vhost NOT mask!

[Manz]

Hello!

I update my UnrealIRCD 3.2 to 3.2.1 version, and change cloak keys to new mixed format...

But, now... when a user enter to IRC the IP not encripted!

example:


*** JOIN [ Pepe ] -- [ [email protected] ]

but, I want:

*** JOIN [ Pepe ] -- [ [email protected] ]

Because this fail?

Very Thanks... Sorry for my baaaaaaad english!...

[w00t]

Does the user have usermode +x?

[Manz]

Yes...

X mode is active... but somebody can see IP/host....
Cloak.so is perfectly loaded and without problems...

[w00t]

First: Did you set your (NEW NICE LONG RANDOM) cloak key?

Does the person that can see it have snomasks and stuff?

[aquanight]

snomasks don't affect the host in join/part/quit/text messages.

[Manz]

Yes.... I have 3 cloak keys.... of 5-20 length..
I rehash unreal correctly.. and some users have IP encrypted (26262.89151.62472.15151.IP, for example) and others not.... ( 80.47.26.83-telefonica.com )....

Help!

[AngryWolf]

If set::modes-on-connect contains "x", all your users will automatically have +x on connection. However, don't forget that such a setting doesn't mean they aren't allowed to unset that mode.

I think your problem is that set::modes-on-connect is wrongly configured, and the reason that some people yet have +x is, they manually set +x on themselves.

[Manz]

I have x in set::modes-on-connect, and inclusive in restrict also...

When a user connect, ALWAYS have a +x...

I'm a little lost.....

Note: When connect a user, the host is medium-encrypted...

for example:

host: 63-pooles.rima-25-72-95.com
when connect: 92762HG-pooles.rima-25-72-95.com

ONLY encrypt the first number of host...
I correct modified unrealircd.conf and add set::options:dont-resolve... but....

There are some way for encripted host?... Help! thanks!

(With dont-resolve the users have IP ( [email protected] ) and YES work encrypt system +x, but I want encrypt ALL host... can be possible?

[Eros]

i think ur prob is here (may be). did u set::hiddenhost-prefix correctly ? if not then set it

Example:

set {
hiddenhost-prefix "Manz";
};

[Manz]

I have hiddenhost-prefix in "UH" (name of server)

Then....

When a user connect... have this +x host:

Nick ( [email protected] )
----- ----- ---- ----------- ----------------------------
Nick identd hidden encrypted HOST without encrypt
host
prefix

thanks! and help...

[AngryWolf]

To Manz: just to clarify, is your problem that +x doesn't hide all parts of a hostname, or that +x doesn't hide anything at all? I suppose the first, and +x works well. If yes, I don't know what your problem is with the current cloaking method, it wasn't designed to hide everything, and that doesn't lead to a big security issue.

First: Did you set your (NEW NICE LONG RANDOM) cloak key?

If I were you, I wouldn't asked that. If the server owner didn't set the cloak keys well, the ircd wouldn't even run.

did u set::hiddenhost-prefix correctly ?

Another useless question, I think. set::hiddenhost-prefix is required to be set, and the only problem it would cause is if the prefix was set to a very long value.

I correct modified unrealircd.conf and add set::options:dont-resolve... but....

If that's an attempt to totally hide hosts, that's a bad idea. set::options::dont-resolve disables the ability to set hostname based bans.

[SystemMan]

I think he wants what it looks like when an IP doesnt resolve.

[Manz]

Yeah... Very thanks for help... Don't forget that a Spanish user and my english is very very bad... :/

The cloak system ONLY HIDE a little part of host??

I think that cloak system hide ALL host... I know that hide a little part of host don't a big problem, but maybe can customize for hide ALL....

Some exceptics users don't want that her IP can see for others users... though there are 254 possibilities...

then.....


Don't use set::options:dont-resolve, allow::options:useip, and use IP cloak a part of host?

very thanks!!

[AngryWolf]

The cloak system ONLY HIDE a little part of host??

Yes, only the first part of hostnames, and all parts in case of IP addresses.

I think that cloak system hide ALL host... I know that hide a little part of host don't a big problem, but maybe can customize for hide ALL....

That would look ugly, besides, why do you want to hide everything? Cloaking was designed to give users more security, nothing more. It's not that dangerous if people know the ISP and the top level domain, which is sometimes useful. It also eases banning users from channels based on hostnames (*.isp.com, *.country-code, and so on).

Some exceptics users don't want that her IP can see for others users... though there are 254 possibilities...

More than enough to protect them. If 254 possibilities aren't yet enough for you, perhaps ask someone who codes a custom coaking module for you.

Don't use set::options:dont-resolve, allow::options:useip, and use IP cloak a part of host?

I don't understand that question in all details. If you decide to use those directives, I won't stop you. Feel free to use them, I'm only saying it's a bad idea to disable hostnames.

[Manz]

No problem...

I think that encrypt a part of host is the best option... ideal for ban, and more and better domain in mask of users...

Only I want know if the cloak system was good configure...

Very thanks AngryWolf for all help....

Salut!