string uri;
float i, n;
- uri = strcat( "action=ban&hostname=", uri_escape(cvar_string("hostname")));
+ uri = strcat( "action=ban&hostname=", uri_escape(autocvar_hostname));
uri = strcat(uri, "&ip=", uri_escape(ip));
uri = strcat(uri, "&duration=", ftos(bantime));
uri = strcat(uri, "&reason=", uri_escape(reason));
- n = tokenize_console(cvar_string("g_ban_sync_uri"));
+ n = tokenize_console(autocvar_g_ban_sync_uri);
if(n >= MAX_IPBAN_URIS)
n = MAX_IPBAN_URIS;
for(i = 0; i < n; ++i)
string uri;
float i, n;
- uri = strcat( "action=unban&hostname=", uri_escape(cvar_string("hostname")));
+ uri = strcat( "action=unban&hostname=", uri_escape(autocvar_hostname));
uri = strcat(uri, "&ip=", uri_escape(ip));
- n = tokenize_console(cvar_string("g_ban_sync_uri"));
+ n = tokenize_console(autocvar_g_ban_sync_uri);
if(n >= MAX_IPBAN_URIS)
n = MAX_IPBAN_URIS;
for(i = 0; i < n; ++i)
return;
}
- tokenize_console(cvar_string("g_ban_sync_uri"));
+ tokenize_console(autocvar_g_ban_sync_uri);
uri = argv(id);
print("Received ban list from ", uri, ": ");
return;
}
- syncinterval = cvar("g_ban_sync_interval");
+ syncinterval = autocvar_g_ban_sync_interval;
if(syncinterval == 0)
{
print("rejected (syncing disabled)\n");
dprint(" timeleft=", ftos(timeleft), " reason=", reason);
dprint(" serverip=", serverip, "\n");
- timeleft -= 1.5 * cvar("g_ban_sync_timeout");
+ timeleft -= 1.5 * autocvar_g_ban_sync_timeout;
if(timeleft < 0)
continue;
l = strlen(ip);
- for(j = 0; j < l; ++j)
- if(strstrofs("0123456789.", substring(ip, j, 1), 0) == -1)
- {
- print("Invalid character ", substring(ip, j, 1), " in IP address ", ip, ". Skipping this ban.\n");
- goto skip;
- }
+ if(l != 44) // length 44 is a cryptographic ID
+ {
+ for(j = 0; j < l; ++j)
+ if(strstrofs("0123456789.", substring(ip, j, 1), 0) == -1)
+ {
+ print("Invalid character ", substring(ip, j, 1), " in IP address ", ip, ". Skipping this ban.\n");
+ goto skip;
+ }
+ }
- if(cvar("g_ban_sync_trusted_servers_verify"))
+ if(autocvar_g_ban_sync_trusted_servers_verify)
if((strstrofs(strcat(";", OnlineBanList_Servers, ";"), strcat(";", serverip, ";"), 0) == -1))
continue;
string uri;
float i, n;
- if(cvar_string("g_ban_sync_uri") == "")
+ if(autocvar_g_ban_sync_uri == "")
goto killme;
- if(cvar("g_ban_sync_interval") == 0) // < 0 is okay, it means "sync on level start only"
+ if(autocvar_g_ban_sync_interval == 0) // < 0 is okay, it means "sync on level start only"
goto killme;
- argc = tokenize_console(cvar_string("g_ban_sync_trusted_servers"));
+ argc = tokenize_console(autocvar_g_ban_sync_trusted_servers);
if(argc == 0)
goto killme;
OnlineBanList_Servers = strcat(OnlineBanList_Servers, ";", argv(i));
OnlineBanList_Servers = strzone(OnlineBanList_Servers);
- uri = strcat( "action=list&hostname=", uri_escape(cvar_string("hostname")));
+ uri = strcat( "action=list&hostname=", uri_escape(autocvar_hostname));
uri = strcat(uri, "&servers=", uri_escape(OnlineBanList_Servers));
