Tip of the day: The blacklist { } block can be used to ban known troublemakers that are listed in blacklists like EfnetRBL and DroneBL.

Ban IP block

From UnrealIRCd documentation wiki
Jump to navigation Jump to search

This block bans an IP from accessing the server. This is the same as adding a /ZLINE on IRC.

Syntax[edit]

ban ip {
	mask <ipmask>;
	reason <reason-for-ban>;
};

The mask parameter is an IP which may contain wildcard characters, and reason is the reason why this ban is being placed.

Important points[edit]

All ban ip { } blocks and ZLINEs are processed very early. When the TCP/IP connection is accepted it is immediately closed with the ban reason sent as an error to the user. All this is done before DNS lookups, ident lookups, and before any TLS handshake.

Therefore:

  • You can only use IP addresses to place bans on
  • Clients using SSL/TLS almost always won't display the actual error message
  • Servers trying to link in to this server are also affected by ZLINEs

In many cases it is better to use the ban user { } block or KLINE instead. The reason ban ip { } and ZLINE exist is because it can be helpful if you are under very heavy drone/flood attacks where the server has to reject tens of thousands of connections per second.

Example[edit]

ban ip {
	mask 192.168.1.*;
	reason "Get a real ip u lamer!";
};
Retrieved from "https://www.unrealircd.org/docwiki/index.php?title=Ban_IP_block&oldid=8965"