X-Git-Url: https://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2FObj%2Fcurl-de-brisk.phh;h=c92b0a0d0c92d13aae88adf75bbc5c92a052fea5;hb=bc704c1271602b6011d25237cbe9949f9d391782;hp=a78b3fcf50c7031a0d21caa0f449891fcbf1fb9c;hpb=456b5daac0243fe5d6d8bbe6ea5fe434f876c66a;p=curl-de-sac.git diff --git a/web/Obj/curl-de-brisk.phh b/web/Obj/curl-de-brisk.phh index a78b3fc..c92b0a0 100755 --- a/web/Obj/curl-de-brisk.phh +++ b/web/Obj/curl-de-brisk.phh @@ -39,10 +39,10 @@ function brisk_cds_reload($brisk) function brisk_cds_execute($brisk, $ghost, $real_idx, $sess, $ip, $authenticate, $header) { - if ($brisk->cds->execute("tor_chk", $brisk, $ghost, $sess, $ip, $authenticate != FALSE, $header) == FALSE) { + if ($brisk->cds->execute("tor_chk", $brisk, $real_idx, $sess, $ip, $authenticate != FALSE, $header) == FALSE) { log_main("cds_execute failed"); } - if ($brisk->cds->execute("proxy_chk", $brisk, $ghost, $sess, $ip, $authenticate != FALSE, $header) == FALSE) { + if ($brisk->cds->execute("proxy_chk", $brisk, $real_idx, $sess, $ip, $authenticate != FALSE, $header) == FALSE) { log_main("cds_execute failed"); } } @@ -94,6 +94,7 @@ class Tor_chk_cmd_cls extends CDS_cmd_cls { if (parent::create($cds, $ch) == FALSE) break; + $ctx->user[$user_idx]->pend_async++; $cmd = new Tor_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth); return $cmd; @@ -164,47 +165,34 @@ class Proxy_chk_cmd_cls extends CDS_cmd_cls { parent::__construct("proxy_chk", 10); $this->scan_headers = array( - 'HTTP_VIA', - 'HTTP_X_FORWARDED_FOR', - 'HTTP_FORWARDED_FOR', - 'HTTP_X_FORWARDED', - 'HTTP_FORWARDED', - 'HTTP_CLIENT_IP', - 'HTTP_FORWARDED_FOR_IP', - 'VIA', - 'X_FORWARDED_FOR', - 'FORWARDED_FOR', - 'X_FORWARDED', - 'FORWARDED', - 'CLIENT_IP', - 'FORWARDED_FOR_IP', - 'HTTP_PROXY_CONNECTION' + 'Http-Via', + 'Http-X-Forwarded-For', + 'Http-Forwarded-For', + 'Http-X-Forwarded', + 'Http-Forwarded', + 'Http-Client-Ip', + 'Http-Forwarded-For-Ip', + 'Via', + 'X-Forwarded-For', + 'Forwarded-For', + 'X-Forwarded', + 'Forwarded', + 'Client-Ip', + 'Forwarded-For-Ip', + 'Http-Proxy-Connection' ); } function create($cds, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth, $headers) { if ($cds->dbg_get() > 0) { - printf("'proxy_chk'::create url:[%s]\n", 'PROXY_CHK_URL'); + fprintf(STDERR, "'proxy_chk'::create url:[%s]\n", 'PROXY_CHK_URL'); } foreach($this->scan_headers as $key){ //proxy detected? lets log... if(array_key_exists($key, $headers)) { // we already are behind a PROXY, this are our headers - if ($key == 'X-Proxy-ID') { - if ($headers[$key] == '860705422') - continue; - } - else if ($key == 'X-Forwarded-For') { - if ($headers[$key] == '172.16.9.66') - continue; - } - else if ($key == 'Via') { - if ($headers[$key] == '1.1 172.16.8.1 (Mikrotik HttpProxy)') - continue; - } - proxy_chk_postprocess($ctx, $user_idx, $user_sess, $conn_ip, $is_auth, TRUE); return TRUE; } @@ -225,6 +213,7 @@ class Proxy_chk_cmd_cls extends CDS_cmd_cls { break; $cmd = new Proxy_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth); + $ctx->user[$user_idx]->pend_async++; return $cmd; } while (FALSE); @@ -270,24 +259,34 @@ function tor_chk_postprocess($brisk, $user_idx, $user_sess, $conn_ip, $is_auth, { log_cds(sprintf("tor: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s, is_tor: %s", $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO"), ($is_tor ? "YES" : "NO"))); + if ($is_tor) { + $brisk->kickuser_by_sess($user_sess, 5); // GHOST_SESS_REAS_ANON + } + $brisk->user[$user_idx]->pend_async--; } function tor_chk_timeout_cb($brisk, $user_idx, $user_sess, $conn_ip, $is_auth) { log_cds(sprintf("tor: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s", $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO"))); + $brisk->user[$user_idx]->pend_async--; } function proxy_chk_postprocess($brisk, $user_idx, $user_sess, $conn_ip, $is_auth, $is_proxy) { log_cds(sprintf("proxy: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s, is_proxy: %s", $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO"), ($is_proxy ? "YES" : "NO"))); + if (FALSE && $is_proxy) { + $brisk->kickuser_by_sess($user_sess, 5); // GHOST_SESS_REAS_ANON + } + $brisk->user[$user_idx]->pend_async--; } function proxy_chk_timeout_cb($brisk, $user_idx, $user_sess, $conn_ip, $is_auth) { log_cds(sprintf("proxy timeout: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s", $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO"))); + $brisk->user[$user_idx]->pend_async--; } ?>