Integrate socket.io ban check with GlobalBanDB
This commit is contained in:
Calvin Montgomery
parent
ed811db6ec
commit
b23a858a8c
3 changed files with 102 additions and 1 deletions
36
src/io/globalban.js
Normal file
36
src/io/globalban.js
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
import { LoggerFactory } from '@calzoneman/jsli';
|
||||
import { getIPRange, getWideIPRange } from '../utilities';
|
||||
|
||||
const LOGGER = LoggerFactory.getLogger('CachingGlobalBanlist');
|
||||
|
||||
class CachingGlobalBanlist {
|
||||
constructor(globalBanDB) {
|
||||
this.globalBanDB = globalBanDB;
|
||||
this.cache = new Set();
|
||||
this.cacheTimer = null;
|
||||
}
|
||||
|
||||
refreshCache() {
|
||||
return this.globalBanDB.listGlobalBans().then(bans => {
|
||||
this.cache.clear();
|
||||
bans.forEach(ban => {
|
||||
this.cache.add(ban.ip);
|
||||
});
|
||||
}).catch(error => {
|
||||
LOGGER.error('Unable to refresh global banlist cache: %s', error.stack);
|
||||
});
|
||||
}
|
||||
|
||||
startCacheTimer(interval) {
|
||||
clearInterval(this.cacheTimer);
|
||||
this.cacheTimer = setInterval(this.refreshCache.bind(this), interval);
|
||||
}
|
||||
|
||||
isIPGlobalBanned(ip) {
|
||||
return this.cache.has(ip)
|
||||
|| this.cache.has(getIPRange(ip))
|
||||
|| this.cache.has(getWideIPRange(ip));
|
||||
}
|
||||
}
|
||||
|
||||
export { CachingGlobalBanlist };
|
||||
|
|
@ -18,6 +18,7 @@ import Promise from 'bluebird';
|
|||
import { LoggerFactory } from '@calzoneman/jsli';
|
||||
const verifySession = Promise.promisify(session.verifySession);
|
||||
const getAliases = Promise.promisify(db.getAliases);
|
||||
import { CachingGlobalBanlist } from './globalban';
|
||||
|
||||
const LOGGER = LoggerFactory.getLogger('ioserver');
|
||||
|
||||
|
|
@ -197,6 +198,17 @@ function ipForwardingMiddleware(webConfig) {
|
|||
}
|
||||
}
|
||||
|
||||
let globalIPBanlist = null;
|
||||
function isIPGlobalBanned(ip) {
|
||||
if (globalIPBanlist === null) {
|
||||
globalIPBanlist = new CachingGlobalBanlist(db.getGlobalBanDB());
|
||||
globalIPBanlist.refreshCache();
|
||||
globalIPBanlist.startCacheTimer(60 * 1000);
|
||||
}
|
||||
|
||||
return globalIPBanlist.isIPGlobalBanned(ip);
|
||||
}
|
||||
|
||||
/**
|
||||
* Called after a connection is accepted
|
||||
*/
|
||||
|
|
@ -226,7 +238,7 @@ function handleConnection(sock) {
|
|||
}
|
||||
|
||||
// Check for global ban on the IP
|
||||
if (db.isGlobalIPBanned(ip)) {
|
||||
if (isIPGlobalBanned(ip)) {
|
||||
LOGGER.info("Rejecting " + ip + " - global banned");
|
||||
sock.emit("kick", { reason: "Your IP is globally banned." });
|
||||
sock.disconnect();
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue