GitHub-Mirror/NeoStats-opsb
Archived
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

begin comments and tidy ups

Browse source
This commit is contained in:
Mark 2005-05-23 22:58:06 +00:00
parent c3d9b1c33a
commit a3d2dffdf4
4 changed files with 531 additions and 192 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

390
opsb.c
View file

@ -21,20 +21,31 @@
** $Id$
*/
/* TODO:
* - Akill support.
* - remove akill must check whether an akill was added by opsb before
* removing it otherwise blsb becomes a way for opers to remove any
* akill on the network including those they may not normally have
* access to.
*/
#include "neostats.h"
#ifdef HAVE_ARPA_NAMESER_H
#include <arpa/nameser.h>
#endif
#include "opsb.h"
void dnsblscan(void *scandata, adns_answer *a);
static int ss_event_signon (CmdParams* cmdparams);
int startscan(scaninfo *scandata);
void save_ports();
static int unconf(void);
int opsb_cmd_list (CmdParams* cmdparams);
int opsb_cmd_add (CmdParams* cmdparams);
int opsb_cmd_del (CmdParams* cmdparams);
void dns_callback( void *scandata, adns_answer *a );
static int startscan( scaninfo *scandata );
static int unconf( void );
static int event_nickip (CmdParams* cmdparams);
static int opsb_cmd_list( CmdParams* cmdparams );
static int opsb_cmd_add( CmdParams* cmdparams );
static int opsb_cmd_del( CmdParams* cmdparams );
static int opsb_cmd_check( CmdParams* cmdparams );
static int opsb_cmd_remove( CmdParams* cmdparams );
static int opsb_set_cb( CmdParams* cmdparams, SET_REASON reason );
static int opsb_set_exclusions_cb( CmdParams *cmdparams, SET_REASON reason );
Bot *opsb_bot;
@ -51,7 +62,7 @@ const char *opsb_copyright[] = {
*/
ModuleInfo module_info = {
"OPSB",
"An Open Proxy Scanning Bot",
"Open Proxy Scanning Bot",
opsb_copyright,
opsb_about,
NEOSTATS_VERSION,
@ -62,37 +73,124 @@ ModuleInfo module_info = {
0,
};
int findscan(const void *key1, const void *key2) {
const scaninfo *chan1 = key1;
return (ircstrcasecmp (chan1->who, key2));
static bot_cmd opsb_commands[]=
{
{"STATUS", opsb_cmd_status, 0, NS_ULEVEL_OPER, opsb_help_status, opsb_help_status_oneline},
{"REMOVE", opsb_cmd_remove, 1, NS_ULEVEL_OPER, opsb_help_remove, opsb_help_remove_oneline},
{"CHECK", opsb_cmd_check, 1, NS_ULEVEL_OPER, opsb_help_check, opsb_help_check_oneline},
{"ADD", opsb_cmd_add, 3, NS_ULEVEL_ADMIN, opsb_help_add, opsb_help_add_oneline},
{"DEL", opsb_cmd_del, 1, NS_ULEVEL_ADMIN, opsb_help_del, opsb_help_del_oneline},
{"LIST", opsb_cmd_list, 0, NS_ULEVEL_ADMIN, opsb_help_list, opsb_help_list_oneline},
{NULL, NULL, 0, 0, NULL, NULL}
};
static bot_setting opsb_settings[]=
{
{"TARGETIP", opsb.targetip, SET_TYPE_IPV4, 0, MAXHOST,NS_ULEVEL_ADMIN, NULL, opsb_help_set_targetip, opsb_set_cb, (void*)"10.1.1.24" },
{"TARGETPORT", &opsb.targetport, SET_TYPE_INT, 0, 65535, NS_ULEVEL_ADMIN, NULL, opsb_help_set_targetport, opsb_set_cb, (void*)6667 },
{"AKILL", &opsb.doakill, SET_TYPE_BOOLEAN, 0, 0, NS_ULEVEL_ADMIN, NULL, opsb_help_set_akill, opsb_set_cb, (void*)1 },
{"AKILLTIME", &opsb.akilltime, SET_TYPE_INT, 0, 20736000,NS_ULEVEL_ADMIN, NULL, opsb_help_set_akilltime, opsb_set_cb, (void*)86400 },
{"MAXBYTES", &opsb.maxbytes, SET_TYPE_INT, 0, 100000, NS_ULEVEL_ADMIN, NULL, opsb_help_set_maxbytes, opsb_set_cb, (void*)500 },
{"TIMEOUT", &opsb.timeout, SET_TYPE_INT, 0, 120, NS_ULEVEL_ADMIN, NULL, opsb_help_set_timeout, opsb_set_cb, (void*)30 },
{"OPENSTRING", opsb.openstring, SET_TYPE_MSG, 0, BUFSIZE, NS_ULEVEL_ADMIN, NULL, opsb_help_set_openstring, opsb_set_cb, (void*)"*** Looking up your hostname..." },
{"SCANMSG", opsb.scanmsg, SET_TYPE_MSG, 0, BUFSIZE, NS_ULEVEL_ADMIN, NULL, opsb_help_set_scanmsg, opsb_set_cb, (void*)"Your Host is being Scanned for Open Proxies" },
{"CACHETIME", &opsb.cachetime, SET_TYPE_INT, 0, 86400, NS_ULEVEL_ADMIN, NULL, opsb_help_set_cachetime, opsb_set_cb, (void*)3600 },
