From aa421a2d56c5bdfb467eddaba478e5aef04bbce4 Mon Sep 17 00:00:00 2001
From: William Heimbigner <william.heimbigner@gmail.com>
Date: Tue, 26 Apr 2011 17:42:42 +0000
Subject: Lots of added stuff. Don't know whatall.

---
 config-default/channels.xml | 295 +++++++++++++++++++++++++++++++++-----------
 config-default/commands.xml |  19 ++-
 config-default/dnsbl.xml    |   6 +-
 config-default/users.xml    |  18 ++-
 modules/classes.pl          |   6 +-
 modules/command.pl          |   3 +-
 modules/event.pl            |   4 +-
 modules/inspect.pl          |   1 +
 modules/mysql.pl            |   2 +-
 modules/services.pl         |  10 +-
 10 files changed, 271 insertions(+), 93 deletions(-)

diff --git a/config-default/channels.xml b/config-default/channels.xml
index 4a76a33..7752fa8 100644
--- a/config-default/channels.xml
+++ b/config-default/channels.xml
@@ -3,6 +3,7 @@
     <hilights>
       <low>PeterSymonds</low>
     </hilights>
+    <msgs></msgs>
   </channel>
   <channel id="##asb-meta" link="##asb-testing">
     <hilights></hilights>
@@ -11,13 +12,19 @@
     <hilights></hilights>
     <msgs></msgs>
   </channel>
-  <channel id="##asb-test" op="no" />
   <channel id="##c++" op="no" silence="yes">
     <hilights>
       <debug>tomaw</debug>
     </hilights>
     <msgs></msgs>
   </channel>
+  <channel id="##electronics" op="no" silence="yes">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="##javascript" op="no">
+    <hilights></hilights>
+  </channel>
   <channel id="##linux" op="no" silence="yes">
     <hilights>
       <disable>ST47</disable>
@@ -27,6 +34,7 @@
       <low>Fieldy</low>
       <low>tomaw</low>
       <low>WildPikachu</low>
+      <low>Gary</low>
       <medium>PhilKC</medium>
       <medium>vorian</medium>
       <medium>DLange</medium>
@@ -36,10 +44,10 @@
       <medium>DLange</medium>
       <medium>linagee</medium>
       <opalert>rob</opalert>
+      <opalert>stew</opalert>
     </hilights>
     <msgs>
       <debug>##linux-ops</debug>
-      <low>WildPikachu</low>
     </msgs>
   </channel>
   <channel id="##linux-ops" op="no">
@@ -54,27 +62,45 @@
       <opalert>##linux-ops</opalert>
     </msgs>
   </channel>
+  <channel id="##mac" op="no">
+    <hilights></hilights>
+  </channel>
   <channel id="##petersymonds" op="no">
     <hilights></hilights>
     <msgs></msgs>
   </channel>
+  <channel id="##physics" op="no">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="##posix" op="no" silence="yes">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
   <channel id="##thehelpfulone" op="no">
     <hilights>
       <debug>thehelpfulone</debug>
     </hilights>
     <msgs>
       <debug>##thehelpfulone</debug>
+      <debug>tho|away</debug>
       <disable>##asb-nexus</disable>
     </msgs>
   </channel>
+  <channel id="##tomaw" op="no">
+    <hilights></hilights>
+  </channel>
   <channel id="##wikimedia-ops" op="no">
     <hilights></hilights>
     <msgs></msgs>
   </channel>
   <channel id="##windows" op="no" silence="yes">
     <hilights>
+      <debug>jpalmer</debug>
+      <debug>KB1JWQ</debug>
       <disable>ST47</disable>
       <disable>Thehelpfulone</disable>
+      <high>werdan7</high>
       <info>njan</info>
       <low>numist</low>
       <low>quux</low>
@@ -83,14 +109,19 @@
       <low>njan</low>
       <low>JonathanD</low>
       <low>Cpudan80</low>
-      <low>AndrewB</low>
       <low>pinpoint</low>
-      <low>theacolyte</low>
       <medium>tomaw</medium>
-      <medium>theacolyte</medium>
     </hilights>
     <msgs></msgs>
   </channel>
+  <channel id="##windows-server">
+    <hilights>
+      <debug>jpalmer</debug>
+    </hilights>
+  </channel>
+  <channel id="#+" op="no">
+    <hilights></hilights>
+  </channel>
   <channel id="#ST47" op="no">
     <hilights></hilights>
   </channel>
@@ -100,7 +131,10 @@
     </hilights>
     <msgs></msgs>
   </channel>
-  <channel id="#baadf00d" />
+  <channel id="#cpudan80" op="no">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
   <channel id="#debian" op="no" silence="yes">
     <hilights></hilights>
     <msgs></msgs>
@@ -108,6 +142,15 @@
   <channel id="#defocus" link="#freenode" silence="yes">
     <hilights></hilights>
   </channel>
+  <channel id="#django" op="no">
+    <hilights>
+      <debug>tomaw</debug>
+    </hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#errantego" op="no">
