Download raw body.
[NEW]: net/hopm - open-proxy monitor irc bot
On 2024/08/14 12:02:46 +0200, Omar Polo <op@omarpolo.com> wrote:
> Hello,
>
> On 2024/08/11 15:20:32 -0400, Chaz Kettleson <chaz@pyr3x.com> wrote:
> > On Sun, Aug 04, 2024 at 02:23:15PM GMT, Chaz Kettleson wrote:
> > > On Sat, Jul 27, 2024 at 09:11:57AM GMT, chaz@pyr3x.com wrote:
> > > > On Tue, Jul 23, 2024 at 08:02:08PM GMT, chaz@pyr3x.com wrote:
> > > > > On Tue, Jul 23, 2024 at 07:49:47PM GMT, chaz@pyr3x.com wrote:
> > > > > > On Sun, Jul 21, 2024 at 11:35:16AM GMT, chaz@pyr3x.com wrote:
> > > > > > > Hello,
> > > > > > >
> > > > > > > Attached is a new port HOPM.
> > > > > > >
> > > > > > > HOPM (Hybrid Open Proxy Monitor) is an open-proxy monitoring bot
> > > > > > > designed to monitor an individual server (all servers on the network
> > > > > > > have to run their own bot if the IRCd does not support the "far
> > > > > > > connect" user mode) with a local operator {} block and monitor
> > > > > > > connections. When a client connects to a server, HOPM will scan the
> > > > > > > connection for insecure proxies. Insecure proxies are determined
> > > > > > > by attempting to connect the proxy back to another host (usually
> > > > > > > the IRC server in question).
> > > > > > >
> > > > > > > HOPM is written ground-up in C language and it is an improved fork
> > > > > > > of BOPM (blitzed open proxy monitor), which is a concept derived
> > > > > > > from wgmon. It improves on wgmon with HTTP support, faster scanning
> > > > > > > (it can scan clients simultaneously), better layout (scalability)
> > > > > > > and DNSBL support.
> > > > > > >
> > > > > > > Looking for comments/feedback/testing to get this committed.
>
> Some nits:
>
> - we can use DIST_TUPLE instead of SITES since upstream doesn't provide
> a distribution tarball.
> - we can avoid patching the makefile and instead setting `sysconfdir' in
> FAKE_FLAGS.
> - some of the patches didn't apply, had to regen them.
ops, i typoed the version when moving to DIST_TUPLE, no wonders some
patches failed to apply... Sorry. Attaching now a fixed tarball.
I've added some commentary to the patches and added one to fix the
printing of one time_t.
> > [...]
> > > > > > > diff --git a/infrastructure/db/user.list b/infrastructure/db/user.list
> > > > > > > index 06bf2693c54..2189f6cd89e 100644
> > > > > > > --- a/infrastructure/db/user.list
> > > > > > > +++ b/infrastructure/db/user.list
> > > > > > > @@ -408,3 +408,4 @@ id user group port
> > > > > > > 897 _croc _croc sysutils/croc
> > > > > > > 898 _icingadb _icingadb net/icinga/icingadb
> > > > > > > 899 _openhab _openhab misc/openhab
> > > > > > > +900 _hopm _hopm net/hopm
>
> - Instead of using 900 we can reuse another UID, I'd prefer not to get
> too close to 1000.
>
> cvs blame user.list | awk '/#/{print $3, $7}' | sort -t- -k3
>
> suggests _nginx that was retired in 2012.
>
> > > > > > Added patches for pledge/unveil.
>
> I'd postpone these for now if you agree. It'll require me more time to
> feel confident about these changes, so let's get hopm in the tree and
> then add pledge.
>
>
> I'm attaching an updated tarball and the user.list diff that's ok op@ to
> import. I don't run IRCd so can't really test this at runtime, but the
> port now looks fine to me.
>
>
> Index: user.list
> ===================================================================
> RCS file: /home/cvs/ports/infrastructure/db/user.list,v
> diff -u -p -r1.446 user.list
> --- user.list 16 Jul 2024 20:25:49 -0000 1.446
> +++ user.list 14 Aug 2024 09:25:04 -0000
> @@ -101,7 +101,7 @@ id user group port
> 590 _smsd _smsd comms/smstools
> 591 _bacula _bacula sysutils/bacula
> 592 _imapproxy _imapproxy mail/imapproxy
> -#593 _nginx _nginx www/nginx
> +593 _hopm _hopm net/hopm
> #594 _ejabberd _ejabberd net/ejabberd
> 595 _poppassd _poppassd sysutils/openpoppassd
> #596 _heartbeat _heartbeat sysutils/heartbeat
[NEW]: net/hopm - open-proxy monitor irc bot