From fdb1d6257cb9871c687e13b1ac1ec038ed2529e4 Mon Sep 17 00:00:00 2001 From: William Heimbigner Date: Thu, 7 Mar 2013 10:35:43 +0000 Subject: Added logging of kicks/bans/quiets/removes/klines/kills to a special SQL table and corresponding text files Enabled SQL debugging Bugfix: Only attempt to determine a host's IP if it doesn't contain a '/' Updates to channels.xml and users.xml Adjusted ;userx add and ;userx flags such that A cannot give B a flag that A doesn't already have Tweaked the ;help command Fixed ;mship such that it will respond even if it can't see the nick provided. Tweaked ;status to give output in format like 7d22h18m3s instead of 9814798712 seconds Added a ;teredo helper command to give info on IPv6 teredo-tunneled connections Added a nick blacklist file (to counter bot nicklists). Added a english wordlist file, for "garbage" detection. Added ;investigate and ;investigate2 commands Added a way to not throttle info-risk threats Added special detection for a cycling botnet Added special detection for bots that join, say something, and immediately quit Added detection for ascii art Added detection for "garbage" text Added fuzzy-matching against a set of nicks Added "real IP" to state tracking and logging, which "decrypts" gateway/web and teredo IPs Moved sigalarm code into meta.pl Improved statsp tracking, and logs it to a file Ping-pong every 30 seconds, auto-reconnect on persistent lag. Ensure inspector routine is always called AFTER log-handling routines Fixed a state-tracking bug in topic change handling Fixed a state-tracking bug with nick changes Fixed some state-tracking bugs with mode changes Determine who is impacted when a quiet/ban mask is placed Fixed handling of CTCP SOURCE requests Added feature where it keeps a 30 line "backlog" of each channel in memory. Added the reason for parts and quits to text logging --- modules/mysql.pl | 121 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 119 insertions(+), 2 deletions(-) (limited to 'modules/mysql.pl') diff --git a/modules/mysql.pl b/modules/mysql.pl index d0cee00..7484ca3 100644 --- a/modules/mysql.pl +++ b/modules/mysql.pl @@ -6,13 +6,14 @@ use DBI; sub new { my $module = shift; - my ($db, $host, $port, $user, $pass, $table, $dblog) = @_; + my ($db, $host, $port, $user, $pass, $table, $actiontable, $dblog) = @_; my $self = {}; $self->{DBH} = DBI->connect("DBI:mysql:database=$db;host=$host;port=$port", $user, $pass); $self->{DBH_LOG} = DBI->connect("DBI:mysql:database=$dblog;host=$host;port=$port", $user, $pass); $self->{DBH}->{mysql_auto_reconnect} = 1; $self->{DBH_LOG}->{mysql_auto_reconnect} = 1; $self->{TABLE} = $table; + $self->{ACTIONTABLE} = $actiontable; bless($self); return $self; } @@ -60,6 +61,122 @@ sub record $dbh->quote($id) . ", " . $dbh->quote($reason) . ");"); } +sub actionlog +{ + my ($self, $event, $modedata1, $modedata2) = @_; + my $dbh = $self->{DBH}; + my ($action, $reason, $channel, + $nick, $user, $host, $gecos, $account, $ip, + $bynick, $byuser, $byhost, $bygecos, $byaccount); + + if ($event->{type} eq 'mode') { + $action = $modedata1; + $nick = $modedata2; + $channel = lc $event->{to}->[0]; + $bynick = $event->{nick}; + $byuser = $event->{user}; + $byhost = $event->{host}; + } elsif ($event->{type} eq 'quit') { + my $quitmsg = $event->{args}->[0]; + if ($quitmsg =~ /^Killed \((\S+) \((.*)\)\)$/) { + $bynick = $1; + $reason = $2 unless ($2 eq ''); + return if ($reason =~ /Nickname regained by services/); + $action = 'kill'; + } elsif ($quitmsg =~ /^K-Lined$/) { + $action = 'k-line'; + } else { + return; #quit not forced/tracked + } + $nick = $event->{nick}; + $user = $event->{user}; + $host = $event->{host}; + } elsif (($event->{type} eq 'part') && ($event->{args}->[0] =~ /^requested by (\S+) \((.