This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.


For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

Fetch list of banned masks.

Requests for complete scripts or modifications/fixes for scripts you didn't write. Response not guaranteed, and no thread bumping!
Post Reply
A
Alt
Voice
Posts: 8
Joined: Mon Aug 29, 2005 12:05 pm

Fetch list of banned masks.

Post by Alt »

I'm looking for a script that will connect to a website, grab a text file that has a list of host masks and then ban anyone entering that fits those masks. The masks would all be in their own line being something like

*!*@*aol.com @Aol for repeated abuse
*!*@66.243.100.* @Proxy
*!*@66.243.97.* @Proxy

ect ect.

I'm looking so that it will ban those masks but NOT add them to the internal ban list for the bot. So if someone removes a mask from the text file on the server and the bot regets it that the ban wont still be in the internal list. Plus it makes it easier that I can see the other bans I manually added to the bot with .bans. It would also be helpful if I could maybe have a command to see that list and then maybe add a flag to search it for a ban with wildcard search. So I can maybe go .extban -s *!*@*66.243* and have it give me the 2 proxy bans from that list. Maybe another flag to refetch the list using ".extban -f" and have it fetch a list. So I can do ".extban -f http://www.url.com/list2.txt" and have it grab that text file and use both list 1 and list 2. I know this is kind of drawn out and complex but I figured it would be useful.


So, features list I guess

Type ".extban -f url.txt" to fetch list of banned masks.

".extban -s *!*@*mask*" to search lists for masks matching. Just output the lines to the paryline that have that match since all masks will have their own line anyway.

".extban -l" Lists current lists and gives you a number next to them. (1, 2, 3 ect)
Example:
Current Ban Lists
1) http://www.url.com/list1.txt
2) http://www.url.com/list2.txt
3) * http://www.url.com/list3.txt

".extban -e (#number)" to remove a list.

".extban -r (#number)" to refetch the list of that number.

".extban -i (#number)" Temporarily disactive a list. Which is why the asterisk is next to list 3 telling you its deactivated.

".extban -a (#number)" Reactive that disabled list.

Have maybe a console flag to tell you when someone matching a mask is banned, from what room, and the mask they matched that got them banned.

Again, this got to be really complex but I think it would be really really useful and really really helpful. Infact I would say i'm in a really big need for it.

Big reason I want seperate lists is because i'm being targeted by a large group of proxy users and I want one list of temporary ones, one list of dynamic ones, one list of ISP ones, one list of targeted ones. Ect ect. That kind of stuff. Plus I can colaborate with multiple people who dont need access to the bot to see the lists and such.
User avatar
demond
Revered One
Posts: 3073
Joined: Sat Jun 12, 2004 9:58 am
Location: San Francisco, CA
Contact:

Post by demond »

I highly doubt anyone would bother to write such elaborated and virtually useless for wider audience script (unless you pay, that is)

my advice is: create 4 +k users and start adding proxy masks - or get a decent anti-openproxy script (I haven't seen one)
connection, sharing, dcc problems? click <here>
before asking for scripting help, read <this>
use

Code: Select all

 tag when posting logs, code
A
Alt
Voice
Posts: 8
Joined: Mon Aug 29, 2005 12:05 pm

Post by Alt »

Well the hardest part would be looking at a text file and banning users from it. Would that really be so insanely hard? Everything else would seem easy to me but then again I dont work with TCL or any other script languages for that matter. Also, I dont see it useless at all. I think many people would find a use for that type of script.
User avatar
demond
Revered One
Posts: 3073
Joined: Sat Jun 12, 2004 9:58 am
Location: San Francisco, CA
Contact:

Post by demond »

well, Einstein said everything is relative

it's not hard to code, it's hard to waste time to code it - knowing that you waste time to implement something for a stranger you don't know, specifically tailored to their needs, practically useless for anyone else - see my point?

I myself would much rather waste my time to write a generic multi-purpose script that many people could use - but that's me... maybe someone elese will be willing to code this thing for you, there's always hope
connection, sharing, dcc problems? click <here>
before asking for scripting help, read <this>
use

Code: Select all

 tag when posting logs, code
C
Callisto
Halfop
Posts: 86
Joined: Sun Mar 13, 2005 11:04 am

Post by Callisto »

I use a proxy check from
http://www.jamesoff.net/projects/eggdrop/

But if the server you are on masks clients IP in anyway then unless your bot has an O line it wont work.

