mirror of
https://github.com/anope/anope.git
synced 2026-07-05 00:53:12 +02:00
Added m_proxyscan
This commit is contained in:
@@ -211,6 +211,91 @@ mysql
|
||||
port = 3306
|
||||
}
|
||||
|
||||
/*
|
||||
* m_proxyscan
|
||||
*
|
||||
* This module allows you to scan connecting clients for open proxies.
|
||||
* Note that using this will allow users to get the IP or your services.
|
||||
*
|
||||
* Currently the two supported proxy types are HTTP and SOCKS5.
|
||||
*
|
||||
* The proxy scanner works by attempting to connect to clients when they
|
||||
* connect to the network, and if they have a proxy running instruct it to connect
|
||||
* back to services. If services are able to connect through the proxy to itself
|
||||
* then it knows it is an insecure proxy, and will ban it.
|
||||
*/
|
||||
#module { name = "m_proxyscan" }
|
||||
m_proxyscan
|
||||
{
|
||||
/*
|
||||
* The target IP services tells the proxy to connect back to. This must be a publicly
|
||||
* avaiable IP that remote proxies can connect to.
|
||||
*/
|
||||
#target_ip = "127.0.0.1"
|
||||
|
||||
/*
|
||||
* The port services tells the proxy to connect to.
|
||||
*/
|
||||
target_port = 7226
|
||||
|
||||
/*
|
||||
* The listen IP services listen on for incoming connections from suspected proxies.
|
||||
* This probably will be the same as target_ip, but may not be if you are behind a firewall (NAT).
|
||||
*/
|
||||
#listen_ip = "127.0.0.1"
|
||||
|
||||
/*
|
||||
* The port services should listen on for incoming connections from suspected proxies.
|
||||
* This most likely will be the same as target_port.
|
||||
*/
|
||||
listen_port = 7226
|
||||
|
||||
/*
|
||||
* An optional notice sent to clients upon connect.
|
||||
*/
|
||||
#connect_notice = "We will now scan your host for insecure proxies. If you do not consent to this scan please disconnect immediately"
|
||||
|
||||
/*
|
||||
* Who the notice should be sent from.
|
||||
*/
|
||||
#connect_source = "OperServ"
|
||||
|
||||
/*
|
||||
* If set, OperServ will add infected clients to the akill list. Without it, OperServ simply sends
|
||||
* a timed G/K-line to the IRCd and forgets about it. Can be useful if your akill list is being fill up by bots.
|
||||
*/
|
||||
add_to_akill = yes
|
||||
|
||||
/*
|
||||
* How long before connections should be timed out.
|
||||
*/
|
||||
timeout = 5
|
||||
}
|
||||
|
||||
/*
|
||||
* A proxyscan block (must have m_proxyscan loaded).
|
||||
* You may have multiple proxyscan blocks.
|
||||
*/
|
||||
proxyscan
|
||||
{
|
||||
/* The type of proxy to check for. A comma separated list is allowed */
|
||||
type = "HTTP"
|
||||
|
||||
/* The ports to check */
|
||||
port = "80,8080"
|
||||
|
||||
/* How long to set the ban for */
|
||||
time = 4h
|
||||
|
||||
/*
|
||||
* The reason to ban the user for.
|
||||
* %h is replaced with the type of proxy found.
|
||||
* %i is replaced with the IP of proxy found.
|
||||
* %p is replaced with the port.
|
||||
*/
|
||||
reason = "You have an open proxy running on your host (%t:%i:%p)"
|
||||
}
|
||||
|
||||
/*
|
||||
* m_ssl
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user