UnrealIRCd Forums

Hello,

As the owner of a server, why can't I use bans which are as broad as I want ? I keep getting this error "*** [error] Too broad mask". What if I want to gzline ALL countries except ONE. This happens specially when I try to ban a whole ISP.

Any solutions or idéas how to do such things ?

Thank you in advance for help

Adjusting your allow-block to fit your needs might help?

Could you be more specific ? I'm not sure if I undrestand what you mean. Thank you.

try doing your gzline in the .conf.

tdw wrote:try doing your gzline in the .conf.

It wouldn't be a GZline if done in the conf because bans set in the conf file are local ONLY.

Also if you only want to allow certain countries to access your server (which i find odd) then have a look at the hostname parameter of your allow blocks in your conf.

For example this allow block allows all clients with hostmasks ending .uk (users from the UK) and then have no other allow blocks and only users who match that are allowed to connect: Please bear in mind there are cases of a user coming from a country but their ISP not using country specific TLD's in it's hostnames. For example: AOL use .com no matter what country the user is from. A UK user of AOL would not be able to get in if your allow blocks match only *.uk Also you cannot restrict by IP subnets to a specific country because IP subnets although are relatively near to country assignments there is no specific ranges for each country.

And on a final note:

siyavash wrote:As the owner of a server, why can't I use bans which are as broad as I want ?

the reason for this is to stop anyone who gains your trust and then power banning EVERYBODY from your server using a mask of *@* or *@*.com etc...

Thank you for great answer. But I still think I should be allowed to ban as broad as I want or atleast an option to set in the configuration to be able to allow the admins who want to use broad bans to use it. If it's "MY" IRCd, I should be able to decide how to ban, not the creators of the IRCd. Anyway, I'll probably post a suggestion to the coders.

A question... about the allow block you showed, it locks up everyone but those in allow list so I guess a block section would work like that but block the ones in that section except others, right ? That way I could disallow certain proxies or ISPs which isn't possible with gzline I guess. Am I correct about this ?

One other question while I'm at it, do you know anyway to prevent people without "hostnames" to connect to the server ? ( I created another thread about this though ). I know I could do it with a script or something, but was just wondering if it was possible on the server level. Would probably work much better that way.

Thanks again!

Thank you for great answer. But I still think I should be allowed to ban as broad as I want or atleast an option to set in the configuration to be able to allow the admins who want to use broad bans to use it. If it's "MY" IRCd, I should be able to decide how to ban, not the creators of the IRCd.

This is protection, and it exists on ALL major ircds.

If you want to bypass it, use services AKILL's.

In fact, UnrealIRCd is designed to be used together with services, so if you don't have services installed yet it probably is a good idea to do so now.

yes, agreed with syzop.
if you are new to Unrealircd and they didnt have such protection a experenced ircop could really make it impossible for you to reconnect to ur servers.

or even, you could set a ban so broad it wiped out even urself do u know how to over come it while being unable to connect to your server?

^ this is a major problem and was in the past for ircds and peoples lack of understanding of how to over come the bans makes it 100times worse, as a result broadbans r just made forbidden by ircds.

White_Magic wrote:...
if you are new to Unrealircd and they didnt have such protection a experenced ircop could really make it impossible for you to reconnect to ur servers...

Yes, that's my point. Make is an option, not ON by default