{"CACHESIZE", &opsb.cachesize, SET_TYPE_INT, 0, 10000, NS_ULEVEL_ADMIN, NULL, opsb_help_set_cachesize, opsb_set_cb, (void*)1000 },
{"VERBOSE", &opsb.verbose, SET_TYPE_BOOLEAN, 0, 0, NS_ULEVEL_ADMIN, NULL, opsb_help_set_verbose, opsb_set_cb, (void*)1 },
{"EXCLUSIONS", &opsb.exclusions, SET_TYPE_BOOLEAN, 0, 0, NS_ULEVEL_ADMIN, NULL, opsb_help_set_exclusions, opsb_set_exclusions_cb, (void *)0 },
{NULL, NULL, 0, 0, 0, 0, NULL, NULL, NULL },
};
/** BotInfo */
static BotInfo opsb_botinfo =
{
"opsb",
"opsb1",
"opsb",
BOT_COMMON_HOST,
"Proxy Scanning Bot",
BOT_FLAG_SERVICEBOT|BOT_FLAG_RESTRICT_OPERS|BOT_FLAG_DEAF,
opsb_commands,
opsb_settings,
};
ModuleEvent module_events[] =
{
{ EVENT_NICKIP, event_nickip, EVENT_FLAG_EXCLUDE_ME },
{ EVENT_NULL, NULL }
};
/** @brief ports_sort
*
* list handler to find scan
*
* @param
*
* @return
*/
int findscan( const void *key1, const void *key2 )
{
const scaninfo *chan1 = key1;
return ircstrcasecmp( chan1->who, key2 );
}
int ports_sort(const void *key1, const void *key2) {
/** @brief ports_sort
*
* Sort ports list handler
*
* @param
*
* @return
*/
int ports_sort( const void *key1, const void *key2 )
{
port_list *pl1 = (port_list *)key1;
port_list *pl2 = (port_list *)key2;
if (pl1->type == pl2->type) {
if (pl1->port == pl2->port) {
if (pl1->type == pl2->type)
{
if (pl1->port == pl2->port)
return 0;
} else if (pl1->port > pl2->port) {
if (pl1->port > pl2->port)
return 1;
} else {
return -1;
}
} else if (pl1->type > pl2->type) {
return 1;
return -1;
}
if (pl1->type > pl2->type)
return 1;
return -1;
}
int opsb_cmd_remove (CmdParams* cmdparams)
/** @brief opsb_cmd_remove
*
* REMOVE command handler
*
* @param cmdparam struct
*
* @return NS_SUCCESS if suceeds else result of command
*/
int opsb_cmd_remove( CmdParams* cmdparams )
{
irc_rakill (opsb_bot, cmdparams->av[0], "*");
irc_chanalert (opsb_bot, "%s attempted to remove an akill for *@%s", cmdparams->source->name, cmdparams->av[0]);
return NS_SUCCESS;
}
int opsb_cmd_check (CmdParams* cmdparams)
/** @brief opsb_cmd_check
*
* CHECK command handler
*
* @param cmdparam struct
*
* @return NS_SUCCESS if suceeds else result of command
*/
int opsb_cmd_check( CmdParams* cmdparams )
{
Client *scanuser;
scaninfo *scandata;
@ -129,7 +227,7 @@ int opsb_cmd_check (CmdParams* cmdparams)
/* is it a ip address or host */
if (inet_aton(cmdparams->av[0], &scandata->ip) <= 0) {
scandata->ip.s_addr = 0;
if (dns_lookup(scandata->lookup, adns_r_a, dnsblscan, (void *)scandata) != 1) {
if (dns_lookup(scandata->lookup, adns_r_a, dns_callback, (void *)scandata) != 1) {
nlog (LOG_WARNING, "DNS: startscan() DO_DNS_HOST_LOOKUP dns_lookup() failed");
ns_free(scandata);
return NS_SUCCESS;
@ -144,6 +242,15 @@ int opsb_cmd_check (CmdParams* cmdparams)
return NS_SUCCESS;
}
/** @brief opsb_cmd_list
*
* LIST command handler
*
* @param cmdparam struct
*
* @return NS_SUCCESS if suceeds else result of command
*/
int opsb_cmd_list (CmdParams* cmdparams)
{
port_list *pl;
@ -164,6 +271,15 @@ int opsb_cmd_list (CmdParams* cmdparams)
return NS_SUCCESS;
}
/** @brief opsb_cmd_add
*
* ADD command handler
*
* @param cmdparam struct
*
* @return NS_SUCCESS if suceeds else result of command
*/
int opsb_cmd_add (CmdParams* cmdparams)
{
port_list *pl;
@ -204,6 +320,15 @@ int opsb_cmd_add (CmdParams* cmdparams)
return NS_SUCCESS;
}
/** @brief opsb_cmd_del
*
* DEL command handler
*
* @param cmdparam struct
*
* @return NS_SUCCESS if suceeds else result of command
*/
int opsb_cmd_del (CmdParams* cmdparams)
{
port_list *pl;
@ -239,7 +364,18 @@ int opsb_cmd_del (CmdParams* cmdparams)
return NS_SUCCESS;
}
int do_set_cb (CmdParams* cmdparams, SET_REASON reason)
/** @brief opsb_set_cb
*
* Set callback
* Remove unconfigured warning if needed
*
* @cmdparams pointer to commands param struct
* @cmdparams reason for SET
*
