Page 1 of 2
How to Gline or Kline through services
Posted: Wed Sep 21, 2005 1:20 pm
by ApacheAh64D
Hello all,
I am currently working on a security service for our IRC network.
But I have one problem: I don't know how to let my service Gline or Kline other users.
I tried :Security GLINE *hostmask* already, but it doesn't work. The server tells my service that it doesn't have the permission to do that. Everything else works fine.
Does anyone have an idea how to let my service bot ban hosts?
Thanks in advance,
-Tom
Posted: Wed Sep 21, 2005 1:29 pm
by w00t
Giving it an oline helps.
Posted: Wed Sep 21, 2005 1:38 pm
by ApacheAh64D
Hello,
thanks for the reply. I set up an o:line for the service that has the right flags. It still isn't able to GLINE or KLINE. It always gets the same reply
481 Security

ermission Denied- You do not have the correct IRC operator privileges
I used :Security OPER username password to make it oper up.
Any suggestions?
-Tom
Posted: Wed Sep 21, 2005 2:02 pm
by w00t
What reply from the server did you get?
Also, make sure the oline you are using for it has can_gline (think that's the right flagname?)
Posted: Wed Sep 21, 2005 2:13 pm
by ApacheAh64D
Nevermind, I found out how.
The flags in the u:line must be:
admin;
can_gkline;
can_setq;
Thanks for pointing me to the right direction
-Tom
Posted: Wed Sep 21, 2005 9:36 pm
by Stealth
If the Security Service is connected as a server, you need to use the proper server-to-server TKL commands.
Posted: Wed Sep 21, 2005 9:47 pm
by Moogey
You shouldn't need an O:Line for services; what you DO need for services is a link block + a mentioning of the services' name in the U:Line
link services.mysite.net {
...
};
ulines {
...
services.mysite.net;
...
};
of course without the extra triple dots!

or maybe i just misunderstood you
Posted: Wed Sep 21, 2005 11:01 pm
by ApacheAh64D
Hey,
well, that's what I did...
Code: Select all
ulines {
security.server.org;
};
link security.server.org {
username *;
hostname *;
bind-ip *;
port 6668;
hub *;
password-connect "test2"
password-receive "test";
class servers;
};
-Tom
Posted: Wed Sep 21, 2005 11:04 pm
by Moogey
I *think* you're supposed to put the uline underneath the link line
This *might* matter.
If it does matter then the uline probably has no effect.
Posted: Wed Sep 21, 2005 11:06 pm
by Stealth
It does not matter... And what is it with people who like ignoring my posts?
I said: Use the proper server-to-server TKL command.
I don't know the syntax, but I am sure someone can eventually post that.
Posted: Wed Sep 21, 2005 11:31 pm
by ApacheAh64D
Hello,
sorry stealth, I didn't see your post. My fault.
Now what is a server-to-server TKL command?
-Tom
Posted: Wed Sep 21, 2005 11:58 pm
by Syzop
You are making services, right?
As in: you are connecting as a server, not a regular user.
The format is quite simple, actually.. you probably have seen it already :P. Because when you connect as a server, you get all the *lines via TKL from the server you connected to (if you did not have any glines, just set one, and you'll see).
Although there are no docs, the source is your friend (src/s_kline.c, or in cvs/next3.2.4 in src/modules/m_tkl.c):
Code: Select all
/*
* m_tkl:
* HISTORY:
* This was originall called Timed KLines, but today it's
* used by various *line types eg: zline, gline, gzline, shun,
* but also by spamfilter etc...
* USAGE:
* This routine is used both internally by the ircd (to
* for example add local klines, zlines, etc) and over the
* network (glines, gzlines, spamfilter, etc).
* add: remove: spamfilter: spamfilter+TKLEXT sqline:
* parv[ 1]: + - +/- + +/-
* parv[ 2]: type type type type type
* parv[ 3]: user user target target hold
* parv[ 4]: host host action action host
* parv[ 5]: setby removedby (un)setby setby setby
* parv[ 6]: expire_at expire_at (0) expire_at (0) expire_at
* parv[ 7]: set_at set_at set_at set_at
* parv[ 8]: reason regex tkl duration reason
* parv[ 9]: tkl reason [A]
* parv[10]: regex
*
* [A] tkl reason field must be escaped by caller [eg: use unreal_encodespace()
* if m_tkl is called internally].
*
*/
When we are at it, many commands are local commands and not server command, these commands include GLINE, KLINE, OPER, etc. Many commands do not "check" if the remote server is (incorrectly) requesting the command, and may cause problems ranging from crashes to hard-to-detect memory corruption, so it's not something to just toy around with ;).
As a guideline, the tokens (and thus, commands too) listed in doc/technical/token.txt from
CVS are safe, be careful with the rest :P.
Posted: Thu Sep 22, 2005 12:37 am
by w00t
Of course, if you're connecting as a user, you won't be regarding that

I thought you were meaning a single bot style service, rather than identifying as a service.
Posted: Thu Sep 22, 2005 12:50 am
by Syzop
Could well be, that he is/was unaware that services connect as a server ;).
Posted: Thu Sep 22, 2005 1:04 am
by ApacheAh64D
Hey,
Could well be, that he is/was unaware that services connect as a server

.
Well, No. I said
tried :Security GLINE *hostmask* already, but it doesn't work
You don't send commands through the console like this as a normal user..
Thank you though, that looks very interesting. I'm gonna look into that stuff.
And big thanks for the support,
-Tom