Originally posted by [b]Paradox924X[/b]
http://www.eathena.ws/board/index.php?autocom=bugtracker&showbug=3734
trunk/src/login/ipban_sql.c:
CODE
// set up periodic cleanup of connection history and active bans
add_timer_func_list(ipban_cleanup, "ipban_cleanup");
cleanup_timer_id = add_timer_interval(gettick()+10, ipban_cleanup, 0, 0, 60*1000);
CODE
// remove expired bans
int ipban_cleanup(int tid, unsigned int tick, int id, intptr data)
{
if( !login_config.ipban )
return 0;// ipban disabled
if( SQL_ERROR == Sql_Query(sql_handle, "DELETE FROM `ipbanlist` WHERE `rtime` <= NOW()") )
Sql_ShowDebug(sql_handle);
return 0;
}
stable/src/login_sql/login.c:
CODE
// ban deleter timer
add_timer_func_list(ip_ban_flush, "ip_ban_flush");
add_timer_interval(gettick()+10, ip_ban_flush, 0, 0, 60*1000);
CODE
int ip_ban_flush(int tid, unsigned int tick, int id, intptr data)
{
if( SQL_ERROR == Sql_Query(sql_handle, "DELETE FROM `ipbanlist` WHERE `rtime` <= NOW()") )
Sql_ShowDebug(sql_handle);
return 0;
}
As can be seen by the code above, the query "DELETE FROM `ipbanlist` WHERE `rtime` <= NOW()" is run once every minute (60 seconds * 1000 milliseconds).
Its especially a problem because of the fact that `rtime` is not indexed in SQL, so one fix would be to index `rtime`.
The fact that it is even doing this is a bit silly. A more efficient approach would have been to do it once on server start, once on server end, and to lazily remove entries if `rtime` <= NOW() when checking upon login if the IP of the currently-connecting client is banned.
Note: Applying this fix might cause issues in poorly-thought-out control panels which don't check `rtime` > NOW() before disallowing users access.