listrestrict.md 2.6 KB

listrestrict

Allows you to impose certain restrictions on /LIST usage, such as requiring clients to have been online for a certain period of time. Simply load the module and add a new block to your unrealircd.conf, for which see bel0w. Opers, servers and U-Lines are exempt for obvious reasons. ;]

Even though Unreal now has a set::restrict-commands block you can use to delay /LIST usage, it doesn't provide the honeypot functionality, so I've kept this module as-is. listrestrict adds overrides with a higher priority though, so even if you configure both then listrestrict will run first.

Config block:

listrestrict {
    connect-delay 60; // How long a client must have been online for
    need-auth 1; // Besides above, also require authentication w/ services
    auth-is-enough 1; // Don't even check connect-delay if user is identified OR exempt from having to authenticate entirely
    fake-channels 1; // Send a fake channel list if connect-delay and need-auth checks fail
    ban-time 7d; // For channels with an *-Line action (accepted but ignored for non-Lines), use 0 for permanent bans (defaults to 1 day)

    fake-channel {
        // Only the name is required
        name "#honeypot";
        //topic "ayy lmao"; // Defaults to "DO NOT JOIN"
        //users 50; // Defaults to 2 users, must be >= 1
        ban-action gline; // G-Line won't kick in if connect-delay and need-auth checks are satisfied, or if the user has a 'fake-channels' exception
    };

    fake-channel {
        name "#fakelol";
        topic "top kek";
        users 10;
        ban-action kill;
    };

    exceptions {
        all "user@*";
        connect "someone@some.isp"; // Only require auth
        auth "*@123.123.123.*"; // Only require connect-delay
        fake-channels "ayy@lmao"; // Don't send a fake channel list, just prevent sending of the legit one

        // You can also specify multiple types for the same mask
        // This user would only need to wait <connect-delay> seconds and won't get a fake channel list at all
        auth "need@moar";
        fake-channels "need@moar";
    };
};

Omitting a directive entirely will make it default to off unless otherwise mentioned above. If connect-delay is specified, the minimum required value is 10 as anything below seems pretty damn useless to me. =] The exceptions block should be pretty self explanatory. ;]

For the ban-action, refer to Unreal's wiki for a list of possible actions. ;] Keep in mind that all soft-* actions cannot be used, you must use auth-is-enough instead. You also can not use block and warn because those are pretty useless here. ;];;];]