47 lines
1.9 KiB
YAML
47 lines
1.9 KiB
YAML
# an IP may match two different lists. if they give different results,
|
|
# which should take precedence?
|
|
precedence: [block, require-sasl]
|
|
|
|
# the dnsbls to check for every client entering the network
|
|
# these are just examples to show the possibilities for the config
|
|
lists:
|
|
-
|
|
# host - specific hostname to use
|
|
host: "dnsbl.dronebl.org"
|
|
|
|
# action to take if the client matches this dnsbl:
|
|
# - allow - let the client access the network
|
|
# - block - block the client from accessing the network, with the given message
|
|
# - require-sasl - require the client to login with SASL, kill them if they don't
|
|
action: require-sasl
|
|
|
|
# reason that's shown if they're unable to access the network because of this rbl.
|
|
# we support the following variables:
|
|
# - "{ip}" - their IP address
|
|
reason: "Your IP {ip} is listed in DroneBL. For assistance, see http://dronebl.org/lookup?ip={ip}"
|
|
|
|
# specific replies to take action on. these are based on the last octet of the return IP.
|
|
# for example, "24" or "13,54,24" would both match a result of "127.0.0.24" from the rbl.
|
|
replies:
|
|
-
|
|
# these are proxies: https://dronebl.org/classes
|
|
codes: [8, 9, 10, 11]
|
|
action: require-sasl
|
|
reason: "You need to enable SASL to access this network. For assistance, see http://dronebl.org/lookup?ip={ip}"
|
|
-
|
|
# this is the "testing class":
|
|
codes: [1]
|
|
action: allow
|
|
|
|
-
|
|
host: "rbl.efnetrbl.org"
|
|
# restrict to IPv4 only (use 6 for IPv6)
|
|
addresses: 4
|
|
action: block
|
|
reason: "Your IP {ip} is listed in the EFnet RBL. For assistance, see http://efnetrbl.org/?i={ip}"
|
|
|
|
-
|
|
host: "torexit.dan.me.uk"
|
|
action: require-sasl
|
|
reason: "You need to enable SASL to access this network while using Tor"
|