1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
# -*- perl -*-
=head1 NAME
count_unrecognized_commands - Count unrecognized commands and disconnect when we have too many
=head1 DESCRIPTION
Disconnect the client if it sends too many unrecognized commands.
Good for rejecting spam sent through open HTTP proxies.
=head1 CONFIGURATION
Takes one parameter, the number of allowed unrecognized commands
before we disconnect the client. Defaults to 4.
=cut
sub register {
my ($self, $qp, @args) = @_;
if (@args > 0) {
$self->{_unrec_cmd_max} = $args[0];
$self->log(LOGWARN, "WARNING: Ignoring additional arguments.") if (@args > 1);
} else {
$self->{_unrec_cmd_max} = 4;
}
}
sub hook_connect {
my ($self, $transaction) = @_;
$self->qp->connection->notes('unrec_cmd_count', 0);
return DECLINED;
}
sub hook_unrecognized_command {
my ($self, $cmd) = @_[0,2];
$self->log(LOGINFO, "Unrecognized command '$cmd'");
my $badcmdcount =
$self->qp->connection->notes( 'unrec_cmd_count',
($self->qp->connection->notes('unrec_cmd_count') || 0) + 1
);
if ($badcmdcount >= $self->{_unrec_cmd_max}) {
$self->log(LOGINFO, "Closing connection. Too many unrecognized commands.");
return (DENY_DISCONNECT, "Closing connection. $badcmdcount unrecognized commands. Perhaps you should read RFC 2821?");
}
return DECLINED;
}
|
