1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/sbbs3/sbbs_ini.c src/

    From Rob Swindell (on Windows@VERT to Git commit to main/sbbs/m on Thursday, February 12, 2026 00:05:00
    https://gitlab.synchro.net/main/sbbs/-/commit/3787311d4144152d80bd354b
    Modified Files:
    src/sbbs3/sbbs_ini.c src/sbbs3/scfg/scfgsrvr.c src/sbbs3/websrvr.cpp websrvr.h
    Log Message:
    Support optional custom http access log msg format

    Enabled by setting sbbs.ini [web] CustomLogFormat or SCFG->Servers->Web-> Access Log Format. The supported Apache Custom Log Format directives are:

    %% The percent sign.
    %a Client IP address of the request
    %B Size of response in bytes, excluding HTTP headers.
    %b Size of response in bytes, excluding HTTP headers. In CLF format
    %h Remote hostname or IP address
    %H The request protocol.
    %l Remote logname (from identd, if supplied).
    %r First line of request.
    %s Status.
    %t Time the request was received, in the format [18/Sep/2011:19:18:28 -0400]
    %u Remote user if the request was authenticated.
    %v The canonical ServerName of the server serving the request. (the vhost) %{remote}p the client's actual port
    %{Referer}i the HTTP Referer [sic] header line
    %{User-agent}i the HTTP User-agent header line

    For reference:
    https://httpd.apache.org/docs/current/mod/mod_log_config.html

    This fixes issue #1064 - feedback appreciated

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Windows@VERT to Git commit to main/sbbs/m on Thursday, February 12, 2026 21:37:00
    https://gitlab.synchro.net/main/sbbs/-/commit/491e7d4b7748e7e36ed72502
    Modified Files:
    src/sbbs3/sbbs_ini.c src/sbbs3/scfg/scfgsrvr.c src/sbbs3/services.cpp services.h
    Log Message:
    Add connection rate limiter to services server

    We can't (easily) rate-limit the requests because each service handles its
    own requests (except for UDP services I guess), but this is still an effective abuse limiter.

    If it makes sense for the other servers (maybe the terminal server), it'd be easy to add connection rate limiters to those too.

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net
  • From Rob Swindell (on Windows@VERT to Git commit to main/sbbs/m on Saturday, May 23, 2026 21:25:00
    https://gitlab.synchro.net/main/sbbs/-/commit/1dff45b547241a4f4d263adb
    Modified Files:
    src/sbbs3/sbbs_ini.c src/sbbs3/scfg/scfgsrvr.c src/sbbs3/websrvr.cpp websrvr.h
    Log Message:
    websrvr: make rate-limit subnet auto-filter threshold configurable

    Commit 52db12ec6 added a distinct-IP guard to rate_limit_filter() that suppresses subnet-wide filtering when only one host in the bucket abused
    the rate limit. The threshold was hardcoded at "more than 1 distinct
    host," which is a reasonable default for tight prefixes but too
    aggressive for wide ones (/16, /48), where collateral risk to innocent neighbors warrants requiring more distinct abusers first.

    Expose it as web_startup_t.rate_limit_filter_subnet_threshold, with:
    - new ini key RateLimitFilterSubnetThreshold (default 2 preserves
    current behavior; clamped >=1 -- set to 1 to filter on the first
    abuser, no neighbor required)
    - new SCFG entry under Web Server > Rate Limiting > Subnet Filter
    Threshold

    Touches the web_startup_t struct, so sbbsctrl.exe needs rebuilding on
    Windows hosts.

    Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net