Configuring Sigyn

As Sigyn is a Limnoria plugin, it is configured the same as any other plugin. It is assumed you have a decent knowledge of Limnoria syntax and capabilities before trying to do anything with Sigyn (after all, Sigyn has much more power than most plugins!)

Sigyn uses the protected capability to exempt users from various abuse types, so it is a good idea to run defaultcapability remove protected first. Exempting users per channel is done by making a new user, adding hostmasks you want exempted, and then giving it the #channel,protected capability.

Global configuration values

enable

Set True to enable kill and kline, otherwise just report in the log channel what Sigyn would have done

Oper configuration

operatorNick

The nick parameter of the /oper nick password ircd-seven command

operatorPassword

The password parameter of the /oper nick password ircd-seven command. If both this and operatorNick are specified, the bot will automatically oper up on connect.

klineDuration

Default kline duration (in minutes). Note that some types of abuses have different kline durations hardcoded (for now) into the code, and will not respect this value.

klineMessage

Default kline message. Note that some types of abuses have different kline messages hardcoded (for now) into the code, and will not respect this value.

killMessage

Default kill message.

snoopChannel

Services log channel. Note that some features are specific to Atheme services, and will not work with other services packages

mxbl

List of MX records to automatically FDROP and BADMAIL

Channel Logging

logChannel

Channel where Sigyn logs all her actions. It's a good idea to voice or op her in the channel to avoid fakelag with a lot of notices, and probably a good idea to add flood_exempt to her auth block to avoid flooding off the network if she isn't opered.

useNotice

Set True to send messages to the logChannel using NOTICE, False to send them using PRIVMSG

announcePermit

If Sigyn sends more than this number of messages to the log channel in announceLife seconds, she will not send any more messages for alertPeriod seconds

announceLife

Number of seconds that entries in the announcePermit queue are valid for.

alertPeriod

Number of seconds between alerts of the same type in logChannel

Open Proxy Monitoring

opmChannel

Channel where the open proxy and dnsbl bots report to. Note this is specific to txopm output, hopm may or may not work.

opmNicks

List of the nicks of the txopm bots you want Sigyn to watch for botwaves.

opmPermit

Threshold of distinct txopm k-lines, anything above this number in opmLife seconds will trigger global defcon mode. Note that the IP addresses are deduped, if more than one bot reports the same IP, it will only be counted once.

opmLife

Duration of txopm k-line queue.

DroneBL

droneblKey

DroneBL key for submitting spambots to the DroneBL

droneblPatterns

List of patterns to trigger an automatic DroneBL addition

Lag settings

lagPermit

Threshold of Sigyn to server lag. If a server lags more than the specified number of seconds, Sigyn will automatically go into netsplit mode

lagInterval

Number of seconds between lag checks, also used to garbage collect and clean up state.

netsplitDuration

How many seconds netsplit mode is active for.

SASL brute-force protection

saslPermit

Threshold of SASL failed login attempts for a specific account in the queue

saslLife

Number of seconds entries in the SASL failed login queue are active for

saslDuration

Duration of dline

saslMessage

dline message on SASL failed login attempts

NickServ abuse

idPermit

Number of failed login snotes for a unique account before taking action

idLife

Time that entries in idPermit queue are valid

registerPermit

Number of registrations per IP before taking action

registerLife

Time that entries in registerPermit queue are valid

amsg

amsgMinimum

Minimum length of text to consider it an amsg

amsgPermit

Threshold for number of channels message is sent to

amsgLife

Time in seconds that a particular message is held as a potential amsg

amsgPercent

Percent of similarity between messages

snotes

channelCreationPermit

Number of channel creations allowed before taking action

channelCreationLife

Number of seconds that entries in the channelCreationPermit queue are valid for

channelFloodPermit

Number of unique channel flood snotes before taking action

channelFloodLife

Time that entries in channelFloodPermit queue are valid

userFloodPermit

Number of unique user flood snotes before taking action

userFloodLife

Time that entries in userFloodPermit are valid

joinRatePermit

Number of unique join flood snotes allowed before taking action

joinRateLife

Time that entries in joinRatePermit queue are valid

crawlPermit

Number of unique spambot snotes allowed before taking action

crawlLife

Time that entries in crawlPermit queue are valid

Misc.

defcon

Default length in seconds of defcon mode.