+    <hilights></hilights>
+  </channel>
   <channel id="#freenode" op="no" silence="yes">
     <hilights>
       <debug>tomaw</debug>
@@ -115,38 +158,51 @@
       <debug>Martinp23</debug>
       <debug>SeJo</debug>
       <debug>pctony</debug>
+      <debug>KB1JWQ</debug>
+      <debug>theacolyte-</debug>
+      <debug>nhandler</debug>
+      <high>mquin</high>
       <info>njan</info>
-      <info>AndrewB</info>
       <low>denny</low>
       <low>Gary</low>
       <low>JonathanD</low>
       <low>ZoFreX</low>
       <low>DLange</low>
-      <low>vorian</low>
       <low>PriceChild</low>
+      <low>werdan7</low>
       <medium>ompaul</medium>
-      <medium>PhilKC</medium>
+      <medium>mrmist</medium>
     </hilights>
-    <msgs>
-      <debug>#freenode-adb</debug>
-    </msgs>
-  </channel>
-  <channel id="#freenode-adb" op="no">
-    <hilights></hilights>
     <msgs></msgs>
   </channel>
-  <channel id="#freenode-newyears" link="#freenode">
-    <hilights>
-      <debug>Thehelpfulone</debug>
-    </hilights>
+  <channel id="#freenode-newyears" op="no" silence="yes">
+    <hilights></hilights>
   </channel>
   <channel id="#gentoo" op="no" silence="yes">
     <hilights>
       <debug>NeddySeagoon</debug>
+      <debug>a3li</debug>
+      <debug>marienz</debug>
+      <low>marienz</low>
       <medium>tomaw</medium>
     </hilights>
     <msgs></msgs>
   </channel>
+  <channel id="#hamradio" op="no">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#hamradio-ops" op="no">
+    <hilights></hilights>
+  </channel>
+  <channel id="#httpd">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#irssi" op="no">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
   <channel id="#lisp" op="no" silence="yes">
     <hilights>
       <disable>Thehelpfulone</disable>
@@ -156,17 +212,37 @@
     </hilights>
     <msgs></msgs>
   </channel>
+  <channel id="#logbook" op="no">
+    <hilights></hilights>
+  </channel>
   <channel id="#mediawiki" op="no" silence="yes">
     <hilights>
       <debug>flyingparchment</debug>
-      <debug>WaRpAtH</debug>
+      <debug>roberthl</debug>
       <disable>seanw</disable>
-      <disable>ST47</disable>
+      <low>vvv</low>
     </hilights>
     <msgs>
       <debug>#wikimedia-ops</debug>
     </msgs>
   </channel>
+  <channel id="#osdev" op="no">
+    <hilights>
+      <low>tomaw</low>
+    </hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#reddit" op="no">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#rubyonrails" op="no">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#sparkfun" op="no">
+    <hilights></hilights>
+  </channel>
   <channel id="#st47">
     <hilights>
       <debug>Randomuser</debug>
@@ -180,20 +256,44 @@
   </channel>
   <channel id="#ubuntu" op="no" silence="yes">
     <hilights>
+      <debug>nhandler</debug>
       <disable>ST47</disable>
       <low>PriceChild</low>
       <medium>tomaw</medium>
     </hilights>
     <msgs></msgs>
   </channel>
+  <channel id="#ubuntu-unregged">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#uncyclopedia" op="no">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#wikia" op="no">
+    <hilights>
+      <medium>tomaw</medium>
+    </hilights>
+    <msgs></msgs>
+  </channel>
+  <channel id="#wikia-dev" op="no">
+    <hilights></hilights>
+  </channel>
+  <channel id="#wikileaks" op="no">
+    <hilights></hilights>
+    <msgs></msgs>
+  </channel>
   <channel id="#wikimedia" op="no" silence="yes">
     <hilights>
-      <debug>Mbimmler</debug>
       <debug>Martinp23</debug>
-      <debug>Warpath</debug>
       <debug>Rjd0060</debug>
       <debug>AfterDeath</debug>
       <debug>theoneandonly</debug>
+      <debug>PeterSymonds</debug>
+      <debug>vvv</debug>
+      <debug>Barras</debug>
+      <debug>AfterDeath</debug>
       <low>Majorly</low>
       <low>Fabexplosive</low>
     </hilights>
@@ -205,6 +305,10 @@
     <hilights>
       <debug>Rjd0060</debug>
       <debug>theoneandonly</debug>
+      <debug>killiondude</debug>
+      <low>PeterSymonds</low>
+      <low>Abigor</low>
+      <low>Kanonkas</low>
     </hilights>
     <msgs>
       <debug>#wikimedia-ops</debug>
@@ -214,6 +318,13 @@
     <hilights>
       <debug>Cbrown1023</debug>
       <debug>Thehelpfulone</debug>
+      <debug>Not_the_NSA</debug>
+      <debug>Rjd0060</debug>