Good luck
m
minted
Halfop
Posts: 64
Joined: Wed Jul 20, 2005 9:58 am

Post by minted »

i was messing with this just yesterday

Code: Select all

# open proxy checker for eggdrop
# (c) James Seward 2003/4
# version 1.0

# http://www.jamesoff.net/projects/eggdrop
# james@jamesoff.net

# Released under the GPL

## INSTRUCTIONS
###############################################################################

# This script will check the hosts of people joining channels against one or
# RBLs. Choose your RBLs wisely, some of them list DIALUP SPACE and that would
# be a bad thing to be matching your IRC users against :P
#
# Enable the 'proxycheck' flag for channels you want the script active on
# --> .chanset #somechannel +proxycheck
#
# Users who are +o, +v, or +f in your bot (local or global) won't be checked.
#
# Turn on console level d on the partyline to see some debug from the script
# --> .console +d (to enable)
# --> .console -d (to disable)

## CONFIG
###############################################################################

# space-separated list of RBLs to look in
set proxycheck_rbls { "cbl.abuseat.org" "opm.blitzed.org" "dnsbl.ahbl.org" }

# time in minutes to ban for
set proxycheck_bantime 15

# stop editing here unless you're TCL-proof



## CODE
###############################################################################

#add our channel flag
setudef flag proxycheck

#bind our events
bind join - *!*@* proxycheck_join

#swing your pants

# catch joins
proc proxycheck_join { nick host handle channel } {
  #check we're active
  if {![channel get $channel proxycheck]} {
    return 0
  }

  #don't apply to friends, voices, ops
  if {[matchattr $handle fov|fov $channel]} {
    return 0
  }

  #get the actual host
  regexp ".+@(.+)" $host matches newhost
  if [regexp {[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$} $newhost] {
    #it's a numeric host, skip the lookup
    proxycheck_check2 $newhost $newhost 1 $nick $newhost $channel
  } else {
    putloglev d * "proxycheck: doing dns lookup on $newhost to get IP"
    dnslookup $newhost proxycheck_check2 $nick $newhost $channel
  }
}

# first callback (runs RBL checks)
proc proxycheck_check2 { ip host status nick orighost channel } {
  global proxycheck_rbls

  if {$status} {
    putloglev d * "proxycheck: $host resolves to $ip"

    # reverse the IP
    regexp {([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3}).([0-9]{1,3})} $ip matches a b c d
    set newip "$d.$c.$b.$a"

    # look it up in the rbls
    foreach rbl $proxycheck_rbls {
      putloglev d * "proxycheck: looking up $newip.$rbl"
      dnslookup "$newip.$rbl" proxycheck_check3 $nick $host $channel $rbl
    }
  } else {
    putlog "proxycheck: Couldn't resolve $host. (No further action taken.)"
  }
}

# second callback (catches RBL results)
proc proxycheck_check3 { ip host status nick orighost channel rbl } {
  global proxycheck_bantime

  if {$status} {
    putlog "proxycheck: got host $host = ip $ip from RBL $rbl ... banning"
    newchanban $channel "*@$orighost" "proxychk" "proxycheck: $rbl" $proxycheck_bantime
  }
  #if we didn't get a host, they're not in RBL
}

putlog "proxycheck 1.0 by JamesOff loaded"
will this work with windrop?
i tried running bopm previously but its not compatible with our servers snotices(which we cant change)
a script that simply checks with a good dnsbl would be sufficient, though i couldnt seem to get this to work
no errors, just the reverse dns never seemed to work
edit: got it working.
still though, does this seem like a good script?
how do u find it callisto?
User avatar
Alchera
Revered One
Posts: 3344
Joined: Mon Aug 11, 2003 12:42 pm
Location: Ballarat Victoria, Australia
Contact:

Post by Alchera »

minted wrote:will this work with windrop?
Too lazy to try?
Add [SOLVED] to the thread title if your issue has been.
Search | FAQ | RTM
m
minted
Halfop
Posts: 64
Joined: Wed Jul 20, 2005 9:58 am

Post by minted »

i edited my post
i had tried, just had no luck
then it worked!

seems to be as good as i'll get, the bopm guys had no interest helping make it work with our snotices
i dont really blame them, and i wouldnt know where to start
so querying their list is the next best thing :)
User avatar
demond
Revered One
Posts: 3073
Joined: Sat Jun 12, 2004 9:58 am
Location: San Francisco, CA
Contact:

Post by demond »

setting up bopm is really easy, you simply need the right regexp - and you really should be using bopm instead of scripts

as long as your ircd provides client's IP in connection notices, bopm will work for you
connection, sharing, dcc problems? click <here>
before asking for scripting help, read <this>
use

Code: Select all

 tag when posting logs, code
C
Callisto
Halfop
Posts: 86
Joined: Sun Mar 13, 2005 11:04 am

Post by Callisto »

demond wrote:setting up bopm is really easy, you simply need the right regexp - and you really should be using bopm instead of scripts

as long as your ircd provides client's IP in connection notices, bopm will work for you
I agree 100% and I really question the sense of any network administrator who doesnt run some kind of protection, still each to their own.
m
minted
Halfop
Posts: 64
Joined: Wed Jul 20, 2005 9:58 am

Post by minted »

demond wrote:setting up bopm is really easy, you simply need the right regexp - and you really should be using bopm instead of scripts

as long as your ircd provides client's IP in connection notices, bopm will work for you
it doesnt
its a chatspace server, and we cant change the default snotice
*** Notice -- Client connecting on port 7000: nick (ident@hostname)
i tried to get bopm to work a while back, but i was unsuccessful.
a quick email to them got a reply that its not compatible with chatspace servers. unless u can give me a solution that fits :)

so, querying their dnsbl is the next best thing.

saying that, do u know of any other good dnsbl's, apart from blitzed.
Post Reply