added: possibility to ban if a session cookie is incorrect (when we are using encoded cookies)
added: possibility to ban if a client tries to hijack the session cookie
added: possibility to ban if a client did not send a session cookie
renamed: ezc functions:
login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed)
login_when_available_login -> ipban_current_ip_expires_time
added: config options:
// after how many broken encoded cookie we should ban the current IP
// default: 2 (value in the range <0 - 65535>)
size_t broken_encoded_cookie_treshold;
// after how many incorrect session identifiers (or session indices) we should ban the current IP
// do not set this value too low, as people connecting from the same IP address (from behind a NAT)
// would be banned if they have an old session cookie remembered in the browser
// default: 128 (value in the range <0 - 65535>)
size_t session_hijacking_treshold;
// after how many times a client will be banned if it did not send a session cookie
// default: 1000 (value in the range <0 - 65535>)
size_t no_session_cookie_treshold;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
@@ -44,6 +44,37 @@ namespace Winix
|
||||
|
||||
namespace TemplatesFunctions
|
||||
{
|
||||
|
||||
|
||||
void ipban_is_current_ip_banned(Info & i)
|
||||
{
|
||||
if( cur->session->ip_ban )
|
||||
{
|
||||
i.res = cur->session->ip_ban->IsIPBanned();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void ipban_current_ip_expires_time(Info & i)
|
||||
{
|
||||
if( cur->session->ip_ban && cur->session->ip_ban->expires != 0 )
|
||||
{
|
||||
PT::Date date = cur->session->ip_ban->expires;
|
||||
i.out << date << " UTC";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void ipban_is_login_allowed_from_this_ip(Info & i)
|
||||
{
|
||||
i.res = !functions->fun_login.CannotLoginFromCurrentIP();
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
static size_t ipban_index;
|
||||
|
||||
|
||||
@@ -78,6 +109,26 @@ void ipban_tab_incorrect_login(Info & i)
|
||||
}
|
||||
|
||||
|
||||
void ipban_tab_broken_encoded_cookie(Info & i)
|
||||
{
|
||||
if( ipban_index < session_manager->BanListSize() )
|
||||
i.out << session_manager->GetIPBan(ipban_index).broken_encoded_cookie_events;
|
||||
}
|
||||
|
||||
|
||||
void ipban_tab_session_hijacking(Info & i)
|
||||
{
|
||||
if( ipban_index < session_manager->BanListSize() )
|
||||
i.out << session_manager->GetIPBan(ipban_index).session_hijacking_events;
|
||||
}
|
||||
|
||||
|
||||
void ipban_tab_no_session_cookie(Info & i)
|
||||
{
|
||||
if( ipban_index < session_manager->BanListSize() )
|
||||
i.out << session_manager->GetIPBan(ipban_index).no_session_cookie_events;
|
||||
}
|
||||
|
||||
|
||||
void ipban_tab_ban_level(Info & i)
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user