# First some information about the server.
# General {
# name = "servername";
-# vhost = "virtualhost";
+# vhost = "ipv4vhost";
+# vhost = "ipv6vhost";
# description = "description";
# numeric = numericnumber;
# };
#
-# <virtual host> must contain either a * or a valid IPv4 address in
-# dotted quad notation. (127.0.0.1) The address MUST be the address
-# of a physical interface on the host. This address is used for outgoing
-# connections only, see Port{} for listener virtual hosting.
-# If in doubt put a * or the IP of your primary interface here.
-# The server must be compiled with virtual hosting turned on to get this
-# to work correctly.
+# If present, <virtual host> must contain a valid address in dotted
+# quad or IPv6 numeric notation (127.0.0.1 or ::1). The address MUST
+# be the address of a physical interface on the host. This address is
+# used for outgoing connections if the Connect{} block does not
+# override it. See Port{} for listener virtual hosting. If in doubt,
+# leave it out.
+#
+# You may specify both an IPv4 virtual host and an IPv6 virtual host,
+# to indicate which address should be used for outbound connections
+# of the respective type.
#
# Note that <server numeric> has to be unique on the network your server
# is running on, must be between 0 and 4095, and is not updated on a rehash.
# connectfreq = time;
# maxlinks = number;
# sendq = size;
+# usermode = "+i";
# };
#
+# maxlinks should be set at either 0 or 1.
+#
# <connect freq> applies only to servers, and specifies the frequency
# that the server tries to autoconnect. setting this to 0 will cause
# the server to attempt to connect repeatedly with no delay until the
# <maximum links> condition is satisfied. This is a Bad Thing(tm).
# Note that times can be specified as a number, or by giving something
# like: 1 minutes 20 seconds, or 1*60+20.
-# Client {
-# host = "user@host";
-# ip = "ip@host";
-# password = "password";
-# class = "classname";
-# };
-#
-# <maximum links> should be set at either 0 or 1.
#
# Recommended server classes:
# All your server uplinks you are not a hub for.
sendq = 9000000;
};
+# Client {
+# username = "ident";
+# host = "host";
+# ip = "127.0.0.0/8";
+# password = "password";
+# class = "classname";
+# maxlinks = 3;
+# };
+#
+# Everything in a Client block is optional. If a username mask is
+# given, it must match the client's username from the IDENT protocol.
+# If a host mask is given, the client's hostname must resolve and
+# match the host mask. If a CIDR-style IP mask is given, the client
+# must have an IP matching that range. If maxlinks is given, it is
+# limits the number of matching clients allowed from a particular IP
+# address.
+#
# Recommended client classes:
# Client classes. 10 = locals; 2 = for all .net and .com that are not
# in Europe; 1 = for everybody.
pingfreq = 1 minutes 30 seconds;
sendq = 160000;
maxlinks = 100;
+ usermode = "+iw";
};
Client
{
class = "Other";
- host = "*@*";
+ username = "*";
};
Class {
name = "America";
sendq = 160000;
maxlinks = 400;
};
+Class {
+ name = "Opers";
+ pingfreq = 1 minutes 30 seconds;
+ sendq = 160000;
+ maxlinks = 10;
+
+ # For connection classes intended for operator use, you can specify
+ # privileges used when the Operator block (see below) names this
+ # class. The local (aka globally_opered) privilege MUST be defined
+ # by either the Class or Operator block. The following privileges
+ # exist:
+ #
+ # local (or propagate, with the opposite sense)
+ # whox (log oper's use of x flag with /WHO)
+ # display (oper status visible to lusers)
+ # chan_limit (can join local channels when in
+ # MAXCHANNELSPERUSER channels)
+ # mode_lchan (can /MODE &channel without chanops)
+ # deop_lchan (cannot be deopped or kicked on local channels)
+ # walk_lchan (can forcibly /JOIN &channel OVERRIDE)
+ # show_invis (see +i users in /WHO x)
+ # show_all_invis (see +i users in /WHO x)
+ # unlimit_query (show more results from /WHO)
+ # local_kill (can kill clients on this server)
+ # rehash (can use /REHASH)
+ # restart (can use /RESTART)
+ # die (can use /DIE)
+ # local_jupe (not used)
+ # set (can use /SET)
+ # local_gline (can set a G-line for this server only)
+ # local_badchan (can set a Gchan for this server only)
+ # see_chan (can see users in +s channels in /WHO)