* @return NS_SUCCESS if suceeds else NS_FAILURE
*/
int opsb_set_cb( CmdParams* cmdparams, SET_REASON reason )
{
if( reason == SET_CHANGE )
{
@ -251,6 +387,17 @@ int do_set_cb (CmdParams* cmdparams, SET_REASON reason)
return NS_SUCCESS;
}
/** @brief opsb_set_exclusions_cb
*
* Set callback for exclusions
* Enable or disable exclude event flag
*
* @cmdparams pointer to commands param struct
* @cmdparams reason for SET
*
* @return NS_SUCCESS if suceeds else NS_FAILURE
*/
static int opsb_set_exclusions_cb( CmdParams *cmdparams, SET_REASON reason )
{
if( reason == SET_LOAD || reason == SET_CHANGE )
@ -260,70 +407,15 @@ static int opsb_set_exclusions_cb( CmdParams *cmdparams, SET_REASON reason )
return NS_SUCCESS;
}
static bot_cmd opsb_commands[]=
{
{"STATUS", opsb_cmd_status, 0, NS_ULEVEL_OPER, opsb_help_status, opsb_help_status_oneline},
{"REMOVE", opsb_cmd_remove, 1, NS_ULEVEL_OPER, opsb_help_remove, opsb_help_remove_oneline},
{"CHECK", opsb_cmd_check, 1, NS_ULEVEL_OPER, opsb_help_check, opsb_help_check_oneline},
{"ADD", opsb_cmd_add, 3, NS_ULEVEL_ADMIN, opsb_help_add, opsb_help_add_oneline},
{"DEL", opsb_cmd_del, 1, NS_ULEVEL_ADMIN, opsb_help_del, opsb_help_del_oneline},
{"LIST", opsb_cmd_list, 0, NS_ULEVEL_ADMIN, opsb_help_list, opsb_help_list_oneline},
{NULL, NULL, 0, 0, NULL, NULL}
};
static bot_setting opsb_settings[]=
{
{"TARGETIP", opsb.targetip, SET_TYPE_IPV4, 0, MAXHOST,NS_ULEVEL_ADMIN, NULL, opsb_help_set_targetip, do_set_cb, (void*)"10.1.1.24" },
{"TARGETPORT", &opsb.targetport, SET_TYPE_INT, 0, 65535, NS_ULEVEL_ADMIN, NULL, opsb_help_set_targetport, do_set_cb, (void*)6667 },
{"AKILL", &opsb.doakill, SET_TYPE_BOOLEAN, 0, 0, NS_ULEVEL_ADMIN, NULL, opsb_help_set_akill, do_set_cb, (void*)1 },
{"AKILLTIME", &opsb.akilltime, SET_TYPE_INT, 0, 20736000,NS_ULEVEL_ADMIN, NULL, opsb_help_set_akilltime, do_set_cb, (void*)86400 },
{"MAXBYTES", &opsb.maxbytes, SET_TYPE_INT, 0, 100000, NS_ULEVEL_ADMIN, NULL, opsb_help_set_maxbytes, do_set_cb, (void*)500 },
{"TIMEOUT", &opsb.timeout, SET_TYPE_INT, 0, 120, NS_ULEVEL_ADMIN, NULL, opsb_help_set_timeout, do_set_cb, (void*)30 },
{"OPENSTRING", opsb.openstring, SET_TYPE_MSG, 0, BUFSIZE, NS_ULEVEL_ADMIN, NULL, opsb_help_set_openstring, do_set_cb, (void*)"*** Looking up your hostname..." },
{"SCANMSG", opsb.scanmsg, SET_TYPE_MSG, 0, BUFSIZE, NS_ULEVEL_ADMIN, NULL, opsb_help_set_scanmsg, do_set_cb, (void*)"Your Host is being Scanned for Open Proxies" },
{"CACHETIME", &opsb.cachetime, SET_TYPE_INT, 0, 86400, NS_ULEVEL_ADMIN, NULL, opsb_help_set_cachetime, do_set_cb, (void*)3600 },
{"CACHESIZE", &opsb.cachesize, SET_TYPE_INT, 0, 10000, NS_ULEVEL_ADMIN, NULL, opsb_help_set_cachesize, do_set_cb, (void*)1000 },
{"VERBOSE", &opsb.verbose, SET_TYPE_BOOLEAN, 0, 0, NS_ULEVEL_ADMIN, NULL, opsb_help_set_verbose, do_set_cb, (void*)1 },
{"EXCLUSIONS", &opsb.exclusions, SET_TYPE_BOOLEAN, 0, 0, NS_ULEVEL_ADMIN, NULL, opsb_help_set_exclusions, opsb_set_exclusions_cb, (void *)0 },
{NULL, NULL, 0, 0, 0, 0, NULL, NULL, NULL },
};
/** BotInfo */
static BotInfo opsb_botinfo =
{
"opsb",
"opsb1",
"opsb",
BOT_COMMON_HOST,
"Proxy Scanning Bot",
BOT_FLAG_SERVICEBOT|BOT_FLAG_RESTRICT_OPERS|BOT_FLAG_DEAF,
opsb_commands,
opsb_settings,
};
/** @brief ModSynch
/** @brief unconf
*
* Startup handler
* unconfigured warn timer callback
*
* @param none
*
* @return NS_SUCCESS if suceeds else NS_FAILURE
*/
int ModSynch (void)
{
SET_SEGV_LOCATION();
opsb_bot = AddBot (&opsb_botinfo);
if (opsb.confed == 0) {
AddTimer (TIMER_TYPE_INTERVAL, unconf, "unconf", 60);
unconf();
}
if(opsb.verbose) {
irc_chanalert (opsb_bot, "Open Proxy Scanning bot has started (Concurrent Scans: %d Sockets %d)", opsb.socks, opsb.socks *7);
}
return NS_SUCCESS;
}
static int unconf(void)
{
if (opsb.confed != 1)
@ -334,6 +426,15 @@ static int unconf(void)
return NS_SUCCESS;
}
/** @brief checkqueue
*
* check queue
