So, I finally finished writing my first version of the script for you, so that it would be possible using a connections scan to protect your server from massive penetration of users from proxy addresses.
This may not be all you would like to see to protect your server, but it is better than nothing. In my opinion, it is more efficiently better to catch proxies when connecting to the server than when they are already entering on channels, since their addresses can be encrypted or be a virtual host, and you will be flooded with constant messages about Joins with probable spam. Of course, this code is still raw and may not be perfect, so I suggest you test it for several weeks to collect a report on the errors found and suggestions for improving this code.Description to v1.0: 1.
Scans all incoming connections to the server and checks users by "IP4
" (address must be in the form of numbers). For this, the bot where this script will be installed must have IRCop privileges with snomask (+cC
You can use the command with the syntax: "!ps <start/stop/reload>
". (All nicknames for which this command will be available are recorded in the "%ps_admins
" variable). 3.
In the "ps_gettype
" alias, you can, if you wish, write your signatures for those DNSBL servers that should describe the proxy type in case of detection. 4.
You can create your own DNSBL server lists in the "proxyscanner_list
" alias with which you should check the IP of all connecting users. (Use the provided list as an example, which includes the server name and a comma-separated list of response numbers to act on if they match). Warning
: This requires very fine tuning so that there is no false positive and that innocent netizens are not banned. Therefore, it is recommended to first check through similar websites to which reply number the script was correctly triggered. For example, if the "dnsbl.dronebl.org" server answered "9" when checking through the DNSBL, then this is correct in most cases and you will ban the real proxy. And if in the same place the answer is "3" or "14", then this may be a false positive. My advice for a while testing is to turn off the bans and set the variable to "%ps_btype = off
" so that you can just watch what is happening and make accurate debugging using the resulting numbers in the response rechecking where the truth is and where the lie. 5.
Through the alias "proxyscanner_set
" you can customize the configuration parameters of the script: %ps_servers
– Contains a comma-separated list of the "irc.server1.com,irc.server2.com" servers on which the script should work. (You can specify "all" for all servers). %ps_snomask
– All "snomask" modes that must be enabled for the bot to work correctly are indicated here. %ps_btype
– The type of server ban is indicated here. (Possible options: "ZLINE/KLINE/GLINE" or to disable bans set the value to "off"). %ps_btime
– Contains the time for which the ban will be set for the user. %ps_breason
– The reason for the ban is indicated here, which will be visible to the banned user. %ps_blogo
– Here the logo prefix, which will be present in all messages of the script. %ps_mchan
– Here you specify the channel to which you want to write a message in case of ban the detected proxy. %ps_admins
– A comma-separated list of aliases for which script control will be available.
I am attaching a screenshot of how the script, after the user is banned, reports in the specified channel about the found proxy through in the DNSBL list:
Click on the button to reveal the spoiler. This code must be inserted into the scripts editor. To do this, press the key combination "ALT+R
" and save this code as new "File/New
" script called "AntiProxyScan.mrc
The script was tested on InspIRCD v3
+ mIRC v7.63
Remember that if something went wrong, or you accidentally erased something, then you can always reinstall this script again.
If you find any errors in the code and in its work, or maybe you have new ideas or if you think that this script needs to be improved, then be sure to write to me here about it, and we are together think about what we can do.