+      <debug>Kanonkas</debug>
+      <debug>PeterSymonds</debug>
+      <debug>Barras</debug>
+      <debug>AfterDeath</debug>
+      <low>slakr</low>
     </hilights>
     <msgs>
       <debug>#wikimedia-ops</debug>
@@ -224,10 +335,19 @@
       <debug>Thehelpfulone</debug>
     </hilights>
   </channel>
+  <channel id="#wikimedia-otrs" op="no">
+    <hilights>
+      <debug>PeterSymonds</debug>
+    </hilights>
+    <msgs>
+      <debug>#wikimedia-ops</debug>
+    </msgs>
+  </channel>
   <channel id="#wikimedia-overflow">
     <hilights>
       <debug>theoneandonly</debug>
       <debug>Thehelpfulone</debug>
+      <debug>Rjd0060</debug>
     </hilights>
     <msgs>
       <debug>#wikimedia-ops</debug>
@@ -236,6 +356,7 @@
   <channel id="#wikimedia-tech" op="no" silence="yes">
     <hilights>
       <debug>theoneandonly</debug>
+      <low>Rjd0060</low>
     </hilights>
     <msgs>
       <low>#wikimedia-ops</low>
@@ -243,9 +364,7 @@
   </channel>
   <channel id="#wikipedia" op="no" silence="yes">
     <hilights>
-      <debug>cbrown1023</debug>
       <debug>Golbez</debug>
-      <debug>Mbimmler</debug>
       <debug>Prodego</debug>
       <debug>Rjd0060</debug>
       <debug>Snowolf</debug>
@@ -253,27 +372,36 @@
       <debug>werdan7</debug>
       <debug>wimt</debug>
       <debug>theoneandonly</debug>
+      <debug>Jake_Wartenberg</debug>
+      <debug>shimgray</debug>
+      <debug>kibble</debug>
+      <debug>PeterSymonds</debug>
+      <debug>Jamesofur</debug>
+      <debug>killiondude</debug>
+      <debug>SpitfireWP</debug>
+      <debug>jeremyb</debug>
+      <debug>Maximillion</debug>
+      <debug>stwalkerster</debug>
+      <debug>Barras</debug>
       <low>bumm13_</low>
       <low>Cyrius</low>
       <low>DanielB</low>
-      <low>Dmcdevit</low>
       <low>Fabexplosive</low>
       <low>FastLizard4</low>
       <low>James_F</low>
       <low>JohnReaves</low>
-      <low>Krimpet</low>
       <low>Lucifer_Cat</low>
       <low>Luna-San</low>
       <low>Uberpenguin</low>
       <low>Mike42</low>
       <low>Mike_H</low>
       <low>nixeagle</low>
-      <low>quanticle</low>
       <low>Ceiling_Cat</low>
       <low>seanw</low>
       <low>skenmy</low>
       <low>ST47</low>
       <low>tawker</low>
+      <low>kibble</low>
     </hilights>
     <msgs>
       <debug>#wikimedia-ops</debug>
@@ -289,38 +417,38 @@
   </channel>
   <channel id="#wikipedia-en" op="no" silence="yes">
     <hilights>
-      <debug>animum</debug>
-      <debug>Kmccoy</debug>
-      <debug>Prodego</debug>
       <debug>Rjd0060</debug>
-      <debug>Snowolf</debug>
       <debug>Werdan7</debug>
       <debug>wimt</debug>
       <debug>Thehelpfulone</debug>
       <debug>PeterSymonds</debug>
       <debug>theoneandonly</debug>
       <debug>Not_the_NSA</debug>
+      <debug>Prodego</debug>
+      <debug>Jake_Wartenberg</debug>
+      <debug>shimgray</debug>
+      <debug>stwalkerster</debug>
+      <debug>Jamesofur</debug>
+      <debug>SpitfireWP</debug>
+      <debug>Barras</debug>
+      <debug>jeremyb</debug>
+      <debug>Maximillion</debug>
       <high>Rudha-an</high>
-      <low>agkwiki</low>
-      <low>bumm13</low>
       <low>Cobi</low>
       <low>Cbrown1023</low>
       <low>DanielB</low>
-      <low>Dmcdevit</low>
       <low>Golbez</low>
-      <low>James_F</low>
       <low>JohnReaves</low>
-      <low>KFP</low>
-      <low>Krimpet</low>
       <low>Luna-Santin</low>
       <low>Mike42</low>
-      <low>nixeagle</low>
       <low>seanw</low>
       <low>smoddy</low>
       <low>Tawker</low>
-      <low>Ryanpostlethwait</low>
       <low>NotASpy</low>
       <low>|X|</low>
+      <low>agkwiki</low>
+      <low>KFP</low>
+      <low>Ryanposs</low>
     </hilights>
     <msgs>
       <debug>#wikimedia-ops</debug>
@@ -330,7 +458,6 @@
     <hilights>
       <debug>werdan7</debug>
       <debug>GDonato</debug>
-      <debug>Cometstyles</debug>
       <debug>Thehelpfulone</debug>
       <debug>theoneandonly</debug>
       <debug>Mike42</debug>
@@ -343,17 +470,28 @@
       <debug>Deon555</debug>
       <debug>Luna-San</debug>
       <debug>FrancoGG</debug>
-      <debug>Cremepuff222</debug>
-      <debug>KFP</debug>
       <debug>Golbez</debug>
       <debug>stwalkerster</debug>
       <debug>PeterSymonds</debug>
       <debug>Hersfold</debug>
+      <debug>killiondude</debug>
+      <low>KFP</low>
