I develop stuff and have opinions on things -
About me/Contact

Articles:

Admin tool for jabber servers

Translations: fr

XMPP servers are often the victim of bots, which create accounts in an automated manner, and then which use those accounts to flood chatrooms with, for example, a very large number of big unicode chars, which makes everyone lag and creates a heavy load on the server.

I have no idea why someone, even someone really dumb, would do that, as it’s not spam, there is no money to be made, it’s basically only degrading the user experience while not gaining anything, but we can see this behavior from syrian and russian IP addresses, mostly.

Servers with a restricted access -say, a captcha- are also victims of this, since the human has only to interact once with the server in order to create an accounts for the bots to use.

That issue is not new, and the XEP-0133 has been here for quite some time, is implemented in most servers, and works inside any client that supports ad-hoc commands.

But while it works, it is not convenient, because you have to do all the steps one by one (fetch the connected users, check which have a flooder profile, run a second ad-hoc command to get his IP, etc…).

That’s why, in order to manage efficiently the several JabberFR servers (which is not my task), we had to write a dedicated tool.

Features

The tool does the following:

  • Connects to the server with an admin account
  • Fetchs 100 connected users (the case covered by the XEP)
  • Fetchs defailed info on each of those users (ip and country, resources, jid, roster size)
  • Displays all those informations in a nice graphical window
  • The users then checks a box at each line with a “flooder profile” to mark it for purge
  • A button allows him to delete all those accounts
  • The other button dumps all the selected IPs in a text file, for further use (e.g. iptables ban)

Dependancies

This script uses:

  • python-gobject (and gobject-introspection)
  • gtk
  • pygeoip (and geoip)
  • sleekxmpp

I code in python3 and it probably won’t work in python2, because I assume unicode-goodness.

Screenshot

screenshot

Liens

Download

(of course, it’s Free Software under the GPLv3)

PS: This software is called “Luuta”, which means “broom” in finnish, and I find that cool.

If you have remarks or suggestions concerning this article, please by all means contact me.