username/bouncer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: DCC stripping in both directions to prevent IP leaks

Browse Source 
Block all non-ACTION CTCP/DCC from client-to-server (outbound) and add
security logging when inbound CTCP/DCC is stripped. Hard boundary with
no config toggle -- DCC exposes the client's real IP which defeats the
stealth proxy architecture.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
user
2026-02-21 19:30:44 +01:00
parent f4f3132b6b
commit 0064e52fee
4 changed files with 77 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
docs/USAGE.md
View File

@@ -651,6 +651,18 @@ Removing a channel also clears its key:
/msg *bouncer AUTOJOIN libera -#secret
```
## DCC Stripping
DCC requests (`DCC SEND`, `DCC CHAT`) embed the sender's real IP address in the
protocol payload. The bouncer strips all DCC and non-ACTION CTCP messages in
both directions:
- **Inbound** (server to client): silently dropped, logged as warning
- **Outbound** (client to server): blocked before reaching the network
ACTION (`/me`) is preserved. This is a hard security boundary -- there is no
config toggle to disable it.
## Hot Reload
The bouncer reloads its config file on `SIGHUP` or via the `REHASH` command.