Tip of the day: If you still have users on plaintext port 6667, consider enabling Strict Transport Security to gently move users to SSL/TLS on port 6697.

Crule

From UnrealIRCd documentation wiki
Jump to navigation Jump to search

Since UnrealIRCd 6.1.2 we support spamfilter::rule, security-group::rule and mask::rule. They allow you to filter in a C like if-style, eg: rule "reputation()>20";. In UnrealIRCd 6.2.4 we added a lot more functions.

Syntax

  • You can call functions which may have 0, 1 or more arguments. Eg reputation()
  • Supported comparison operators are: xx>yy, xx<yy and x==y
  • You can use && (AND) and || (OR) expressions to combine multiple checks
  • You can use ( and ) to group items
  • You can use ! to represent negation, eg !has_user_mode('x')

Functions

The following functions are supported:

Boolean checks

  • is_away(): returns true if the client is currently away. Requires UnrealIRCd 6.1.5+
  • is_tls(): returns true if the user is using SSL/TLS. Requires UnrealIRCd 6.1.6+
  • is_identified(): returns true if the user is identified to a services account. Requires UnrealIRCd 6.1.6+
  • is_websocket(): returns true if the user is connecting via WebSocket Requires UnrealIRCd 6.1.6+
  • is_webirc(): returns true if the user is connecting via WebIRC Requires UnrealIRCd 6.1.6+
  • is_oper(): returns true if the user is an IRC operator. Requires UnrealIRCd 6.2.4+
  • is_local(): returns true if the user is a local (directly connected) client. Requires UnrealIRCd 6.2.4+
  • has_swhois(): returns true if the user has a swhois set. Requires UnrealIRCd 6.2.4+

Match functions

  • has_user_mode('x'): returns true if all the specified user modes are set on the client. Requires UnrealIRCd 6.1.5+
  • has_channel_mode('x'): for a spamfilter, the destination channel for a message: return true if this channel contains all the specified channel modes. Requires UnrealIRCd 6.1.5+
  • destination('#channel'): for a spamfilter, allows you to check the destination of the message (which can be a channel or a nick), wildcards are supported.
  • inchannel('#channel'): returns true if user is a member of this channel. It is IMPORTANT not to confuse this with destination() in spamfilters! Optionally channel member flags are supported, eg inchannel('@#has_ops_here'). In UnrealIRCd 6.1.6+ this is called in_channel (with the underscore), but the old name works as well.
  • cap_set('capname'): returns true if the the client has requested the capname capability via CAP REQ.
  • in_security_group('known-users'): returns true if the user is in specified Security group. Requires UnrealIRCd 6.1.6+
  • match_mask('*@*.example.org'): returns true if the user matches mask (as usual you can also use match_mask('*.example.org') if you don't care about the username/ident). Requires UnrealIRCd 6.1.6+
  • match_ip('192.168.*'): returns true if the user matches the IP address (CIDR is supported too, like match_ip('192.168.0.0/16'). Requires UnrealIRCd 6.1.6+
  • match_realname('*xyz*'): returns true if the real name (gecos) contains the word 'xyz' somewhere. Requires UnrealIRCd 6.1.6+
  • match_account('xyz'): returns true if the Services account is 'xyz'. Requires UnrealIRCd 6.1.6+
  • match_country('NL'): returns true if GeoIP determined the country to be 'NL'. Requires UnrealIRCd 6.1.6+
  • match_asn(64496): returns true if GeoIP determined the Autonomous system number to be '64496'. Requires UnrealIRCd 6.1.7+
  • match_certfp('abc'): returns true if the Certificate fingerprint of the user is 'abc'. Requires UnrealIRCd 6.1.6+
  • match_class('pattern'): returns true if the user's connection class matches the pattern. Requires UnrealIRCd 6.2.4+
  • match_server('pattern'): returns true if the server the user is on matches the pattern. Requires UnrealIRCd 6.2.4+
  • match_vhost('pattern'): returns true if the user's visible hostname matches the pattern. Requires UnrealIRCd 6.2.4+
  • match_realhost('pattern'): returns true if the user's real hostname matches the pattern. Requires UnrealIRCd 6.2.4+
  • match_away('pattern'): returns true if the user's away message matches the pattern. Requires UnrealIRCd 6.2.4+
  • match_asname('pattern'): returns true if the user's GeoIP AS name matches the pattern. Requires UnrealIRCd 6.2.4+
  • match_operlogin('pattern'): returns true if the oper login name matches the pattern (only for opers). Requires UnrealIRCd 6.2.4+
  • match_operclass('pattern'): returns true if the oper class matches the pattern (only for opers). Requires UnrealIRCd 6.2.4+
  • match_sni('pattern'): returns true if the TLS SNI (Server Name Indication) hostname matches the pattern. Requires UnrealIRCd 6.2.4+
  • match_tls_cipher('pattern'): returns true if the TLS cipher matches the pattern. Requires UnrealIRCd 6.2.4+

