This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
Does a ban tcl exist that works correctly on Unreal IRCD?
-
SSTuDPuPPy
Does a ban tcl exist that works correctly on Unreal IRCD?
I am looking for a ban tcl or help coding a tcl that will set correct bans on the Unreal IRCD. With the new banmasks used, it is a real pain to constantly modify incorrectly set bans. HELP!
-
SSTuDPuPPy
More info on the Unreal banmask
Sorry about the ambiguity. Unreal now uses a banmask. The syntax for a verbose ip...ie: user-10.bbd14tcl.dsl.pol.co.uk shows up on Unreal as Achat-3D35C82E.bbd14tcl.dsl.pol.co.uk. The banmask for numeric ip's...ie: 61.18.139.51 shows up as 164FA2B8.1BA0D84D.3A81B54A.IP. The "Achat" is a changeable prefix that is chosen by each individual network and is defined in the Unreal config file. The only consistant thing is that each encoded part of the ip contains 8 characters. This banmask also changes each time a user connects. It's great to stop attacks on users, but is lousy for setting bans.
The only ways I can see to make a ban work would either be a nick ban (which is a waste) or a modified type 3 ban where the tcl would parse out the encoding and leave the un-encoded part of a verbose ip. In the case of a numeric ip, your guess is as good as mine. The only thing that comes to mind is a custom ban that would be in the format *!*user@*....which is also a lousy banset.
Maybe a banset that stores the realname somewhere, then checks the username and realname onjoion and then compares that to an already set ban, updating with a new ban as needed???
I'm at a loss.....
The only ways I can see to make a ban work would either be a nick ban (which is a waste) or a modified type 3 ban where the tcl would parse out the encoding and leave the un-encoded part of a verbose ip. In the case of a numeric ip, your guess is as good as mine. The only thing that comes to mind is a custom ban that would be in the format *!*user@*....which is also a lousy banset.
Maybe a banset that stores the realname somewhere, then checks the username and realname onjoion and then compares that to an already set ban, updating with a new ban as needed???
I'm at a loss.....
-
nnarf
uhh unreal crc32's the first part of the host to prevent the very problem you are describing. every unique host has one and only one masked counterpart, likewise for IP addresses. IPs, on the other hand, have a slightly crazier encryption algorithm, as to complicate brute forcing a bit. banning the encoded host should solve your problems.
-
SSTuDPuPPy
Missed the point
Banning the encoded host...as you say...will work as long as they are connected, but what about the next time they connect and you want them to be time or perm banned from a channel? Banning the encoded host is futile if you want a ban of this type. All it does is fill your akill list with useless bans.
Then there simply is no ban you can palce that will prevent this.
The idea behind hostmasking, is to prevent DDOS attacks. The only way to fully impliment this protection, is to remove all means of obtaining the true details, unless your admin.
So with one hand you ask for a method of banning these users, and in the other, you are saying this fills your banlist.
This is the only current way.
The best ban you can place is *!*user@*.host.com
This will capture them most times, until they finaly figure to change there ident.
Back when I was a lad on IRC, I used to go around channels, having a contest, to see how many channels I coul get banned from in 1 hour, or how quick I could fill a channels ban list.
In the end, the only way to get rid of my, was to ban my ISP.
The same applies here, the only way you will prevent them coming back, is if you place strong enough bans, that you block a sized portion of the internet.
You ca only have it one way or the other.
The idea behind hostmasking, is to prevent DDOS attacks. The only way to fully impliment this protection, is to remove all means of obtaining the true details, unless your admin.
So with one hand you ask for a method of banning these users, and in the other, you are saying this fills your banlist.
This is the only current way.
The best ban you can place is *!*user@*.host.com
This will capture them most times, until they finaly figure to change there ident.
Back when I was a lad on IRC, I used to go around channels, having a contest, to see how many channels I coul get banned from in 1 hour, or how quick I could fill a channels ban list.
In the end, the only way to get rid of my, was to ban my ISP.
The same applies here, the only way you will prevent them coming back, is if you place strong enough bans, that you block a sized portion of the internet.
You ca only have it one way or the other.
-
nnarf
Re: Missed the point
you dont understand... each host is encoded into one and only one encoded host. even if a client reconnects, it will still get the same encoded host, as long as the client reconnects with the same host. if the host changes, then a broader ban mask will be necessary, but no more necessary than it would be had the "host encoding" feature not been used.STuDPuPPy wrote:Banning the encoded host...as you say...will work as long as they are connected, but what about the next time they connect and you want them to be time or perm banned from a channel? Banning the encoded host is futile if you want a ban of this type. All it does is fill your akill list with useless bans.
Very true.
Take the following example.
Back when I used a regular ISP, each time I connected, I obtained a new host each time. Example between a masked and non-masked network would be
first time:
user231-host12.dungate.du3.isp.com
encoded:
8G5GAF1.5A13FC1.isp.com
second time:
user112-host17.friday.du3.isp.com
encoded:
4DA16F1.AB61521.isp.com
Regardless how many times I connected, if I had the first host, then I would get exactly the encoded part above.
Same applied with the second host.
If banning *!*@user231-host12.dungate.du3.isp.com, the it would fail to porevent my second host from joining. SO a broad ban would be used.
Take the following example.
Back when I used a regular ISP, each time I connected, I obtained a new host each time. Example between a masked and non-masked network would be
first time:
user231-host12.dungate.du3.isp.com
encoded:
8G5GAF1.5A13FC1.isp.com
second time:
user112-host17.friday.du3.isp.com
encoded:
4DA16F1.AB61521.isp.com
Regardless how many times I connected, if I had the first host, then I would get exactly the encoded part above.
Same applied with the second host.
If banning *!*@user231-host12.dungate.du3.isp.com, the it would fail to porevent my second host from joining. SO a broad ban would be used.