resolverTimeout

Seconds for DNS queries to timeout

alertOnWideKline

Send message to logChannel if a kline hits more than this number of users

ghostPermit

max number of ghost connections allowed

Channel configuration values

join/quit flood

brokenPermit

Number of quits allowed from a user before taking action

brokenLife

Time that entries in brokenPermit queue are valid

brokenDuration

Time in minutes of the kline for join/quit flood

brokenReason

Message of the kline set for join/quit flood

brokenHost

List of known broken hosts

Ignore settings

ignoreChannel

If True, never take action on abuses in the channel

ignoreVoicedUser

If True, ignore voiced users in the channel

ignoreDuration

Number of seconds that a user is in the channel to consider them ignored

bypassIgnorePermit

Number of abuses that a ignored user can have before taking action

bypassIgnoreLife

Time in seconds abuses in bypassIgnore are valid

Repeat Abuse

abusePermit

Number of abuses on the channel before defcon mode is enabled for the channel

abuseLife

Time in seconds the entries in the abuse queue are valid

abuseDuration

Time in seconds for how long defcon mode should be enabled

defconMode

If True, sets the channel +qz $~a when entering defcon mode, and removes it when exiting defcon mode

Mass join abuse

massJoinPermit

Number of similar nicks allowed in queue before taking action

massJoinLife

Time in seconds the entries in the massJoin queue are valid for

massJoinPercent

Percent of similarity between two nicks that joined a channel in the span of massJoinLife

massJoinMinimum

Minimum length of nick to look at for massJoin abuse

Channel flood abuse

floodPermit

Number of entries in flood queue before action is taken

floodLife

Time in seconds entries in the flood queue are valid

floodMinimum

Minimum length of message to check for flood abuse

lowFloodPermit

Number of entries in the lowFlood queue before taking action

lowFloodLife

Time in seconds entries in the lowFlood queue are valid

Message repeat abuse

repeatPermit

Number of entries in the repeat queue before action is taken

repeatLife

Time in seconds that entries in the repeat queue are valid

repeatPercent

Percent of similarity between two messages to check for repeat

repeatCount

Length of message to consider creating a temporary pattern for

repeatPattern

Minimum length of a message to consider adding to the repeat queue

lowRepeatPermit

Number of entries in the lowRepeat queue before action is taken

lowRepeatLife

Time in seconds that entries in the lowRepeat queue are valid

lowRepeatPercent

Percent of similarity between two messages to check for lowRepeat

lowRepeatMinimum

Minimum length of a message to consider adding to the lowRepeat queue

massRepeatPermit

Number of entries in the massRepeat queue before action is taken

massRepeatLife

Time in seconds that entries in the massRepeat queue are valid

massRepeatPercent

Percent of similarity between two messages to check for massRepeat

massRepeatMinimum

Minimum length of a message to consider adding to the massRepeat queue

lowMassRepeatPermit

Number of entries in the massRepeat queue before action is taken

lowMassRepeatLife

Time in seconds that entries in the massRepeat queue are valid

lowMassRepeatPercent

Percent of similarity between two messages to check for massRepeat

lowMassRepeatMinimum

Minimum length of a message to consider adding to the massRepeat queue

computedPattern

Minimum number of characters to keep as a temporary pattern

computedPatternLife

Time in seconds that entries in the computedPattern queue are valid for

shareComputedPatternID

Share the temporary pattern between channels with the same number, -1 to not share to any other channels

Nick highlight abuse

highlightNick

Number of nicks in the message to be added to the highlight queue

highlightPermit

Minimum number of entries in the highlight queue to take action

highlightLife

Time in seconds that entries in the highlight queue are valid for

lowHighlightNick

Number of nicks in the message to be added to the highlight queue

lowHighlightPermit

Minimum number of entries in the highlight queue to take action

lowHighlightLife

Time in seconds that entries in the highlight queue are valid for

Join/Part flood

cyclePermit

Minimum number of join/part cycles to take action

cycleLife

Time in seconds that entries in the cycle queue are valid for

CTCP flood

ctcpPermit

Minimum number of CTCP messages per user to take action

ctcpLife

Time in seconds that entries in the CTCP queue are valid for

Nick change abuse

nickPermit

Minimum number of nick changes per user to take action

nickLife

Time in seconds that entries in the nick queue are valid for