ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/vendor/pxys2-2.1.0/pxyservd/pxyservdconf.xml
Revision: 3253
Committed: Wed Apr 2 20:46:18 2014 UTC (9 years, 11 months ago) by michael
Content type: application/xml
File size: 11676 byte(s)
Log Message:
- Imported pxys2-2.1.0

File Contents

# Content
1 <?xml version="1.0"?>
2 <pxyservd>
3
4 <server>
5 <name>proxyscan.ircaide.org</name><!-- match a C:line on the hub -->
6 <id>P1</id>
7 <numeric>99</numeric>
8 <maxclients>1</maxclients>
9 <info>All your proxies are belong to us</info>
10 <sendq>1000000</sendq>
11 </server>
12
13 <hub>
14 <address>172.16.0.1</address>
15 <port>4400</port>
16 <bind-address></bind-address>
17 <password>duck</password>
18 </hub>
19
20 <client>
21 <nickname>prox</nickname>
22 <nick-change-delay>7200</nick-change-delay>
23 <username>proxyscan</username>
24 <hostname>undernet.org</hostname>
25 <realname>Undernet Proxy Scanner</realname>
26 <userip>0.0.0.0</userip>
27 <usermode>+idko</usermode>
28 <channel>#proxy_info</channel>
29 <channel-mode>+tn</channel-mode>
30 <channel-timestamp>1004078035</channel-timestamp>
31 <show-cached>1</show-cached>
32 </client>
33
34 <noscan>
35 <server>uworld.undernet.org</server>
36 <server>uworld.eu.undernet.org</server>
37 <userip>127.0.0.1</userip>
38 <userip>255.255.255.255</userip>
39 <userip>0/8</userip>
40 <userip>10/8</userip>
41 <userip>172.16/12</userip>
42 <userip>192.168/16</userip>
43 </noscan>
44
45 <scanner>
46 <address>172.16.0.5</address>
47 <port>9601</port>
48 <bind-address></bind-address>
49 </scanner>
50
51 <log>
52 <file type="current">logs/proxy-current.log</file>
53 <file type="daily">logs/proxy-yesterday.log</file>
54 <file type="system">logs/system.log</file>
55 <file type="glines">logs/glines.log</file>
56 <file type="opercmds">logs/opercmds.log</file>
57 <file type="proxytop">logs/proxytop.db</file>
58 <history-dirpath>logs/history</history-dirpath>
59 <timezone>GMT</timezone>
60 </log>
61
62 <gline>
63 <delay>900</delay>
64 <!-- type constants taken from the OPAS library -->
65 <reason type="1">Misconfigured Wingate. Please visit http://www.undernet.org/proxyscan.php </reason><!-- space at the end for mIRC users -->
66 <reason type="2">Misconfigured Socks Server. Please visit http://www.undernet.org/proxyscan.php </reason>
67 <reason type="3">Misconfigured Socks Server. Please visit http://www.undernet.org/proxyscan.php </reason>
68 <reason type="4">Misconfigured Proxy Server. Please visit http://www.undernet.org/proxyscan.php </reason>
69 <reason type="0">Misconfigured Proxy Server. Please visit http://www.undernet.org/proxyscan.php </reason>
70 </gline>
71
72 <notice>
73 <line>This network is running an open proxy/open socks/wingate</line>
74 <line>detection monitor. If you see a connection from</line>
75 <line>proxscan.network.tld/12.34.56.78 please disregard it, as it is</line>
76 <line>the detector in action and -not- a hostile attempt.</line>
77 </notice>
78
79 <help-menu>
80 Undernet Proxy Scanner Service Help Menu
81 ========================================
82 Commands (global opers only)
83 ----------------------------
84 INV - Get an invite to my console channel
85 SERVERS [...] - Show network servers and noscan status
86 STATUS [...] - Status of server and scanner daemon
87 NOSCAN - Print current noscan configuration list
88 PROXYTOP - Proxies found per server
89 STATS - Technical statistics
90 PXSTATS - Statistics from the scanner daemon
91 GREM &lt;GLINE&gt; - Remove a gline set by me
92 INFO [...] - Show channel or user info
93 RECHECK [...] - Recheck an user or a whole channel
94 HELP CREDITS - Credits info
95 HELP &lt;COMMAND&gt; - More help for &lt;COMMAND&gt;
96 </help-menu>
97
98 <help topic="inv">
99 INV
100 ===
101 This command gives any global IRC operator an invite on my
102 current console channel.