*
* @param none
*
* @return none
*/
void checkqueue()
{
lnode_t *scannode;
@ -353,6 +454,15 @@ void checkqueue()
}
/** @brief addtocache
*
* add to cache
*
* @param ip
*
* @return
*/
void addtocache(unsigned long ip)
{
lnode_t *cachenode;
@ -384,6 +494,15 @@ void addtocache(unsigned long ip)
lnode_create_append(cache, ce);
}
/** @brief checkcache
*
* check cache
*
* @param scandata
*
* @return
*/
int checkcache(scaninfo *scandata)
{
Client *scanclient;
@ -434,14 +553,17 @@ int checkcache(scaninfo *scandata)
return 0;
}
ModuleEvent module_events[] =
{
{ EVENT_NICKIP, ss_event_signon, EVENT_FLAG_EXCLUDE_ME},
{ EVENT_NULL, NULL}
};
/** @brief event_nickip
*
* NICKIP event handler
* scan user that just signed on the network
*
* @cmdparams pointer to commands param struct
*
* @return NS_SUCCESS if suceeds else NS_FAILURE
*/
/* this function kicks of a scan of a user that just signed on the network */
static int ss_event_signon (CmdParams* cmdparams)
static int event_nickip (CmdParams* cmdparams)
{
scaninfo *scandata;
lnode_t *scannode;
@ -449,18 +571,19 @@ static int ss_event_signon (CmdParams* cmdparams)
SET_SEGV_LOCATION();
/* don't scan users from a server that is excluded */
if (ModIsServerExcluded (cmdparams->source->uplink))
{
if( ModIsServerExcluded( cmdparams->source->uplink ) )
return NS_SUCCESS;
}
if (IsNetSplit(cmdparams->source)) {
dlog (DEBUG1, "Ignoring netsplit nick %s", cmdparams->source->name);
if( IsNetSplit( cmdparams->source ) )
{
dlog( DEBUG1, "Ignoring netsplit nick %s", cmdparams->source->name );
return NS_SUCCESS;
}
scannode = list_find(opsbl, cmdparams->source->name, findscan);
if (!scannode) scannode = list_find(opsbq, cmdparams->source->name, findscan);
if (scannode) {
dlog (DEBUG1, "ss_event_signon(): Not scanning %s as we are already scanning them", cmdparams->source->name);
if (!scannode)
scannode = list_find(opsbq, cmdparams->source->name, findscan);
if (scannode)
{
dlog (DEBUG1, "event_nickip: Not scanning %s as we are already scanning them", cmdparams->source->name);
return NS_SUCCESS;
}
irc_prefmsg (opsb_bot, cmdparams->source, "%s", opsb.scanmsg);
@ -470,17 +593,23 @@ static int ss_event_signon (CmdParams* cmdparams)
strlcpy(scandata->who, cmdparams->source->name, MAXHOST);
strlcpy(scandata->lookup, cmdparams->source->user->hostname, MAXHOST);
strlcpy(scandata->server, cmdparams->source->uplink->name, MAXHOST);
/*strlcpy(scandata->connectstring, recbuf, BUFSIZE);*/
scandata->ip.s_addr = cmdparams->source->ip.s_addr;
if (!startscan(scandata)) {
irc_chanalert (opsb_bot, "Warning Can't scan %s", cmdparams->source->name);
nlog (LOG_WARNING, "OBSB ss_event_signon(): Can't scan %s. Check logs for possible errors", cmdparams->source->name);
nlog (LOG_WARNING, "OBSB event_nickip: Can't scan %s. Check logs for possible errors", cmdparams->source->name);
}
return NS_SUCCESS;
}
/* this function is the entry point for all scans. Any scan you want to kick off is started with this function. */
/* this includes moving scans from the queue to the active list */
/** @brief startscan
*
* entry point for all scans including moving scans
* from the queue to the active list
*
* @param scaninfo *scandata
*
* @return
*/
int startscan(scaninfo *scandata)
{
@ -511,7 +640,7 @@ int startscan(scaninfo *scandata)
}
start_proxy_scan(scandata);
#if 0
if (dns_lookup(scandata->lookup, adns_r_a, dnsblscan, scandata) != 1) {
if (dns_lookup(scandata->lookup, adns_r_a, dns_callback, scandata) != 1) {
nlog (LOG_WARNING, "OPSB: startscan() DO_DNS_HOST_LOOKUP dns_lookup() failed");
ns_free(scandata);
checkqueue();
@ -523,9 +652,19 @@ int startscan(scaninfo *scandata)
return 1;
}
/** @brief dns_callback
*
* DNS callback
*
* @param data
* @param a
*
* @return NS_SUCCESS if suceeds else result of command
*/
/* this function is called when either checking the opm list, or when we are trying to resolve the hostname */