+      <low>chzz</low>
     </hilights>
     <msgs>
       <debug>#wikimedia-ops</debug>
     </msgs>
   </channel>
+  <channel id="#wikipedia-es" op="no">
+    <hilights>
+      <debug>Dferg</debug>
+      <debug>Rasco</debug>
+      <disable>Thehelpfulone</disable>
+    </hilights>
+    <msgs>
+      <debug>dferg</debug>
+    </msgs>
+  </channel>
   <channel id="#wikipedia-social" op="no" silence="yes">
     <hilights></hilights>
     <msgs>
@@ -362,6 +500,7 @@
   </channel>
   <channel id="antispammeta">
     <hilights></hilights>
+    <msgs></msgs>
   </channel>
   <channel id="default" op="no">
     <event id="flood-15to45" action="none" class="floodqueue" reason="flooding 15 to 45" risk="low" time="0" type="public">15:45</event>
@@ -369,50 +508,56 @@
     <msgs></msgs>
   </channel>
   <channel id="master">
-    <event id="advflood" action="ban" class="advsplitflood" reason="advanced distributed flooding" risk="debug" time="0" type="public,part,caction">5:3</event>
+    <event id="advflood" action="none" class="advsplitflood" reason="advanced distributed flooding" risk="debug" time="0" type="public,part,caction" xresult="1">5:3</event>
+    <event id="anontalk1" action="none" class="re" reason="anontalk.com spam" risk="medium" time="0" type="public" xresult="1">(?i)w(.?)w\1w\1?.\1?a\1n\1o\1n\1t\1a\1l\1k\1?.\1?c\1o\1m</event>
     <event id="autoremove" action="none" class="re" reason="on chanserv autoremove" risk="info" time="0" type="part">^requested by ChanServ</event>
-    <event id="blacklist" action="none" class="strbl" reason="sending message containing blacklisted content" risk="low" time="0" type="public">blah</event>
-    <event id="crapflood1" action="none" class="re" reason="crapflooding (rule crapflood1)" risk="high" time="0" type="public">^([A-Za-z]{12} ){15,}</event>
-    <event id="ctcp-dcc" action="ban" class="re" reason="ctcp-dcc" risk="high" time="0" type="cdcc">.*</event>
-    <event id="ctcp-ping" action="none" class="re" reason="channel-wide CTCP PING" risk="medium" time="0" type="cping">.*</event>
-    <event id="ctcp-version" action="none" class="re" reason="channel-wide CTCP VERSION" risk="medium" time="0" type="cversion">.*</event>
-    <event id="dcc" action="ban" class="re" override="dcc-medium" reason="using the DC.C SE.ND exploit" risk="high" time="0" type="public">^DCC (SEND|S?CHAT) |\bDCC (SEND|S?CHAT) &quot;?[A-Za-z0-9]+&quot;? \d+ \d+ \d+</event>
-    <event id="dcc-medium" action="ban" class="re" reason="using the DC.C SE.ND exploit" risk="medium" time="0" type="public">DCC SEND </event>
-    <event id="dcc-part" action="ban" class="re" reason="using the DC.C SE.ND exploit in a part message" risk="high" time="0" type="part">DCC SEND </event>
-    <event id="dcc-topic" action="ban" class="re" reason="setting a bad topic" risk="medium" time="0" type="topic">\bDCC SEND </event>
-    <event id="ddos_countdown" action="none" class="re" reason="doing the ddos countdown thing" risk="medium" time="0" type="public">^... DDOS COUNTDOWN.*</event>
-    <event id="donatespam1" action="none" class="re" override="notice" reason="freenode.donations@gmail.com spammer" risk="high" time="0" type="public,notice">freenode.donations@gmail.com</event>
-    <event id="dronebl" action="none" class="dnsbl" reason="host $evhost is in dnsbl.dronebl.org ( $xresult )" risk="info" time="0" type="join">dnsbl.dronebl.org</event>
-    <event id="efnetbl" action="none" class="dnsbl" reason="host $evhost is in rbl.efnetrbl.org ( $xresult ) " risk="info" time="0" type="join">rbl.efnetrbl.org</event>
-    <event id="genspam1" action="none" class="re" reason="generic spamming" risk="debug" time="0" type="public">([^ ]{4,} +)\1{5,}</event>
-    <event id="goatse" action="ban" class="re" reason="posting goatse link" risk="low" time="0" type="public">goatse\.cz</event>
-    <event id="joinflood" action="none" class="floodqueue" reason="join flood (5 joins in 20 seconds)" risk="medium" time="0" type="join">5:20</event>
-    <event id="keylogger" action="ban" class="re" override="keylogger-medium" reason="using the norton start-key-logger exploit" risk="high" time="0" type="public">^startkeylogger$|^stopkeylogger$</event>
-    <event id="keylogger-medium" action="ban" class="re" reason="using the norton start-key-logger exploit" risk="medium" time="0" type="public">\bstartkeylogger\b|\bstopkeylogger\b</event>
