From 2f31a8800bf3e46941fc62bf2fecadd963f2e9db Mon Sep 17 00:00:00 2001 From: Bram Matthys Date: Sat, 28 May 2022 08:05:55 +0200 Subject: [PATCH] Add missing blacklist { } blocks to example.fr.conf copy-paste from the English one, pending translation by... someone. [skip ci] --- doc/conf/examples/example.fr.conf | 45 +++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/doc/conf/examples/example.fr.conf b/doc/conf/examples/example.fr.conf index 0f2197a0f..ae28b99e2 100644 --- a/doc/conf/examples/example.fr.conf +++ b/doc/conf/examples/example.fr.conf @@ -381,6 +381,51 @@ vhost { password "test"; } +/* Blacklist blocks will query an external DNS Blacklist service + * whenever a user connects, to see if the IP address is known + * to cause drone attacks, is a known hacked machine, etc. + * Documentation: https://www.unrealircd.org/docs/Blacklist_block + * Or just have a look at the blocks below. + */ + +/* DroneBL, probably the most popular blacklist used by IRC Servers. + * See https://dronebl.org/ for their documentation and the + * meaning of the reply types. At time of writing we use types: + * 3: IRC Drone, 5: Bottler, 6: Unknown spambot or drone, + * 7: DDoS Drone, 8: SOCKS Proxy, 9: HTTP Proxy, 10: ProxyChain, + * 11: Web Page Proxy, 12: Open DNS Resolver, 13: Brute force attackers, + * 14: Open Wingate Proxy, 15: Compromised router / gateway, + * 16: Autorooting worms. + */ +blacklist dronebl { + dns { + name dnsbl.dronebl.org; + type record; + reply { 3; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14; 15; 16; } + } + action gline; + ban-time 24h; + reason "Proxy/Drone detected. Check https://dronebl.org/lookup?ip=$ip for details."; +} + +/* EFnetRBL, see https://rbl.efnetrbl.org/ for documentation + * and the meaning of the reply types. + * At time of writing: 1 is open proxy, 4 is TOR, 5 is drones/flooding. + * + * NOTE: If you want to permit TOR proxies on your server, then + * you need to remove the '4;' below in the reply section. + */ +blacklist efnetrbl { + dns { + name rbl.efnetrbl.org; + type record; + reply { 1; 4; 5; } + } + action gline; + ban-time 24h; + reason "Proxy/Drone/TOR detected. Check https://rbl.efnetrbl.org/?i=$ip for details."; +} + /* Vous pouvez inclure d'autres fichiers de configuration */ /* include "klines.conf"; */