Blacklist block

From UnrealIRCd documentation wiki
Jump to: navigation, search
This page contains changes which are not marked for translation.

Other languages:
English

The blacklist block allows you to use a DNS blacklist (DNSBL). Every user that connects to your server will be checked against the blacklists specified.

Syntax

blacklist <name> {
        dns {
                name <blacklist hostname>;
                type <record|bitmask>;
                reply { <permitted replies> };
        };
        action <action>;
        reason <reason>;
        ban-time <time>;
};

First of all, each blacklist has a <name>, which is just a short name for the blacklist block.

Currently the only supported type of blacklists are DNS blacklists. This is configured via blacklist::dns which consists of three items: blacklist::dns::name specifies the blacklist to use (eg: rbl.efnetrbl.org). blacklist::dns::type defines if the blacklist is of type record or bitmask, your blacklist should provide this info, if in doubts then use record. Finally, blacklist::dns::reply configures which DNS replies are considered a 'match'. Consult the documentation of the blacklist you use, as they are blacklist-specific!

The remainder of the blacklist block defines what should be done upon a match: blacklist::action specifies an action, such as kline (see Actions for a full list). blacklist::ban-time defines after how much time the *LINE (if any) should be removed. blacklist::reason specifies the kill/ban reason shown to the user. Starting with UnrealIRCd 4.0.1 you can use the variables $ip and $server in this field, which will be replaced with the IP address of the banned user and the name of the IRC server respectively.

Example

These are the two most common blacklists that users use:

blacklist efnetrbl {
        dns {
                name rbl.efnetrbl.org;
                type record;
                reply { 1; 4; 5; };
        };
        action gline;
        ban-time 24h;
        reason "Proxy/Drone/TOR detected. Check http://rbl.efnetrbl.org/?i=$ip for details.";
};

blacklist dronebl {
        dns {
                name dnsbl.dronebl.org;
                type record;
                reply { 3; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14; 15; 16; };
        };
        action gline;
        ban-time 24h;
        reason "Proxy/Drone detected. Check https://dronebl.org/lookup?ip=$ip for details.";
};

See also