*)\)/)) { + $bynick = $1; + $reason = $2 unless (lc $reason eq lc $event->{nick}); + $action = 'remove'; + $nick = $event->{nick}; + $user = $event->{user}; + $host = $event->{host}; + $channel = $event->{to}->[0]; + } elsif ($event->{type} eq 'kick') { + $action = 'kick'; + $bynick = $event->{nick}; + $byuser = $event->{user}; + $byhost = $event->{host}; + $reason = $event->{args}->[1] unless ($event->{args}->[1] eq $event->{to}->[0]); + $nick = $event->{to}->[0]; + $channel = $event->{args}->[0]; + } + return unless defined($action); +# $bynick = lc $bynick if defined $bynick; #we will lowercase the NUHGA info later. + if ( (defined($bynick)) && (defined($::sn{lc $bynick})) ) { #we have the nick taking the action available, fill in missing NUHGA info + $byuser = $::sn{lc $bynick}{user} unless defined($byuser); + $byhost = $::sn{lc $bynick}{host} unless defined($byhost); + $bygecos = $::sn{lc $bynick}{gecos} unless defined($bygecos); + $byaccount = $::sn{lc $bynick}{account} unless defined($byaccount); + if (($byaccount eq '0') or ($byaccount eq '*')) { + $byaccount = undef; + } + } +# $nick = lc $nick if defined $nick; + if ( (defined($nick)) && (defined($::sn{lc $nick})) ) { #this should always be true, else something has gone FUBAR + $user = $::sn{lc $nick}{user} unless defined($user); + $host = $::sn{lc $nick}{host} unless defined($host); + $gecos = $::sn{lc $nick}{gecos} unless defined($gecos); + $account = $::sn{lc $nick}{account} unless defined($account); + if (($account eq '0') or ($account eq '*')) { + $account = undef; + } + $ip = ASM::Util->getNickIP(lc $nick); + } +# my ($action, $reason, $channel, +# $nick, $user, $host, $gecos, $account, $ip +# $bynick, $byuser, $byhost, $bygecos, $byaccount); +#Now, time to escape/NULLify everything + $action = $dbh->quote($action); + if (defined($reason)) { $reason = $dbh->quote($reason); } else { $reason = 'NULL'; } +## removed lc's from everything except IP + if (defined($channel)) { $channel = $dbh->quote($channel); } else { $channel = 'NULL'; } + + if (defined($nick)) { $nick = $dbh->quote($nick); } else { $nick = 'NULL'; } + if (defined($user)) { $user = $dbh->quote($user); } else { $user = 'NULL'; } + if (defined($host)) { $host = $dbh->quote($host); } else { $host = 'NULL'; } + if (defined($gecos)) { $gecos = $dbh->quote($gecos); } else { $gecos = 'NULL'; } + if (defined($account)) { $account = $dbh->quote($account); } else { $account = 'NULL'; } + if (defined($ip)) { $ip = $dbh->quote($ip); } else { $ip = 'NULL'; } + + if (defined($bynick)) { $bynick = $dbh->quote($bynick); } else { $bynick = 'NULL'; } + if (defined($byuser)) { $byuser = $dbh->quote($byuser); } else { $byuser = 'NULL'; } + if (defined($byhost)) { $byhost = $dbh->quote($byhost); } else { $byhost = 'NULL'; } + if (defined($bygecos)) { $bygecos = $dbh->quote($bygecos); } else { $bygecos = 'NULL'; } + if (defined($byaccount)) { $byaccount = $dbh->quote($byaccount); } else { $byaccount = 'NULL'; } + my $sqlstr = "INSERT INTO $self->{ACTIONTABLE} " . + "(action, reason, channel, " . + "nick, user, host, gecos, account, ip, " . + "bynick, byuser, byhost, bygecos, byaccount)" . + " VALUES " . + "($action, $reason, $channel, " . + "$nick, $user, $host, $gecos, $account, $ip, " . + "$bynick, $byuser, $byhost, $bygecos, $byaccount);"; + ASM::Util->dprint( $sqlstr, 'mysql' ); + $dbh->do( $sqlstr ); + return $dbh->last_insert_id(undef, undef, $self->{ACTIONTABLE}, undef); +# $::sn{ow} looks like: +#$VAR1 = { +# "account" => "afterdeath", +# "gecos" => "William Athanasius Heimbigner", +# "user" => "icxcnika", +# "mship" => [ +# "#baadf00d", +# "#antispammeta-debug", +# "#antispammeta" +# ], +# "host" => "freenode/weird-exception/network-troll/afterdeath" +# }; + +} + #FIXME: This function is shit. Also, it doesn't work like I want it to with mode. sub logg { @@ -110,7 +227,7 @@ sub logg $string = $string . ', ' . $dbh->quote($event->{args}->[1]); } $string = $string . ');'; - ASM::Util->dprint($string, "mysql"); +# ASM::Util->dprint($string, "mysql"); $dbh->do($string); } -- cgit v1.2.3