Hi all,
Due to the recent flood attacks we're having, I was thinking about
adding two more IRCd(+Services) features to help us:
1. eXtended Channel Flags (XCF) will have the following options:
JOIN_CONNECT_TIME - Number of seconds the user must be online to be able to join
TALK_CONNECT_TIME - Number of seconds the user must be online to be
able to talk on the channel
TALK_JOIN_TIME - Number of seconds the user must be on the channel to
be able to tlak on the channel
MAX_BANS - Will let us increase the ban limit for specific channels
that are being flooded
NO_NOTICE - Will prevent /notice's from being sent to the channel
NO_CTCP - Will prevent /ctcp's from being sent to the channel
NO_PART_MSG - Will prevent /part messages from being used on the channel
EXEMPT_OPPED - Will exempt opped users from these flags
EXEMPT_VOICED - Will exempt voiced users from these flags
EXEMPT_IDENTD - Will exempt users with enabled identd from these flags
EXEMPT_REGISTERED - Will exempt registered+identified users (umode +r)
from these flags
EXEMPT_INVITES - Will exempt users who match the invites list (cmode
+I) from these flags
GREETMSG - Will show a message to everyone who joins the channel (to
warn them they might be flagged)
These flags will be controlled by services (will be available to IRC
Operators [temporary]) as well as to channel managers/founders.
(I know /notice's and /ctcp's behaviors are client issues, however,
during a huge flood, it doesn't really matter to me and I want to
minimize the flood effect on users)
The services->ircd server command will be something like:
SVSXCF <option:value> [<option:value>] [<option:value>] …
For example:
SVSXCF JOIN_CONNECT_TIME:300 TALK_JOIN_TIME:60 NO_NOTICE:ON NO_CTCP:ON
EXEMPT_OPPED:ON EXEMPT_VOICED:ON EXEMPT_REGISTERED:ON EXEMPT_IDENTD:ON
In this example, users will only be able to join the channel after
being online for 300 seconds and will only be able to talk on the
channel after 60 seconds (+r'ed users and users with identd will be
exempted from both, while voiced+opped users will be exempted from the
60 seconds delay).
IRC Operators will be able to use /CHECK CHANNEL <channel> to see its
flags. Channel managers/founders will have a ChanServ command for that
(we might enable it to all AOPs+, I'm unsure yet and we can always
change it later).
2. Services Approved Joins: a (server) command that in combination
with cmode +r will require channel joins to be approved by services.*
- When a user will join these channels, the IRCd will send the request
to services.* instead of having the user join the channel, services
will do a few internal checks (including checking that the user isn't
akicked so if a user is akicked, services just won't allow them to
join instead of kickban'ing them) and if everything is good, it will
approve the join and send a command back to the IRCd to do the actual
join.
When services are down, the join command will function normally.
When services are lagged, the join command will be lagged as well (for
these specific channels).
This will let us do a lot of things dynamically without upgrading all
servers (just services) like, for example, allowing channel ops or IRC
Operators approve or deny specific joins (services can automatically
approve or deny the request if it isn't approved/denied within X
seconds to be on the safe side).
Thoughts?
-Kobi.
(Kobi_S @ DALnet)
