1 · What is a Channel Ban and When To Use One?
A ban is a channel mode that is set to prevent clients with certain IRC identifiers (username, hostname, nickname) from joining that channel. If they are already on the channel, it prevents them from speaking (similar to if the channel is +m but they are not +o or +v) or changing their nickname. This feature is known as +bquiet.
Bans are channel specific, that is, a ban will only exist in the channel specified in the ban command line. All bans will disappear from a channel if that channel becomes empty. Channel bans can only be set and removed by channel operators. AutoKicks are the exception to the rule and are implemented by ChanServ whenever a user matching the ban attempts to join the channel in question. Whether there is anyone in the channel or not is irrelevant.
When should you use a ban? Well that is entirely up to you as a channel operator. Generally a ban would be placed on a user joining a channel who was constantly causing trouble. That is, flooding the channel or being rude. This doesn't mean that is the only time a ban will be placed. You may be banned from a channel due to an offensive nickname, or another reason. Setting bans is at the full discretion of the channel operator.
It should be noted that a channel operator has the right to ban anyone they wish, for any reason they wish. As a channel operator, they are in effect the owner of the channel. Think of it as a house. If you happen to be the owner, you retain the right to remove someone for any reason you wish, perhaps only because you dislike them.
Some channels may have a set of rules used to determine when to place a ban. When you achieve operator status in a channel consult with the founder of that channel to see if they have a set of rules, if you don't already know, which outline instances or activities when bans will be placed on users.
2 · What Information Is Needed To Place A Ban?
In order to set a ban, you must know the address of the user that is going to be prevented from joining the channel or silenced. To find out this information, use the WHOIS command.
In the case where the user has changed nicks, you can use the WHOWAS command. This command can only be used immediately after someone has changed nicks or has quit the network. The server is unable to remember the address of a user indefinitely after they have changed nicks or quit, so you have about a minute to perform the WHOWAS command in order for it to be effective.
I'll use the nickname of Nick in all of the following examples. Now to perform the WHOIS command on "Nick", you would type:
/whois NICK
at any command line within your IRC client. Depending on what client you are using, or what scripts and filters you are running, it will give you output looking something like the following:
*** Aysmonte is AMO@cs1p1.ipswich.gil.com.au Aysmonte@dal.net
*** on channels: @#gryphons
*** on irc via server cin.il.us.dal.net
As you can see, there is a lot of information given us, including: the user's address, channels the user is currently on, IRC server being used, and other details such as if the user is away and such (not shown here, see Appendix A). The information that we are really interested in appears in the first line:
*** Aysmonte is AMO@cs1p1.ipswich.gil.com.au Aysmonte@dal.net
Breaking the address down to the following parts:
nickname!userid@ISP.domain.country
The ISP.domain.country section is also referred to as the host name or domain.
Of course you will see some weird addresses from time to time, but essentially it is always in the above format, with the domain and/or country being last and the rest of the information after the @ being part of the information about the ISP and the computer used. You can ban on any of nickname, userid and domain depending on how stern or lax you wish the ban to be enforced. This will be covered in more detail later in this document.
The '!' is a separator to separate the nickname from the userid field. The userid and nickname can also be the same. The '@' symbol is another separator. The '@' separates the userid field from the remaining address (Hostname).
I'll give examples of bans following, ranging from a very specific ban to the most general site-wide bans. It is up to you to determine the ban needed for the particular instance and to also maintain any ban lists you feel should always be in place. The majority of bans that you will need to place will likely be temporary bans and could be removed after a short time.
As mentioned above, there is also the possibility that the host in question is a VHost. VHost stands for virtual host and is a vanity address, most of the time, created especially for going onto IRC.
