UnrealIRCd Forums

hi all

i tried to use /spamfilter to get rid of a botnet (rxbots)

so i tried to use several filter-strings from the output the bots produce like

[SCAN]: Random Port Scan started on x.x.x.x:xxx with a delay of 2 seconds for 0 minutes using 100 threads.

i used the

[SCAN]: Random Port Scan started on

string to filter and akill them, but the spamfilter didnt do anything... i tried this with several other strings from the bots replys (also adding some * in the end and whatnot) but it just sat there and didnt do sh*t

so my last random guess is that it has some probs with the [ ]´s the sentence contains, but i dont know how to do this the right way and failing could end up in a mess..

so i´d appreciate any help

thx in advance

You really should learn Regexp...
There are hundreds of tutorials out there...


Try something like

thanks for your help and the quick reply...

i made 2 entrys, following your suggestion

F cpnN shun 0 1419 86400 Possible_Botnet_-_Not_Allowed_here Andrew!~[email protected] ^\ [SCAN\ ]: Random Port Scan started on .*
F cpnN shun 0 1436 86400 Possible_Botnet_-_Not_Allowed_here Andrew!~[email protected] ^\ [SCAN\ ]: Already .*

but it still doesnt work... also i tried to set other actions as kill, gline and so on.. i yet have to see some message in the snotice window (yes, i got the appropiate userflags set..)

for learning regexp´s... i know i should do it, but right now i just dont have the time to do it, but i surely will when i got some spare time.

regards

Do NOT put a space between the \ and the [ or ].

thx, works like a charm now

keep it up =)

regards