103 </help>
104
105 <help topic="servers">
106 SERVERS [-info] [-noscan]
107 ==============================================
108 Show IRC network tree with optional info:
109 -info : Display user count
110 -scan : Show scanned servers in bold
111 </help>
112
113 <help topic="status">
114 STATUS [-serv|-scan] (1/3)
115 ==============================================
116 General and probably the more interesting command provided by
117 pxyservd. Call it how often you want to quickly check how pxys
118 is working.
119
120 IRC server status
121 -----------------
122 A first part displays the IRC server status: number of servers
123 on the network, number of clients and channels, classical.
124 pxyservd retrieves the IPs of the network's clients and sends
125 them to pxyscand, the associated scanner daemon process, for
126 proxy scanning. "Scan ClientQ" is the number of clients that
127 haven't been confirmed yet, pxyservd is waiting for a positive
128 or negative reply from the scanner daemon. Take a look at this
129 value as it shouldn't grow too much in normal conditions, and
130 drop as soon as possible otherwise. Note it's normal to always
131 have some clients in the scan queue... the scanner daemon can't
132 always reply quickly.
133 "Unscannable clients" shows the current number of *connected*
134 clients concerned by a failed scan. A failed scan occurs when
135 the host or network of this client is unreachable from the proxy
136 scanner daemon. It is followed by the server's uptime (pxyservd
137 uptime).
138
139 Please consult HELP STATUS 2 for detailed description of the
140 scanner status part.
141 </help>
142
143 <help topic="status 2">
144 STATUS [-serv|-scan] (2/3)
145 ==============================================
146 Scanner status
147 --------------
148 First, you need to know that the scanner daemon (pxyscand) is
149 now separated from the IRC(u) service server (pxyservd).
150 However, they are able to communicate: first to request proxy
151 scanning, but for status/stats purposes too. So you may notice
152 a delay before receiving the scanner status reply if the scanner
153 daemon is not running locally, for example.
154 The first lines display status info about the connection between
155 the server and the scanner daemon. If they are not connected
156 (eg. the scanner daemon is down), you will see a warning there.
157 "Scanning activity" is a good indicator about the load of the
158 scanner daemon. 100%% means all socket slots are taken and it's
159 doing its best to scan them. Lower values means the scanner
160 could handle more clients at this time. This percentage is
161 followed by more precise values: the number of unique IPs
162 currently being scanned, and the number of scans being performed
163 at this time. Usually, you have several scans for one IP. The
164 number of scan is in fact the number of sockets needed to
165 perform the scans for these IPs (although it's not exactly the
166 number of open sockets, but more, as some of them might not be
167 created yet or already closed).
168 "IP scans completed" is a simple real IP scan counter for the
169 current session (all sessions in parenthesis). To consult the
170 scanner's cache hits counter, please use the PXSTATS command.
171 An average value of scan performed is given too.
172
173 Please use HELP STATUS 3 for next page.
174 </help>
175
176 <help topic="status 3">
177 STATUS [-serv|-scan] (3/3)
178 ==============================================
179 When "ScanQ size" is not zero, the current scanning activity
180 should be 100%% (the maximum) and you know the scanner can't
181 process all IPs at the same time: it then adds the IP scan
182 requests in a queue for later processing. This number should
183 drop until 0, otherwise you have a little problem.
184 "Target" is the current selected needed target IP for some
185 scans (as for Socks 4 discovery). It should be set to an IP of
186 one of your network's stable IRC server.
187 "Scan connect() timeout" indicates the number of seconds to
188 wait before a scan bails out.
189
190 Following the total number of proxy found, you will find there
191 the uptime of the scanner daemon. The last part of the STATUS
192 command shows a detailed table with proxy found counters since
193 the scanner daemon is launched. For information, additional
194 "open" counters are provided that count established connections.