-    <event id="last_measure_regex" action="kban" class="re" reason="posting what appears to be a last measure link" risk="medium" time="0" type="public">http://\S+\.on\.nimp\.org</event>
-    <event id="levenflood" action="none" class="levenflood" override="flood-5to3" reason="levenshtein flood match" risk="debug" time="0" type="public">contentisuseless</event>
-    <event id="lilotroll" action="none" class="re" reason="possible lilo-related trolling (&quot; $evcontent &quot;)" risk="medium" time="0" type="public"> cafe.* lilo.* tell.* RV</event>
-    <event id="magical" action="none" class="ident" reason="typical w00t ident" risk="info" time="0" type="join">i=magical</event>
-    <event id="massflood" action="ban" class="splitflood" reason="distributed flooding" risk="high" time="0" type="public,part,caction">4:4</event>
-    <event id="nickspam" action="ban" class="nickspam" reason="nickspamming" risk="high" time="0" type="public">150:20</event>
-    <event id="notice" action="ban" class="re" reason="sending a notice to the channel" risk="medium" time="0" type="notice">.*</event>
-    <event id="pennergame_spam" action="none" class="re" reason="Pennergame reflink spam $evcontent " risk="medium" time="0" type="public">http:\/\/www\.pennergame\.de\/change_please\/(\d+)\/</event>
-    <event id="phishing1" action="none" class="re" override="notice" reason="trying to steal passwords" risk="high" time="0" type="notice">identify.*/msg .* identify &lt;password&gt;</event>
-    <event id="redarmyoflol" action="ban" class="re" reason="parting with 'red army of lol'" risk="low" time="0" type="part">RED ARMY OF LOL</event>
-    <event id="sms_spam" action="none" class="re" reason="spam link / virus" risk="low" time="0" type="public">\.com/sms.exe</event>
+    <event id="blacklist" action="none" class="strbl" reason="sending message containing blacklisted content" risk="low" time="0" type="public" xresult="1">blah</event>
+    <event id="cheeesespammar" action="none" class="nuhg" reason="matches a dcc-exploiter (02/23/09)" risk="medium" time="0" type="join" xresult="1">(?i).*!.=aaaah@.*!hehehe</event>
+    <event id="ctcp-dcc" action="none" class="re" reason="ctcp-dcc" risk="high" time="0" type="cdcc" xresult="1">.*</event>
+    <event id="ctcp-ping" action="none" class="re" reason="channel-wide CTCP PING" risk="medium" time="0" type="cping" xresult="1">.*</event>
+    <event id="ctcp-version" action="none" class="re" reason="channel-wide CTCP VERSION" risk="medium" time="0" type="cversion" xresult="1">.*</event>
+    <event id="dcc" action="none" class="re" override="dcc-medium" reason="using the DC.C SE.ND exploit" risk="high" time="0" type="public" xresult="1">^DCC (SEND|S?CHAT) |\bDCC (SEND|S?CHAT) &quot;?[A-Za-z0-9]+&quot;? \d+ \d+ \d+</event>
+    <event id="dcc-medium" action="none" class="re" reason="using the DC.C SE.ND exploit" risk="medium" time="0" type="public" xresult="1">DCC SEND </event>
+    <event id="dcc-part" action="none" class="re" reason="using the DC.C SE.ND exploit in a part message" risk="high" time="0" type="part">DCC SEND </event>
+    <event id="dcc-topic" action="none" class="re" reason="setting a bad topic" risk="medium" time="0" type="topic">\bDCC SEND </event>
+    <event id="dronebl" action="none" class="dnsbl" reason="host $evhost is in dnsbl.dronebl.org ( $xresult )" risk="info" time="0" type="join" xresult="Automatically determined botnet IPs (experimental)">dnsbl.dronebl.org</event>
+    <event id="efnetbl" action="none" class="dnsbl" reason="host $evhost is in rbl.efnetrbl.org ( $xresult )" risk="info" time="0" type="join" xresult="TOR exit server">rbl.efnetrbl.org</event>
+    <event id="genspam1" action="none" class="re" reason="generic spamming" risk="debug" time="0" type="public" xresult="1">([^ ]{4,} +)\1{5,}</event>
+    <event id="joinflood" action="none" class="floodqueue" reason="join flood (5 joins in 20 seconds)" risk="medium" time="0" type="join" xresult="1">5:20</event>
+    <event id="keylogger" action="none" class="re" override="keylogger-medium" reason="using the norton start-key-logger exploit" risk="high" time="0" type="public" xresult="1">^startkeylogger$|^stopkeylogger$</event>
+    <event id="keylogger-medium" action="none" class="re" reason="using the norton start-key-logger exploit" risk="medium" time="0" type="public" xresult="1">\bstartkeylogger\b|\bstopkeylogger\b</event>
