Tip of the day: If you still have users on plaintext port 6667, consider enabling Strict Transport Security to gently move users to SSL/TLS on port 6697.

Ban version block

From UnrealIRCd documentation wiki
Jump to navigation Jump to search

The ban version block allows you to ban a client based on the IRC client software they use. This makes use of the clients CTCP version reply. Therefore if a client does not send out a CTCP version, the ban will not work. This feature is intended to allow you to block malicious scripts.

Syntax

ban version {
	mask <version-mask>;
	reason <reason-for-ban>;
	action [kill|tempshun|shun|kline|zline|gline|gzline];
};

The ban::mask specifies the version which should be banned. The mask may contain wildcards. The ban::reason specifies the reason why this ban is being placed. You can also specify ban::action, kill is the default, tempshun will shun the specific user connection only and would work very effective against zombies/bots at dynamic IPs because it won't affect innocent users. shun/kline/zline/gline/gzline will place a ban of that type on the ip (*@IPADDR), the duration of these bans can be configured with set::ban-version-tkl-time and defaults to 1 day.

Example

ban version {
	mask "*SomeLameScript*";
	reason "SomeLameScript contains backdoors";
};

ban version {
	mask "*w00tZombie*";
	reason "I hate those hundreds of zombies";
	action zline;
};
Retrieved from "https://www.unrealircd.org/docwiki/index.php?title=Ban_version_block&oldid=386"