BOPM
From NeoWiki
This will help all of you that run servers on Neoturbine NET IRC install BOPM to filter connects that match entries at various DNSBLs. I urge you to please install BOPM ASAP as it will prevent users from evading bans via Open Proxies and Tor.
There might be BOPM packages available for your operating system. If your OS has a package by all means USE IT instead. Just scroll to the configure BOPM part after you have installed the package.
This is just a guide. Don't listen to me. I don't know anything. Sahal 16:41, 16 September 2007 (EDT)
[edit] BOPM Installation
[edit] create user bopm and its home directory
useradd -d /home/bopm bopm
This is supposed to create the directory if it doesn't exist but it didn't in my Arch Linux install so i ran the following commands
mkdir /home/bopm chown bopm /home/bopm
you can also use superadduser in gentoo.
[edit] switch to user bopm
su bopm cd
you might want to add a user password to user 'bopm' if you haven't already restricted its access via SSH.
passwd
[edit] download bopm this is symlinked to the latest listed on the BOPM wiki
wget http://static.blitzed.org/www.blitzed.org/bopm/files/bopm-current.tar.gz
[edit] untar bopm
tar xvvf bopm-current.tar.gz
[edit] move to the bopm directory this depends on what the current version is
cd bopm-3.1.3/
[edit] read INSTALL and configure help you may find some interesting information
less INSTALL ./configure --help | less
[edit] configure compile and put it in $HOME/bopm
./configure && make && make install
[edit] configure bopm.conf i don't run a scanner on my server
here's the config i use: http://pastebin.ca/1016033
cd $HOME/bopm/etc/ mv bopm.conf bopm.conf.old wget -O - http://pastebin.ca/raw/1016033 > bopm.conf nano bopm.conf
You will need to modify this file to change your BOPMs username, operpass, channel, channel key, server port, etc.
Also, if you're installed bopm from a binary package you might need to change where you pid file / scan.log file (if you're running a scanner) is located. note that bopm.pid/scan.log needs to be read/written by the user that bopm runs under.
[edit] configure unrealircd.conf to add the bopm operator
you will need to switch to the unrealircd user... whoever that is on your system.
oper bopm {
class clients;
from {
userhost bopm@127.0.0.1; # the reason why BOPMs vhost is 127.0.0.1
};
password CHANGETHISVALUE;
flags {
netadmin;
can_zline;
get_host;
local;
can_override;
};
};
[edit] restrict CGI:IRC clients from connecting to your server
Since we're already in unrealircd.conf...
ban version {
mask "*CGI:IRC*";
reason "CGI:IRC scripts are not welcome";
};
This will kill all users that have CGI:IRC in their VERSION reply. Later we can add special exceptions that will only allow our, as of yet, non-existent, PROTECTED CGI:IRC client to connect. This will look something like:
except ban {
mask *@localhost;
};
[edit] starting bopm for the first time
While logged in as user bopm just run the binary. The "&" is used to make it run in the background [1].
/home/bopm/bopm/bin/bopm &
[edit] make it start up automatically on boot
in gentoo:
echo su -c /home/bopm/bopm/bin/bopm bopm >> /etc/conf.d/local.start
in archlinux:
echo su -c /home/bopm/bopm/bin/bopm bopm >> /etc/rc.local
in slackware:
echo su -c /home/bopm/bopm/bin/bopm bopm >> /etc/rc.d/rc.local
in debian:
# Nothing, it already does start up automatically!
[edit] extra note
Before (or after) running the above commands you should make sure that there is no exit line in the script. If there is the rc.local script will exit before it reaches the line for bopm. Just move the exit line below the command if one exists. I saw this while looking at shariq's rc.local in Ubuntu Server Edition.
For example:exit 0 #blah blah blahBecomes:
#blah blah blah exit 0
