Except ban block

From UnrealIRCd documentation wiki
Jump to navigation Jump to search

The except ban block allows you to exempt users from things like GLINEs, blacklists, spamfilter restrictions, etc. This is useful when you want an ISP banned, but still want specific users to be able to connect. IRCOps also often exempt their own IP to make sure they are never accidentally banned.

You can also use the /ELINE command on IRC to add/remove exemptions dynamically (which are stored in a permanent database, tkldb).

Below describes the behavior in UnrealIRCd 5. If you still use UnrealIRCd 4 then read the end of the article here.

Syntax[edit]

except ban {
	mask <host-or-ipmask>;
	type { .... }; /* this is optional */
};

The mask specifies the mask to be exempt from banning. It is recommended to use IP addresses in the mask if possible (eg: *@192.168.*) rather than hostnames (eg: *@*.someisp.xx). Although both are permitted, do note that if you use a hostname then the except ban { } will be ineffective against exempting from ZLINE and GZLINE for technical reasons (when bans and except ban { } blocks are processed no DNS lookup and no ident lookup has been done yet).

Valid types are:

Type Meaning
kline Exempt from K-Line (KLINE)
gline Exempt from G-Line (GLINE)
zline Exempt from Z-Line (ZLINE)
gzline Exempt from Global Z-Line (GZLINE)
shun Exempt from Shun (SHUN)
spamfilter Can bypass spamfilters
qline Can bypass banned nick restrictions (QLINE)
blacklist Don't do any blacklist checking
connect-flood Exempt from set::anti-flood::connect-flood
unknown-data-flood Do not place ZLINE when client is flooding before registration phase
antirandom Bypass antirandom module
antimixedutf8 Bypass antimixedutf8 module
ban-version Bypass ban version { } blocks
all All of the above, except qline

If you do not specify any type, then the exception defaults to: kline + gline + zline + gzline + shun.

Example[edit]

except ban {
	mask *@192.168.*;
	mask *@192.0.2.5;
};

Old UnrealIRCd versions (UnrealIRCd 4)[edit]

In UnrealIRCd 4 the except ban { } block only exempts from KLINE and ZLINE. If you want the user to be exempt from other types then you need to add an Except TKL block for the same user@host as well.

Syntax[edit]

except ban {
	mask <hostmask>;
};

The except::mask directive specifies the user@host mask of the client who will be allowed to connect.

Example[edit]

except ban {
	mask *@my.exempted.host.isp.com;
};