195
196 Options:
197 -serv : only displays IRC server status
198 -scan : only displays proxy scanner daemon status
199 </help>
200
201 <help topic="noscan">
202 NOSCAN
203 ==============================================
204 Show pxyservd's "noscan" rules. pxyservd, the IRC(u) service
205 server part of pxys v2, is configured with a list of IP blocks
206 that are ignored. Clients using one of these IPs are tagged as
207 "scanning disabled". Additonally, a list of remote server names
208 can be provided: clients using these servers are ignored too,
209 thus useful for services, hubs, or IRC operator only servers.
210 </help>
211
212 <help topic="proxytop">
213 PROXYTOP
214 ==============================================
215 This command shows the top list of servers where proxy were
216 found on them (and then G-lined!). It might help you to find
217 very-open servers with possibly bad I/K-lines rules, or servers
218 floodbots like... Don't forget to relativize using the provided
219 MAXUSERS indicator, as big servers obviously have more chance to
220 host proxied clients.
221 </help>
222
223 <help topic="stats">
224 STATS
225 ==============================================
226 Display statistics about sockets, internal structures and
227 memory's consumption.
228 </help>
229
230 <help topic="pxstats">
231 PXSTATS
232 ==============================================
233 Query the proxy scanner daemon for internal statistics. Only
234 available when pxyscand is connected. Along other obscure
235 values, it shows the IP cache hits count of already scanned
236 users. This cache allows the scanner to work in very hard
237 conditions, avoiding the re-scan of recently checked IPs.
238 </help>
239
240 <help topic="grem">
241 GREM &lt;IP|GLINE&gt;
242 ==============================================
243 G-line removal method (only for proxyscan G-lines). Please
244 provide the IP or the banned user@host mask, ie. *@&lt;IP&gt;.
245 After the remgline, the IP is not ignored, it will be re-scanned
246 if seen again.
247 </help>
248
249 <help topic="info">
250 INFO &lt;NICK|CHANNEL&gt;
251 ==============================================
252 Info command about a client or a channel. Its purpose is to give
253 some proxyscan-related info about a client or channel's clients.
254
255 Examples:
256 INFO bot-42
257 INFO #floodland
258 </help>
259
260 <help topic="recheck">
261 RECHECK &lt;NICK|CHANNEL&gt;
262 ==============================================
263 Like GREM, this command performs an action and its purpose is
264 not only informative, please use with care.
265 The RECHECK command allows a global IRC operator to ask for a
266 recheck of a specified user or all users on a given channel.
267
268 Please note, however, that users matching NOSCAN rules are never
269 proxy-checked. Also, if the user has not be scanned yet (eg.
270 he's just connected), this command does nothing. Don't hesitate
271 to use previously the INFO command on the user or channel if
272 needed.
273
274 Note that a notice is sent to my console channel for recheck of
275 a whole channel.
276
277 Examples:
278 RECHECK bot-42
279 RECHECK #floodland
280 </help>
281
282 <help topic="evreg">
283 EVREG &lt;MODES&gt;
284 =============
285 This command allows global IRC operators to register for specific
286 events. Several modes are provided, each character identifying an
287 event. Opers who have event X enabled will be notified by the
288 proxyscanner's virtual client (me) when event X occurs.
289
290 MODES
291 -----
292 'p' : new insecure proxy found, show it
293 'c' : show proxy-cache hits
294 'o' : show global IRC operators using /oper
295 'x' : pxyscand connection related events
296
297 For example, an oper who want to be notified when a new proxy has
298 been found and for /oper's would type: /msg &lt;me&gt; evreg +po
299
300 To disable /oper's notifications only: /msg &lt;me&gt; evreg -o
301
302 NOTE: Your modes remain until you disconnect or a split between
303 you and the proxyscanner occurs.
304 </help>
305
306 <help topic="credits">
307 pxyservd v2 - part of pxys v2 software suite
308 ============================================
309 See: http://pxys.sf.net
310 </help>
311
312 </pxyservd>