BOPM

Talk about pretty much anything here, but DO NOT USE FOR SUPPORT.

Moderator: Supporters

Post Reply
Xzempt
Posts: 4
Joined: Wed Aug 07, 2013 7:39 pm

BOPM

Post by Xzempt » Thu Sep 12, 2013 3:52 am

Ok, I have roughly 12 servers linked to my network. I want to use bopm to monitor only the 2 that I own. Can someone help me with a POSIX connregex for it?
I tried:
connregex = "\\*\\*\\* Notice -- Client connecting:|irc\\.*my.server.here.* ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
and this regex will only catch things connecting on irc.my.server it does nothing when connecting to the other server. if someone could help me get this to work on both servers and ONLY the 2 that I own that would be great.

Any help is appreciated.

Xzempt
Posts: 4
Joined: Wed Aug 07, 2013 7:39 pm

Re: BOPM

Post by Xzempt » Thu Sep 12, 2013 4:24 am

I tried to edit, but it wouldn't let me. Here is some more information:

I've tried NUMEROUS things to get this to work, for instance
This one will notice the proxy on a local connection, but it doesn't issue a ban ;\ and doesn't recognice the proxy if i connect to irc.my.server
connregex = "\\*\\*\\* Notice -- (Client connecting:|irc\\.my.server.*) ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";

connregex = "\\*\\*\\* Notice -- ([Client connecting:])([irc\\.my.server.*]) ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
connregex = "\\*\\*\\* Notice -- ([Client connecting:]|[irc\\.my.server.*]) ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
#
#
# connregex = "\\*\\*\\* Notice -- Client connecting on port [0-9]:|irc\\.my.server.* ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
# connregex = "\\*\\*\\* Notice -- Client connecting.*:|irc\\.my.server.* ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
# connregex = "\\*\\*\\* Notice -- Client connecting:|irc\\.my.server.* ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
# connregex = "\\*\\*\\* Notice -- Client connecting on port .*:|irc\\.my.server.* ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
# connregex = "\\*\\*\\* Notice -- Client connecting on port [0-9].*:|irc\\.my.server.* ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
# connregex = "\\*\\*\\* Notice -- Client connecting on port [0-9]{1,4}:|irc\\.my.server.* ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";

I really don't know what else to try. Someone please help!

Xzempt
Posts: 4
Joined: Wed Aug 07, 2013 7:39 pm

Re: BOPM

Post by Xzempt » Thu Sep 12, 2013 9:48 am

EDIT:
connregex = "\\*\\*\\* Notice -- Client connecting(:|.* at irc\\.myserver\\.com.*) ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
is now matching on both servers, but it is not banning anything
the debug output is this

[Sep 12 08:04:47 2013] IRC READ -> :chat.myserver.net NOTICE b0 :*** Notice -- Client connecting at irc.myserver.com: Testnick (foreplay@206.251.61.230) [206.251.61.230] {0}
[Sep 12 08:04:47 2013] IRC REGEX -> Regular expression caught connection notice. Parsing.
[Sep 12 08:04:47 2013] IRC REGEX -> Parsed at irc.myserver.com:!Testnick@foreplay [206.251.61.230] from connection notice.
[Sep 12 08:04:47 2013] DNSBL -> Passed '230.61.251.206.rbl.efnet.org' to resolver
[Sep 12 08:04:47 2013] DNSBL -> Passed '230.61.251.206.dnsbl.sorbs.net' to resolver
[Sep 12 08:04:47 2013] DNSBL -> Passed '230.61.251.206.tor.dnsbl.sectoor.de' to resolver
[Sep 12 08:04:47 2013] DNSBL -> Passed '230.61.251.206.cbl.abuseat.org' to resolver
[Sep 12 08:04:47 2013] SCAN -> Passing at irc.myserver.com:!Testnick@foreplay to scanner [default]
[Sep 12 08:04:47 2013] DNSBL -> Lookup result for at irc.myserver.com:!Testnick@foreplay (230.61.251.206.tor.dnsbl.sectoor.de) 0.0.0.0 (error: 3)
[Sep 12 08:04:47 2013] DNSBL -> Lookup result for at irc.myserver.com:!Testnick@foreplay (230.61.251.206.rbl.efnet.org) 127.0.0.1 (error: 0)
[Sep 12 08:04:47 2013] IRC SEND -> GZLINE at irc.myserver.com: 1800 :Listed in rbl.efnet.org. See rbl.efnet.org/?i=206.251.61.230

Xzempt
Posts: 4
Joined: Wed Aug 07, 2013 7:39 pm

Re: BOPM

Post by Xzempt » Thu Sep 12, 2013 12:19 pm

No matter what I do I can only get it to match one or the other. Not both. I've been reading and trying different patterns since my first post here and I'm no closer than I was when I started it seems. :(

Stealth
Head of Support
Posts: 2086
Joined: Tue Jun 15, 2004 8:50 pm
Location: Chino Hills, CA, US
Contact:

Re: BOPM

Post by Stealth » Fri Sep 13, 2013 11:07 pm

Try

Code: Select all

connregex = "\\*\\*\\* Notice -- Client connecting (on port [0-9]+|at irc\\.example\\.com|at irc2\\.example\\.com): ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
Replace the "irc\\.example\\.com" and "irc2\\.example\\.com" with the names of your 2 servers. The BOPM could then connect to either of the 2 servers and detect connections for both the local server and remote server.


Alternatively, just run a BOPM for each server (which might be easier, more efficient, and more reliable).


EDIT: I am not sure if my above regex will work, since BOPM assumes the first "match" (inside the ()) is the nickname you are matching to. The configuration documentation for BOPM says to keep the regex string as simple as possible. If it does not work, there is simply no other way to have the bot match only 2 servers out of a whole network, so you'll either need to have 1 scanner for the whole network or 1 scanner per server.

Post Reply