+ # wide_gline (can use ! to force a wide G-line)
+ # see_opers (can see opers without DISPLAY privilege)
+ # local_opmode (can use OPMODE/CLEARMODE on local channels)
+ # force_local_opmode (can use OPMODE/CLEARMODE on quarantined local channels)
+ # kill (can kill clients on other servers)
+ # gline (can issue G-lines to other servers)
+ # jupe_server (not used)
+ # opmode (can use /OPMODE)
+ # badchan (can issue Gchans to other servers)
+ # force_opmode (can use OPMODE/CLEARMODE on quarantined global channels)
+ # apass_opmode (can use OPMODE/CLEARMODE on +A and +U keys)
+ #
+ # For global opers (with propagate = yes or local = no), the default
+ # is to grant all of the above privileges EXCEPT apass_opmode. For
+ # local opers, the default is to grant ONLY the following privileges:
+ # chan_limit, mode_lchan, show_invis, show_all_invis, local_kill,
+ # rehash, local_gline, local_jupe, local_opmode, whox, display,
+ # force_local_opmode
+ # Any privileges listed in a Class block override the defaults.
+ local = no;
+};
# [Client]
#
# To allow clients to connect, they need authorization. This can be
class = "Local";
};
-# You can put a digit (0..9) in the password value, which will make ircd
+# You can put an expression in the maxlinks value, which will make ircd
# only accept a client when the total number of connections to the network
# from the same IP number doesn't exceed this number.
# The following example would accept at most one connection per IP number
# that have "dial??.*" as host mask:
# Client {
# host = "*@*.swipnet.se";
-# password = "1";
+# maxlinks = 1;
# class = "Other";
# };
# Client {
# host = "*@dial??.*";
-# password = "2";
+# maxlinks = 2;
# class = "Other";
# };
#
file = "london.motd";
};
-# [Server]
+# [UWorld]
#
# One of the many nice features of Undernet is "Uworld", a program
# connected to the net as a server. This allows it to broadcast any mode
# There is only one slight problem: the TimeStamp protocol prevents this.
# So there is a configuration option to allow them anyway from a certain
# server.
-# Server {
+# UWorld {
# # The servername or wildcard mask for it that this applies to.
# name = "relservername";
-# # The mask of servers they are allowed to introduce(for hub=yes;) or
-# # not allowed to introduce(for leaf=yes).
-# mask = "servermask";
-# # No is assumed for these unless you set it to yes.
-# uworld = no;
-# leaf = no;
-# hub = yes;
# };
#
# Note: (1) These lines are agreed on by every server admin on Undernet;
# If you're on Undernet, you MUST have these lines. I cannnot stress
# this enough. If all of the servers don't have the same lines, the
# servers will try to undo the mode hacks that Uworld does. Make SURE that
-# all of the servers have the EXACT same Ulines.
+# all of the servers have the EXACT same UWorld blocks.
#
# If your server starts on a bit larger network, you'll probably get
# assigned one or two uplinks to which your server can connect.
# If your uplink(s) also connect to other servers than yours (which is
# probable), you need to define your uplink as being allowed to "hub".
-# To do this, set "hub = yes;"
-# You can also force a server(even one that doesn't connect to you)
-# to be a leaf with "leaf = yes;"
+# See the Connect block documentation for details on how to do that.
-Server {
+UWorld {
name = "uworld.eu.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
};
-Server {
+UWorld {
name = "uworld2.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
};
-Server {
+UWorld {
name = "uworld.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
};
-Server {
+UWorld {
name = "channels.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
};
-Server {
+UWorld {
name = "channels2.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
};
-Server {
+UWorld {
name = "channels3.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
};
-Server {
+UWorld {
name = "channels4.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
};
-Server {
+UWorld {
name = "channels5.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
};
-Server {
+UWorld {
name = "channels6.undernet.org";
- mask = "*";
- uworld = yes;
- hub = yes;
-};
-Server {
- name = "Amsterdam.NL.Eu.UnderNet.org";
- mask = "*";
- hub = yes;
-};
-# An example just to make sure IRCnet doesn't get on undernet...
