]>
Commit | Line | Data |
---|---|---|
636f71aa | 1 | Introduction |
8d6d828f | 2 | ------------ |
da280b05 | 3 | |
8d6d828f | 4 | BOPM (Blitzed Open Proxy Monitor) is an open proxy monitoring bot designed for |
6179c1d0 | 5 | Bahamut and Hybrid based ircds. The bot is designed to monitor an individual |
6 | server (all servers on the network have to run their own bot) with a local o: | |
7 | line and monitor connections. When a client connects to the server, BOPM will | |
8 | scan the connection for insecure proxies. Insecure proxies are determined by | |
9 | attempting to connect the proxy back to another host (usually the IRC server in | |
10 | question). | |
636f71aa | 11 | |
8d6d828f | 12 | BOPM is written ground-up in C language, concept derived from wgmon. It |
13 | improves on wgmon with HTTP support, faster scanning (it can scan clients | |
14 | simultaneously), better layout (scalability), and dnsbl support. | |
636f71aa | 15 | |
de312cae | 16 | |
bffce942 | 17 | Compatibility |
18 | ------------- | |
19 | ||
9ece2553 | 20 | Bahamut (tested with 1.4.28) |
21 | Hybrid (tested with 2.8/hybrid-5.3p8) | |
042c08ca | 22 | Unreal (tested with 3.1.2 and 3.2) |
9ece2553 | 23 | Xnet (tested with 6.1.3) |
b3c7377c | 24 | TR-IRCD |
25 | IRCu | |
9ece2553 | 26 | |
27 | ||
faabbd43 | 28 | BOPM is designed for the Bahamut and Hybrid IRCds. It would be easily |
29 | portable to any other ircd with little modification (to the +c notice code). | |
30 | However, if an ircd does not send IP's in a connection notice (bahamut sends | |
31 | [IP]), BOPM will not be effective because the time it takes to resolve a | |
32 | hostname would be a significant factor to BOPM's efficiency. | |
33 | ||
34 | If you want to use BOPM but you don't think your ircd supports it then please | |
35 | contact us. As long as source is available for your ircd then we can almost | |
b3c7377c | 36 | certainly make BOPM work with it. We have already done this for Unreal, |
37 | TR-IRCD and Xnet ircds. | |
bffce942 | 38 | |
39 | Any questions regarding compatibility should be sent to the developers. If | |
faabbd43 | 40 | feasible we might be able to add compatibility to multiple ircd types to the |
41 | project in the future. | |
bffce942 | 42 | |
636f71aa | 43 | |
de312cae | 44 | Command Line Options |
45 | -------------------- | |
46 | ||
47 | -c <name> Config name. By default BOPM reads bopm.conf, "-c foo" | |
48 | will cause BOPM to read foo.conf. The primary use for | |
49 | this is to run multiple BOPMs from one directory. | |
50 | ||
51 | -d Debug mode. BOPM will not fork, and will write logs to stderr. | |
52 | Multiple -d increase debug level. | |
53 | ||
54 | -v <directory> "var directory". By default BOPM looks for its config file | |
55 | in and writes its log to the current directory. This | |
56 | option allows you to specify an alternative directory. | |
57 | ||
58 | ||
636f71aa | 59 | Operator Channel Commands |
60 | ------------------------- | |
61 | ||
62 | botnick <check> <host> -- Manually scan host for insecure proxies and output all errors. | |
63 | botnick stats -- Output scan stats, uptime and client connection count. | |
04302427 | 64 | |
65 | ||
ba8b0b94 | 66 | Rehashing the Configuration File |
67 | -------------------------------- | |
68 | ||
faabbd43 | 69 | Everytime BOPM reconnects to the IRC server it rereads its configuration file. |
70 | It is then possible to rehash the bot by /kill'ing it. | |
71 | ||
72 | ||
73 | Support | |
74 | ------- | |
75 | ||
76 | BOPM now has a mailing list for general discussion and announcements. CVS | |
77 | commit emails are also sent there and that is also the place to mail your | |
78 | patches (unless they are massive, in which case just post a URL). You can | |
