2.0/Modules/m proxyscan
From AnopeWiki
| Language | |
|---|---|
|
English |
|
Description
This module allows you to scan connecting clients for open proxies.
- Currently the two supported proxy types are HTTP and SOCKS5.
- name=
- Module name.
- target_ip=
- The target IP services tells the proxy to connect back to.
- target_port=
- The port services tells the proxy to connect to.
- listen_ip=
- The listen IP services listen on for incoming connections from suspected proxies.
- listen_port=
- The port services should listen on for incoming connections from suspected proxies.
- connect_notice=
- An optional notice sent to clients upon connect.
- connect_source=
- Who the notice should be sent from.
- add_to_akill=
- If set, OperServ will add infected clients to the akill list. Without it, OperServ simply sends a timed G/K-line to the IRCd and forgets about it.
- timeout=
- How long before connections should be timed out.
- proxyscan {...}
-
- type=
- The type of proxy to check for. A comma separated list is allowed.
- port=
- The ports to check.
- reason=
- The reason to ban the user for.
- NOTE: Using this will allow users to get the IP of your services machine.
Default Configuration
/* * m_proxyscan * * This module allows you to scan connecting clients for open proxies. * Note that using this will allow users to get the IP of your services. * * Currently the two supported proxy types are HTTP and SOCKS5. * * The proxy scanner works by attempting to connect to clients when they * connect to the network, and if they have a proxy running instruct it to connect * back to services. If services are able to connect through the proxy to itself * then it knows it is an insecure proxy, and will ban it. */ #module { name = "m_proxyscan" /* * The target IP services tells the proxy to connect back to. This must be a publicly * available IP that remote proxies can connect to. */ #target_ip = "127.0.0.1" /* * The port services tells the proxy to connect to. */ target_port = 7226 /* * The listen IP services listen on for incoming connections from suspected proxies. * This probably will be the same as target_ip, but may not be if you are behind a firewall (NAT). */ #listen_ip = "127.0.0.1" /* * The port services should listen on for incoming connections from suspected proxies. * This most likely will be the same as target_port. */ listen_port = 7226 /* * An optional notice sent to clients upon connect. */ #connect_notice = "We will now scan your host for insecure proxies. If you do not consent to this scan please disconnect immediately." /* * Who the notice should be sent from. */ #connect_source = "OperServ" /* * If set, OperServ will add infected clients to the akill list. Without it, OperServ simply sends * a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being filled up by bots. */ add_to_akill = yes /* * How long before connections should be timed out. */ timeout = 5 proxyscan { /* The type of proxy to check for. A comma separated list is allowed. */ type = "HTTP" /* The ports to check. */ port = "80,8080" /* How long to set the ban for. */ time = 4h /* * The reason to ban the user for. * %h is replaced with the type of proxy found. * %i is replaced with the IP of proxy found. * %p is replaced with the port. */ reason = "You have an open proxy running on your host (%t:%i:%p)" } }