Numeric functions

  • online_time(): number of seconds the user is online, like online_time()<300
  • reputation(): the Reputation score of the user, like reputation()>10
  • tag('TAGNAME'): read the value of a tag set on the user with name TAGNAME. Tags are set by set in Actions (e.g. by spamfilter).
  • cap_version(): returns the CAP protocol used by the client, such as 300.
  • server_port(): returns the server port used by the client, such as 6697. Requires UnrealIRCd 6.2.1+
  • connections_from_ip(): returns the number of connections from the user's IP address. Requires UnrealIRCd 6.2.4+
  • channel_count(): returns the number of channels the user has joined. Requires UnrealIRCd 6.2.4+
  • channel_member_count(): returns the member count of the destination channel. Requires UnrealIRCd 6.2.4+
  • idle_time(): returns the number of seconds since the user last sent a message. Requires UnrealIRCd 6.2.4+

Traffic statistics

  • messages_sent(): returns the number of messages sent by the server to the user. Requires UnrealIRCd 6.2.4+
  • messages_received(): returns the number of messages received by the server from the user. Requires UnrealIRCd 6.2.4+
  • bytes_sent(): returns the total bytes sent by the server to the user. Requires UnrealIRCd 6.2.4+
  • bytes_received(): returns the total bytes received by the server from the user. Requires UnrealIRCd 6.2.4+

Text analysis

The following functions analyze the message text and are intended for use in spamfilter::rule. They return 0 when used outside of a spamfilter context.

  • text_byte_count(): returns the byte length of the text. Requires UnrealIRCd 6.2.4+
  • text_character_count(): returns the number of Unicode characters in the text. Requires UnrealIRCd 6.2.4+
  • word_count(): returns the number of words in the text. Requires UnrealIRCd 6.2.4+
  • uppercase_percentage(): returns the percentage (0-100) of uppercase letters among all alphabetic characters. Requires UnrealIRCd 6.2.4+
  • digit_percentage(): returns the percentage (0-100) of digits in the text. Requires UnrealIRCd 6.2.4+
  • non_ascii_percentage(): returns the percentage (0-100) of non-ASCII bytes in the text. Requires UnrealIRCd 6.2.4+
  • max_repeat_count(): returns the maximum number of consecutive identical characters. Requires UnrealIRCd 6.2.4+
  • mixed_utf8_score(): returns the anti-mixed UTF-8 score. Requires UnrealIRCd 6.2.4+
  • unicode_block_count(): returns the number of different Unicode blocks detected in the text. Requires UnrealIRCd 6.2.4+

Examples

Simple comparison

This rule will match if the Reputation score of the user is more than 20: 

rule "reputation()>20";

And/Or

You can combine things with an AND operator and OR, and group them: 

rule "!inchannel('#main') && (online_time()<180 || reputation()<50)";

This rule will match when:

  • User is not in the channel #main, AND
  • Either the online time is less than 180 seconds OR the Reputation score is less than 50
Retrieved from "https://www.unrealircd.org/docwiki/index.php?title=Crule&oldid=15530"