79 | subscribe to this list from: | |
80 | ||
8ce2a9f3 | 81 | http://lists.blitzed.org/listinfo/bopm |
faabbd43 | 82 | |
83 | If you need help in closer to realtime, you can find us in #blitzed on | |
84 | irc.blitzed.org. | |
ba8b0b94 | 85 | |
de312cae | 86 | |
b3c7377c | 87 | Compatibility Notes |
88 | ------------------- | |
89 | ||
90 | o Unreal Ircd | |
91 | ||
92 | For Unreal to work, patches to fix the HCN connect notices (found at | |
93 | http://www.blitzed.org/files/) must be applied. | |
94 | ./configure --with-unreal should then be used to configure BOPM. | |
95 | ||
a1ac6931 | 96 | Unreal 3.1.3 seems to require opers to be global if they are to see |
97 | connection notices. | |
98 | -- prince@avalon.zirc.org | |
99 | ||
b3c7377c | 100 | o IRCu |
101 | ||
102 | IRCu does not present a banner to clients when they connect, so | |
103 | TARGET_STRING, SCANIP and SCANPORT must use some other service besides | |
104 | ircd. For those with root access to their servers, the following inetd.conf | |
105 | example is an easy fix for this: | |
106 | ||
107 | # BOPM proxy check string | |
108 | 16667 stream tcp nowait nobody /bin/echo echo Open Proxy Check | |
109 | ||
110 | TARGET_STRING can then be set to "Open Proxy Check", and SCANIP/SCANPORT | |
111 | set to your IP and port 16667. | |
112 | ||
113 | If you don't want to do the above, you could use any other service on | |
114 | your machine that presents a banner. We would recommend against using | |
115 | port 25 because it is common for providers to transparently proxy port | |
116 | 25. | |
ba8b0b94 | 117 | |
30d81550 | 118 | Also, to see connect notices, your bopm should set itself umode "+s +16384". |
119 | There is a config file item for setting umodes. | |
120 | ||
de312cae | 121 | |
04302427 | 122 | Credits |
123 | ------- | |
124 | ||
125 | Erik Fears <strtok@blitzed.org> | |
e63586a7 | 126 | - Main Developer. |
04302427 | 127 | |
8d6d828f | 128 | Andy Smith <grifferz@blitzed.org> |
faabbd43 | 129 | - Oper commands interface |
e63586a7 | 130 | - Interface to DNSbl |
131 | - Makefile trickery | |
e63586a7 | 132 | - Debugging |
133 | - Evil bopchecker hack | |
faabbd43 | 134 | - Autoconfiscation (kekeke) |
6be205c9 | 135 | - Solaris port (with thanks to Nathan Nieblas for resources) |
faabbd43 | 136 | - Poking people with sticks until they did things |
04302427 | 137 | |
138 | David Leadbeater <dg@blitzed.org> | |
c2b7cbd3 | 139 | - Developed perl script (see proxy-tools in Blitzed CVS repository) to |
140 | test BOPM's support for scanning many clients at once | |
bffce942 | 141 | |
e63586a7 | 142 | Sotiris Tsimbonis <stsimb@irc.gr> |
143 | - Added -c command line argument | |
144 | - Idea to make bopm set umode -h on oper | |
a1938d83 | 145 | - Mutliple DNSBL_TO idea |
bffce942 | 146 | |
c2b7cbd3 | 147 | Rob Levin <levin@openprojects.net> |
148 | - PASSWORD config option | |
0c28bd48 | 149 | - TYPE_LIST initial implementation |
150 | - EXCLUDE config option | |
c2b7cbd3 | 151 | |
50be85b2 | 152 | Ben AKA locksmith <mmcgarve@insight.rr.com> (irc.lockchat.net) |
153 | - Debugging assistance | |
154 | ||
80a1446e | 155 | John Payne <jpayne@blitzed.org> |
156 | - Ideas for more robust HTTP handling | |
157 | ||
158 | Jakub Jankowski <shasta@blitzed.org> | |
159 | - Some code tidying patches | |
160 | ||
0c28bd48 | 161 | The Hybrid Team |
7d4bb6cc | 162 | - String matching (match.[ch]) |
2c906c3d | 163 | |
164 | Emre ERTUGAY <collide@tr.net> | |
165 | - TR-IRCD testing help | |
30d81550 | 166 | |
167 | Alex Wu <wu@wunix.org> | |
168 | - IRCu testing | |
de312cae | 169 | |
170 | Harald Skoglund <harald@hekta.stud.iet.hist.no> | |
171 | - Option to configure directory for logfile, config, etc. |