void dnsblscan(void *data, adns_answer *a)
void dns_callback(void *data, adns_answer *a)
{
scaninfo *scandata = (scaninfo *)data;
char *show;
@ -552,13 +691,13 @@ void dnsblscan(void *data, adns_answer *a)
if (inet_aton(show, &scandata->ip) > 0) {
startscan(scandata);
} else {
nlog (LOG_CRITICAL, "OPSB: dnsblscan() GETNICKIP failed-> %s", show);
nlog (LOG_CRITICAL, "OPSB: dns_callback() GETNICKIP failed-> %s", show);
irc_chanalert (opsb_bot, "Warning, Couldn't get the address for %s", scandata->who);
ns_free(scandata);
checkqueue();
}
} else {
nlog (LOG_CRITICAL, "OPSB: dnsblscan GETNICKIP rr_info failed");
nlog (LOG_CRITICAL, "OPSB: dns_callback GETNICKIP rr_info failed");
irc_chanalert (opsb_bot, "Warning, Couldnt get the address for %s. rr_info failed", scandata->who);
ns_free(scandata);
checkqueue();
@ -571,6 +710,15 @@ void dnsblscan(void *data, adns_answer *a)
}
}
/** @brief ModInit
*
* Init handler
*
* @param none
*
* @return NS_SUCCESS if suceeds else NS_FAILURE
*/
int ModInit( void )
{
DBAFetchConfigInt ("Confed", &opsb.confed);
@ -607,6 +755,38 @@ int ModInit( void )
return NS_SUCCESS;
}
/** @brief ModSynch
*
* Startup handler
*
* @param none
*
* @return NS_SUCCESS if suceeds else NS_FAILURE
*/
int ModSynch (void)
{
SET_SEGV_LOCATION();
opsb_bot = AddBot (&opsb_botinfo);
if (opsb.confed == 0) {
AddTimer (TIMER_TYPE_INTERVAL, unconf, "unconf", 60);
unconf();
}
if(opsb.verbose) {
irc_chanalert (opsb_bot, "Open Proxy Scanning bot has started (Concurrent Scans: %d Sockets %d)", opsb.socks, opsb.socks *7);
}
return NS_SUCCESS;
}
/** @brief ModFini
*
* Fini handler
*
* @param none
*
* @return NS_SUCCESS if suceeds else NS_FAILURE
*/
int ModFini( void )
{
return NS_SUCCESS;

14
opsb.h
View file

@ -21,7 +21,6 @@
** $Id$
*/
#ifndef OPSB_H
#define OPSB_H
@ -30,8 +29,8 @@
typedef struct port_list {
int type;
int port;
int nofound;
int noopen;
int numfound;
int numopen;
} port_list;
extern Bot *opsb_bot;
@ -53,7 +52,6 @@ typedef struct scaninfo{
int doreport;
time_t started;
int doneban;
char connectstring[BUFSIZE];
list_t *connections;
} scaninfo;
@ -97,23 +95,20 @@ typedef struct proxy_type {
char name[MAXNICK];
sockcb writefunc;
int scanned;
int noopen;
int numopen;
} proxy_type;
/* these are some state flags */
#define REPORT_DNS 0x0001
#define DO_DNS_HOST_LOOKUP 0x0002
/* #define DO_OPM_LOOKUP 0x0004 */
#define DOING_SCAN 0x0008
#define GOTOPENPROXY 0x0010
#define OPMLIST 0x0020
#define NOOPMLIST 0x0040
#define FIN_SCAN 0x0080
/* opsb.c */
int findscan(const void *key1, const void *key2);
void do_ban(scaninfo *scandata);
void checkqueue();
void addtocache(unsigned long ip);
@ -126,7 +121,7 @@ int init_scanengine();
char *type_of_proxy(int type);
int get_proxy_by_name(const char *name);
int load_ports();
void save_ports();
void save_ports( void );
/* help text */
extern const char *opsb_about[];
@ -156,4 +151,5 @@ extern const char *opsb_help_set_cachetime [];
extern const char *opsb_help_set_verbose [];
extern const char *opsb_help_set_exclusions[];
extern const char *opsb_help_set_cachesize[];
#endif /* OPSB_H */

41
opsb_help.c
View file

@ -23,7 +23,7 @@
#include "neostats.h"
const char opsb_help_status_oneline[] = "View opsb state information";
const char opsb_help_status_oneline[] = "View opsb status";
const char opsb_help_remove_oneline[] = "Remove an akill set by opsb";
const char opsb_help_check_oneline[] = "Scan a selected user";
const char opsb_help_add_oneline[] = "Add a port to scanning";
@ -45,7 +45,7 @@ const char *opsb_about[] = {
};
const char *opsb_help_check[] = {
"Syntax: \2CHECK <NICK|IP|HOSTNAME>\2",
"Syntax: \2CHECK <nick|ip|hostname>\2",
"",
"This option will scan either a user connected to your",
"network, an IP address, or Hostname for Insecure proxies,",