-Server {
- name = "*";
- mask = "eris.berkeley.edu";
- hub = yes;
};
-# As of ircu2.10.05 is it possible to Jupe nicks. As per CFV-0095, the
-# following nicks must be juped, it is not allowed to jupe others as well.
+# As of ircu2.10.05 is it possible to Jupe nicks. As per CFV-0095 and
+# CFV-0255, the following nicks must be juped, it is not allowed to
+# jupe others as well.
Jupe {
- nick = "EuWorld,E,StatServ,NoteServ";
- nick = "UWorld2,ChanSvr,ChanSaver,ChanServ";
- nick = "Uworld,NickSvr,NickSaver,NickServ";
- nick = "LPT1,X,login,LPT2,W,Undernet,COM1,V,protocol,COM2";
- nick = "U,pass,COM3,Y,AUX,COM4,Z,newpass";
+ nick = "A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,{,|,},~,-,_,`";
+ nick = "EuWorld,UWorld,UWorld2";
+ nick = "login,undernet,protocol,pass,newpass,org";
+ nick = "StatServ,NoteServ";
+ nick = "ChanSvr,ChanSaver,ChanServ";
+ nick = "NickSvr,NickSaver,NickServ";
+ nick = "LPT1,LPT2,COM1,COM2,COM3,COM4,AUX";
};
# [Kill]
# The realname field lets you ban by realname...
Kill
{
- host = "*sub7*";
+ realname = "*sub7*";
reason = "You are infected with a Trojan";
};
# password = "passwd";
# port = portno;
# class = "classname";
+# maxhops = 2;
+# hub = "*.eu.undernet.org";
# };
#
# The "port" field defines the default port the server tries to connect
# to if an operator uses /connect without specifying a port. This is also
-# the port used when the server attempts to auto-connect to the remote
+# the port used when the server attempts to auto-connect to the remote
# server. (See Class blocks for more informationa about auto-connects).
#
+# The maxhops field causes an SQUIT if a hub tries to introduce
+# servers farther away than that; the element 'leaf;' is an alias for
+# 'maxhops = 0;'. The hub field limits the names of servers that may
+# be introduced by a hub; the element 'hub;' is an alias for
+# 'hub = "*";'.
+#
# Our primary uplink.
Connect {
name = "Amsterdam.NL.Eu.UnderNet.org";
host = "1.2.3.4";
password = "passwd";
port = 4400;
- class = "Servers";
+ class = "Server";
+ hub;
};
# [crule]
# can squit, connect and kill - but only locally: their +o user mode
# is not not passed along to other servers. On Undernet, this prevents
# them from using Uworld as well.
-# Depending on some defines in include/config.h, local operators are also
-# not allowed to /DIE and /RESTART the server.
+#
# Operator {
-# local = no;
# host = "host/IP mask";
# name = "opername";
# password = "encryptedpass";
# class = "classname";
+# # You can also set any operator privilege; see the Class block
+# # documentation for details. A privilege defined for a single
+# # Operator will override the privilege settings for the Class
+# # and the default setting.
# };
#
-# The encrypted password is optional. If you wish to encrypt your password,
-# there is a utility in the ircd. Please read the file tools/README.
+# By default, the password is hashed using the system's native crypt()
+# function. Other password mechanisms are available; the umkpasswd
+# utility from the ircd directory can hash passwords using those
+# mechanisms.
+#
+# All privileges are shown with their default values; if you wish to
+# override defaults, you should set only those privileges for the
+# operator. Listing defaulted privileges just makes things harder to
+# find.
Operator {
local = no;
host = "*@*.cs.vu.nl";
class = "Local";
};
Operator {
- local = yes;
host = "*@*.uu.net";
password = "notencryptedpass";
name = "Niels";
- class = "Local";
+ class = "Opers";
};
# Note that the <connection class> is optional, but leaving it away
Port { port = 6667; };
Port { port = 6668; };
Port {
+ # This only accepts clients with IPs like 192.168.*.
mask = "192.168.*";
port = 6666;
};
-# This is a hidden client port, listening on the interface associated
-# with the IP address 168.8.21.107
+# This is a hidden client port, listening on 168.8.21.107.
Port {
- mask = "168.8.21.107";
+ vhost = "168.8.21.107";
hidden = yes;
port = 7000;
};
+# This is a server-implemented alias to send a message to a service.
