View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004374 | unreal | ircd | public | 2015-07-10 12:34 | 2015-07-19 18:33 |
| Reporter | miwob | Assigned To | syzop | ||
| Priority | normal | Severity | feature | Reproducibility | N/A |
| Status | resolved | Resolution | fixed | ||
| Fixed in Version | 3.4-beta2 | ||||
| Summary | 0004374: Change client connecting notice to include IP address | ||||
| Description | Change default client connecting notices to include IP addresses (I think mostly all ircds do that nowaday) and get rid of "PROTOCTL HCN". That way HOPM users are no longer required to add a separate perform = "PROTOCTL HCN"; to their scanner's conf. Ideally 'far' connecting notices should be changed to include IP addresses as well. | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
|
|
I like the idea of including IP's in connection messages by default, it's after all valuable information. What I don't like is loosing the information we have, such as the ssl info, so don't want to use PROTOCTL HCN format as-is. I presume we can find a way to have both? What is your scanner looking for, what is the format you expect, exactly? Where can we add "additional data" safely? Sorry, about to leave to somewhere else (yeah pretending I have a life), so haven't checked. Just figured I'd post here before I forget :) |
|
|
I think the messages themselves could be simplified, as opposed to the current format which is: *** Notice -- Client connecting on port 6667: mibbot_stats ([email protected]) [clients] ^ why do we really need these stars and "notice" and so on? That could be simplified to: CONNECT: <server:port(ifknown)> mibbot_stats ([email protected]) [IP-Address] [clients] [ssl-info etc] likewise with disconnect messages: DISCONNECT: <server> mibbot_stats ([email protected]) [IP-Address] [Client exited] |
|
|
Amiga600: Good point. Now you mention it I find the "*** Notice --" rather silly too. I kept the "***" but removed the silly "Notice -- " in the... notice :D. miwob: (30m later) I see this breaks your reference regex of HOPM now. Anyway, so here we are again, currently (as in right now): Normal: *** Client connecting on port 5667: Ein_ ([email protected]) [clients] [secure AES256-GCM-SHA384] Hybrid style: *** Client connecting: Ein_ ([email protected]) [192.168.xx.xx] {clients} If we can find a hybrid (:D) where we can use the hybrid style but keep the secure/SSL stuff then it's good for me. I don't think the port stuff is particularly interesting. So can I safely put something at the end or something? I'm asking you because you write the thing that parses it.. so you probably have seen others as well. This would look cleanest: *** Client connecting: Ein_ ([email protected]) [192.168.xx.xx] {clients} [secure AES256-GCM-SHA384] Or would that confuse your search for ip in []'s (would be strange if you would look for it twice in the same line, but who knows..) I find this ugly, but it's an option: *** Client connecting: Ein_ ([email protected]) [192.168.xx.xx] {clients} {secure AES256-GCM-SHA384} When we're at it, I think we should take a look at the exiting notice as well -- if we would go hybrid style. It's now: *** Client exiting: Ein_ ([email protected]) [hai hai] [192.168.xx.xx] That's just odd and ugly. How about: *** Client exiting: Ein_ ([email protected]) [192.168.xx.xx] (hai hai) |
|
|
I've taken the liberty to do the above. Rather than wait another week for a reply -- i looked at the HOPM example conf anyway ;) https://github.com/unrealircd/unrealircd/commit/02c9b7baca14a5d4f1408c49a6b18a2b41c0bc04 https://github.com/unrealircd/unrealircd/commit/390a4c2494598d71fe111941af1ced3e7659caa5 I'll try to summarize: 1) PROTOCTL HCN is ripped out 2) connect format: *** Client connecting: Zwei ([email protected]) [192.168.xx.xx] {clients} [secure BLABLA] 3) disconnect format: *** Client exiting: Zwei ([email protected]) [192.168.xx.xx] (Read error) 4) the remote connect/disconnect messages are IDENTICAL except the sender isn't :your.server but :remote.server. Since any normal client displays the sender of a notice this results in things like: -remotelink.test.net- *** Client connecting: ....etc... :) If something is wrong let me know. |
|
|
So you'd only need to change: connregex = "\\*\\*\\* Notice -- Client connecting: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*"; to.. what is it? connregex = "\\*\\*\\*( Notice --)? Client connecting: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*"; or whatever :) |
|
|
*update regex in comment of above* :D. untested, though. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2015-07-10 12:34 | miwob | New Issue | |
| 2015-07-10 15:28 | syzop | Note Added: 0018473 | |
| 2015-07-16 11:36 | Amiga600 | Note Added: 0018507 | |
| 2015-07-16 11:37 | Amiga600 | Note Edited: 0018507 | |
| 2015-07-16 11:38 | Amiga600 | Note Edited: 0018507 | |
| 2015-07-19 18:02 | syzop | Note Added: 0018518 | |
| 2015-07-19 18:27 | syzop | Note Added: 0018519 | |
| 2015-07-19 18:27 | syzop | Status | new => resolved |
| 2015-07-19 18:27 | syzop | Fixed in Version | => 3.4-beta2 |
| 2015-07-19 18:27 | syzop | Resolution | open => fixed |
| 2015-07-19 18:27 | syzop | Assigned To | => syzop |
| 2015-07-19 18:28 | syzop | Note Added: 0018520 | |
| 2015-07-19 18:29 | syzop | Note Edited: 0018520 | |
| 2015-07-19 18:33 | syzop | Note Added: 0018521 |
