1. Forum
  2. DOVE-Net
  3. Synchronet Programming

  • src/sbbs3/sbbs_ini.c

    From Rob Swindell (on Windows 11)@VERT to Git commit to main/sbbs/master on Sat May 23 21:25:45 2026
    https://gitlab.synchro.net/main/sbbs/-/commit/4e131f2da3a96499bc86d67e
    Modified Files:
    src/sbbs3/sbbs_ini.c
    Log Message:
    sbbs_ini: default IPv6 rate-limit subnet prefix to /64

    Per-host IPv6 counting is naive: a typical IPv6 subscriber gets a /64
    (or larger) allocation from their ISP, so a single attacker can trivially
    cycle through addresses they own and evade per-host rate limits. /64 is
    the smallest unit that meaningfully represents "one subscriber".

    Bump the default RateLimitSubnetPrefix6 from 0 (per-host) to 64 for all
    four servers that have rate limits (web/ftp/mail/services). IPv4 stays
    at 0 (per-host) since v4 addresses are meaningfully individual.

    Existing installs with an explicit RateLimitSubnetPrefix6=0 in their
    sbbs.ini keep that value; only the missing-key case picks up the new
    default.

    Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net