View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006496 | unreal | ircd | public | 2025-02-12 15:40 | 2025-02-12 15:53 |
| Reporter | syzop | Assigned To | |||
| Priority | normal | Severity | feature | Reproducibility | N/A |
| Status | new | Resolution | open | ||
| Summary | 0006496: Mask item and destination | ||||
| Description | Earlier we had the request for set::restrict-commands on channel-message to exempt a target channel. So mask item / security group item "destination" was added in commit e03a5dfd5ffe47fe186165b8b94c7cbc935a10bb (shipped in UnrealIRCd 6.1.7). Recently Valware suggested allowing something similar: set::restrict-commands private-message but with an exemption to sending to ircops. Of course, you could add something like destination-ircop or something but I think we first need to take a step back and consider if we need something bigger here. Like, maybe we want all the security group checks be able to run on the destination user? Like destination ip/mask/identified/certfp/asn... ? Is that useful or is that overkill? So... destination-ip 1.2.3.4; destination-tls yes; etc... I dunno. We could also do some extra nesting, like: destination { ip 1.2.3.4; } destination { rule "has_user_mode('o')"; } destination { ip 1.2.3.4; tls yes; } etc.. I think I like the extra nesting better and it makes it more clear if you have multiple rules there that it works with the regular ANY (OR) criteria. For crules another idea is to clone all functions and prefix the function with "destination_", so you have like destination_has_user_mode('o'). I think that would make sense because the alternative would be to force the admin (if they would like to select on both source and destination properties) to have like two crules, one in ::rule and the other in ::destination::rule which seems weird and not so flexible. We could also start with the more simple part, the nested destination thingy, first, and then later do the improved crule stuff. | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
