empus / armour Goto Github PK

Use existing X:Y:N threshold

• optional channel|global parameter

Allow blacklist entries of 'text' type to be added, for blacklisted word strings.

Possibly add wildcard only (much easier); or even regex entries too.

Support cumulative entries-- thereby also supporting a flexible 'repeat' match mechanism.

• add the entry ID in warnings
• allow warning to be sent to ops and reportchan
• allow warning string to be configurable (with variable substitution for nick and ID)

Currently, there are no install instructions for first time users. This must be written to INSTALL.md, potentially with a script for some basic setup.

Comments welcome on where people have struggled with initial setup. It will evolve as I receive feedback

Questions:

• Should greets always be channel specific?
• Should some privileged users be able to set global greetings?
• Should the use of greetings be a channel specific setting, as well as global for the bot?

Prevent further /WHO or /WHOIS and additional scan processing for a given nick if a scan is already underway

• Use namespace to prevent conflicts with external scripts
• Refactor variables and arrays into new structure
• Remove redundant code

Possibly also incorporate:

• log rotation
• log mailer

"Please refer to the separate file 'INSTALL.md' for instructions on initial setup."

Currently, there is no INSTALL.md at all in the rep, only README.md and UPDATING.md

on SSH
sqlite3 armour.db
SQLite version 3.27.2 2019-02-25 16:06:06
Enter ".help" for usage hints.
sqlite> INSERT INTO users (user,xuser,level,pass) VALUES('user1','user1',500,'foo' );
sqlite> .quit

on IRC
[21:17:40] <(s)pop> Rehashing.
[21:17:40] <(s)pop> [21:17:39] Rehashing ... (all went well)
[21:17:44] >pop< login user1 foo
[21:17:44] <(s)pop> [21:17:44] triggering bind userdb:msg:login
[21:17:44] <(s)pop> [21:17:44] userdb:uline:get: userlist get pass where user=user1
[21:17:44] <(s)pop> [21:17:44] userdb:uline:get: userlist get user where user=user1
[21:17:44] <(s)pop> [21:17:44] userdb:msg:login password mismatch for tabb, login failed
[21:17:44] <(s)pop> [21:17:44] triggered bind userdb:msg:login, user 0.342ms sys 3.485ms
[21:17:44] -pop- login failed.

Use singlevalues presence to identify need for table creates and alters. Use a version entry for future.

Handling to react based on lines of text spoken.

Configuration to support below per client:
- Max lines of N per X seconds
- Action to take (warning via /notice to #channel or @#channel; kickban)
- Possible warning before violation is reached (maybe by %)
- Kick reason where appropriate

Configuration to support below per channel:
- Max lines of N per X seconds
- Modes to lockdown channel
- Period to lockdown channel (seconds)

*** Note, per channel settings may be optimistic and trigger annoying false positives.

old : delimiter bugs out on IPv6 clients when doing score maintenance

• Move to sole use of sqlite3 for DBs
• Implement new memory structure for users, blacklists, whitelists
• Remove redundant code

Allow notes to be sent between users (send, read, delete)

eggdrop v1.9.0+serverlen -> Tcl error [arm:pubm:all]: invalid command name "arm:pubm:all"

• new config option to prevent cmdlog to debug chan when command is given in that same chan
• make use of user output conditional on user being logged in

usage: register

• configuration option to allow
• require nick to be authed to X (ie. only for ACCOUNT ircds)

• Allow per channel blacklists & whitelists (incl. global entries)
• Allow per channel access levels

• whitelist/blacklist/dnsbl/portscan notices and kick messages
• utilise replacement variables for string construction

Additional validation mechanism during 'secure mode paranoia'

Identify groups of newly joined clients in a single '/names -d' scan, and process through floodnet checks.

• noident: only match those with ~ in ident
• onlykick: only kick matching blacklisted clients (do not place ban)
• nochans: only match those who are seen in no other channels

ie. ChanServ.

What else needs to be supported?

• Make cmdlog channel specific
• Allow cmdlog to be searched on IRC
• Allow cmdlog to be sent via e-mail report

Introduce configuration and code changes to allow the bot to easily authenticate with services other than Undernet's X service.

This includes supporting mod.cservice (gnuworld) on other networks, and authentication with NickServ.

-X ([email protected])- Sorry, The channel banlist is full (500 bans)

• Clone handling
• Sign-on time

It's completely broken and hasn't been touched in a long time.

Config to support:
- Max of N per IP in channel
- Max of N IPs joining channel within X seconds
- Action to take (alert #channel or @#channel via /notice; kickban)
- Kick message, where appropriate

• Likely doesn't need to be configurable on|off behaviour
• Match !@... and *!~@... masks
• Use cfg(id:unban:time) for recent history time

Tcl's regex engine is not as feature complete as PCRE and therefore does not support the use of backreferences in negative lookaheads. This means very useful regex patterns cannot be used to combat abuse (in blacklists).

This enhancement will create an abstraction layer for 'regexp' when dealing with whitelist and blacklist entries. Config option will determine method of regexp in use by the bot. This approach will utilise a Python script (using 're' for matching); for bot to pipe commands to.

The script will:

• compile all existing patterns, for performance
• allow commands: load; check; add; rem
• support checks against whitelists and blacklists
• support error checking and retries
• be resilient in case malformed regex patterns exist (although this should not occur)
• ideally support Python 2..7 and 3.x

Performance testing should be done against Tcl's built-in regexp command (iterating over many patterns).

Restrict unnecessary WHO and WHOIS messages through client joins to multiple channels, by caching data in memory:

• rname
• xuser
• IP
• signon
• channels -- should have a lifespan