Therefore, you may see an output that would be quite bizarre such as:
*** Nick is god@dancing.with.wolves.in.moonlight.net Hey hey!
*** on channels: @#faqsfordalnet
*** on irc via server shiva.va.us.dal.net
In the case of VHosts, you should keep in mind that there is more than likely a few other similar, or totally different hosts. Shell Account Providers make dozens of these hosts available to their users. In cases such as these, one should take careful note of the ident. If a ban is evaded, then it might be worth a try to only set a ban on the userid of the person in question. Further instructions will be given below.
3 · How To Place Bans
In all of the ban examples given I'll use <#channel> to indicate the channel name of where the ban should be place. Make sure you specify the right channel in the mode command and not <#channel>.
Note: Some clients have specific commands for banning. The MODE command used here works with all clients. You should view your IRC program's (client's) help documentation about bans/banning to find out how to use the client-specific ban commands, if any.
To ban a certain nickname ONLY you would use the following command:
/MODE #channel +b Nick
or in full
/MODE #channel +b Nick!*@*
An example of a ban using a real channel name and nickname would be like this:
/MODE #Gryphons +b Aysmonte!*@*
Both of these commands will result in the same ban mask. If you are unfamiliar with the usage of the /MODE command, see Appendix A for more information on this command.
This tells all the IRC servers in the IRC network that anyone using the nickname of Nick should not be allowed to join the channel. It should also be noted that bans do not kick users off of a channel. On DALnet, it will prevent them from changing their nickname and/or sending any text to the channel, but they will remain on channel, and receive all channel text until an operator kicks them or they leave the channel.
This ban is rarely used, as the banned user can simply change nicknames to get past it. (Technically this is ban evasion on the part of the user, but due to the laxness of the ban not many people would be willing to call it real ban evasion.) However, it does have it's advantages in preventing offensive nicknames from being used. (For example, banning *sex*!*@* in a family channel.)
The asterisks, "*", in the above command are known as wildcards. Wildcards are used to represent zero or more characters in that position, that is it matches any number of any characters in that position, even none at all. Another wildcard is "?". The question mark "?" is used to specify only one character in that position and is generally rarely useful. Some of you may be used to using wildcards in directory searches for files and as such they perform similarly. You'll also note the "!" is still used as the separator in the ban syntax.
Examples of wildcards for IRC are:
ni?e = nice, nine, nixe, nife ...... *.gil.com.au = ipswich.gil.com.au, cs1p1.ipswich.gil.com.au, anyvarietywith.gil.com.au
? = One Character In This Position
* = Any String In This Position
Now, this example ban is pretty pointless, due to being very specific on a field that is easy to change. A "wider" (a ban that covers more possible variations of addresses, eg AMO@cs1p1.ipswich.gil.com.au is specific (narrow) whereas AMO@*.gil.com.au is more general (wider)) and a little better ban would be the following:
/MODE #channel +b
*!User@ISP.domain.country
Breaking this ban down, we are saying ban everyone with any nickname and whose userid is User or user (bans are not case-sensitive), with a hostname of ISP.domain.country. This is a little harder to evade but all evasion entails is to log off the IRC network, change your userid and log back on and avoid the ban. Again it will stop the Nick from rejoining your channel immediately but will only stop them for a few seconds, assuming the user will want to evade your ban.
For users who are in the habit of using a variety of VHosts to evade bans, you can try to stop them by banning their userid (ident) only:
/MODE #channel +b *!userid@*
With the whois output example that we had at the beginning of this manual (Nick is god@dancing.with.wolves.in.moonlight.net), the actual command would look like this:
/MODE #channel +b *!god@*
If, however, repeated ident bans are unsuccessful, you should consider placing a ban on the entire IP block. You will have to keep in mind that this will usually keep out all the users from the company who is providing the VHost.
The first thing to do is to find the IP block that this VHost is part of:
/DNS hostname
Let's try this with the practical example of using the command on the domain dancing.with.wolves.in.moonlight.net. You would probably get something ressembling the following:
Looking up dancing.with.wolves.in.moonlight.net ..
