patrick-irc
commented
4 days ago I am not sure about it.
One on the hand I understand that there is no way to ban users who connect with IP address because # will always match user->sip.
But if we change it, there is no way to use +ebIR on user->sip anymore:
*!*@#.#.#.#To me it sounds more like a case where EXTBAN would make sense, e.g.:
$h*!*@*.*#where $h would stand for hostand only does:
match(tmp->value.alist->host, cptr->user->host)This way we would also not break the standard.
But I am still not sure if it is worth coding this. The last months we had many drone attacks but is there really a need for this special ban on the long run?
Extban references:
As said in the title, please don't match beIR's masks containing "#" (maybe in the host part only) against the IP string internally (second pass of match() function, first is against full host, and second is always against the IP).
To be 100% clear, here's an example:
MODE #channel +b *!*@*.*#Is made in hope that it will keep people with no revdns (like
hostile_jim!~noident@192.168.100.14) from the channel by mask that matches last character of address being a digit. In practice, it's gonna also matchfriendly_sam!user@example.combecause example.com as well has an IPv4 address, which of course ends with a digit.Relevant line (line #385 in ircd/channel.c):
if (match(tmp->value.alist->host, cptr->user->sip) == 0)as suggested by patrick to change to:
if(!strchr(tmp->value.alist->host, '#') && match(tmp->value.alist->host, cptr->user->sip) == 0)