+# The string after Pseudo is the command name; the name entry inside
+# is the service name, used for error messages. More than one nick
+# entry can be provided; the last one listed has highest priority.
+Pseudo "CHANSERV" {
+ name = "X";
+ nick = "X@channels.undernet.org";
+};
+
+# You can also prepend text before the user's message.
+Pseudo "LOGIN" {
+ name = "X";
+ prepend = "LOGIN ";
+ nick = "X@channels.undernet.org";
+};
+
+# You can ask a separate server whether to allow users to connect.
+IAuth {
+ pass = "ircd-iauth";
+ host = "127.0.0.1";
+ port = 7700;
+ connectfreq = 30;
+ timeout = 60;
+};
+
# [features]
# IRC servers have a large number of options and features. Most of these
# are set at compile time through the use of #define's--see "make config"
#
features
{
+# These log features are the only way to get certain error messages
+# (such as when the server dies from being out of memory). For more
+# explanation of how they work, see doc/readme.log.
+ "LOG" = "SYSTEM" "FILE" "ircd.log";
+ "LOG" = "SYSTEM" "LEVEL" "CRIT";
# "DOMAINNAME"="<obtained from /etc/resolv.conf by ./configure>";
# "RELIABLE_CLOCK"="FALSE";
# "BUFFERPOOL"="27000000";
# "RANDOM_SEED"="<you should set one explicitly>";
# "DEFAULT_LIST_PARAM"="TRUE";
# "NICKNAMEHISTORYLENGTH"="800";
+# "NETWORK"="UnderNet";
# "HOST_HIDING"="FALSE";
# "HIDDEN_HOST"="users.undernet.org";
# "HIDDEN_IP"="127.0.0.1";
# "KILLCHASETIMELIMIT"="30";
# "MAXCHANNELSPERUSER"="10";
+# "NICKLEN" = "12";
# "AVBANLEN"="40";
# "MAXBANS"="30";
# "MAXSILES"="15";
-# "HANGONGOODLINK="300";
+# "HANGONGOODLINK"="300";
# "HANGONRETRYDELAY" = "10";
# "CONNECTTIMEOUT" = "90";
-# "TIMESEC" = "60";
# "MAXIMUM_LINKS" = "1";
# "PINGFREQUENCY" = "120";
# "CONNECTFREQUENCY" = "600";
# "MPATH" = "ircd.motd";
# "RPATH" = "remote.motd";
# "PPATH" = "ircd.pid";
-# "VIRTUAL_HOST" = "FALSE";
# "TOS_SERVER" = "0x08";
# "TOS_CLIENT" = "0x08";
# "POLLS_PER_LOOP" = "200";
-# "CRYPT_OPER_PASSWORD" = "TRUE";
-# "OPER_NO_CHAN_LIMIT" = "TRUE";
-# "OPER_MODE_LCHAN" = "TRUE";
-# "OPER_WALK_THROUGH_LMODES" = "FALSE";
-# "NO_OPER_DEOP_LCHAN" = "FALSE";
-# "SHOW_INVISIBLE_USERS" = "TRUE";
-# "SHOW_ALL_INVISIBLE_USERS" = "TRUE";
-# "UNLIMIT_OPER_QUERY" = "FALSE";
-# "LOCAL_KILL_ONLY" = "FALSE";
+# "IRCD_RES_TIMEOUT" = "4";
+# "IRCD_RES_RETRIES" = "2";
+# "AUTH_TIMEOUT" = "9";
+# "IPCHECK_CLONE_LIMIT" = "4";
+# "IPCHECK_CLONE_PERIOD" = "40";
+# "IPCHECK_CLONE_DELAY" = "600";
# "CONFIG_OPERCMDS" = "FALSE";
-# "OPER_KILL" = "TRUE";
