https://wiki.anope.org/index.php?action=history&feed=atom&title=2.0%2FModules%2Fm_proxyscan2.0/Modules/m proxyscan - Revision history2026-05-29T18:39:30ZRevision history for this page on the wikiMediaWiki 1.23.4//wiki.anope.org/index.php?title=2.0/Modules/m_proxyscan&diff=879&oldid=prevAzander: Created page with "{{Language|2.0/Modules/m_proxyscan}} {{Header|m_proxyscan|Extra_Modules|Anope}} == <div class="moduleheader">Description</div> == This module allows you to scan connecting c..."2014-05-12T21:39:46Z<p>Created page with "{{Language|2.0/Modules/m_proxyscan}} {{Header|m_proxyscan|Extra_Modules|Anope}} == <div class="moduleheader">Description</div> == This module allows you to scan connecting c..."</p>
<p><b>New page</b></p><div>{{Language|2.0/Modules/m_proxyscan}}<br />
{{Header|m_proxyscan|Extra_Modules|Anope}}<br />
<br />
<br />
== <div class="moduleheader">Description</div> ==<br />
This module allows you to scan connecting clients for open proxies.<br />
<br />
:Currently the two supported proxy types are '''HTTP''' and '''SOCKS5'''.<br />
<br />
:;name= :Module name.<br />
:;target_ip= :The target IP services tells the proxy to connect back to.<br />
:;target_port= :The port services tells the proxy to connect to.<br />
:;listen_ip= :The listen IP services listen on for incoming connections from suspected proxies.<br />
:;listen_port= :The port services should listen on for incoming connections from suspected proxies.<br />
:;connect_notice= :An optional notice sent to clients upon connect.<br />
:;connect_source= :Who the notice should be sent from.<br />
:;add_to_akill= :If set, OperServ will add infected clients to the akill list. Without it, OperServ simply sends a timed G/K-line to the IRCd and forgets about it. <br />
:;timeout= :How long before connections should be timed out.<br />
:;proxyscan {...} :<br />
::;type= :The type of proxy to check for. A comma separated list is allowed.<br />
::;port= :The ports to check.<br />
::;reason= :The reason to ban the user for.<br />
<br />
*'''NOTE''': Using this will allow users to get the IP of your services machine.<br />
<br />
== <div class="moduleheader">Default Configuration</div> ==<br />
<br />
<div class="code"><br />
<syntaxhighlight lang="cpp"><br />
/*<br />
* m_proxyscan<br />
*<br />
* This module allows you to scan connecting clients for open proxies.<br />
* Note that using this will allow users to get the IP of your services.<br />
*<br />
* Currently the two supported proxy types are HTTP and SOCKS5.<br />
*<br />
* The proxy scanner works by attempting to connect to clients when they<br />
* connect to the network, and if they have a proxy running instruct it to connect<br />
* back to services. If services are able to connect through the proxy to itself<br />
* then it knows it is an insecure proxy, and will ban it.<br />
*/<br />
#module<br />
{<br />
name = "m_proxyscan"<br />
<br />
/*<br />
* The target IP services tells the proxy to connect back to. This must be a publicly<br />
* available IP that remote proxies can connect to.<br />
*/<br />
#target_ip = "127.0.0.1"<br />
<br />
/*<br />
* The port services tells the proxy to connect to.<br />
*/<br />
target_port = 7226<br />
<br />
/*<br />
* The listen IP services listen on for incoming connections from suspected proxies.<br />
* This probably will be the same as target_ip, but may not be if you are behind a firewall (NAT).<br />
*/<br />
#listen_ip = "127.0.0.1"<br />
<br />
/*<br />
* The port services should listen on for incoming connections from suspected proxies.<br />
* This most likely will be the same as target_port.<br />
*/<br />
listen_port = 7226<br />
<br />
/*<br />
* An optional notice sent to clients upon connect.<br />
*/<br />
#connect_notice = "We will now scan your host for insecure proxies. If you do not consent to this scan please disconnect immediately."<br />
<br />
/*<br />
* Who the notice should be sent from.<br />
*/<br />
#connect_source = "OperServ"<br />
<br />
/*<br />
* If set, OperServ will add infected clients to the akill list. Without it, OperServ simply sends<br />
* a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being filled up by bots.<br />
*/<br />
add_to_akill = yes<br />
<br />
/*<br />
* How long before connections should be timed out.<br />
*/<br />
timeout = 5<br />
<br />
proxyscan<br />
{<br />
/* The type of proxy to check for. A comma separated list is allowed. */<br />
type = "HTTP"<br />
<br />
/* The ports to check. */<br />
port = "80,8080"<br />
<br />
/* How long to set the ban for. */<br />
time = 4h<br />
<br />
/*<br />
* The reason to ban the user for.<br />
* %h is replaced with the type of proxy found.<br />
* %i is replaced with the IP of proxy found.<br />
* %p is replaced with the port.<br />
*/<br />
reason = "You have an open proxy running on your host (%t:%i:%p)"<br />
}<br />
}<br />
</syntaxhighlight></div></div>Azander