Eggheads: suggestion

Ronny Vårdal ting at
Thu Jan 6 16:39:51 CST 2005

aIwa-is-k3wl at skrev:
> hi


> 1..chanset flood-chan
> I can change there much things, but i think it`s very bad that the bot only kick`s them and not ban them. I think it will be useful if you add a banflooders option.

Configure your scripts/sentinel.tcl, it will do the work...

> 2. hostmask fix
> the standard hostmask of eggdrop ( new user add, ban user) is *!ident@* for dynamic ip`s that is good, but on Quake/Undernet much people use static hosts and this hostmask is unefficient.
> Suggestion, mask for bnc`s
> host Head!Headd at good: ban/addhost *!Headd at and not *!Headd@*
> Fakehosts. (a user can register in this network and set usermode +x). Example: tom!tommy at Ban/Addmask actual: *!thommy@* Please change to *!*

You are using .adduser from partyline? Please RTFM.
.help adduser will show you a neat trick, but since you haven't checked 
it out - let me explain it to you.

.adduser !nickname

What does this do, alternative to the standard ".adduser nickname" you 
say? Well, guess what - FULL HOSTNAME!

If you have a person on your channel, called frodo 
(frodo!magic at, .adduser !frodo will do this:

.+user frodo *!magic at
.chattr frodo $default_flags_specified_in_config (normally +hp)

Why add a feature that is there?

> 3. support for Q/X-Bot accounts
> Until today, a eggdop will know users only by their host and their password. For example: on Quake/Undernet you can register. /whois nickname
> example:
> aymaNt is ~Brqmz at * Brqmz
> aymaNt on #e.effect #Creqtive #seekgood 
> aymaNt using * QuakeNet IRC Server
> aymaNt is authed as couillunette
> aymaNt has been idle 17secs, signed on Thu Jan 06 18:05:30
> aymaNt End of /WHOIS list.
> His authnick (registred) wille be "couillunette". This nick can be get with /who or /whois. I never found a working tclscript/patch which will allow to add a user in the userlist with his authnick, instand of his host.
> I think it will be much better on such a network to add them with the authnick instand of their host. Their authnick can be always the same, it`s uniqe and their is not way to fake/steal it if them user their head.

I understand the concept of your idea, but not sure if it's something 
that the developers care to but in place. More features = more bugs, and 
as far as I care (and others), the current 1.6.x branch is just 
bugfixing. Adding more features (say hello to halfops), only adds problems.
Get a script for this one, but eggdrop will always need a host...

Securing eggdrop is all about what you put in to it, and how you use 
it... First of all, don't use any autoop script or likewise functions.
Second of all, keep your users hosts updated. You might even wanna 
disable their option of adding hosts to themselves (/msg ADDHOST and 
/msg IDENT commands), so that only you and your trusted masters could 
add trusted hosts to your "trusted" users. And third... Minimize the 
number of fancy scripts, especially public scripts.

Now, about using the numeric 330 reply (for Undernet at least), to 
authenticate a user - I was once trying (beta) for something someone 
wrote me - It never really worked. The idea was to add a authenticated 
flag (Think it was +O) to whomever had a matching XLOGIN set to them (as 
an XTRA flag, set with editing userinfo.tcl).
Only if the person had both +o and +O for a channel, he/she could 
request AND get opped on the channel. The bug we had with this one, was 
to get the WHOIS reply filtered by the bot on request and/or on join.. 
It sometimes lost the reply.
To give you an example, the typical .whois handle would show something 
like this:

23:33:44 <bot> HANDLE    PASS NOTES FLAGS           LAST
23:33:44 <bot> foonick   yes      0 hp              23:32 (#channel)
23:33:44 <bot>    #channel           lmnoOv           23:32
23:33:44 <bot>   HOSTS: *!bar at 204.31.2??.*, *!bar@*.some.domain
23:33:44 <bot>   XLOGIN: foobar

When foonick entered #channel, "bot" would send a whois to the server. 
When "bot" got a reply, it would compare XLOGIN to the numeric 330. If 
match, it would add +O to foonick. Now, if foonick sent a /msg bot OP 
password, the bot would check for valid +o and +O before giving MODE +o 
foonick on #channel. And part/quit/netsplit it would wait for TTL before 
-O (in case of cycle, rejoin, change of server, netsplit, etc..). I 
think TTL was 600 seconds (5 minutes).

Who made this for me btw? Souper?


Ronny Vårdal

Email:        ting at
GPG:          0x3B12B97E

"Do not follow where the path may lead.
  Go instead where there is no path and leave a trail."
                                  (George Bernard Shaw)

More information about the Eggheads mailing list