From fdb1d6257cb9871c687e13b1ac1ec038ed2529e4 Mon Sep 17 00:00:00 2001
From: William Heimbigner <william.heimbigner@gmail.com>
Date: Thu, 7 Mar 2013 10:35:43 +0000
Subject: Added logging of kicks/bans/quiets/removes/klines/kills to a special
 SQL table and corresponding text files Enabled SQL debugging Bugfix: Only
 attempt to determine a host's IP if it doesn't contain a '/' Updates to
 channels.xml and users.xml Adjusted ;userx add and ;userx flags such that A
 cannot give B a flag that A doesn't already have Tweaked the ;help command
 Fixed ;mship such that it will respond even if it can't see the nick
 provided. Tweaked ;status to give output in format like 7d22h18m3s instead of
 9814798712 seconds Added a ;teredo helper command to give info on IPv6
 teredo-tunneled connections Added a nick blacklist file (to counter bot
 nicklists). Added a english wordlist file, for "garbage" detection. Added
 ;investigate and ;investigate2 commands Added a way to not throttle info-risk
 threats Added special detection for a cycling botnet Added special detection
 for bots that join, say something, and immediately quit Added detection for
 ascii art Added detection for "garbage" text Added fuzzy-matching against a
 set of nicks Added "real IP" to state tracking and logging, which "decrypts"
 gateway/web and teredo IPs Moved sigalarm code into meta.pl Improved statsp
 tracking, and logs it to a file Ping-pong every 30 seconds, auto-reconnect on
 persistent lag. Ensure inspector routine is always called AFTER log-handling
 routines Fixed a state-tracking bug in topic change handling Fixed a
 state-tracking bug with nick changes Fixed some state-tracking bugs with mode
 changes Determine who is impacted when a quiet/ban mask is placed Fixed
 handling of CTCP SOURCE requests Added feature where it keeps a 30 line
 "backlog" of each channel in memory. Added the reason for parts and quits to
 text logging

---
 modules/log.pl | 47 +++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 45 insertions(+), 2 deletions(-)

(limited to 'modules/log.pl')

diff --git a/modules/log.pl b/modules/log.pl
index 8b30eab..bdf4821 100644
--- a/modules/log.pl
+++ b/modules/log.pl
@@ -12,10 +12,43 @@ sub new
   my $config = shift;
   my $self = {};
   $self->{CONFIG} = $config;
+  $self->{backlog} = {};
   bless($self);
   return $self;
 }
 
+sub incident
+{
+  my $self = shift;
+  my ($chan, $header) = @_;
+  $chan = lc $chan;
+  open(FH, '>>', 'dctlog.txt');
+  print FH $header;
+  if (defined($self->{backlog}->{$chan})) {
+    print FH join('', @{$self->{backlog}->{$chan}});
+  }
+  print FH "\n\n";
+  close(FH);
+}
+
+#writes out the backlog to a file which correlates to ASM's SQL actionlog table
+sub sqlIncident
+{
+  my $self = shift;
+  my ($channel, $index) = @_;
+  $channel = lc $channel;
+  my @chans = split(/,/, $channel);
+  open(FH, '>', $self->{CONFIG}->{actiondir} . $index . '.txt');
+  foreach my $chan (@chans) {
+    if (defined($self->{backlog}->{$chan})) {
+      print FH "$chan\n";
+      print FH join('', @{$self->{backlog}->{$chan}});
+      print FH "\n";
+    }
+  }
+  close(FH);
+}
+
 sub logg
 {
   my $self = shift;
@@ -35,10 +68,10 @@ sub logg
     $_ = '';
     $_ =    "<$event->{nick}> $event->{args}->[0]"                      if $event->{type} eq 'public';
     $_ = "*** $event->{nick} has joined $chan"                          if $event->{type} eq 'join';
-    $_ = "*** $event->{nick} has left $chan"                            if $event->{type} eq 'part';
+    $_ = "*** $event->{nick} has left $chan ($event->{args}->[0])"      if $event->{type} eq 'part';
     $_ =   "* $event->{nick} $event->{args}->[0]"                       if $event->{type} eq 'caction';
     $_ = "*** $event->{nick} is now known as $event->{args}->[0]"       if $event->{type} eq 'nick';
-    $_ = "*** $event->{nick} has quit IRC"                              if $event->{type} eq 'quit';
+    $_ = "*** $event->{nick} has quit ($event->{args}->[0])"            if $event->{type} eq 'quit';
     $_ = "*** $event->{to}->[0] was kicked by $event->{nick}"           if $event->{type} eq 'kick';
     $_ =    "-$event->{nick}- $event->{args}->[0]"                      if $event->{type} eq 'notice';
     $_ = "*** $event->{nick} sets mode: " . join(" ",@{$event->{args}}) if $event->{type} eq 'mode';
@@ -46,8 +79,18 @@ sub logg
     my $nostamp = $_;
     $_ = strftime($cfg->{timefmt}, @time) . $_ . "\n";
     my $line = $_;
+    my @backlog = ();
+    if (defined($self->{backlog}->{$chan})) {
+      @backlog = @{$self->{backlog}->{$chan}};
+      if (scalar @backlog >= 30) {
+        shift @backlog;
+      }
+    }
+    push @backlog, $line;
+    $self->{backlog}->{$chan} = \@backlog;
     if (open(FH, $path)) { # or die "Can't open $path: $!";
       print FH $line;
+      ASM::Util->dprint($line, 'logger');
       close(FH);
     } else {
       print "COULDN'T PRINT TO $path - $line";
-- 
cgit v1.2.3