search

atheme / atheme-contrib-modules

Community-supported modules for Atheme
https://atheme.github.io/
Other
33 stars 37 forks source link

broader kill line with custom timeout #37

Closed anarcat closed 6 years ago

anarcat commented 6 years ago

The os_klinechan.c module is quite handy to deal with bad users, but it is a little specific in the way it works. It bans the full user@host hostmask and does so for a single day. For prolonged botnet attacks, this is not very practical.

This patch broadens the banned hostmask to cover all users on the attacker's IP address, so that rotating the username is not sufficient to bypass the ban. This means more possible collateral damage, but I think it's a good tradeoff considering we use this module to deal with botnet attacks, for which we ban whole networks anyways.

Also, the timeout was hardcoded to one day. That seems awfully short when dealing with prolonged attacks. Instead of hardcoding another value, let's reuse the value from SET KLINETIME so that opers can actually customize that setting.

aaronmdjones commented 6 years ago

I will tidy this up at some point in the near future but this is good enough for now.