Resolved dancing.with.wolves.in.moonlight.net to 222.666.999.555
We have now established that the host of dancing.with.wolves.in.moonlight.net has an IP address of 222.666.999.555. This means that all the other VHosts of the company are likely to be under 222.666.999.something (provided that it's not a huge company). In order to a ban on IP block, you would type:
/MODE #channel +b *!*@222.666.999.*
Should you still have problems with this user then it would be high time to contact someone in an official help channel such as #Help. IRC Operators can be found in #OperHelp.
With more 'normal' situations, a much better ban to place, especially if this is to be a temporary ban, would be the following:
/MODE #channel +b
*!*@ISP.domain.country
I should note here that not all users can change their user name but it is a good assumption to make these days as more and more people connect using clients allowing them to do this modification.
The "*!*" tells the server to not allow any nickname or userid from the specified Host/Domain to join your channel.
With experience you will note that the ISP section of an address changes for people using PPP or SLIP dial in accounts. There will be a static part referring to the ISP, however there is also usually an extra part catering for these users. We will break down the ISP part of the address now to become:
nick!userid@PPP.ISP.DOMAIN.COUNTRY
The PPP is assigned to a user when they log onto their ISP, usually via dialing in on a modem, for the duration of that call/connection.
To stop a person more efficiently from joining your channel you ban them as per the following:
/MODE #channel +b
*!*@*.ISP.domain.country
This, as you can see, would be saying that you want to ban all nicknames, userid's and PPP's from a particular ISP. This is probably the safest and most widely used, form of ban you could do to a troublesome user. Basically no one from that ISP will be able to join your channel. However, they may have a second account with a totally different ISP which they could log onto and then avoid your ban. This would be counted as ban evasion which isn't permitted on DALnet. Seek out an IRCop if/when this happens. The above example of people changing VHosts in order to get around a ban is another example of ban evasion.
Of course another ban you could consider for a temporary ban is a very wide Domain or Country ban. This would be used as a quick fix to get rid of a troublemaker while figuring out a proper ban to place on that user. It could take the following forms:
/MODE #channel +b *!*@*.domain.country
/MODE #channel +b *!*@*.country
These are very wide however, and you would be "catching" a lot of people in this ban who don't deserve to be banned from your channel. On this note it would be a good time to mention that once you have a ban in place you can't place another ban that covers that range. So if you place a ban on *!*@*.ISP.DOMAIN.COUNTRY you can't then ban: *!*@*.DOMAIN.COUNTRY (wider ban) or *!NickID@PPP.ISP.DOMAIN.COUNTRY (narrower / more specific ban).
What does this mean to you? Well if you have banned a userid and nickname (*!*@PPP.ISP.DOMAIN.COUNTRY) from entering your channel then you would have to remove this ban before making it for the whole ISP (*!*@*.ISP.DOMAIN.COUNTRY) or some other similar ban.
It is a good idea to periodically check your ban lists for maintenance. While doing so you may find 2 bans in place that are similar but not quite the same. We shall use the following addresses for our bans in this example:
Nick1!userid1@NewISP.NewDomain.COUNTRY
Nick2!userid2@OldISP.OldDomain.COUNTRY
Now let us say the ban was on nickname and userid making them
*!*@NewISP.NewDomain.COUNTRY
*!*@OldISP.OldDomain.COUNTRY
So to make things more efficient and your ban list more manageable you could ban
*!*@*ISP.*Domain.COUNTRY
to cover both of them.
Why keep as few long term bans as possible? Basically, shorter lists are always easier to manage and reset if needed. You should also note that DALnet only allows a maximum of 200 bans for a channel at any one time.
