This site is deprecated; docs have moved to!

Historical:1.1/Making BOPM work with InspIRCd

From the makers of InspIRCd.
Revision as of 15:49, 17 September 2006 by Special (Talk | contribs)

Jump to: navigation, search

This tutorial will instruct you upon how to get BOPM up and running on your inspircd servers.

Firstly and most importantly you need version A12 (Alpha-12) or above. This version is available from our website, here. This is because BOPM requires the IP address of connecting clients (rather than just the hostname) to be in the connection notice, and the Alpha 12 version adds this feature.

Secondly, you must obtain bopm from the BOPM website.

Once you have the bopm tarball on your shell, untar it:

tar fpxvz bopm-3.1.2.tar.gz
cd bopm-3.1.2

..and configure/make it:

make install

This usually installs BOPM to your home directory under a 'bopm' directory, e.g. ~/bopm. Change to this directory and then to the 'etc' directory within it, where your config files for BOPM are stored:

cd ~/bopm/etc

Now open up your config file (bopm.conf) in your favourite editor. The following lines given below are ones which work with inspircd. You must find the existing lines in the config, remove them, and replace them with these versions of the lines.

mode = "+s";
connregex = "\\*\\*\\* Client connecting on port [0-9]+: ([^ ]+)!([^@]+)@([^\\)]+) \\[([0-9\\.]+)\\].*";
kline = "GLINE *@%h 1d :Open Proxy found on your host. Please visit for more information.";
target_string = " NOTICE Auth :Looking up your hostname...";

There now follows a quick description of these config settings, for those who are new to BOPM or to inspircd or both. The first config setting, mode=, sets the mode which the bopm client will set on itself when it connects. Because inspircd sends out connection notice to all opers with +s (servernotices) it only requires +s.

The second setting, connregex, is arguably the most important and most difficult setting to understand. This defines a pattern of characters which must be matched so that bopm may perform a scan. This pattern matches inspircd connect notices (and currently to date no other connect notices known to man!). I repeat now the time is right that you must have alpha 12 or this connregex line will not work!.

The kline= line indicates how bopm will ban an open proxy host. You can use KLINE here if you want to set local bans, GLINE saves your network resources by making a network-wide ban. This ban is one day long, you may also change the '1d' to whatever you wish.

The final line is used by bopm to determine wether it has found an open proxy or not. Please note that you should change the server address in these config files to match the server bopm is connecting to. If you do not, BOPM will never find any new proxies and will only detect those which are already in its blacklist!

One final note, you must prepare an <oper> tag for your bopm. After defining an oper username and password in your bopm config file you may wish to add a group of config tags to your inspircd Configuration file which look like the following:

<class name="BanOnly" commands="GLINE">
<type name="BOPM" classes="BanOnly">
<oper name="bopm" password="bopmpass" host="*@localhost" type="BOPM">

The reasoning for this is as follows: The bopm bot with these privilages may only see connect/exit notices and GLINE people. This is the most secure possible config for your BOPM. Remember to set the hostname if neccessary and if you are using KLINE use this in your BanOnly class instead of GLINE.