From a71b3cb24f859658cc562dac25cdc91d6814cd89 Mon Sep 17 00:00:00 2001
From: timvisee <tim@visee.me>
Date: Wed, 17 Nov 2021 18:19:16 +0100
Subject: [PATCH] Add option to drop all connections from banned IPs

This instantly disconnects clients from banned IPs. Clients won't be
able to request or ping the server status. Clients won't get a kick
message with their ban reason either. Clients simply get a
'Disconnected' message on login.
---
 res/lazymc.toml       | 5 +++++
 src/config.rs         | 4 ++++
 src/service/server.rs | 8 ++++++--
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/res/lazymc.toml b/res/lazymc.toml
index 245b452..e9b9e62 100644
--- a/res/lazymc.toml
+++ b/res/lazymc.toml
@@ -46,6 +46,11 @@ command = "java -Xmx1G -Xms1G -jar server.jar --nogui"
 # Block banned IPs as listed in banned-ips.json in server directory.
 #block_banned_ips = true
 
+# Drop connections from banned IPs.
+# Banned IPs won't be able to ping or request server status.
+# On connect, clients show a 'Disconnected' message rather than the ban reason.
+#drop_banned_ips = false
+
 [time]
 # Sleep after number of seconds.
 #sleep_after = 60
diff --git a/src/config.rs b/src/config.rs
index f8c01ba..69a810e 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -184,6 +184,10 @@ pub struct Server {
     /// Block banned IPs as listed in banned-ips.json in server directory.
     #[serde(default = "bool_true")]
     pub block_banned_ips: bool,
+
+    /// Drop connections from banned IPs.
+    #[serde(default)]
+    pub drop_banned_ips: bool,
 }
 
 /// Time configuration.
diff --git a/src/service/server.rs b/src/service/server.rs
index a810cda..6b5954e 100644
--- a/src/service/server.rs
+++ b/src/service/server.rs
@@ -79,8 +79,12 @@ fn route(inbound: TcpStream, config: Arc<Config>, server: Arc<Server>) {
         }
     };
 
-    // Check ban state
+    // Check ban state, just drop connection if enabled
     let banned = server.is_banned_ip_blocking(&peer.ip());
+    if config.server.drop_banned_ips {
+        warn!(target: "lazymc", "Connection from banned IP {}, dropping", peer.ip());
+        return;
+    }
 
     // Route connection through proper channel
     let should_proxy =
@@ -147,7 +151,7 @@ pub fn route_proxy_address_queue(inbound: TcpStream, addr: SocketAddr, queue: By
 /// If disabled or on error, an empty list is returned.
 fn load_banned_ips(config: &Config) -> BannedIps {
     // Blocking banned IPs must be enabled
-    if !config.server.block_banned_ips {
+    if !config.server.block_banned_ips && !config.server.drop_banned_ips {
         return BannedIps::default();
     }