Tip of the day: You can exempt users dynamically from server bans, spamfilter, maxperip and other restrictions with the ELINE command on IRC.
|
Ban IP block
This block bans an IP from accessing the server. This is the same as adding a /ZLINE on IRC.
Syntax
ban ip { mask <ipmask>; reason <reason-for-ban>; }
The mask parameter is an IP which may contain wildcard characters, and reason is the reason why this ban is being placed.
In UnrealIRCd 6.1.8 and later you can have multiple masks.
Important points
All ban ip { } blocks and ZLINEs are processed very early. When the TCP/IP connection is accepted it is immediately closed with the ban reason sent as an error to the user. All this is done before DNS lookups, ident lookups, and before any TLS handshake.
Therefore:
- You can only use IP addresses to place bans on
- Clients using SSL/TLS almost always won't display the actual error message
- Servers trying to link in to this server are also affected by ZLINEs
In many cases it is better to use the ban user { } block or KLINE instead. The reason ban ip { } and ZLINE exist is because it can be helpful if you are under very heavy drone/flood attacks where the server has to reject tens of thousands of connections per second.
Examples
Single IP
ban ip { mask 192.168.1.*; reason "Get a real ip u lamer!"; };
Multiple IPs
Requires UnrealIRCd 6.1.8 or later
ban ip { mask { 1.1.1.1; 2.2.2.2; 3.3.3.3; } reason "Go away"; }