+    <event id="last_measure_regex" action="kban" class="re" reason="posting what appears to be a last measure link" risk="medium" time="0" type="public" xresult="1">http://\S+\.on\.nimp\.org</event>
+    <event id="levenflood" action="none" class="levenflood" override="flood-5to3" reason="levenshtein flood match" risk="debug" time="0" type="public" xresult="1">contentisuseless</event>
+    <event id="massflood" action="ban" class="splitflood" reason="distributed flooding" risk="high" time="0" type="public,part,caction" xresult="1">4:4</event>
+    <event id="nickspam" action="none" class="nickspam" reason="nickspamming" risk="high" time="0" type="public" xresult="1">60:10</event>
+    <event id="notice" action="none" class="re" reason="sending a notice to the channel" risk="medium" time="0" type="notice" xresult="1">.*</event>
+    <event id="phishing1" action="none" class="re" override="notice" reason="trying to steal passwords (v1)" risk="high" time="0" type="notice" xresult="1">identify.*/msg .* identify &lt;password&gt;</event>
+    <event id="phishing2" action="none" class="re" override="notice" reason="trying to steal passwords (v2)" risk="high" time="0" type="notice">^This nickname is registered</event>
+    <event id="proxybl" action="none" class="dnsbl" reason="host $evhost is in dnsbl.proxybl.org" risk="info" time="0" type="join" xresult="this does nothing I think">dnsbl.proxybl.org</event>
+    <event id="redarmyoflol" action="none" class="re" reason="parting with 'red army of lol'" risk="low" time="0" type="part">RED ARMY OF LOL</event>
+    <event id="sms_spam" action="none" class="re" reason="spam link / virus" risk="low" time="0" type="public" xresult="1">\.com/sms.exe</event>
     <event id="wikifags2" action="none" class="re" reason="saying 'sure are a lot of wikifag'..." risk="low" time="0" type="public">(?i)^sure are a ?lot of .*fags? in here</event>
     <hilights>
       <debug>ST47</debug>
       <debug>pctony</debug>
       <debug>SeJo</debug>
-      <debug>ST47</debug>
+      <debug>KB1JWQ</debug>
+      <debug>Rjd0060</debug>
+      <low>marienz</low>
+      <low>mrmist</low>
       <medium>dave2</medium>
       <medium>RichiH</medium>
-      <medium>troubled</medium>
       <medium>Thehelpfulone</medium>
+      <medium>mrmist</medium>
+      <medium>mrmist</medium>
     </hilights>
     <msgs>
       <debug>##asb-nexus</debug>
     </msgs>
   </channel>
+  <channel id="werdan7">
+    <hilights>
+      <low>#freenode</low>
+    </hilights>
+  </channel>
 </channels>
diff --git a/config-default/commands.xml b/config-default/commands.xml
index 3dba162..52f9339 100644
--- a/config-default/commands.xml
+++ b/config-default/commands.xml
@@ -16,6 +16,7 @@
   <command cmd="^;help$">
   <![CDATA[
     $conn->privmsg($event->{to}->[0], "help is at http://meta.wikimedia.org/wiki/User:WHeimbigner/AntiSpamMeta");
+    $conn->privmsg($event->{to}->[0], "You can also get faster help by emailing william dot heimbigner at ttu dot edu - or bug ErrantEgo or tomaw");
   ]]>
   </command>
   <command cmd="^;db$">
@@ -274,12 +275,18 @@
   </command>
   <command cmd="^\!ops ?(#\S+)? ?(.*)" nohush="nohush">
   <![CDATA[
-    my $tgt = $event->{to}->[0];
-    $tgt = $1 if (defined($1));
-    my $msg = $1;
-    $msg = $2 if defined($2);
-    my $hilite=ASM::Util->commaAndify(ASM::Util->getAlert($tgt, 'opalert', 'hilights'));
-    $conn->privmsg($_, "[\x02$tgt\x02] - $event->{nick} wants op attention ($msg) $hilite") foreach ASM::Util->getAlert($tgt, 'opalert', 'msgs');
+    if ($::sn{lc $event->{nick}}->{dnsbl} == 0) {
+      my $tgt = $event->{to}->[0];
+      $tgt = $1 if (defined($1));
+      my $msg = $1;
+      $msg = $2 if defined($2);
+      unless (defined($::ignored{$tgt}) && ($::ignored{$tgt} >= $::RISKS{'opalert'})) {
+        $::ignored{$tgt} = $::RISKS{'opalert'};
+        $conn->schedule(30, sub { delete($::ignored{$tgt})});
+        my $hilite=ASM::Util->commaAndify(ASM::Util->getAlert($tgt, 'opalert', 'hilights'));
+        $conn->privmsg($_, "[\x02$tgt\x02] - $event->{nick} wants op attention ($msg) $hilite") foreach ASM::Util->getAlert($tgt, 'opalert', 'msgs');
+      }
+    }
   ]]>
   </command>
   <command cmd="^;blacklist (.*)" flag="o">
diff --git a/config-default/dnsbl.xml b/config-default/dnsbl.xml