-# "OPER_REHASH" = "TRUE";
-# "OPER_RESTART" = "TRUE";
-# "OPER_DIE" = "TRUE";
-# "OPER_GLINE" = "TRUE";
-# "OPER_LGLINE" = "TRUE";
-# "OPER_JUPE" = "TRUE";
-# "OPER_LJUPE" = "TRUE";
-# "OPER_OPMODE" = "TRUE";
-# "OPER_LOPMODE" = "TRUE";
-# "OPER_BADCHAN" = "FALSE";
-# "OPER_LBADCHAN" = "FALSE";
-# "OPER_SET" = "FALSE";
-# "OPERS_SEE_IN_SECRET_CHANNELS" = "TRUE";
-# "OPER_WIDE_GLINE" = "TRUE";
-# "OPER_LIST_CHAN" = "TRUE";
-# "LOCOP_KILL" = "TRUE";
-# "LOCOP_REHASH" = "TRUE";
-# "LOCOP_RESTART" = "FALSE";
-# "LOCOP_DIE" = "FALSE";
-# "LOCOP_LGLINE" = "TRUE";
-# "LOCOP_LJUPE" = "TRUE";
-# "LOCOP_LOPMODE" = "TRUE";
-# "LOCOP_LBADCHAN" = "FALSE";
-# "LOCOP_SET" = "FALSE";
-# "LOCOP_SEE_IN_SECRET_CHANNELS" = "FALSE";
-# "LOCOP_WIDE_GLINE" = "FALSE";
-# "LOCOP_LIST_CHAN" = "FALSE";
# "OPLEVELS" = "TRUE";
+# "LOCAL_CHANNELS" = "TRUE";
+# "ANNOUNCE_INVITES" = "FALSE";
+# These were introduced by Undernet CFV-165 to add "Head-In-Sand" (HIS)
+# behavior to hide most network topology from users.
+# "HIS_SNOTICES" = "TRUE";
+# "HIS_SNOTICES_OPER_ONLY" = "TRUE";
+# "HIS_DEBUG_OPER_ONLY" = "TRUE";
+# "HIS_WALLOPS" = "TRUE";
+# "HIS_MAP" = "TRUE";
+# "HIS_LINKS" = "TRUE";
+# "HIS_TRACE" = "TRUE";
+# "HIS_STATS_a" = "TRUE";
+# "HIS_STATS_c" = "TRUE";
+# "HIS_STATS_d" = "TRUE";
+# "HIS_STATS_e" = "TRUE";
+# "HIS_STATS_f" = "TRUE";
+# "HIS_STATS_g" = "TRUE";
+# "HIS_STATS_i" = "TRUE";
+# "HIS_STATS_j" = "TRUE";
+# "HIS_STATS_J" = "TRUE";
+# "HIS_STATS_k" = "TRUE";
+# "HIS_STATS_l" = "TRUE";
+# "HIS_STATS_L" = "TRUE";
+# "HIS_STATS_m" = "TRUE";
+# "HIS_STATS_M" = "TRUE";
+# "HIS_STATS_o" = "TRUE";
+# "HIS_STATS_p" = "TRUE";
+# "HIS_STATS_q" = "TRUE";
+# "HIS_STATS_r" = "TRUE";
+# "HIS_STATS_R" = "TRUE";
+# "HIS_STATS_t" = "TRUE";
+# "HIS_STATS_T" = "TRUE";
+# "HIS_STATS_u" = "FALSE";
+# "HIS_STATS_U" = "TRUE";
+# "HIS_STATS_v" = "TRUE";
+# "HIS_STATS_w" = "TRUE";
+# "HIS_STATS_x" = "TRUE";
+# "HIS_STATS_y" = "TRUE";
+# "HIS_STATS_z" = "TRUE";
+# "HIS_WHOIS_SERVERNAME" = "TRUE";
+# "HIS_WHOIS_IDLETIME" = "TRUE";
+# "HIS_WHOIS_LOCALCHAN" = "TRUE";
+# "HIS_WHO_SERVERNAME" = "TRUE";
+# "HIS_WHO_HOPCOUNT" = "TRUE";
+# "HIS_BANWHO" = "TRUE";
+# "HIS_KILLWHO" = "TRUE";
+# "HIS_REWRITE" = "TRUE";
+# "HIS_REMOTE" = "TRUE";
+# "HIS_NETSPLIT" = "TRUE";
+# "HIS_SERVERNAME" = "*.undernet.org";
+# "HIS_SERVERINFO" = "The Undernet Underworld";
+# "HIS_URLSERVERS" = "http://www.undernet.org/servers.php";
};
# Well, you have now reached the end of this sample configuration