mirror of
https://github.com/OpenFusionProject/OpenFusion.git
synced 2024-11-22 05:20:05 +00:00
Only listen for monitor connections on localhost by default
This is to prevent accidental exposure of the monitor port to the public internet if a server admin enables the monitor port without it being properly firewalled. There is now a config option that lets you override the address to bind to, so that it can still be made available to other machines over private networks such as Wireguard.
This commit is contained in:
parent
5e92a58134
commit
3365cb53b7
@ -102,5 +102,8 @@ eventmode=0
|
|||||||
enabled=false
|
enabled=false
|
||||||
# the port to listen for connections on
|
# the port to listen for connections on
|
||||||
port=8003
|
port=8003
|
||||||
|
# The local IP to listen on.
|
||||||
|
# Do not change this unless you know what you're doing.
|
||||||
|
listenip=127.0.0.1
|
||||||
# how often the listeners should be updated (in milliseconds)
|
# how often the listeners should be updated (in milliseconds)
|
||||||
interval=5000
|
interval=5000
|
||||||
|
@ -180,9 +180,14 @@ SOCKET Monitor::init() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
address.sin_family = AF_INET;
|
address.sin_family = AF_INET;
|
||||||
address.sin_addr.s_addr = INADDR_ANY;
|
|
||||||
address.sin_port = htons(settings::MONITORPORT);
|
address.sin_port = htons(settings::MONITORPORT);
|
||||||
|
|
||||||
|
if (!inet_pton(AF_INET, settings::MONITORLISTENIP.c_str(), &address.sin_addr)) {
|
||||||
|
std::cout << "Failed to set monitor listen address" << std::endl;
|
||||||
|
printSocketError("inet_pton");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
if (SOCKETERROR(bind(listener, (struct sockaddr*)&address, sizeof(address)))) {
|
if (SOCKETERROR(bind(listener, (struct sockaddr*)&address, sizeof(address)))) {
|
||||||
std::cout << "Failed to bind to monitor port" << std::endl;
|
std::cout << "Failed to bind to monitor port" << std::endl;
|
||||||
printSocketError("bind");
|
printSocketError("bind");
|
||||||
@ -206,7 +211,7 @@ SOCKET Monitor::init() {
|
|||||||
exit(EXIT_FAILURE);
|
exit(EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
|
|
||||||
std::cout << "Monitor listening on *:" << settings::MONITORPORT << std::endl;
|
std::cout << "Monitor listening on " << settings::MONITORLISTENIP << ":" << settings::MONITORPORT << std::endl;
|
||||||
|
|
||||||
REGISTER_SHARD_TIMER(tick, settings::MONITORINTERVAL);
|
REGISTER_SHARD_TIMER(tick, settings::MONITORINTERVAL);
|
||||||
|
|
||||||
|
@ -64,6 +64,7 @@ bool settings::DISABLEFIRSTUSEFLAG = true;
|
|||||||
// monitor settings
|
// monitor settings
|
||||||
bool settings::MONITORENABLED = false;
|
bool settings::MONITORENABLED = false;
|
||||||
int settings::MONITORPORT = 8003;
|
int settings::MONITORPORT = 8003;
|
||||||
|
std::string settings::MONITORLISTENIP = "127.0.0.1";
|
||||||
int settings::MONITORINTERVAL = 5000;
|
int settings::MONITORINTERVAL = 5000;
|
||||||
|
|
||||||
// event mode settings
|
// event mode settings
|
||||||
@ -121,5 +122,6 @@ void settings::init() {
|
|||||||
IZRACESCORECAPPED = reader.GetBoolean("shard", "izracescorecapped", IZRACESCORECAPPED);
|
IZRACESCORECAPPED = reader.GetBoolean("shard", "izracescorecapped", IZRACESCORECAPPED);
|
||||||
MONITORENABLED = reader.GetBoolean("monitor", "enabled", MONITORENABLED);
|
MONITORENABLED = reader.GetBoolean("monitor", "enabled", MONITORENABLED);
|
||||||
MONITORPORT = reader.GetInteger("monitor", "port", MONITORPORT);
|
MONITORPORT = reader.GetInteger("monitor", "port", MONITORPORT);
|
||||||
|
MONITORLISTENIP = reader.Get("monitor", "listenip", MONITORLISTENIP);
|
||||||
MONITORINTERVAL = reader.GetInteger("monitor", "interval", MONITORINTERVAL);
|
MONITORINTERVAL = reader.GetInteger("monitor", "interval", MONITORINTERVAL);
|
||||||
}
|
}
|
||||||
|
@ -38,6 +38,7 @@ namespace settings {
|
|||||||
extern int EVENTMODE;
|
extern int EVENTMODE;
|
||||||
extern bool MONITORENABLED;
|
extern bool MONITORENABLED;
|
||||||
extern int MONITORPORT;
|
extern int MONITORPORT;
|
||||||
|
extern std::string MONITORLISTENIP;
|
||||||
extern int MONITORINTERVAL;
|
extern int MONITORINTERVAL;
|
||||||
extern bool DISABLEFIRSTUSEFLAG;
|
extern bool DISABLEFIRSTUSEFLAG;
|
||||||
extern bool IZRACESCORECAPPED;
|
extern bool IZRACESCORECAPPED;
|
||||||
|
Loading…
Reference in New Issue
Block a user