BOPM Module

How To Install BOPM Module

1. wget http://ircd.zemra.org/irc/bopm-3.1.3.tar.gz
2. tar -xvf bopm-3.1.3.tar.gz
3. cd bopm-3.1.3
4. ./configure
5. make
6. make install
7. cd
8. cd bopm/etc
9. pico bopm.conf

/* This is a modified bopm.conf
 * http://www.zemra.org
 * LAST MODIFIED: 2010-11-20
 */

options {
 /* Full path and filename for file storing the process ID */
 pidfile = "/home/EviL/bopm/bopm.pid";

 /* seconds to store the IP address of hosts */
#    negcache = 3600;

 /* Amount of file descriptors to allocate to asynchronous DNS */
 dns_fdlimit = 64;

 /* full path and filename of scan logfile */
#    scanlog = "/home/EviL/bopm/scan.log";
};

IRC {
 /* IP to bind to for the IRC connection */
 vhost = "72.20.42.110";

 /* Nickname for BOPM to use */
 nick = "TheHawk";

 /* Text to appear in the "realname" field of BOPM's whois output */
 realname = "Open Proxy Monitoring";

 /* If you don't have an identd running, what username to use */
 username = "nix";

 /* Hostname (or IP) of the IRC server */
 server = "72.20.42.110";

 /* Password used to connect to the IRC server (PASS) */
#    password = "secret";

 /* Connect to IRC server via this port */
 port = 6667; 

 /* Command to identify to NickServ */
#    nickserv = "privmsg nickserv :identify <password>";

 /* The username and password needed for BOPM to oper up */
 oper = "BOPM bopmoperpass";

 /* with the following modes this BOPM will see ALL network Connections
 * See Unreal documentation for more information on user modes
 */
 mode = "+s +cF";

 /* Specify BOPM control channel(s) */
 channel {
 /* Channel name. */
 name = "#Staff";

 /* Channel key */
 key = "<channel-key>";

 /* command used to ask chanserv for invite */
#        invite = "privmsg chanserv :invite #bopm";
 };

 /* connregex is a POSIX regular expression used to parse connection
 * (+c) notices from the ircd. The complexity of the expression should
 * be kept to a minimum so load is @ a minimum even during 'heavy' traffic */

 /* Unreal in HCN mode */
#    connregex = "\\*\\*\\* Notice -- Client connecting: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
 connregex = "\\*\\*\\* Notice -- Client connecting[.A-Za-z0-9 ]*: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";

 /* default kline
 *  %n User's nick
 *  %u User's username     - REMEMBER!
 *  %h User's irc hostname - bots (& blacklists) don't necessarily have (contain) hostnames
 *  %i User's IP address   - but they ALWAYS have IPs */
 kline = "gline +*@%i 7d :Open Proxy found on your host.";

 /* Text to send on connection. Specify multiple with multiple lines. */
 perform = "PROTOCTL HCN";
};

OPM {

blacklist {
 name = "rbl.efnetrbl.org";
 type = "A record reply";
 reply {
 1 = "Open proxy";
 2 = "spamtrap666";
 3 = "spamtrap50";
 4 = "TOR exit server";
 5 = "Drones / Flooding";
 };
 ban_unknown = no;
 kline = "gline +*@%i 0 : 4An open proxy was detected in your host 1 - EFnetRBL ";
};

blacklist {
 name = "dnsbl.dronebl.org";
 type = "A record reply";
 reply {
 3 = "IRC Drone";
 4 = "Tor";
 5 = "Bottler";
 6 = "Unknown spambot or drone";
 7 = "DDOS Drone";
 8 = "SOCKS Proxy";
 9 = "HTTP Proxy";
 10 = "ProxyChain";
 };
 ban_unknown = no;
 kline = "gline +*@%i 0 : 4An open proxy was detected in your host 1 - DroneBL";
};

blacklist {
 name = "dnsbl.njabl.org";
 type = "A record reply";
 reply {
 2 = "Open Relay";
 4 = "Confirmed Spam Source";
 9 = "Open Proxy";
 };
 ban_unknown = no;
 kline = "gline +*@%i 0 : 4An open proxy was detected in your host 1 - NJABL";
};

blacklist {
 name = "dnsbl.swiftbl.org";
 type = "A record reply";
 reply {
 2 = "SOCKS Proxy";
 3 = "IRC Proxy";
 4 = "HTTP Proxy";
 5 = "IRC Drone";
 6 = "TOR";
 };
 ban_unknown = no;
 kline = "gline +*@%i 0 : 4An open proxy was detected in your host 1 - SwiftBL";
};

blacklist {
 name = "dnsbl.proxybl.org";
 type = "A record reply";
 reply {
 2 = "Open proxy";
 };
 ban_unknown = no;
 kline = "gline +*@%i 0 : 4An open proxy was detected in your host 1 - ProxyBL";
};

/* the next two entries might match too many IPs
 * so they're commented out for now
 */

/*
blacklist {
 name = "dnsbl-2.uceprotect.net";
 type = "A record reply";
 reply {
 2 = "Matched Entry";
 };
 ban_unknown = no;
 kline = "gline +*@%i 7d :uceprotect";
};

blacklist {
 name = "xbl.spamhaus.org";
 type = "A record reply";
 reply {
 4 = "CBL Detected Address"
 };
 ban_unknown = no;
 kline = "gline +*@%i 7d : 4An open proxy was detected in your host 1 - SpamhausXBL";
};
*/
 /* Pretend to send reports FROM */
#    dnsbl_from = "mybopm@myserver.example.com";

 /* Email address to send reports TO.  Specify multiple with multiple lines. */
#    dnsbl_to = "bopm-report@dronebl.org";

 /* Full path to your sendmail binary */
#    sendmail = "/usr/sbin/sendmail";
};

/* Exempt hosts matching (hostname or IP) strings from any form of scanning or dnsbl */
exempt {
 mask = "*!*@127.0.0.1";
};

exempt {
 mask = "*!*@72.20.42.*"; # Zemra.Org SHELL IP
};

12. cd ..
13. cd bin
14. ./bopm

Written by DeviL
www.Zemra.Org
Email: Info@Zemra.Org