diff options
| author |   William Heimbigner <william.heimbigner@gmail.com> | 2013-03-07 10:35:43 +0000 |
|---|---|---|
| committer | William Heimbigner <william.heimbigner@gmail.com> | 2013-03-07 10:35:43 +0000 |
| commit | fdb1d6257cb9871c687e13b1ac1ec038ed2529e4 (patch) | |
| tree | 94b21da667654e56d20b3ba0e194a6a846226d61 /modules/inspect.pl | |
| parent | 28e8eda8a99d2ea148741b2783b4f6110a8927d8 (diff) | |
Added logging of kicks/bans/quiets/removes/klines/kills to a special SQL table and corresponding text files
Enabled SQL debugging
Bugfix: Only attempt to determine a host's IP if it doesn't contain a '/'
Updates to channels.xml and users.xml
Adjusted ;userx add and ;userx flags such that A cannot give B a flag that A doesn't already have
Tweaked the ;help command
Fixed ;mship such that it will respond even if it can't see the nick provided.
Tweaked ;status to give output in format like 7d22h18m3s instead of 9814798712 seconds
Added a ;teredo helper command to give info on IPv6 teredo-tunneled connections
Added a nick blacklist file (to counter bot nicklists).
Added a english wordlist file, for "garbage" detection.
Added ;investigate and ;investigate2 commands
Added a way to not throttle info-risk threats
Added special detection for a cycling botnet
Added special detection for bots that join, say something, and immediately quit
Added detection for ascii art
Added detection for "garbage" text
Added fuzzy-matching against a set of nicks
Added "real IP" to state tracking and logging, which "decrypts" gateway/web and teredo IPs
Moved sigalarm code into meta.pl
Improved statsp tracking, and logs it to a file
Ping-pong every 30 seconds, auto-reconnect on persistent lag.
Ensure inspector routine is always called AFTER log-handling routines
Fixed a state-tracking bug in topic change handling
Fixed a state-tracking bug with nick changes
Fixed some state-tracking bugs with mode changes
Determine who is impacted when a quiet/ban mask is placed
Fixed handling of CTCP SOURCE requests
Added feature where it keeps a 30 line "backlog" of each channel in memory.
Added the reason for parts and quits to text logging
Diffstat (limited to 'modules/inspect.pl')
| -rw-r--r-- | modules/inspect.pl | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/modules/inspect.pl b/modules/inspect.pl index 24d93d8..4466d69 100644 --- a/modules/inspect.pl +++ b/modules/inspect.pl @@ -31,7 +31,7 @@ sub inspect { } } else { - $iaddr = gethostbyname($event->{host}); + $iaddr = gethostbyname($event->{host}) if ($event->{host} !~ /\//); $rev = join('.', reverse(unpack('C4', $iaddr))).'.' if (defined $iaddr); } ## NB: isn't there a better way to do this with grep, somehow? @@ -74,12 +74,16 @@ sub inspect { if ($id eq 'last_measure_regex') { #TODO: Note that this is another example of things that shouldn't be hardcoded, but are. } - unless (defined($::ignored{$chan}) && ($::ignored{$chan} >= $::RISKS{$dct{$id}{risk}})) { + if ( + (!(defined($::ignored{$chan}) && ($::ignored{$chan} >= $::RISKS{$dct{$id}{risk}}))) || + (($::pacealerts == 0) && ($dct{$id}{risk} eq 'info')) + ) { my @tgts = ASM::Util->getAlert($chan, $dct{$id}{risk}, 'msgs'); ASM::Util->sendLongMsg($conn, \@tgts, $txtz); $::ignored{$chan} = $::RISKS{$dct{$id}{risk}}; $conn->schedule(45, sub { delete($::ignored{$chan})}); } + $::log->incident($chan, "$chan: $dct{$id}{risk} risk: $event->{nick} - $nicereason\n"); delete $dct{$id}{xresult}; } } |