@ -68,19 +68,19 @@ const char *opsb_help_set_akill [] = {
};
const char *opsb_help_set_targetip [] = {
"\2TARGETIP <IP>\2",
"\2TARGETIP <ip>\2",
"IP address of server we try to make the proxies connect to",
NULL
};
const char *opsb_help_set_targetport [] = {
"\2TARGETPORT <PORT>\2",
"\2TARGETPORT <port>\2",
"IRCd port number we try to make proxies connect to.",
NULL
};
const char *opsb_help_set_maxbytes [] = {
"\2MAXBYTES <MAX>\2",
"\2MAXBYTES <max>\2",
"Maximum number of bytes we receive from a proxy before disconnecting",
"This setting should not be changed unless you know the",
"effects in full",
@ -88,7 +88,7 @@ const char *opsb_help_set_maxbytes [] = {
};
const char *opsb_help_set_timeout [] = {
"\2TIMEOUT <TIME>\2",
"\2TIMEOUT <time>\2",
"Time we wait for a proxy to respond to our servers before",
"disconnecting and assuming its not an open proxy.",
"This setting should not be changed unless you know the",
@ -97,7 +97,7 @@ const char *opsb_help_set_timeout [] = {
};
const char *opsb_help_set_openstring [] = {
"\2OPENSTRING <STRING>\2",
"\2OPENSTRING <string>\2",
"The string we expect to see if there is an open proxy",
"This setting should not be changed unless you know the",
"effects in full",
@ -105,25 +105,25 @@ const char *opsb_help_set_openstring [] = {
};
const char *opsb_help_set_scanmsg [] = {
"\2SCANMSG <MSG>\2",
"\2SCANMSG <msg>\2",
"Message sent to a user when we scan their hosts",
NULL
};
const char *opsb_help_set_akilltime [] = {
"\2AKILLTIME <TIME>\2",
"\2AKILLTIME <time>\2",
"How long the user will be banned from the network for",
NULL
};
const char *opsb_help_set_cachetime [] = {
"\2CACHETIME <TIME>\2",
"\2CACHETIME <time>\2",
"Time (in seconds) that an entry will be cached",
NULL
};
const char *opsb_help_set_cachesize [] = {
"\2CACHESIZE <SIZE>\2",
"\2CACHESIZE <size>\2",
"The total number of clean hosts that OPSB will cache",
"Setting this too large may cause NeoStats to Lag",
NULL
@ -144,17 +144,11 @@ const char *opsb_help_set_exclusions[] = {
const char *opsb_help_add[] = {
"Syntax: \2ADD <type> <port>\2",
"",
"Add an entry of <type> running on port <port>",
"to the port list.",
"<type> can be either:",
" HTTP",
" HTTPPOST",
" SOCKS4",
" SOCKS5",
" WINGATE",
" ROUTER",
"and port can be any valid port number. The new port is scanned",
"straight away",
"Add an entry to the port scan list.",
"<type> must be one of:",
" HTTP, HTTPPOST, SOCKS4, SOCKS5, WINGATE, ROUTER",
"<port> must be a valid port number.",
"The new port is scanned straight away",
NULL
};
@ -175,10 +169,9 @@ const char *opsb_help_list[] = {
};
const char *opsb_help_remove[] = {
"Syntax: \2REMOVE <IP|HOSTNAME>\2",
"Syntax: \2REMOVE <ip|hostname>\2",
"",
"Remove akills that have been set by opsb.",
"",
"<ip|hostname> is the hostname listed in your akill list",
"(usually found with /stats a)",
NULL

278
proxy.c
View file

@ -30,19 +30,21 @@
#endif
#include "opsb.h"
int proxy_connect(unsigned long ip, int port, char *who);
#if 0
void open_proxy(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void negfailed(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void timeout(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void scan_end(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void scan_error(OPM_T *scanner, OPM_REMOTE_T *remote, int opmerr, void *unused);
#endif
#ifndef MSG_NOSIGNAL
#define MSG_NOSIGNAL 0
#endif
typedef enum PORT_TYPE
{
PTYPE_HTTP = 1,
PTYPE_SOCKS4,
PTYPE_SOCKS5,
PTYPE_WINGATE,
PTYPE_ROUTER,
PTYPE_HTTPPOST,
PTYPE_MAX
}PORT_TYPE;
typedef struct conninfo {
int type;
int port;
@ -53,12 +55,23 @@ typedef struct conninfo {
scaninfo *scandata;
} conninfo;
#define PTYPE_HTTP 1
#define PTYPE_SOCKS4 2
#define PTYPE_SOCKS5 3
#define PTYPE_WINGATE 4
#define PTYPE_ROUTER 5
#define PTYPE_HTTPPOST 6
#if 0
int proxy_connect(unsigned long ip, int port, char *who);