Another thing you could do with similar bans is use a screw ban. A screw ban basically uses the wildcard "?". Screw bans aren't very useful, and they are very rarely used in practice. For example you have two ISP's with a similar name:
*!*@New1ISP.Domain.COUNTRY
*!*@New2ISP.Domain.COUNTRY
For a ban here you would put a ban on:
/MODE #channel +b
*!*@New?ISP.Domain.COUNTRY
Note that the "?" only works for ONE character, so if it were trying to block more then one character you would have to use a "*". Other variations are possible of all these bans. The wildcards can be mixed up and swapped around from front of a word to middle to end. You can even use the wildcards for the country field. Take to following two addresses:
Nick1!userid1@ISP.DOMAIN.net
Nick2!userid2@ISP.DOMAIN.com
You could place a ban such as:
/MODE #channel +b
*!*@ISP.Domain.*
to cover all nicknames, userid and country fields. Again this ban isn't too useful. Technically it could come up sometime, however I doubt you would ever have the need to place such a ban. Bans are versatile and only as efficient as you let them be, they take some experience to get used to but after a while at looking at people's addresses you should soon get a feel for how to ban effectively. Don't fret if you don't know what is a good for some particular case, just try out something and see if it will work. For some people placing bans is a nightmare, but so long as you have a general understanding you should be able to look after a channel till a more experienced operator comes along to help you. If you have a friend on IRC then you may ask for their assistance in placing bans on them and experimenting. For a quick check list as a guide to banning see the "Quick Ban Guide", section 7 later in this document.
There are other configurations of bans that I could go into such as:
/MODE #channel +b
*!*user@*.isp.net
but there is no real need to go through them ALL with you. With experience you'll feel out what type of ban you will need to place as the need arises. Watching others and asking them why they have placed a ban a certain way can also lead to understanding on your part. Also take note of your punctuation when banning for *!*user@*isp.net is totally different to *!*user@*.isp.net (note addition of period/dot), so it is advisable to be very pedantic when doing your bans or you will find some unpredictable results.
At times you will see users with an IP address, that is they have numbers instead of words for their address (hostname)! This is common enough, so don't worry. We just have to modify our thinking when it comes to making an effective ban for such users. Let me point out that they may not always have IP numbers for addresses due to various reasons.
It should be noted that for each and every hostname there is an associated IP address (as demonstrated with our VHost examples). If you ban someone while they are using their IP address then they will still be prevented from rejoining the channel even if their hostname resolves the next time - provided, of course, that the IP address hasn't changed. Usually the lack of a resolved address is due to lag between their ISP and the IRC server they connected to when they joined DALnet. This results in the IRC server not being able to get a response from the "name lookup" in time, so it uses their IP address instead.
See Appendix A for an example of output from a /WHOIS done on a user with an IP address.
As you can see instead of a "text" hostname there is now a set of four numbers. For some users this will be constant but for others it will change. The part that will do the changing generally is the last digit (though this isn't always the case, but common enough that there's no need to expect anything else). It should be noted that if they or you have a static (unchanging) hostname then your IP will always be the same as well. So unlike before where we would use a wildcard to ban the first part of the host, we would in these cases remove the last digit and place a wildcard in there such as:
/MODE #channel +b *!*user@254.253.252.*
You can also add a timed ban where the ban you placed will be removed automatically after a number of seconds specified. For example, if I want to ban the nick Aysmonte for 20 seconds on #fleetstreet, I will type:
/ban -u20 #fleetstreet Aysmonte*!*@*
There's also a command for you to ban kick a user simultaneously rather than typing 2 commands. For example, if I want to ban kick Aysmonte, I will type:
/ban -k #fleetstreet Aysmonte reason
This will place a ban on his IP address/host and kick Aysmonte from the channel.
4 · Removal and Modification Of Ban Lists
Removing bans is relatively simple compared to setting one. Firstly you have know which ban mask you wish to remove from your channel. This can be achieved in most applications by using the command:
/MODE #channel b
Other clients, for example mIRC, all you would do is double click in the channel text area to retrieve a list of channel bans.
