| Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
| config:filter_files [2016/09/21 21:20] – [Trash Can Files] Typo and such digital man | config:filter_files [2017/12/09 13:47] – [Filter Exemption Files] Added link to default ipfilter_exempt.cfg digital man |
|---|
| * ''sysop*'' would mean users could not use names beginning with the word "sysop", like "sysopa" or "sysops" etc. | * ''sysop*'' would mean users could not use names beginning with the word "sysop", like "sysopa" or "sysops" etc. |
| * ''sysop~'' would mean users could not use names that have the word "sysop" anywhere in them, like "imthesysop" or "mesysophere". | * ''sysop~'' would mean users could not use names that have the word "sysop" anywhere in them, like "imthesysop" or "mesysophere". |
| | |
| | ===== IPv4 CIDR Notation ===== |
| | |
| | An additional comparison format was introduced in v3.17 (Feb-9-2017) specifically for partial (ranges of) IPv4 address matching following standard [[wp>Classless_Inter-Domain_Routing]] (CIDR) notation. For example, rather than using the comparison string "192.168.1.*" to match all IP addresses that begin with the first 3 octets of 192, 168, and 1, you could specify the same thing using CIDR notation: |
| | 192.168.1.0/24 |
| | |
| | This enables the flexibility of filtering ranges of IP addresses based on sub-networks that are not multiples of 8-bits (e.g. "192.168.1.33/30") and the format is compatible with commonly available regional block lists. |
| | |
| | All 4 octets of the IPv4 address must be specified in the CIDR comparison string (i.e. "192.168.1/24" is **not** a valid CIDR comparison string). |
| | |
| | CIDR comparisons beginning with the negation prefix (''!'') **are** supported (reverses the IP address comparison logic). |
| | |
| | IPv6 CIDR notation is not supported at this time. |
| |
| ===== Trash Can Files ===== | ===== Trash Can Files ===== |
| |
| The following table lists the supported trash can files, a description of their use, and optional response message (''.msg'') files that may be displayed to users that are filtered. Trash can files and their respective optional response files are located in the ''[[dir:text]]'' directory: | The following table lists the supported trash can files, a description of their use, and optional rejection message (''.msg'') files that may be displayed to users that are (or have their content) filtered. Trash can files and their respective optional rejection message files are located in the ''[[dir:text]]'' directory: |
| |
| ^Filename / Page ^Default Contents^Description^ | ^Filename / Page ^Default Contents^Rejection Message^Description^ |
| |''[[email.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/email.can|email.can]]|Disallowed (source or destination) e-mail addresses (see also ''[[twitlist.cfg]]'')| | |''[[email.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/email.can|email.can]]|''[[bademail.msg]]''|Disallowed (source or destination) e-mail addresses (see also ''[[twitlist.cfg]]'')| |
| |''[[bademail.msg]]''||Optional message to display to users attempting to use a disallowed email address| | |''[[file.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/file.can|file.can]]|''[[badfile.msg]]''|Disallowed filenames for upload| |
| |''[[file.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/file.can|file.can]]|Disallowed filenames for upload| | |''[[host.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/host.can|host.can]]|''[[badhost.msg]]''|Disallowed hostnames for inbound connections (when hostname lookups are enabled)| |
| |''[[badfile.msg]]''||Optional message to display to users who attempt to upload a disallowed filename| | |''[[ip.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/ip.can|ip.can]]|''[[badip.msg]]''|Disallowed IP addresses for inbound connections| |
| |''[[host.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/host.can|host.can]]|Disallowed hostnames for connections| | |''[[ip-silent.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/ip-silent.can|ip-silent.can]]| |Silently-ignored IP addresses for inbound connections| |
| |''[[badhost.msg]]''||Optional message to display to users who attempt to connect from a disallowed host| | |''[[name.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/name.can|name.can]]|''[[badname.msg]]''|Disallowed user login name/alias (see also [[howto:block-hackers]])| |
| |''[[ip.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/ip.can|ip.can]]|Disallowed IP addresses for connections| | |''[[password.can]]'' | [[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/password.can|password.can]]|''[[badpassword.msg]]''|Disallowed user passwords| |
| |''[[badip.msg]]''||Optional message to display to users who attempt to connect from a disallowed IP address| | |''[[phone.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/phone.can|phone.can]]|''[[badphone.msg]]''|Disallowed phone numbers for new users| |
| |''[[ip-silent.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/ip-silent.can|ip-silent.can]]|Silently-ignored IP addresses for connections| | |''[[subject.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/subject.can|subject.can]]|''[[badsubject.msg]]''|Disallowed subjects in posted messages| |
| |''[[name.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/name.can|name.can]]|Disallowed user login name/alias (see also [[howto:block-hackers]])| | |
| |''[[badname.msg]]''||Optional message to display to users who attempt to use a disallowed login name| | |
| |''[[phone.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/phone.can|phone.can]]|Disallowed phone numbers for new users| | |
| |''[[badphone.msg]]''||Optional message to display to users who attempt to use a disallowed phone number| | |
| |''[[subject.can]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/text/subject.can|subject.can]]|Disallowed message subjects| | |
| |''[[badsubject.msg]]''||Optional message to display to users who attempt to use a disallowed subject in a posted message| | |
| |
| ===== Other Filter Files ===== | ===== Other Filter Files ===== |
| |
| ^Filename / Page ^Default Contents^Description^ | ^Filename / Page ^Default Contents^Description^ |
| | |''[[ipfilter_exempt.cfg]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/ctrl/ipfilter_exempt.cfg|ipfilter_exempt.cfg]]| Hostnames and IP addresses that are considered exempt from temporary bans and permanent filtering (added Oct-17-2016)| |
| |''[[dnsbl_exempt.cfg]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/ctrl/dnsbl_exempt.cfg|dnsbl_exempt.cfg]]|Hostnames and IP addresses and e-mail address (enclosed in <angle brackets>) which are to be exempt from positive DNS-based Blacklist results in the [[server:mail|Mail Server]] (see also ''dns_blacklist.cfg'')| | |''[[dnsbl_exempt.cfg]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/ctrl/dnsbl_exempt.cfg|dnsbl_exempt.cfg]]|Hostnames and IP addresses and e-mail address (enclosed in <angle brackets>) which are to be exempt from positive DNS-based Blacklist results in the [[server:mail|Mail Server]] (see also ''dns_blacklist.cfg'')| |
| |''[[spamblock_exempt.cfg]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/ctrl/spamblock_exempt.cfg|spamblock_exempt.cfg]]|Hostnames and IP addresses which are not to be blocked from sending e-mail to the [[server:mail|Mail Server]] (see also ''spamblock.cfg'')| | |''[[spamblock_exempt.cfg]]'' |[[http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/ctrl/spamblock_exempt.cfg|spamblock_exempt.cfg]]|Hostnames and IP addresses which are not to be blocked from sending e-mail to the [[server:mail|Mail Server]] (see also ''spamblock.cfg'')| |