void open_proxy(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void negfailed(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void timeout(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void scan_end(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *unused);
void scan_error(OPM_T *scanner, OPM_REMOTE_T *remote, int opmerr, void *unused);
#endif
int http_send (int fd, void *data);
int sock4_send(int fd, void *data);
int sock5_send(int fd, void *data);
int wingate_send(int fd, void *data);
int router_send(int fd, void *data);
int httppost_send(int fd, void *data);
int proxy_read(void *data, void *recv, size_t size);
void open_proxy(conninfo *connection);
char *defaultports[] = {
"80 8080 8000 3128",
@ -76,16 +89,6 @@ char *stdmatchstrings[] = {
NULL
};
int http_send (int fd, void *data);
int sock4_send(int fd, void *data);
int sock5_send(int fd, void *data);
int wingate_send(int fd, void *data);
int router_send(int fd, void *data);
int httppost_send(int fd, void *data);
int proxy_read(void *data, void *recv, size_t size);
void open_proxy(conninfo *connection);
proxy_type proxy_list[] = {
{ PTYPE_HTTP, "HTTP", http_send},
{ PTYPE_SOCKS4, "SOCKS4", sock4_send },
@ -96,19 +99,6 @@ proxy_type proxy_list[] = {
{ 0, "" }
};
char *type_of_proxy(int type) {
return proxy_list[type-1].name;
}
int get_proxy_by_name(const char *name) {
int i;
for (i=0; proxy_list[i].type != 0; i++) {
if (!ircstrcasecmp (proxy_list[i].name, name)) {
return proxy_list[i].type;
}
}
return 0;
}
char http_send_buf[BUFSIZE];
int http_send_buf_len;
char httppost_send_buf[BUFSIZE];
@ -122,13 +112,56 @@ int socks4_send_buf_len;
char socks5_send_buf[BUFSIZE];
int socks5_send_buf_len;
void save_ports()
/** @brief type_of_proxy
*
*
*
* @param
*
* @return
*/
char *type_of_proxy(int type)
{
return proxy_list[type-1].name;
}
/** @brief get_proxy_by_name
*
*
*
* @param
*
* @return
*/
int get_proxy_by_name(const char *name) {
int i;
for (i=0; proxy_list[i].type != 0; i++) {
if (!ircstrcasecmp (proxy_list[i].name, name)) {
return proxy_list[i].type;
}
}
return 0;
}
/** @brief save_ports
*
*
*
* @param
*
* @return
*/
void save_ports( void )
{
lnode_t *pn;
port_list *pl;
static char ports[512];
static char tmpports[512];
int lasttype = -1;
pn = list_first(opsb.ports);
while (pn) {
pl = lnode_get(pn);
@ -148,6 +181,15 @@ void save_ports()
DBAStoreConfigStr(type_of_proxy(lasttype), ports, 512);
}
/** @brief load_port
*
*
*
* @param
*
* @return
*/
void load_port(int type, char *portname)
{
static char portlist[512];
@ -169,13 +211,22 @@ void load_port(int type, char *portname)
prtlst = ns_malloc(sizeof(port_list));
prtlst->type = type;
prtlst->port = atoi(av[j]);
prtlst->noopen = 0;
prtlst->numopen = 0;
lnode_create_append (opsb.ports, prtlst);
dlog (DEBUG1, "Added port %d for protocol %s", prtlst->port, type_of_proxy(type));
}
ns_free(av);
}
/** @brief load_ports
*
*
*
* @param
*
* @return
*/
int load_ports() {
static char portname[512];
int i;
@ -195,9 +246,20 @@ int load_ports() {
return ok;
}
int init_scanengine() {
/** @brief init_scanengine
*
*
*
* @param
*
* @return
*/
int init_scanengine( void )
{
struct in_addr addr;
unsigned long laddr;
/* set up our send buffers */
http_send_buf_len = ircsnprintf(http_send_buf, BUFSIZE, "CONNECT %s:%d HTTP/1.0\r\n\r\nquit\r\n\r\n", opsb.targetip, opsb.targetport);
httppost_send_buf_len = ircsnprintf(httppost_send_buf, BUFSIZE, "POST http://%s:%d/ HTTP/1.0\r\nContent-type: text/plain\r\nContent-length: 5\r\n\r\nquit\r\n\r\n", opsb.targetip, opsb.targetport);
@ -227,6 +289,15 @@ int init_scanengine() {
}
/** @brief start_proxy_scan
*
*
*
* @param
*
* @return
*/
void start_proxy_scan(scaninfo *scandata)
{
int i;
@ -278,7 +349,16 @@ void start_proxy_scan(scaninfo *scandata)
}
}
int http_send (int fd, void *data) {
/** @brief http_send
*
*
*
* @param
*
* @return
*/