Once you have a list of bans on your channel, find which ban mask you wish to delete then simply type:
/MODE #channel -b banmask
You should note that if your channel no longer exists, i.e. all the users leave the channel then your current ban list will no longer exist and will have to be recreated once you "re-create" the channel (join it). DALnet gets around this in a fashion by using ChanServ's AKICK command, but this is only available for registered channels.
It should be noted that if you have a wide ban (eg. *!*@*.com.au) and you wish to place a narrower ban (eg. *!*@cs1p1.ipswich.gil.com.au ) on someone (not that they would be on the channel in the first place). Remove the wide ban before placing the narrow ban.
5 · Simplyfying bans
Sometimes, you want to keep out specific nicknames that are used by spambots that come in with a standard name with numbers at the end of their nick. You want to set a nick ban than having to add 100 bans to your banlist. Let's take a look at the following example:
5 users from different IPs/hosts come in to #fleetstreet with the nicks Andrea521, Andrea522, Andrea523, Andrea524 and Andrea525. Instead of adding 5 bans on their hosts, you can simplify the ban by adding a nick ban by using wildcards as discussed previously. So you will type the following command:
/mode #fleetstreet +b Andrea???!*@*
which will keep all of them out. The problem is, if they use less or more than 3 characters after that nick, this will render the ban ineffective. Therefore, you will need to set a wider ban to keep them out completely. So the following ban mask will be set:
/mode #fleetstreet +b Andrea*!*@*
which will keep anyone with the nick Andrea regardless of any number of characters behind it out of the channel. However, if you have a friend who may be affected by the ban eg. Andrea_Simon, you will then need to place an exception mask. You may refer to section 8 to know more on how to place an exception.
6 · Other Associated DALnet Services
DALnet uses ChanServ to look after registered channels. This maintains a ban list of sorts. Basically, when you add an AKICK on a host mask, ChanServ checks users as they join your registered channel. When a user with a host mask in ChanServ's AKICK list joins your channel, it kicks the user from your channel and places a ban on that mask to stop them from rejoining.
To add an AKICK to a channel, firstly the channel must be registered, secondly you need to have a SOP (or the founder) to place the ban. A SOP is a channel SuperOp, for more information use the command /ChanServ help SOP.
Note: Some clients may not allow you use the /ChanServ. If this is the case then try using /msg ChanServ@services.dal.net instead.
The command to add an AKICK is:
/ChanServ AKICK #channel ADD
nickname or host mask
More information on this command can be obtained at http://www.dal.net/services or from ChanServ's help system:
/ChanServ Help AKICK
AKICKs stay until they are removed, so it is important to maintain the AKICK list and remove any old entries.
7 · Quick Ban Guide
-
Decide if the ban is temporary or long term.
-
Get the user's information using the /WHOIS command or /WHOWAS command
-
If the ban is temporary then place a narrow ban such as nickname!*@* or *!userid@*
-
If the ban is to be long term, set a wider AKICK such as *!*@*.host
-
Review your ban to make sure it is efficient and not stopping too many users from joining your channel.
-
If a temporary ban, remember to remove it after a predetermined time, say 10 minutes.
8 · Exception Mode (+e)
The +e or exception mode has been introduced when Bahamut 1.8.* was released. The function of this mode is to allow someone who is affected by a ban which was not intended for him/her to join the channel. For example, if I place a ban on the mask *!*@219.94.* on #fleetstreet but I'd like to allow my friend Ting whose mask is Ting!kluv@219.94.25.63 into the channel, I would place an exception by typing:
/mode #channelname +e Ting!*@219.94.*
which will allow Ting to join the channel. The exception mode is also useful especially when you want to ban a specific host/domain/ISP but wish to allow specific people to join. For more information on the exception mode, you can read the modes document at this link http://docs.dal.net/docs/modes.html#2.3.
Please direct any comments or feedback about this document (only! no help requests!) to docs@dal.net. If you need help on issues not covered in this document, please see the information at http://help.dal.net.