Annotation of acopm/README.md, Revision 1.1.1.1
1.1 bountyht 1: # ACOPM [![Build Status](https://travis-ci.org/AlphaChat/ACOPM.svg?branch=master)](https://travis-ci.org/AlphaChat/ACOPM)
2:
3: ACOPM (The AlphaChat Open Proxy Monitor) is a from-scratch implementation of
4: a DNSBL and proxy checking program for IRC networks.
5:
6: For similar programs in this area, look no further than HOPM (The Hybrid Open
7: Proxy Monitor), and the program it is based on, BOPM (The Blitzed Open Proxy
8: Monitor), which is no longer under development.
9:
10: This implementation strives to achieve a number of goals not currently met by
11: either of the above programs:
12:
13: - Easily readable and auditable sourcecode, written to a high standard and
14: with thorough testing
15:
16: - Reuse of existing libraries instead of creation of new ones for tasks such
17: as event handling (libevent) and configuration file parsing (libconfig)
18:
19: - Efficiency (e.g. by blocking as much as possible, and reading & processing
20: as much data at a time as possible, or with the use of highly scalable I/O
21: instead of plain `poll(2)` or `select(2)`)
22:
23: - The use of a TLS library other than OpenSSL for communicating with HTTPS
24: proxies (which may be malicious) and with IRCd (which BOPM/HOPM do not do)
25:
26: - IRCv3/SASL support for identification to IRC Services at IRCd registration
27: time
28:
29:
30: # WARNING
31:
32: This program is currently under development. It is not production-ready and
33: lacks a few planned features. While it is constantly debugged and tested
34: from a safety point of view using tools like Valgrind, ASan, and Clang's
35: static analyzer (`scan-build(1)`), it has not yet been thoroughly tested from
36: a behaviour point of view on a production IRC network with real data.
37:
38: We recommend running it in report-only mode (see the example configuration
39: file) so that it does not disconnect clients in error.
40:
41:
42: # Requirements
43:
44: - A supported operating system (see the Notes section below)
45:
46: - To speak TLS to an IRCd and scan for HTTPS CONNECT proxies, you need a
47: version of ARM mbedTLS, at least 2.2, and `./configure --with-mbedtls`.
48:
49: - If you do not have it, you can use `./configure --with-mbedtls=internal`
50: to build a local copy of 2.5 instead. Note that if you wish to do this,
51: you must clone this project with `git(1)` directly, instead of using a
52: source code tarball, because the in-tree copy of ARM mbedTLS is a Git
53: sub-module
54:
55: - To use the proxy scanning feature, the machine you run this software on
56: must be hosted by a provider that permits port scanning of foreign networks
57: and addresses. Many do not, so consult your provider before enabling this
58: feature, or they may seize or destroy the machine without warning!
59:
60: - To use the provided DroneBL submission script to automatically report open
61: proxies to the DroneBL project for listing, you will need to obtain an RPC
62: key from that project; [do so here](https://dronebl.org/rpckey_signup).
63: Once you have a key, see the example configuration file for how to use it.
64: However, you should not request a key if you will not be using the script!
65:
66:
67: # Notes
68:
69: Before you can configure and make this program, you must execute `autogen.sh`.
70:
71: Additionally, the machine will need to have the requisite libraries (libconfig
72: and libevent) available and installed.
73:
74: This program should compile without (serious) warnings and run on any of the
75: following supported operating systems. Please see the Help section below for
76: where to report a possible issue if it does not.
77:
78: - Most modern Linux distributions (Alpine, Arch, Debian, Gentoo, Ubuntu, ...)
79:
80: - OpenBSD, FreeBSD, and NetBSD versions that still receive support from their
81: respective developers and/or vendors
82:
83:
84: # Help
85:
86: For assistance with this software, please drop by
87: [`#AlphaDev on AlphaChat`](https://webchat.alphachat.net/?channels=AlphaDev)
CVSweb