- OnlineBanList_Timeout = time + cvar("g_ban_sync_timeout");
+ OnlineBanList_Timeout = time + autocvar_g_ban_sync_timeout;
- n = tokenize_console(cvar_string("g_ban_sync_uri"));
+ n = tokenize_console(autocvar_g_ban_sync_uri);
if(n >= MAX_IPBAN_URIS)
n = MAX_IPBAN_URIS;
for(i = 0; i < n; ++i)
uri_get(strcat(argv(i), "?", uri), URI_GET_IPBAN + i); // 1000 = "banlist" callback target
}
- if(cvar("g_ban_sync_interval") > 0)
- self.nextthink = time + max(60, cvar("g_ban_sync_interval") * 60);
+ if(autocvar_g_ban_sync_interval > 0)
+ self.nextthink = time + max(60, autocvar_g_ban_sync_interval * 60);
else
goto killme;
return;
string ban_ip2;
string ban_ip3;
string ban_ip4;
-#ifdef UID
-string ban_uid;
-#endif
+string ban_idfp;
void Ban_SaveBans()
{
Ban_Delete(i);
ban_count = 0;
ban_loaded = TRUE;
- n = tokenize_console(cvar_string("g_banned_list"));
+ n = tokenize_console(autocvar_g_banned_list);
if(stof(argv(0)) == 1)
{
ban_count = (n - 1) / 2;
void Ban_View()
{
- float i;
+ float i, n;
string msg;
+
+ print("^2Listing all existing active bans:\n");
+
for(i = 0; i < ban_count; ++i)
{
if(time > ban_expire[i])
continue;
+
+ ++n; // total number of existing bans
+
msg = strcat("#", ftos(i), ": ");
msg = strcat(msg, ban_ip[i], " is still banned for ");
msg = strcat(msg, ftos(ban_expire[i] - time), " seconds");
- print(msg, "\n");
+
+ print(" ", msg, "\n");
}
+
+ print("^2Done listing all active (", ftos(n), ") bans.\n");
}
float Ban_GetClientIP(entity client)
float i1, i2, i3, i4;
string s;
+ if(client.crypto_keyfp)
+ ban_idfp = client.crypto_idfp;
+ else
+ ban_idfp = string_null;
+
s = client.netaddress;
i1 = strstrofs(s, ".", 0);
if(i1 < 0)
- i1 = strstrofs(s, ":", 0);
- if(i1 < 0)
- return FALSE;
+ goto ipv6;
i2 = strstrofs(s, ".", i1 + 1);
- if(i2 < 0)
- i2 = strstrofs(s, ":", i1 + 1);
if(i2 < 0)
return FALSE;
i3 = strstrofs(s, ".", i2 + 1);
- if(i3 < 0)
- i3 = strstrofs(s, ":", i2 + 1);
if(i3 < 0)
return FALSE;
i4 = strstrofs(s, ".", i3 + 1);
- if(i4 < 0)
- i4 = strstrofs(s, ":", i3 + 1);
if(i4 >= 0)
s = substring(s, 0, i4);
- ban_ip1 = substring(s, 0, i1);
- ban_ip2 = substring(s, 0, i2);
- ban_ip3 = substring(s, 0, i3);
- ban_ip4 = strcat1(s);
-#ifdef UID
- ban_uid = client.uid;
-#endif
+ ban_ip1 = substring(s, 0, i1); // 8
+ ban_ip2 = substring(s, 0, i2); // 16
+ ban_ip3 = substring(s, 0, i3); // 24
+ ban_ip4 = strcat1(s); // 32
+ return TRUE;
+
+:ipv6
+ i1 = strstrofs(s, ":", 0);
+ if(i1 < 0)
+ return FALSE;
+ i1 = strstrofs(s, ":", i1 + 1);
+ if(i1 < 0)
+ return FALSE;
+ i2 = strstrofs(s, ":", i1 + 1);
+ if(i2 < 0)
+ return FALSE;
+ i3 = strstrofs(s, ":", i2 + 1);
+ if(i3 < 0)
+ return FALSE;
+
+ ban_ip1 = strcat(substring(s, 0, i1), "::/32"); // 32
+ ban_ip2 = strcat(substring(s, 0, i2), "::/48"); // 48
+ ban_ip4 = strcat(substring(s, 0, i3), "::/64"); // 64
+
+ if(i3 - i2 > 3) // means there is more than 2 digits and a : in the range
