blob: 9464c76ddf80b96fc3c2cbdd51971c40837db14b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
# an IP may match two different lists. if they give different results,
# which should take precedence?
precedence: [block, require-sasl]
# the dnsbls to check for every client entering the network
# these are just examples to show the possibilities for the config
lists:
-
# host - specific hostname to use
host: "dnsbl.dronebl.org"
# action to take if the client matches this dnsbl:
# - allow - let the client access the network
# - block - block the client from accessing the network, with the given message
# - require-sasl - require the client to login with SASL, kill them if they don't
action: require-sasl
# reason that's shown if they're unable to access the network because of this rbl.
# we support the following variables:
# - "{ip}" - their IP address
reason: "Your IP {ip} is listed in DroneBL. For assistance, see http://dronebl.org/lookup?ip={ip}"
# specific replies to take action on. these are based on the last octet of the return IP.
# for example, "24" or "13,54,24" would both match a result of "127.0.0.24" from the rbl.
replies:
-
# these are proxies: https://dronebl.org/classes
codes: [8, 9, 10, 11]
action: require-sasl
reason: "You need to enable SASL to access this network. For assistance, see http://dronebl.org/lookup?ip={ip}"
-
# this is the "testing class":
codes: [1]
action: allow
-
host: "rbl.efnetrbl.org"
# restrict to IPv4 only (use 6 for IPv6)
addresses: 4
action: block
reason: "Your IP {ip} is listed in the EFnet RBL. For assistance, see http://efnetrbl.org/?i={ip}"
-
host: "torexit.dan.me.uk"
action: require-sasl
reason: "You need to enable SASL to access this network while using Tor"
|