index ba11a0f..c2c380d 100644
--- a/config-default/dnsbl.xml
+++ b/config-default/dnsbl.xml
@@ -16,9 +16,13 @@
     <response id="127.0.0.8">SOCKS proxy</response> 
     <response id="127.0.0.9">HTTP proxy</response> 
     <response id="127.0.0.10">ProxyChain</response> 
-    <response id="127.0.0.13">Brute force attackers</response>
+<!--    <response id="127.0.0.13">Brute force attackers</response> -->
     <response id="127.0.0.14">Open Wingate Proxy</response>
     <response id="127.0.0.15">Compromised router / gateway</response>
+    <response id="127.0.0.17">Automatically determined botnet IPs (experimental)</response>
     <response id="127.0.0.255">Unknown</response>
   </query>
+  <query id="dnsbl.proxybl.org">
+    <response id="127.0.0.2">Open Proxy</response>
+  </query>
 </dnsbl>
diff --git a/config-default/users.xml b/config-default/users.xml
index ae66c4c..d3f6fd8 100644
--- a/config-default/users.xml
+++ b/config-default/users.xml
@@ -1,29 +1,35 @@
 <people>
-  <person id="afterdeath" flags="hodat" host="IDENTIFY" />
+  <person id="afterdeath" flags="hodat" host="freenode/weird-exception/network-troll/afterdeath" />
+  <person id="afterdeath_" flags="hodat" host="freenode/weird-exception/network-troll/afterdeath" />
   <person id="danielb" flags="h" host="wikimedia/Daniel" />
   <person id="dave2" flags="oath" host="freenode/staff/dave2" />
   <person id="denny" flags="ha" host="freenode/staff/denny" />
   <person id="dlange" flags="oath" host="freenode/staff/dlange" />
   <person id="dmcdevit" flags="oath" host="IDENTIFY" />
-  <person id="errantego" flags="t" host="unaffiliated/errantego" />
+  <person id="errantego" flags="doath" host="freenode/jester/errantego" />
   <person id="gary" flags="oath" host="freenode/staff/colchester-lug.gary" />
   <person id="gdonato" flags="oth" host="wikimedia/GDonato" />
   <person id="jonathand" flags="oath" host="freenode/staff/jonathand" />
+  <person id="kb1jwq" flags="ahot" host="freenode/staff/kb1jwq" />
+  <person id="kibble" flags="oth" host="wikimedia/Cbrown1023" />
+  <person id="marienz" flags="oath" host="freenode/staff/marienz" />
   <person id="mark_ryan" flags="oht" host="wikipedia/Mark" />
   <person id="martinp23" flags="oath" host="freenode/staff/wikimedia.martinp23" />
+  <person id="mquin" flags="hot" host="freenode/staff/mquin" />
+  <person id="nhandler" flags="oath" host="freenode/staff/ubuntu.member.nhandler" />
   <person id="njan" flags="oath" host="freenode/staff/njan" />
   <person id="not_the_nsa" flags="t" host="wikipedia/R" />
-  <person id="petersymonds" flags="th" host="wikipedia/PeterSymonds" />
+  <person id="petersymonds" flags="oath" host="wikimedia/petersymonds" />
   <person id="pricechild" flags="oath" host="freenode/staff/ubuntu.member.pricechild" />
   <person id="richih" flags="oath" host="freenode/staff/richih" />
+  <person id="rjd0060" flags="oth" host="wikimedia/rjd0060" />
   <person id="seanw" flags="oath" host="freenode/staff-emeritus/wikimedia.sean-whitton" />
-  <person id="st47" flags="oath" host="wikipedia/st47" />
+  <person id="st47" flags="oath" host="perlwikipedia/developer/wikipedia.st47" />
+  <person id="theacolyte" flags="t" host="about/windows/staff/theacolyte" />
   <person id="thehelpfulone" flags="oath" host="wikimedia/Thehelpfulone" />
   <person id="tho|away" flags="oath" host="wikimedia/Thehelpfulone" />
-  <person id="tho|busy" flags="oath" host="wikimedia/Thehelpfulone" />
   <person id="tomaw" flags="oathd" host="freenode/staff/tomaw" />
   <person id="troubled" flags="oath" host="unaffiliated/troubled" />
-  <person id="vorian" flags="oath" host="freenode/staff/vorian" />
   <person id="werdan7" flags="oath" host="freenode/staff/wikimedia.werdan7" />
   <person id="wildpikachu" flags="oath" host="about/linux/staff/wildpikachu" />
   <person id="wimt" flags="oath" host="freenode/staff/wikipedia.wimt" />
diff --git a/modules/classes.pl b/modules/classes.pl
index 1897100..74a5b1c 100644
--- a/modules/classes.pl
+++ b/modules/classes.pl
@@ -75,7 +75,9 @@ sub levenflood
 sub dnsbl
 {
   my ($chk, $id, $event, $chan, $rev) = @_;
-  return unless index($event->{host}, '/') == -1;
+#  return unless index($event->{host}, '/') == -1;
+#  hopefully getting rid of this won't cause shit to assplode
+#  but I'm getting rid of it so it can detect cgi:irc shit
