-
nuegia.net
does anyone have an example config for how to block based on s2s server useragent?
-
Kris
no need to repeat the question.
-
moparisthebest
nuegia.net: what's a s2s server useragent? Nothing I've ever heard of
-
nuegia.net
Prosody 1.2.3
-
nuegia.net
biboumi 4.5.6
-
nuegia.net
gajim 8.9.0
-
nuegia.net
it's what's returned with a version query
-
moparisthebest
So perhaps you want something that will run a version query and then block a server based on that? I'm not aware of anything. Probably because it'd be useless.
-
praskovia
it would be more useful to actually do analysis of the stanzas sent/received from a server/user and analyze them to find spoofed instances
-
praskovia
but that would be a lot of work
-
praskovia
and would need a test harness/platform
-
praskovia
like reCaptcha but based on stanza content instead of DOM/canvas/wasm fingerprinting
-
nuegia.net
i'm not worried about spoof versions
-
nuegia.net
just blocking specific buggy versions of software causing federation problems
-
nuegia.net
specificlly bifrost
-
Kris
just block the two known instances of it
-
praskovia
nuegia.net, you should lead with that next time
-
moparisthebest
Federation problems?
-
praskovia
#matrix.org 104.20.20.236 104.20.21.236 172.67.19.90 104.20.201.37 104.20.200.37 2606:4700:10::6814:15ec 2606:4700:10::6814:14ec 2606:4700:10::ac43:135a 2606:4700:10::6814:c925 2606:4700:10::6814:c825 #lethe.matrix.org 94.237.52.46 2a04:3541:1000:500:6866:a4ff:fe4c:56d7 #aria-net.org 129.152.14.194 2001:470:b620:edea:ecce::ae
-
praskovia
just DROP traffic from those addresses
-
praskovia
you can also use ejabberd acl globs to handle others