configure.in, configure:

[irc/blitzed-org/bopm.git] / README

Introduction
------------

BOPM (Blitzed Open Proxy Monitor) is an open proxy monitoring bot designed for
Bahamut and Hybrid based ircds.  The bot is designed to monitor an individual 
server (all servers on the network have to run their own bot) with a local o: 
line and monitor connections.  When a client connects to the server, BOPM will 
scan the connection for insecure proxies.  Insecure proxies are determined by 
attempting to connect the proxy back to another host (usually the IRC server in 
question).

BOPM is written ground-up in C language, concept derived from wgmon.  It
improves on wgmon with HTTP support, faster scanning (it can scan clients
simultaneously), better layout (scalability), and dnsbl support.


Compatibility
-------------

Bahamut (tested with 1.4.28)
Hybrid (tested with 2.8/hybrid-5.3p8)
Unreal (tested with 3.1.2 and 3.2)
Xnet (tested with 6.1.3)
TR-IRCD
IRCu


BOPM is designed for the Bahamut and Hybrid IRCds.   It would be easily
portable to any other ircd with little modification (to the +c notice code).
However, if an ircd does not send IP's in a connection notice (bahamut sends
[IP]), BOPM will not be effective because the time it takes to resolve a
hostname would be a significant factor to BOPM's efficiency.

If you want to use BOPM but you don't think your ircd supports it then please
contact us.  As long as source is available for your ircd then we can almost
certainly make BOPM work with it.  We have already done this for Unreal,
TR-IRCD and Xnet ircds.

Any questions regarding compatibility should be sent to the developers. If
feasible we might be able to add compatibility to multiple ircd types to the
project in the future.


Command Line Options
--------------------

-c <name>	Config name.  By default BOPM reads bopm.conf, "-c foo"
		will cause BOPM to read foo.conf.  The primary use for
		this is to run multiple BOPMs from one directory.

-d		Debug mode.  BOPM will not fork, and will write logs to stderr.
		Multiple -d increase debug level.

-v <directory>	"var directory".  By default BOPM looks for its config file
		in and writes its log to the current directory.  This
		option allows you to specify an alternative directory.


Operator Channel Commands
-------------------------

botnick <check> <host>  -- Manually scan host for insecure proxies and output all errors.
botnick stats           -- Output scan stats, uptime and client connection count.


Rehashing the Configuration File
--------------------------------

Everytime BOPM reconnects to the IRC server it rereads its configuration file.
It is then possible to rehash the bot by /kill'ing it.


Support
-------

BOPM now has a mailing list for general discussion and announcements.  CVS
commit emails are also sent there and that is also the place to mail your
patches (unless they are massive, in which case just post a URL).  You can
subscribe to this list from:

  http://lists.blitzed.org/listinfo/bopm

If you need help in closer to realtime, you can find us in #blitzed on
irc.blitzed.org.


Compatibility Notes
-------------------

o Unreal Ircd

  For Unreal to work,  patches to fix the HCN connect notices (found at
  http://www.blitzed.org/files/) must be applied.
  ./configure --with-unreal should then be used to configure BOPM.

  Unreal 3.1.3 seems to require opers to be global if they are to see
  connection notices.
    -- prince@avalon.zirc.org

o IRCu

  IRCu does not present a banner to clients when they connect, so
  TARGET_STRING, SCANIP and SCANPORT must use some other service besides
  ircd.  For those with root access to their servers, the following inetd.conf
  example is an easy fix for this:

  # BOPM proxy check string
  16667 stream  tcp nowait nobody /bin/echo echo Open Proxy Check

  TARGET_STRING can then be set to "Open Proxy Check", and SCANIP/SCANPORT
  set to your IP and port 16667.

  If you don't want to do the above, you could use any other service on
  your machine that presents a banner.  We would recommend against using
  port 25 because it is common for providers to transparently proxy port
  25.

  Also, to see connect notices, your bopm should set itself umode "+s +16384".
  There is a config file item for setting umodes.


Credits
-------

   Erik Fears <strtok@blitzed.org>
         - Main Developer.

   Andy Smith <grifferz@blitzed.org>
         - Oper commands interface
         - Interface to DNSbl
         - Makefile trickery
         - Debugging
         - Evil bopchecker hack
         - Autoconfiscation (kekeke)
         - Solaris port (with thanks to Nathan Nieblas for resources)
         - Poking people with sticks until they did things
 
   David Leadbeater <dg@blitzed.org> 
         - Developed perl script (see proxy-tools in Blitzed CVS repository) to
           test BOPM's support for scanning many clients at once

   Sotiris Tsimbonis <stsimb@irc.gr>
         - Added -c command line argument
         - Idea to make bopm set umode -h on oper
         - Mutliple DNSBL_TO idea

   Rob Levin <levin@openprojects.net>
         - PASSWORD config option
         - TYPE_LIST initial implementation
         - EXCLUDE config option

   Ben AKA locksmith <mmcgarve@insight.rr.com> (irc.lockchat.net)
         - Debugging assistance

   John Payne <jpayne@blitzed.org>
         - Ideas for more robust HTTP handling

   Jakub Jankowski <shasta@blitzed.org>
         - Some code tidying patches

   The Hybrid Team
         - String matching (match.[ch])

   Emre ERTUGAY <collide@tr.net>
         - TR-IRCD testing help

   Alex Wu <wu@wunix.org>
         - IRCu testing

   Harald Skoglund <harald@hekta.stud.iet.hist.no>
         - Option to configure directory for logfile, config, etc.