   if (defined $rev) {
     my $iaddr = gethostbyname( "$rev$chk->{content}" );
     my @dnsbl = unpack( 'C4', $iaddr ) if defined $iaddr;
@@ -89,6 +91,7 @@ sub dnsbl
       print "chk->content: $chk->{content}\n";
       print "strip: $strip\n";
       print "result: " . $::dnsbl->{query}->{$chk->{content}}->{response}->{$strip}->{content} . "\n";
+      $::sn{lc $event->{nick}}->{dnsbl} = 1;
       # lol really icky hax
       return $::dnsbl->{query}->{$chk->{content}}->{response}->{$strip}->{content};
     }
@@ -250,6 +253,7 @@ sub gecos {
 
 sub nuhg {
   my ( $chk, $id, $event, $chan) = @_;
+  return 0 unless defined($::sn{lc $event->{nick}}->{gecos});
   my $match = $event->{from} . '!' . $::sn{lc $event->{nick}}->{gecos};
   return 1 if ($match =~ /$chk->{content}/);
   return 0;
diff --git a/modules/command.pl b/modules/command.pl
index 07ef31e..889a3de 100644
--- a/modules/command.pl
+++ b/modules/command.pl
@@ -2,6 +2,7 @@ package ASM::Commander;
 use warnings;
 use strict;
 use IO::All;
+use POSIX qw(strftime);
 
 sub new
 {
@@ -41,7 +42,7 @@ sub command
       }
     }
     if ($cmd=~/$command->{cmd}/) {
-      print "$event->{from} told me: $cmd \n";
+      print strftime("%F %T  ", gmtime) . "$event->{from} told me: $cmd \n";
       eval $command->{content};
       warn $@ if $@;
       last;
diff --git a/modules/event.pl b/modules/event.pl
index f808317..e25066b 100644
--- a/modules/event.pl
+++ b/modules/event.pl
@@ -5,6 +5,7 @@ use strict;
 use Data::Dumper;
 use Text::LevenshteinXS qw(distance);
 use IO::All;
+use POSIX qw(strftime);
 
 sub cs {
   my ($chan) = @_;
@@ -100,6 +101,7 @@ sub on_join {
   } else {
     $::sn{$nick} = {};
     $::sn{$nick}->{mship} = [ $chan ];
+    $::sn{$nick}->{dnsbl} = 0;
     if (defined($::needgeco{$nick})) {
       $::needgeco{$nick} = [ @{$::needgeco{$nick}}, $evcopy ];
       $::db->logg($event);
@@ -363,7 +365,7 @@ sub whois_identified {
     foreach my $item (@{$::idqueue{$who}}) {
       my ($cmd, $command, $event) = @{$item};
       if ( $cmd =~ /$command->{cmd}/ ){
-        print "$event->{from} told me $cmd \n";
+        print strftime("%F %T  ", gmtime) . "$event->{from} told me $cmd \n";
         eval $command->{content};
 	warn $@ if $@;
       }
diff --git a/modules/inspect.pl b/modules/inspect.pl
index 6e992ec..84c20a1 100644
--- a/modules/inspect.pl
+++ b/modules/inspect.pl
@@ -26,6 +26,7 @@ sub inspect {
   our $unmode='';
   my $nick = lc $event->{nick};
   my $xresult;
+  return if (index($nick, ".") != -1);
   return if (defined($::eline{$nick}) || defined($::eline{lc $event->{user}}) || defined($::eline{lc $event->{host}}));
   if ( $event->{host} =~ /gateway\/web\/ajax\// ) {
     if ( $event->{user} =~ /.=([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])([0-9a-f][0-9a-f])/ ) {
diff --git a/modules/mysql.pl b/modules/mysql.pl
index f0b7845..e5470bb 100644
--- a/modules/mysql.pl
+++ b/modules/mysql.pl
@@ -134,7 +134,7 @@ sub query
   $host =~  s/\*/%/g;
   $host =~ s/_/\\_/g;
   $host =~  s/\?/_/g;
-  my $sth = $dbh->prepare("SELECT * from $self->{TABLE} WHERE channel = $channel and nick like $nick and user like $user and host like $host;");
+  my $sth = $dbh->prepare("SELECT * from $self->{TABLE} WHERE channel like $channel and nick like $nick and user like $user and host like $host;");
   $sth->execute;
   my $i = 0;
   while (my $ref = $sth->fetchrow_arrayref) {
diff --git a/modules/services.pl b/modules/services.pl
index 3ec9436..0a0c3d5 100644
--- a/modules/services.pl
+++ b/modules/services.pl
@@ -11,6 +11,7 @@ sub new
 
 sub doServices {
   my ($self, $conn, $event) = @_;
+  my $i = 5;
   if ($event->{from} eq 'NickServ!NickServ@services.')
   {
     print "NickServ: $event->{args}->[0]\n";
@@ -20,7 +21,10 @@ sub doServices {
     }
     elsif ( $event->{args}->[0] =~ /^You are now identified/ )
     {
-      $conn->join($_) foreach ( @{$::settings->{autojoins}} );
+      foreach my $x ( @{$::settings->{autojoins}} ) {
+        $conn->schedule($i, sub { $conn->join($x); });
+        $i = $i + 6;
+      }
     }
     elsif ($event->{args}->[0] =~ /has been killed$/ )
     {
@@ -42,6 +46,10 @@ sub doServices {
     {
       $conn->join($1);
     }
+    elsif ( $event->{args}->[0] =~ /You are not authorized to perform this operation/ )
+    {
+      $::oq->clean();
+    }
   }
 }
 
-- 
cgit v1.2.3