Download raw body.
[NEW]: net/hopm - open-proxy monitor irc bot
Hello,
On 2024/08/11 15:20:32 -0400, Chaz Kettleson <chaz@pyr3x.com> wrote:
> On Sun, Aug 04, 2024 at 02:23:15PM GMT, Chaz Kettleson wrote:
> > On Sat, Jul 27, 2024 at 09:11:57AM GMT, chaz@pyr3x.com wrote:
> > > On Tue, Jul 23, 2024 at 08:02:08PM GMT, chaz@pyr3x.com wrote:
> > > > On Tue, Jul 23, 2024 at 07:49:47PM GMT, chaz@pyr3x.com wrote:
> > > > > On Sun, Jul 21, 2024 at 11:35:16AM GMT, chaz@pyr3x.com wrote:
> > > > > > Hello,
> > > > > >
> > > > > > Attached is a new port HOPM.
> > > > > >
> > > > > > HOPM (Hybrid Open Proxy Monitor) is an open-proxy monitoring bot
> > > > > > designed to monitor an individual server (all servers on the network
> > > > > > have to run their own bot if the IRCd does not support the "far
> > > > > > connect" user mode) with a local operator {} block and monitor
> > > > > > connections. When a client connects to a server, HOPM will scan the
> > > > > > connection for insecure proxies. Insecure proxies are determined
> > > > > > by attempting to connect the proxy back to another host (usually
> > > > > > the IRC server in question).
> > > > > >
> > > > > > HOPM is written ground-up in C language and it is an improved fork
> > > > > > of BOPM (blitzed open proxy monitor), which is a concept derived
> > > > > > from wgmon. It improves on wgmon with HTTP support, faster scanning
> > > > > > (it can scan clients simultaneously), better layout (scalability)
> > > > > > and DNSBL support.
> > > > > >
> > > > > > Looking for comments/feedback/testing to get this committed.
Some nits:
- we can use DIST_TUPLE instead of SITES since upstream doesn't provide
a distribution tarball.
- we can avoid patching the makefile and instead setting `sysconfdir' in
FAKE_FLAGS.
- some of the patches didn't apply, had to regen them.
> [...]
> > > > > > diff --git a/infrastructure/db/user.list b/infrastructure/db/user.list
> > > > > > index 06bf2693c54..2189f6cd89e 100644
> > > > > > --- a/infrastructure/db/user.list
> > > > > > +++ b/infrastructure/db/user.list
> > > > > > @@ -408,3 +408,4 @@ id user group port
> > > > > > 897 _croc _croc sysutils/croc
> > > > > > 898 _icingadb _icingadb net/icinga/icingadb
> > > > > > 899 _openhab _openhab misc/openhab
> > > > > > +900 _hopm _hopm net/hopm
- Instead of using 900 we can reuse another UID, I'd prefer not to get
too close to 1000.
cvs blame user.list | awk '/#/{print $3, $7}' | sort -t- -k3
suggests _nginx that was retired in 2012.
> > > > > Added patches for pledge/unveil.
I'd postpone these for now if you agree. It'll require me more time to
feel confident about these changes, so let's get hopm in the tree and
then add pledge.
I'm attaching an updated tarball and the user.list diff that's ok op@ to
import. I don't run IRCd so can't really test this at runtime, but the
port now looks fine to me.
Index: user.list
===================================================================
RCS file: /home/cvs/ports/infrastructure/db/user.list,v
diff -u -p -r1.446 user.list
--- user.list 16 Jul 2024 20:25:49 -0000 1.446
+++ user.list 14 Aug 2024 09:25:04 -0000
@@ -101,7 +101,7 @@ id user group port
590 _smsd _smsd comms/smstools
591 _bacula _bacula sysutils/bacula
592 _imapproxy _imapproxy mail/imapproxy
-#593 _nginx _nginx www/nginx
+593 _hopm _hopm net/hopm
#594 _ejabberd _ejabberd net/ejabberd
595 _poppassd _poppassd sysutils/openpoppassd
#596 _heartbeat _heartbeat sysutils/heartbeat
[NEW]: net/hopm - open-proxy monitor irc bot