From e51ea66534e407bd5314d2df3ecdaf8ef2e7d310 Mon Sep 17 00:00:00 2001 From: Peter Powell Date: Tue, 24 Sep 2013 22:36:28 +0100 Subject: Improve error reporting for . --- docs/conf/inspircd.conf.example | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example index 9512e17c4..20344792e 100644 --- a/docs/conf/inspircd.conf.example +++ b/docs/conf/inspircd.conf.example @@ -718,13 +718,15 @@ # no Do not show operspywhois="no" - # runasuser: If this is set, InspIRCd will attempt to setuid - # to run as this user- allows binding of ports under 1024. + # runasuser: If this is set, InspIRCd will attempt to switch + # to run as this user, which allows binding of ports under 1024. + # You should NOT set this unless you are starting as root. # NOT SUPPORTED/NEEDED UNDER WINDOWS. #runasuser="" - # runasgroup: If this is set, InspIRCd will attempt to set group - # to run under this group, which allows binding of ports under 1024 + # runasgroup: If this is set, InspIRCd will attempt to switch + # to run as this group, which allows binding of ports under 1024. + # You should NOT set this unless you are starting as root. # NOT SUPPORTED/NEEDED UNDER WINDOWS. #runasgroup="" -- cgit v1.2.3 From b43e157a14f56b2d0d608484e4d819b03f60fd09 Mon Sep 17 00:00:00 2001 From: Mantas Mikulėnas Date: Thu, 2 Jan 2014 16:52:51 +0200 Subject: Use standard example addresses in configs `2001:db8::/32` is the [standard][1] IPv6 example address range, using it also makes it clear when the user has just copy-pasted the example config and didn't actually whitelist 6BONE for some strange reason. Similarly, there are example addresses for [IPv4][2] and [DNS][3]. [1]: http://tools.ietf.org/html/rfc3849 [2]: http://tools.ietf.org/html/rfc5737 [3]: http://tools.ietf.org/html/rfc2606 --- docs/conf/inspircd.conf.example | 16 ++++++++-------- docs/conf/links.conf.example | 4 ++-- docs/conf/opers.conf.example | 6 +++--- 3 files changed, 13 insertions(+), 13 deletions(-) (limited to 'docs') diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example index 20344792e..9bd7d2e4b 100644 --- a/docs/conf/inspircd.conf.example +++ b/docs/conf/inspircd.conf.example @@ -221,7 +221,7 @@ + deny="192.0.2.*"> # connect:reason is the message that users will see if they match a deny block @@ -238,7 +238,7 @@ parent="main" # allow: What IP addresses/hosts to allow for this block. - allow="196.12.*" + allow="203.0.113.*" # hash: what hash this password is hashed with. requires the module # for selected hash (m_md5.so, m_sha256.so or m_ripemd160.so) be @@ -872,7 +872,7 @@ @@ -891,22 +891,22 @@ - - + + # exception: Hosts that are exempt from [kgz]lines. + reason="Oper's hostname"> #-#-#-#-#-#-#-#-#-#-#- INSANE BAN OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-# # # diff --git a/docs/conf/links.conf.example b/docs/conf/links.conf.example index fc0fc3b5e..1b715123d 100644 --- a/docs/conf/links.conf.example +++ b/docs/conf/links.conf.example @@ -29,7 +29,7 @@ # allowmask: Range of IP addresses to allow for this link. # Can be a CIDR (see example). - allowmask="69.58.44.0/24" + allowmask="203.0.113.0/24" # timeout: If defined, this option defines how long the server # will wait to consider the connect attempt failed and try the @@ -74,7 +74,7 @@ @@ -156,7 +156,7 @@ # Multiple options can be separated by spaces and CIDR's are allowed. # You CAN use just * or *@* for this section, but it is not recommended # for security reasons. - host="ident@dialup15.isp.com *@localhost *@server.com *@3ffe::0/16" + host="yourident@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32" # type: What oper type this oline is. See the block above for list # of types. NOTE: This is case-sensitive as well. -- cgit v1.2.3 From 659530cbab286a2fbb38eee16d290cd202704452 Mon Sep 17 00:00:00 2001 From: Attila Molnar Date: Mon, 20 Jan 2014 16:48:20 +0100 Subject: Update example configs/helpop --- docs/conf/helpop-full.conf.example | 4 ++-- docs/conf/helpop.conf.example | 10 +++++----- docs/conf/modules.conf.example | 3 ++- 3 files changed, 9 insertions(+), 8 deletions(-) (limited to 'docs') diff --git a/docs/conf/helpop-full.conf.example b/docs/conf/helpop-full.conf.example index 1b33004c4..2c12972c2 100644 --- a/docs/conf/helpop-full.conf.example +++ b/docs/conf/helpop-full.conf.example @@ -361,8 +361,8 @@ Sets your name to the specified name."> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -- cgit v1.2.3 From ef264e2dca03126e1ea38ee05594bd015384622b Mon Sep 17 00:00:00 2001 From: Attila Molnar Date: Mon, 20 Jan 2014 16:57:30 +0100 Subject: m_httpd Add timeout option; remove timed out connections --- docs/conf/modules.conf.example | 3 +++ src/modules/m_httpd.cpp | 32 +++++++++++++++++++++++++++++++- 2 files changed, 34 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example index b65a0ca02..09a8514a4 100644 --- a/docs/conf/modules.conf.example +++ b/docs/conf/modules.conf.example @@ -870,6 +870,9 @@ # a tag with type "httpd", and load at least one of the other # m_httpd_* modules to provide pages to display. # +# You can adjust the timeout for HTTP connections below. All HTTP +# connections will be closed after (roughly) this many seconds. +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # http ACL module: Provides access control lists for m_httpd dependent diff --git a/src/modules/m_httpd.cpp b/src/modules/m_httpd.cpp index 6315809a9..a853e12c2 100644 --- a/src/modules/m_httpd.cpp +++ b/src/modules/m_httpd.cpp @@ -59,9 +59,11 @@ class HttpServerSocket : public BufferedSocket std::string http_version; public: + const time_t createtime; HttpServerSocket(int newfd, const std::string& IP, ListenSocket* via, irc::sockets::sockaddrs* client, irc::sockets::sockaddrs* server) : BufferedSocket(newfd), ip(IP), postsize(0) + , createtime(ServerInstance->Time()) { InternalState = HTTP_SERVE_WAIT_REQUEST; @@ -339,12 +341,22 @@ class HttpServerSocket : public BufferedSocket class ModuleHttpServer : public Module { + unsigned int timeoutsec; + public: void init() { HttpModule = this; - ServerInstance->Modules->Attach(I_OnAcceptConnection, this); + Implementation eventlist[] = { I_OnAcceptConnection, I_OnBackgroundTimer, I_OnRehash }; + ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation)); + OnRehash(NULL); + } + + void OnRehash(User* user) + { + ConfigTag* tag = ServerInstance->Config->ConfValue("httpd"); + timeoutsec = tag->getInt("timeout"); } void OnRequest(Request& request) @@ -367,6 +379,24 @@ class ModuleHttpServer : public Module return MOD_RES_ALLOW; } + void OnBackgroundTimer(time_t curtime) + { + if (!timeoutsec) + return; + + time_t oldest_allowed = curtime - timeoutsec; + for (std::set::const_iterator i = sockets.begin(); i != sockets.end(); ) + { + HttpServerSocket* sock = *i; + ++i; + if (sock->createtime < oldest_allowed) + { + sock->cull(); + delete sock; + } + } + } + CullResult cull() { std::set local; -- cgit v1.2.3 From b8f0e349ce8891d6236fc026c47139af1f05912c Mon Sep 17 00:00:00 2001 From: Attila Molnar Date: Mon, 20 Jan 2014 17:05:01 +0100 Subject: m_svshold Add config option to hide snotices --- docs/conf/modules.conf.example | 2 ++ src/modules/m_svshold.cpp | 27 +++++++++++++++++++++++---- 2 files changed, 25 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example index 09a8514a4..e9304f390 100644 --- a/docs/conf/modules.conf.example +++ b/docs/conf/modules.conf.example @@ -1776,6 +1776,8 @@ # SVSHold module: Implements SVSHOLD. Like Q:Lines, but can only be # # added/removed by Services. # # +# If silent is true no snotices will be generated by SVSHOLD. +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SWHOIS module: Allows you to add arbitary lines to user WHOIS. diff --git a/src/modules/m_svshold.cpp b/src/modules/m_svshold.cpp index d8176043e..e666b0fe2 100644 --- a/src/modules/m_svshold.cpp +++ b/src/modules/m_svshold.cpp @@ -25,6 +25,11 @@ /* $ModDesc: Implements SVSHOLD. Like Q:Lines, but can only be added/removed by Services. */ +namespace +{ + bool silent; +} + /** Holds a SVSHold item */ class SVSHold : public XLine @@ -58,8 +63,11 @@ public: void DisplayExpiry() { - ServerInstance->SNO->WriteToSnoMask('x',"Removing expired SVSHOLD %s (set by %s %ld seconds ago)", - this->nickname.c_str(), this->source.c_str(), (long int)(ServerInstance->Time() - this->set_time)); + if (!silent) + { + ServerInstance->SNO->WriteToSnoMask('x',"Removing expired SVSHOLD %s (set by %s %ld seconds ago)", + this->nickname.c_str(), this->source.c_str(), (long int)(ServerInstance->Time() - this->set_time)); + } } const char* Displayable() @@ -114,7 +122,8 @@ class CommandSvshold : public Command { if (ServerInstance->XLines->DelLine(parameters[0].c_str(), "SVSHOLD", user)) { - ServerInstance->SNO->WriteToSnoMask('x',"%s removed SVSHOLD on %s",user->nick.c_str(),parameters[0].c_str()); + if (!silent) + ServerInstance->SNO->WriteToSnoMask('x',"%s removed SVSHOLD on %s",user->nick.c_str(),parameters[0].c_str()); } else { @@ -132,6 +141,9 @@ class CommandSvshold : public Command if (ServerInstance->XLines->AddLine(r, user)) { + if (silent) + return CMD_SUCCESS; + if (!duration) { ServerInstance->SNO->WriteGlobalSno('x', "%s added permanent SVSHOLD for %s: %s", user->nick.c_str(), parameters[0].c_str(), parameters[2].c_str()); @@ -174,8 +186,15 @@ class ModuleSVSHold : public Module { ServerInstance->XLines->RegisterFactory(&s); ServerInstance->Modules->AddService(cmd); - Implementation eventlist[] = { I_OnUserPreNick, I_OnStats }; + Implementation eventlist[] = { I_OnUserPreNick, I_OnStats, I_OnRehash }; ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation)); + OnRehash(NULL); + } + + void OnRehash(User* user) + { + ConfigTag* tag = ServerInstance->Config->ConfValue("svshold"); + silent = tag->getBool("silent"); } virtual ModResult OnStats(char symbol, User* user, string_list &out) -- cgit v1.2.3