diff options
| -rw-r--r-- | src/modules/m_spanningtree.cpp | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/src/modules/m_spanningtree.cpp b/src/modules/m_spanningtree.cpp index f5f0861ff..18f92c025 100644 --- a/src/modules/m_spanningtree.cpp +++ b/src/modules/m_spanningtree.cpp @@ -2700,6 +2700,26 @@ class TreeSocket : public InspSocket virtual int OnIncomingConnection(int newsock, char* ip) { + /* To prevent anyone from attempting to flood opers/DDoS by connecting to the server port, + * or discovering if this port is the server port, we don't allow connections from any + * IPs for which we don't have a link block. + */ + bool found = false; + vector<Link>::iterator i; + for (i = LinkBlocks.begin(); i != LinkBlocks.end(); i++) + { + if (i->IPAddr == ip) + { + found = true; + break; + } + } + if (!found) + { + WriteOpers("Server connection from %s denied (no link blocks with that IP address)", ip); + close(newsock); + return false; + } TreeSocket* s = new TreeSocket(newsock, ip); Srv->AddSocket(s); return true; |