InspIRCd v2 is coming to the end of its lifetime!
Fixes for security vulnerabilities will be provided until 2020-06-01 but after this date v2 will no longer be maintained.
InspIRCd v3 contains many new features including full support for all currently ratified IRCv3 extensions and WebSocket connections.
The "dnsbl" Module
This module allows the server administrator to check the IP address of connecting users against a DNSBL. This is useful for preventing malicious hosts from connecting to the server.
To load this module use the following
This module extends the core
<connect> tags with the following fields:
|usednsbl||Boolean||Yes||Whether users in this connect class should be looked up in a DNSBL.|
Disables DNSBL lookups for users in the WebChat class:
<connect name="WebChat" ... usednsbl="no">
<dnsbl> tag defines a DNSBL to check connecting users against. This tag can be defined as many times as required.
|action||Text||None||Required! The action to take against users who's IP address is in this DNSBL.|
|bitmask||Number||None||Required for the bitmask type! A bitmask of DNSBL result types to match against.|
|domain||Text||None||Required! The domain name of this DNSBL.|
|duration||Duration||1m||If action is set to GLINE, KLINE, or ZLINE then the duration for an X-line to last for.|
|host||Text||None||If action is set to MARK then a new hostname to set on users who's IP address is in this DNSBL.|
|ident||Text||None||If action is set to MARK then a new username (ident) to set on users who's IP address is in this DNSBL.|
|name||Text||None||Required! The human readable name of this DNSBL.|
|reason||Text||Your IP has been blacklisted.||The message to send to users who's IP address is in a DNSBL. The template variable %ip% will be replaced with the IP address of the user.|
|records||No. Range||None||Required for the record type! A numeric range of DNSBL result types to match against.|
|type||Text||record||The type of result that this DNSBL will provide.|
The action field should be set to one of the following values:
|GLINE||G-line users who's IP address is in the DNSBL.|
|KILL||Kill users who's IP address is in the DNSBL.|
|KLINE||K-line users who's IP address is in the DNSBL.|
|MARK||Marks users who's IP address is in the DNSBL.|
|ZLINE||Z-line users who's IP address is in the DNSBL.|
The type field should be set to one of the following values:
|bitmask||DNSBL results will be compared against the bit mask specified in the bitmask field to see if the IP address in question is in a DNSBL. For example,
|record||DNSBL results will be compared against a numeric range of values. For example,
DroneBL is a DNSBL for IRC networks:
<dnsbl name="DroneBL" domain="dnsbl.dronebl.org" type="record" records="3,5,6,7,8,9,10,11,13,14,15,16,17,19" action="ZLINE" duration="7d" reason="You are listed in DroneBL. Please visit https://dronebl.org/lookup.do?ip=%ip% for more information.">
<dnsbl name="EFnet RBL" domain="rbl.efnetrbl.org" type="record" records="1,2,3,4,5" action="ZLINE" duration="7d" reason="You are listed in the EFnet RBL. Please visit https://rbl.efnetrbl.org/?i=%ip% for more information.">
<dnsbl name="torexit.dan.me.uk" domain="torexit.dan.me.uk" type="record" records="100" action="ZLINE" duration="7d" reason="Tor exit nodes are not allowed on this network. See https://metrics.torproject.org/rs.html#search/%ip% for more information.">
|d||Lists information about DNSBL hits and misses.|