Mercurial > prosody-modules
view mod_srvinjection/mod_srvinjection.lua @ 5298:12f7d8b901e0
mod_audit: Support for adding location (GeoIP) to audit events
This can be more privacy-friendly than logging full IP addresses, and also
more informative to a user - IP addresses don't mean much to the average
person, however if they see activity from outside their expected country, they
can immediately identify suspicious activity.
As with IPs, this field is configurable for deployments that would like to
disable it. Location is also not logged when the geoip library is not
available.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Sat, 01 Apr 2023 13:11:53 +0100 |
| parents | 47fb4f36dacd |
| children |
line wrap: on
line source
module:set_global(); local adns = require "net.adns"; local map_config = module:get_option("srvinjection") or {}; local map = module:shared "s2s_map" for host, mapping in pairs(map_config) do if type(mapping) == "table" and type(mapping[1]) == "string" and (type(mapping[2]) == "number") then local connecthost, connectport = mapping[1], mapping[2] or 5269; map[host] = {{ srv = { target = connecthost.."."; port = connectport; priority = 1; weight = 0; }; }}; else module:log("warn", "Ignoring invalid SRV injection for host '%s'", host); map[host] = nil; end end local original_lookup = adns.lookup; function adns.lookup(handler, qname, qtype, qclass) if qtype == "SRV" then local host = qname:match("^_xmpp%-server%._tcp%.(.*)%.$"); local mapping = map[host] or map["*"]; if mapping then handler(mapping); return; end elseif qtype == "A" then if (qname == "localhost." or qname == "127.0.0.1.") then handler({{ a = "127.0.0.1" }}); return; end local ip = qname:match("^(%d+.%d+.%d+.%d+).$"); if ip then handler({{ a = ip }}); return; end end return original_lookup(handler, qname, qtype, qclass); end function module.unload() adns.lookup = original_lookup; end