int http_send(int fd, void *data) {
conninfo *ci = (conninfo *)data;
struct timeval tv;
if (send_to_sock(ci->sock, http_send_buf, http_send_buf_len) != NS_FAILURE) {
@ -289,6 +369,16 @@ int http_send (int fd, void *data) {
}
return NS_SUCCESS;
}
/** @brief sock4_send
*
*
*
* @param
*
* @return
*/
int sock4_send(int fd, void *data) {
conninfo *ci = (conninfo *)data;
struct timeval tv;
@ -301,6 +391,16 @@ int sock4_send(int fd, void *data) {
}
return NS_SUCCESS;
}
/** @brief sock5_send
*
*
*
* @param
*
* @return
*/
int sock5_send(int fd, void *data) {
conninfo *ci = (conninfo *)data;
struct timeval tv;
@ -313,6 +413,16 @@ int sock5_send(int fd, void *data) {
}
return NS_SUCCESS;
}
/** @brief wingate_send
*
*
*
* @param
*
* @return
*/
int wingate_send(int fd, void *data) {
conninfo *ci = (conninfo *)data;
struct timeval tv;
@ -325,6 +435,16 @@ int wingate_send(int fd, void *data) {
}
return NS_SUCCESS;
}
/** @brief router_send
*
*
*
* @param
*
* @return
*/
int router_send(int fd, void *data) {
conninfo *ci = (conninfo *)data;
struct timeval tv;
@ -337,6 +457,16 @@ int router_send(int fd, void *data) {
}
return NS_SUCCESS;
}
/** @brief httppost_send
*
*
*
* @param
*
* @return
*/
int httppost_send(int fd, void *data) {
conninfo *ci = (conninfo *)data;
struct timeval tv;
@ -349,16 +479,36 @@ int httppost_send(int fd, void *data) {
return NS_SUCCESS;
}
static int findconn(const void *key1, const void *key2) {
/** @brief findconn
*
*
*
* @param
*
* @return
*/
static int findconn( const void *key1, const void *key2 )
{
const conninfo *ci1 = key1;
const conninfo *ci2 = key2;
if ((ci1->type == ci2->type) && (ci1->port == ci2->port)) {
if ((ci1->type == ci2->type) && (ci1->port == ci2->port))
return 0;
}
return -1;
}
int proxy_read (void *data, void *recv, size_t size) {
/** @brief proxy_read
*
*
*
* @param
*
* @return
*/
int proxy_read( void *data, void *recv, size_t size )
{
conninfo *ci = (conninfo *)data;
scaninfo *si = ci->scandata;
lnode_t *connode;
@ -384,7 +534,7 @@ int proxy_read (void *data, void *recv, size_t size) {
proxy_list[ci->type-1].scanned++;
for (i = 0; stdmatchstrings[i] != NULL; i++) {
if (match(stdmatchstrings[i], recv)) {
proxy_list[ci->type-1].noopen++;
proxy_list[ci->type-1].numopen++;
if (si->state == DOING_SCAN) si->state = GOTOPENPROXY;
open_proxy(ci);
}
@ -394,8 +544,14 @@ int proxy_read (void *data, void *recv, size_t size) {
return NS_SUCCESS;
}
/** @brief check_scan_free
*
*
*
* @param
*
* @return
*/
void check_scan_free(scaninfo *scandata) {
lnode_t *scannode;
@ -420,7 +576,14 @@ void check_scan_free(scaninfo *scandata) {
checkqueue();
}
/** @brief open_proxy
*
*
*
* @param
*
* @return
*/
void open_proxy(conninfo *connection)
{
@ -447,7 +610,16 @@ void open_proxy(conninfo *connection)
scandata->doneban = 1;
}
int opsb_cmd_status (CmdParams* cmdparams)
/** @brief opsb_cmd_status
*
* STATUS command handler
*
* @param cmdparam struct
*
* @return NS_SUCCESS if suceeds else result of command
*/
int opsb_cmd_status( CmdParams* cmdparams )
{
lnode_t *node;
scaninfo *scandata;
@ -462,7 +634,7 @@ int opsb_cmd_status (CmdParams* cmdparams)
irc_prefmsg (opsb_bot, cmdparams->source, "Cache Entries: %d", (int)list_count(cache));
irc_prefmsg (opsb_bot, cmdparams->source, "Cache Hits: %d", opsb.cachehits);
for (i = 0; proxy_list[i].type != 0; i++) {
irc_prefmsg (opsb_bot, cmdparams->source, "Proxy %s Found %d Open %d", proxy_list[i].name, proxy_list[i].scanned, proxy_list[i].noopen);
irc_prefmsg (opsb_bot, cmdparams->source, "Proxy %s Found %d Open %d", proxy_list[i].name, proxy_list[i].scanned, proxy_list[i].numopen);
}
irc_prefmsg (opsb_bot, cmdparams->source, "Currently Scanning %d Proxies (%d in queue):", (int)list_count(opsbl), (int)list_count(opsbq));
node = list_first(opsbl);
@ -493,5 +665,3 @@ int opsb_cmd_status (CmdParams* cmdparams)
}
return 0;
}