocal(0), maxglobal(0), maxchans(0), port(0), limit(0)
 {
 }
 
 ConnectClass::ConnectClass(ConfigTag* tag, char t, const std::string& mask, const ConnectClass& parent)
-	: config(tag), type(t), name("unnamed"),
-	registration_timeout(parent.registration_timeout), host(mask),
-	pingtime(parent.pingtime), pass(parent.pass), hash(parent.hash),
-	softsendqmax(parent.softsendqmax), hardsendqmax(parent.hardsendqmax),
-	recvqmax(parent.recvqmax), penaltythreshold(parent.penaltythreshold), maxlocal(parent.maxlocal),
-	maxglobal(parent.maxglobal), maxchans(parent.maxchans),
+	: config(tag), type(t), fakelag(parent.fakelag), name("unnamed"),
+	registration_timeout(parent.registration_timeout), host(mask), pingtime(parent.pingtime),
+	pass(parent.pass), hash(parent.hash), softsendqmax(parent.softsendqmax),
+	hardsendqmax(parent.hardsendqmax), recvqmax(parent.recvqmax),
+	penaltythreshold(parent.penaltythreshold), commandrate(parent.commandrate),
+	maxlocal(parent.maxlocal), maxglobal(parent.maxglobal), maxchans(parent.maxchans),
 	port(parent.port), limit(parent.limit)
 {
 }