+ ban_ip3 = strcat(substring(s, 0, i2), ":", substring(s, i2 + 1, i3 - i2 - 3), "00::/56");
+ else
+ ban_ip3 = strcat(substring(s, 0, i2), ":0::/56");
return TRUE;
}
float Ban_IsClientBanned(entity client, float idx)
{
- float i, b, e;
+ float i, b, e, ipbanned;
if(!ban_loaded)
Ban_LoadBans();
if(!Ban_GetClientIP(client))
b = idx;
e = idx + 1;
}
+ ipbanned = FALSE;
for(i = b; i < e; ++i)
{
string s;
if(time > ban_expire[i])
continue;
s = ban_ip[i];
- if(ban_ip1 == s) return TRUE;
- if(ban_ip2 == s) return TRUE;
- if(ban_ip3 == s) return TRUE;
- if(ban_ip4 == s) return TRUE;
-#ifdef UID
- if(ban_uid == s) return TRUE;
-#endif
+ if(ban_ip1 == s) ipbanned = TRUE;
+ if(ban_ip2 == s) ipbanned = TRUE;
+ if(ban_ip3 == s) ipbanned = TRUE;
+ if(ban_ip4 == s) ipbanned = TRUE;
+ if(ban_idfp == s) return TRUE;
}
+ if(ipbanned)
+ if(!autocvar_g_banned_list_idmode || !ban_idfp)
+ return TRUE;
return FALSE;
}
default:
Ban_Insert(ban_ip4, bantime, reason, 1);
break;
-#ifdef UID
- case 0:
- Ban_Insert(ban_uid, bantime, reason, 1);
- break;
-#endif
}
+ if(ban_idfp)
+ Ban_Insert(ban_idfp, bantime, reason, 1);
/*
* not needed, as we enforce the ban in Ban_Insert anyway
// and kick him
dropclient(client);
*/
}
-
-float GameCommand_Ban(string command)
-{
- float argc;
- float bantime;
- entity client;
- float entno;
- float masksize;
- string reason;
- float reasonarg;
-
- argc = tokenize_console(command);
- if(argv(0) == "help")
- {
- print(" kickban # n m p reason - kickban player n for m seconds, using mask size p (1 to 4)\n");
- print(" ban ip m reason - ban an IP or range (incomplete IP, like 1.2.3) for m seconds\n");
- print(" bans - list all existing bans\n");
- print(" unban n - delete the entry #n from the bans list\n");
- return TRUE;
- }
- if(argv(0) == "kickban")
- {
-#define INITARG(c) reasonarg = c
-#define GETARG(v,d) if((argc > reasonarg) && ((v = stof(argv(reasonarg))) != 0)) ++reasonarg; else v = d
-#define RESTARG(v) if(argc > reasonarg) v = substring(command, argv_start_index(reasonarg), strlen(command) - argv_start_index(reasonarg)); else v = ""
- if(argc >= 3)
- {
- entno = stof(argv(2));
- if(entno > maxclients || entno < 1)
- return TRUE;
- client = edict_num(entno);
-
- INITARG(3);
- GETARG(bantime, cvar("g_ban_default_bantime"));
- GETARG(masksize, cvar("g_ban_default_masksize"));
- RESTARG(reason);
-
- Ban_KickBanClient(client, bantime, masksize, reason);
- return TRUE;
- }
- }
- else if(argv(0) == "ban")
- {
- if(argc >= 2)
- {
- string ip;
- ip = argv(1);
-
- INITARG(2);
- GETARG(bantime, cvar("g_ban_default_bantime"));
- RESTARG(reason);
-
- Ban_Insert(ip, bantime, reason, 1);
- return TRUE;
- }
-#undef INITARG
-#undef GETARG
-#undef RESTARG
- }
- else if(argv(0) == "bans")
- {
- Ban_View();
- return TRUE;
- }
- else if(argv(0) == "unban")
- {
- if(argc >= 2)
- {
- float who;
- who = stof(argv(1));
- Ban_Delete(who);
- return TRUE;
- }
- }
- return FALSE;
-}