From d0b21f21559a63d84086b549bb7570e2e16b75cd Mon Sep 17 00:00:00 2001 From: Dirk Koopman Date: Wed, 22 Mar 2023 00:49:23 +0000 Subject: [PATCH] fix is_ipaddr? change pc92 A/D default --- Changes | 4 +++ cmd/show/badip.pl | 16 ++++++----- perl/DXCIDR.pm | 32 +++++++++++++++------ perl/DXProtHandle.pm | 68 +++++++++++++++++++++++++------------------- perl/DXUtil.pm | 14 ++++++++- 5 files changed, 88 insertions(+), 46 deletions(-) diff --git a/Changes b/Changes index 6d25e1a7..ab9c9c44 100644 --- a/Changes +++ b/Changes @@ -1,3 +1,7 @@ +21Mar23======================================================================= +1. Fix DXUtil is_ipaddr function which was accidentally included in previous + commit. +2. Do not extract IP addresses to create routing info as default. 17Mar23======================================================================= 1. Try to nail down incoming PC92s that attempt to change the type of $myalias or $mycall. diff --git a/cmd/show/badip.pl b/cmd/show/badip.pl index c7b2122d..55fa556b 100644 --- a/cmd/show/badip.pl +++ b/cmd/show/badip.pl @@ -1,7 +1,7 @@ # -# set list of bad dx nodes +# show (or find) list of bad dx nodes # -# Copyright (c) 2021 - Dirk Koopman G1TLH +# Copyright (c) 2021-2023 - Dirk Koopman G1TLH # # # @@ -19,7 +19,6 @@ my $width = $self->width // 80; #$DB::single = 1; - my @list = map {my $s = $_; $s =~ s|/32$||; $maxlth = length $s if length $s > $maxlth; $s =~ /^1$/?undef:$s} DXCIDR::list(); my @l; $maxlth //= 20; @@ -27,15 +26,18 @@ my $n = int ($width/($maxlth+1)); my $format = "\%-${maxlth}s " x $n; chop $format; +my $count = 0; + foreach my $list (@list) { if (@in) { - for (@in) { - if ($list =~ /$_/i) { + for my $in (@in) { + if ($list =~ /$in/i) { push @out, $list; - last; + ++$count; } } } else { + ++$count; if (@l > $n) { push @out, sprintf $format, @l; @l = (); @@ -48,5 +50,5 @@ unless (@in) { push @out, sprintf $format, @l; } -push @out, "show/badip: " . scalar @out . " records found"; +push @out, "show/badip: $count records found"; return (1, @out); diff --git a/perl/DXCIDR.pm b/perl/DXCIDR.pm index 0a829bf1..fae0f671 100644 --- a/perl/DXCIDR.pm +++ b/perl/DXCIDR.pm @@ -68,6 +68,7 @@ sub _read sub _load { + return unless $active; my $suffix = shift; my @in = _read($suffix); return 0 unless @in; @@ -122,20 +123,30 @@ sub add { return 0 unless $active; my $count = 0; + my @out; for my $ip (@_) { # protect against stupid or malicious next unless is_ipaddr($ip); next if $ip =~ /^127\./; next if $ip =~ /^::1$/; + next if find($ip); if ($ip =~ /\./) { - $ipv4->add_any($ip); - ++$count; - ++$count4; + eval {$ipv4->add_any($ip)}; + if ($@) { + push @out, $@; + } else { + ++$count; + ++$count4; + } } elsif ($ip =~ /:/) { - $ipv6->add_any($ip); - ++$count; - ++$count6; + eval {$ipv6->add_any($ip)}; + if ($@) { + push @out, $@; + } else { + ++$count; + ++$count6; + } } else { LogDbg('err', "DXCIDR::add non-ip address '$ip' read"); } @@ -165,7 +176,7 @@ sub _sort my @ip = split m|/|; push @in, [inet_pton(m|:|?AF_INET6:AF_INET, $ip[0]), @ip]; } - @out = sort {$a->[1] cmp $b->[1]} @in; + @out = sort {$a->[0] <=> $b->[0]} @in; return map { "$_->[1]/$_->[2]"} @out; } @@ -197,7 +208,12 @@ sub init return; } - import Net::CIDR::Lite; + eval {import Net::CIDR::Lite }; + if ($@) { + LogDbg('DXProt', "DXCIDR: import Net::CIDR::Lite error $@"); + return; + } + $active = 1; my $fn = _fn(); diff --git a/perl/DXProtHandle.pm b/perl/DXProtHandle.pm index 73f13919..6f240200 100644 --- a/perl/DXProtHandle.pm +++ b/perl/DXProtHandle.pm @@ -49,7 +49,7 @@ use vars qw($pc11_max_age $pc23_max_age $last_pc50 $eph_restime $eph_info_restim $eph_pc15_restime $pc9x_past_age $pc9x_dupe_age $pc10_dupe_age $pc92_slug_changes $last_pc92_slug $pc92Ain $pc92Cin $pc92Din $pc92Kin $pc9x_time_tolerance - $pc92filterdef $senderverify $pc11_dwell_time $pc11_extract_route $pc92_ad_enabled $pc92c_ipaddr_enabled + $pc92filterdef $senderverify $pc11_dwell_time $pc61_extract_route $pc92_ad_enabled $pc92c_ipaddr_enabled ); $pc9x_dupe_age = 60; # catch loops of circular (usually) D records @@ -63,7 +63,7 @@ $pc9x_time_tolerance; # thing a node might send - once an hour and we $senderverify = 0; # 1 - check for forged PC11 or PC61. # 2 - if forged, dump them. $pc11_dwell_time = 2; # number of seconds to wait for a PC61 to come to substitute the PC11 -$pc11_extract_route = 1; # generate missing user route entry and IP address from passing PC61s +$pc61_extract_route = 0; # generate missing user route entry and IP address from passing PC61s $pc92filterdef = bless ([ @@ -259,13 +259,15 @@ sub handle_11 } } - # Populate the routing table - $self->populate_routing_table($pc->[7], $pc->[6], $pc->[8]); - my $r = Route::User::get($pc->[6]); + my $rug = Route::User::get($pc->[6]); if ($pcno == 61) { unless ($pc->[8] && is_ipaddr($pc->[8])) { - dbg("PCPROT: ROUTE $self->{call} NO IP ADDRESS in '$line'!"); + LogDbg('err', "PCPROT: ROUTE $self->{call} NO IP ADDRESS in '$line'!"); + return; } + if ($pc61_extract_route) { + $self->populate_routing_table($pc->[7], $pc->[6], $pc->[8]); + } } # this is where we decide to delay PC11s in the hope that a PC61 will be along soon. @@ -316,11 +318,11 @@ sub handle_11 # If we have an ip address we can promote by route - if ($r && $r->ip) { + if ($rug && $rug->ip) { $pcno = 61; $pc->[0] = 'PC61'; my $hops = $pc->[8]; - $pc->[8] = $spot[14] = $r->ip; + $pc->[8] = $spot[14] = $rug->ip; ++$rpc11_to_61; my $percent = $pc11_rx ? $rpc11_to_61 * 100 / $pc11_rx : 0; dbg(sprintf("PROMOTED $self->{call}: ROUTE pc11 $key PROMOTED to pc61 with IP $spot[14] pc61: $pc61_rx pc11: $pc11_rx route->pc61 $rpc11_to_61 (%0.1f%%)", $percent)) if isdbg("pc11"); @@ -382,23 +384,29 @@ sub handle_11 # # As for spots generated from non-PC92 nodes, we'll see after about do_pc9x3h20m... # - if ($senderverify) { + if ($senderverify || isdbg('suspicious')) { + my $sv = $senderverify; + $sv += 2 if isdbg('suspicious'); my $nroute = Route::Node::get($pc->[7]); - my $uroute = Route::Node::get($pc->[6]); my $local = DXChannel::get($pc->[7]); - + my $uref = DXUser::get_current($pc->[7]); + my $s = ''; + my $ip = $pcno == 61 ? $pc->[8] : ''; + if ($nroute && ($nroute->last_PC92C || ($local && !$local->do_pc9x))) { - my $s = ''; - my $ip = $pcno == 61 ? $pc->[8] : ''; # $s .= "User $pc->[6] not logged in, " unless $uroute; $s .= "User $pc->[6] not on node $pc->[7], " unless $nroute->is_user($pc->[6]); # $s .= "Node $pc->[7] at '$ip' not on Node's IP " . $nroute->ip if $ip && $nroute && $nroute->ip && $nroute->ip ne $ip; - if ($s) { - my $action = $senderverify > 1 ? ", DUMPED" : ''; - $s =~ s/, $//; - dbg("PCPROT: Suspicious Spot $pc->[2] on $pc->[1] by $pc->[6]($ip)\@$pc->[7] $s$action"); - return unless $senderverify < 2; - } + } + # check for ip addresses on spots from non-pc9x nodes - if they have it's likely done by DXSpider nodes + #if ($ip && ($nroute && !$nroute->do_pc9x || $uref && $uref->is_spider)) { + # $s .= "PC$pcno has spurious ipaddr '$ip' from non-pc9x node $pc->[7]"; + #} + if ($s) { + my $action = $sv > 1 ? ", DUMPED" : ''; + $s =~ s/, $//; + dbg("PCPROT: Bad Spot $pc->[2] on $pc->[1] by $pc->[6]($ip)\@$pc->[7] $s$action"); + return unless $sv < 2; } } @@ -733,23 +741,23 @@ sub handle_16 $conf = $conf eq '*'; # reject this if we think it is a node already - my $r = Route::Node::get($call); - my $u = DXUser::get_current($call) unless $r; - if ($r || ($u && $u->is_node)) { + my $rng = Route::Node::get($call); + my $u = DXUser::get_current($call) unless $rng; + if ($rng || ($u && $u->is_node)) { dbg("PCPROT: $call is a node") if isdbg('chanerr'); next; } - $r = Route::User::get($call); + my $rug = Route::User::get($call); my $flags = Route::here($here)|Route::conf($conf); - if ($r) { - my $au = $r->addparent($parent); - if ($r->flags != $flags) { - $r->flags($flags); - $au = $r; + if ($rug) { + my $au = $rug->addparent($parent); + if ($rug->flags != $flags) { + $rug->flags($flags); + $au = $rug; } - push @rout, $r if $h && $au; + push @rout, $rug if $h && $au; } else { my @ans = $parent->add_user($call, $flags); push @rout, @ans if $h && @ans; @@ -2450,7 +2458,7 @@ sub handle_93 } } - $self->populate_routing_table($onode, $from, $ipaddr); + $self->populate_routing_table($onode, $from, $ipaddr) if $pc61_extract_route; # if it is routeable then then treat it like a talk my $ref = Route::get($to); diff --git a/perl/DXUtil.pm b/perl/DXUtil.pm index b89d88ea..b01c234b 100644 --- a/perl/DXUtil.pm +++ b/perl/DXUtil.pm @@ -15,6 +15,7 @@ use File::Copy; use Data::Dumper; use Time::HiRes qw(gettimeofday tv_interval); use Text::Wrap; +use Socket qw(AF_INET6 AF_INET inet_pton); use strict; @@ -448,7 +449,18 @@ sub is_latlong # is it an ip address? sub is_ipaddr { - return $_[0] =~ /^(?:(?:\:\:)?\d+\.\d+\.\d+\.\d+)|(?:[0-9a-f]{1,4}\:)?(?:\:[0-9a-f]{1,4}(?:\:\:)?){1,6}$/i; + + if ($_[0] =~ /:/) { + if (inet_pton(AF_INET6, $_[0])) { + return ($_[0] =~ /([:0-9a-f]+)/); + } +# use re 'debug'; +# return ($1) if $_[0] =~ /^(\:?(?:\:?[0-9a-f]{1,4}){1,8}?)$/i; +# no re 'debug'; + } else { + return ($_[0] =~ /^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$/); + } + return undef; } # is it a zulu time hhmmZ -- 2.34.1