From f8e4fc91f8fa59e3dea560616a461db0bfc301cf Mon Sep 17 00:00:00 2001 From: "Matteo Nastasi (mop)" Date: Fri, 30 Jan 2015 18:12:36 +0100 Subject: [PATCH] partial implementation of provider_proxy --- web/Obj/brisk.phh | 22 +++++-- web/Obj/provider_proxy.phh | 116 +++++++++++++++++++++++++++++++++++++ web/spush/brisk-spush.php | 4 +- 3 files changed, 134 insertions(+), 8 deletions(-) create mode 100644 web/Obj/provider_proxy.phh diff --git a/web/Obj/brisk.phh b/web/Obj/brisk.phh index 3a8b43a..896c28b 100644 --- a/web/Obj/brisk.phh +++ b/web/Obj/brisk.phh @@ -90,6 +90,7 @@ define('DEBUGGING', "no-debugging"); require_once("$DOCUMENT_ROOT/Etc/".BRISK_CONF); require_once("${G_base}Obj/ipclass.phh"); +require_once("${G_base}Obj/provider_proxy.phh"); $mlang_brisk = array( 'btn_backstand'=> array( 'it' => 'torna in piedi', 'en' => 'back standing' ), @@ -1039,6 +1040,7 @@ class Brisk var $ban_list; // ban list (authized allowed) var $black_list; // black list (anti-dos, noone allowed) + var $provider_proxy; // list of provider/browser that offer proxy service var $ghost_sess; var $delay_mgr; @@ -1052,13 +1054,13 @@ class Brisk } // constructor - static function create($crystal_filename, $ban_list, $black_list) { + static function create($crystal_filename, $ban_list, $black_list, $prov_proxy) { if (($brisk_ser = @file_get_contents($crystal_filename)) != FALSE) { if (($brisk = unserialize($brisk_ser)) != FALSE) { fprintf(STDERR, "ROOM FROM FILE\n"); rename($crystal_filename, $crystal_filename.".old"); - $brisk->reload(TRUE, $ban_list, $black_list); + $brisk->reload(TRUE, $ban_list, $black_list, $prov_proxy); return($brisk); } @@ -1074,6 +1076,7 @@ class Brisk $thiz->ban_list = IpClass::create(); $thiz->black_list = IpClass::create(); + $thiz->provider_proxy = ProviderProxy::create(); $thiz->ghost_sess = new GhostSess(); for ($i = 0 ; $i < MAX_PLAYERS ; $i++) { @@ -1090,14 +1093,14 @@ class Brisk static::$sess_cur = FALSE; - $thiz->reload(TRUE, $ban_list, $black_list); + $thiz->reload(TRUE, $ban_list, $black_list, $prov_proxy); return ($thiz); } - function reload($is_first, $ban_list, $black_list) + function reload($is_first, $ban_list, $black_list, $prov_proxy) { - fprintf(STDERR, "RELOAD STUFF (%d)(%d)\n", count($ban_list), count($black_list)); + fprintf(STDERR, "RELOAD STUFF (%d)(%d)(%d)\n", count($ban_list), count($black_list), count($prov_proxy)); if (defined('CURL_DE_SAC_VERS')) { if (brisk_cds_reload($this) == FALSE) { @@ -1106,6 +1109,7 @@ class Brisk } $this->ban_list->update($ban_list); $this->black_list->update($black_list); + $this->provider_proxy->update($prov_proxy); if (!$is_first) { $this->banned_kickoff(); @@ -1170,6 +1174,11 @@ class Brisk return ($this->black_list->check($ip_str)); } + function pproxy_realip($ip_str) + { + return ($this->provider_proxy->realip($ip_str)); + } + function users_cleanup() { for ($i = 0 ; $i < MAX_PLAYERS ; $i++) { @@ -2607,7 +2616,8 @@ class Brisk GLOBAL $G_ban_list, $G_black_list; printf("NEW_SOCKET (root): %d PATH [%s]\n", intval($new_socket), $path); - $remote_addr = addrtoipv4($addr); + // $remote_addr = addrtoipv4($addr); + $remote_addr = $this->pproxy_realip(addrtoipv4($addr)); fprintf(STDERR, "\n\n\n PRE_BLACK_CHECK \n\n\n"); if ($this->black_check($remote_addr)) { diff --git a/web/Obj/provider_proxy.phh b/web/Obj/provider_proxy.phh new file mode 100644 index 0000000..7542802 --- /dev/null +++ b/web/Obj/provider_proxy.phh @@ -0,0 +1,116 @@ + array("headitem" => "X-Forwarded-For", + "ipclass" => array("107.178.33.0/24", + "107.178.34.0/24", + "107.178.35.0/24", + "107.178.37.0/24", + "107.178.38.0/24", + "107.178.39.0/24", + "107.178.41.0/24", + "107.178.42.0/24", + "107.178.43.0/24", + "107.178.45.0/24", + "107.178.46.0/24", + "107.178.47.0/24", + "206.173.221.0/24") ), + "mytest" => array("headitem" => "X-Forwarded-For", + "ipclass" => array("192.168.2.3/24") ) + ); + +class ProviderProxyItem +{ + var $name; + var $headitem; + var $ipclass; + + function ProviderProxyItem($pp_name, $pp_descr) + { + $this->name = $pp_name; + $this->headitem = $pp_descr['headitem']; + $this->ipclass = IPClass::create($pp_descr['ipclass']); + } +} + + +class ProviderProxy +{ + var $pp; + + function ProviderProxy() + { + $this->pp = NULL; + } + + static function create($pproxy = NULL) + { + $thiz = new ProviderProxy(); + + if ($pproxy != NULL) + $thiz->update($pproxy); + + return ($thiz); + } + + function clean() + { + if ($this->pp != NULL) { + foreach ($this->pp as $pp_name) { + unset($this->pp[$pp_name]); + } + unset($this->pp); + $this->pp = NULL; + } + } + + function update($pproxy) + { + $this->clean(); + + $this->pp = array(); + foreach ($pproxy as $pp_name => $pp_descr) { + $this->pp[$pp_name] = new ProviderProxyItem($pp_name, $pp_descr); + } + } + + function realip($headers, $ip) + { + if ($this->pp != NULL) { + foreach ($this->pp as $pp_name => $pp_item) { + if ($pp_item->match($ip)) { + if (isset($headers[$pp_item->headitem])) { + fprintf(STDERR, "Match public proxy [%s]\n", $pp_name); + return ($headers[$pp_item->headitem]); + } + } + } + } + return ($ip); + } +} + +?> \ No newline at end of file diff --git a/web/spush/brisk-spush.php b/web/spush/brisk-spush.php index 6e07d92..76db91f 100755 --- a/web/spush/brisk-spush.php +++ b/web/spush/brisk-spush.php @@ -42,11 +42,11 @@ require_once($G_base."briskin5/index_wr.php"); function main($argv) { - GLOBAL $G_ban_list, $G_black_list; + GLOBAL $G_ban_list, $G_black_list, $G_prov_proxy; pid_save(); do { - if (($brisk = Brisk::create(LEGAL_PATH."/brisk-crystal.data", $G_ban_list, $G_black_list)) == FALSE) { + if (($brisk = Brisk::create(LEGAL_PATH."/brisk-crystal.data", $G_ban_list, $G_black_list, $G_prov_proxy)) == FALSE) { log_crit("Brisk::create failed"); $ret = 1; break; -- 2.17.1