X-Git-Url: http://git.pk910.de/?a=blobdiff_plain;f=doc%2Fexample.conf;h=8ffe13704979b164234398c6f07a4b593fb7d0d3;hb=refs%2Fheads%2Fupstream-ssl;hp=b9c5d7883c7a7c093f13edd816ba4ff9c5cddc36;hpb=92ca78e95bb10e69d5484ed79801c125c789a118;p=ircu2.10.12-pk.git diff --git a/doc/example.conf b/doc/example.conf index b9c5d78..8ffe137 100644 --- a/doc/example.conf +++ b/doc/example.conf @@ -56,6 +56,10 @@ # vhost = "ipv6vhost"; # description = "description"; # numeric = numericnumber; +# dns vhost = "ipv4vhost"; +# dns vhost = "ipv6vhost"; +# dns server = "ipaddress"; +# dns server = "ipaddress2"; # }; # # If present, must contain a valid address in dotted @@ -63,7 +67,7 @@ # be the address of a physical interface on the host. This address is # used for outgoing connections if the Connect{} block does not # override it. See Port{} for listener virtual hosting. If in doubt, -# leave it out. +# leave it out -- or use "*", which has the same meaning as no vhost. # # You may specify both an IPv4 virtual host and an IPv6 virtual host, # to indicate which address should be used for outbound connections @@ -71,6 +75,15 @@ # # Note that has to be unique on the network your server # is running on, must be between 0 and 4095, and is not updated on a rehash. +# +# The two DNS lines allow you to specify the local IP address to use +# for DNS lookups ("dns vhost") and one or more DNS server addresses +# to use. If the vhost is ambiguous for some reason, you may list +# IPV4 and/or IPV6 between the equals sign and the address string. +# The default DNS vhost is to let the operating system assign the +# address, and the default DNS servers are read from /etc/resolv.conf. +# In most cases, you do not need to specify either the dns vhost or +# the dns server. General { name = "London.UK.Eu.UnderNet.org"; description = "University of London, England"; @@ -82,9 +95,9 @@ General { # This sets information that can be retrieved with the /ADMIN command. # It should contain at least an admin Email contact address. Admin { + # At most two location lines are allowed... Location = "The University of London"; - # At most two contact lines are allowed... - Contact = "Undernet IRC server"; + Location = "Undernet IRC server"; Contact = "IRC Admins "; }; @@ -92,10 +105,8 @@ Admin { # # All connections to the server are associated with a certain "connection # class", be they incoming or outgoing (initiated by the server), be they -# clients, servers or Martians. (Note that ircd doesn't have direct support -# Recommended client classes: -# for Martians (yet?); they will have to register as normal users. ;-) -# Take the following class blocks only as a guide. +# clients or servers. +# # Class { # name = ""; # pingfreq = time; @@ -105,8 +116,12 @@ Admin { # usermode = "+i"; # }; # -# maxlinks should be set at either 0 or 1. -# +# For connection classes used on server links, maxlinks should be set +# to either 0 (for hubs) or 1 (for leaf servers). Client connection +# classes may use maxlinks between 0 and approximately 4,000,000,000. +# maxlinks = 0 means there is no limit on the number of connections +# using the class. +# # applies only to servers, and specifies the frequency # that the server tries to autoconnect. setting this to 0 will cause # the server to attempt to connect repeatedly with no delay until the @@ -149,9 +164,7 @@ Class { # limits the number of matching clients allowed from a particular IP # address. # -# Recommended client classes: -# Client classes. 10 = locals; 2 = for all .net and .com that are not -# in Europe; 1 = for everybody. +# Take the following class blocks only as a guide. Class { name = "Local"; pingfreq = 1 minutes 30 seconds; @@ -159,11 +172,6 @@ Class { maxlinks = 100; usermode = "+iw"; }; -Client -{ - class = "Other"; - username = "*"; -}; Class { name = "America"; pingfreq = 1 minutes 30 seconds; @@ -208,6 +216,7 @@ Class { # local_gline (can set a G-line for this server only) # local_badchan (can set a Gchan for this server only) # see_chan (can see users in +s channels in /WHO) + # list_chan (can see +s channels with /LIST S, or modes with /LIST M) # wide_gline (can use ! to force a wide G-line) # see_opers (can see opers without DISPLAY privilege) # local_opmode (can use OPMODE/CLEARMODE on local channels) @@ -221,8 +230,10 @@ Class { # apass_opmode (can use OPMODE/CLEARMODE on +A and +U keys) # # For global opers (with propagate = yes or local = no), the default - # is to grant all of the above privileges EXCEPT apass_opmode. For - # local opers, the default is to grant ONLY the following privileges: + # is to grant all of the above privileges EXCEPT walk_lchan, + # unlimit_query, set, badchan, local_badchan and apass_opmode. + # For local opers, the default is to grant ONLY the following + # privileges: # chan_limit, mode_lchan, show_invis, show_all_invis, local_kill, # rehash, local_gline, local_jupe, local_opmode, whox, display, # force_local_opmode @@ -240,7 +251,7 @@ Class { # Kill block". # Client { # host = "user@host"; -# ip = "ip@host"; +# ip = "user@ip"; # password = "password"; # class = "classname"; # }; @@ -274,6 +285,7 @@ Client { class = "Other"; ip = "*@*"; + maxlinks = 2; }; @@ -281,6 +293,7 @@ Client { class = "Other"; host = "*@*"; + maxlinks = 2; }; # If you don't want unresolved dudes to be able to connect to your # server, do not specify any "ip = " settings. @@ -290,25 +303,27 @@ Client { host = "*@*.com"; class = "America"; + maxlinks = 2; }; Client { host = "*@*.net"; class = "America"; + maxlinks = 2; }; # Now list all the .com / .net domains that you wish to have access... # actually it's less work to do it this way than to do it the other # way around - K-lining every single ISP in the US. # I wish people in Holland just got a .nl domain, and not try to be # cool and use .com... -Client { host = "*@*.wirehub.net"; class = "Other";}; -Client { host = "*@*.planete.net"; class = "Other";}; -Client { host = "*@*.ivg.com"; class = "Other";}; -Client { host = "*@*.ib.com"; class = "Other";}; -Client { host = "*@*.ibm.net"; class = "Other";}; -Client { host = "*@*.hydro.com"; class = "Other";}; -Client { host = "*@*.nl.net"; class = "Local";}; +Client { host = "*@*.wirehub.net"; class = "Other"; maxlinks=2; }; +Client { host = "*@*.planete.net"; class = "Other"; maxlinks=2; }; +Client { host = "*@*.ivg.com"; class = "Other"; maxlinks=2; }; +Client { host = "*@*.ib.com"; class = "Other"; maxlinks=2; }; +Client { host = "*@*.ibm.net"; class = "Other"; maxlinks=2; }; +Client { host = "*@*.hydro.com"; class = "Other"; maxlinks=2; }; +Client { host = "*@*.nl.net"; class = "Local"; maxlinks=2; }; # You can request a more complete listing, including the "list of standard # Kill blocks" from the Routing Committee; it will also be sent to you if @@ -321,6 +336,8 @@ Client host = "*@*.london.ac.uk"; ip = "*@193.37.*"; class = "Local"; + # A maxlinks of over 5 will automatically be glined by euworld on Undernet + maxlinks = 5; }; # You can put an expression in the maxlinks value, which will make ircd @@ -346,6 +363,7 @@ Client { host = "*@*"; ip = "*@*"; class = "Other"; + maxlinks = 2; }; @@ -359,6 +377,10 @@ Client { # file = "path/to/motd/file"; # }; # +# More than one host = "mask"; entry may be present in one block; this +# has the same effect as one Motd block for each host entry, but makes +# it easier to update the messages's filename. +# # DPATH/net_com.motd contains a special MOTD where users are encouraged # to register their domains and get their own client{} lines if they're in # Europe, or move to US.UnderNet.org if they're in the USA. @@ -396,6 +418,8 @@ motd { # name = "relservername"; # }; # +# You may have have more than one name listed in each block. +# # Note: (1) These lines are agreed on by every server admin on Undernet; # (2) These lines must be the same on every single server, or results # will be disasterous; (3) This is a useful feature, not something that @@ -413,40 +437,27 @@ motd { UWorld { name = "uworld.eu.undernet.org"; -}; -UWorld { name = "uworld2.undernet.org"; -}; -UWorld { name = "uworld.undernet.org"; -}; -UWorld { name = "channels.undernet.org"; -}; -UWorld { name = "channels2.undernet.org"; -}; -UWorld { name = "channels3.undernet.org"; -}; -UWorld { name = "channels4.undernet.org"; -}; -UWorld { name = "channels5.undernet.org"; -}; -UWorld { name = "channels6.undernet.org"; }; -# As of ircu2.10.05 is it possible to Jupe nicks. As per CFV-0095, the -# following nicks must be juped, it is not allowed to jupe others as well. +# As of ircu2.10.05 is it possible to Jupe nicks. As per CFV-0095 and +# CFV-0255, the following nicks must be juped, it is not allowed to +# jupe others as well. Jupe { - nick = "EuWorld,E,StatServ,NoteServ"; - nick = "UWorld2,ChanSvr,ChanSaver,ChanServ"; - nick = "Uworld,NickSvr,NickSaver,NickServ"; - nick = "LPT1,X,login,LPT2,W,Undernet,COM1,V,protocol,COM2"; - nick = "U,pass,COM3,Y,AUX,COM4,Z,newpass"; + nick = "A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,{,|,},~,-,_,`"; + nick = "EuWorld,UWorld,UWorld2"; + nick = "login,undernet,protocol,pass,newpass,org"; + nick = "StatServ,NoteServ"; + nick = "ChanSvr,ChanSaver,ChanServ"; + nick = "NickSvr,NickSaver,NickServ"; + nick = "LPT1,LPT2,COM1,COM2,COM3,COM4,AUX"; }; # [Kill] @@ -472,16 +483,20 @@ Jupe { # # # The default reason is: "You are banned from this server" -# Note that K-lines are local to the server; if you ban a person or a +# Note that Kill blocks are local to the server; if you ban a person or a # whole domain from your server, they can get on IRC via any other server -# that doesn't have them K-lined (yet). +# that doesn't have them Killed (yet). # # With a simple comment, using quotes: Kill { host = "*.au"; reason = "Please use a nearer server"; }; Kill { host = "*.edu"; reason = "Please use a nearer server"; }; +# You can also kill based on username. +Kill { username = "sub7"; realname = "s*7*"; reason = "You are infected with a Trojan"; }; + # The file can contain for example, a reason, a link to the -# server rules and a contact address. +# server rules and a contact address. Note the combination +# of username and host in the host field. Kill { host = "*luser@unixbox.flooder.co.uk"; @@ -522,17 +537,25 @@ Kill # Connect { # name = "servername"; # host = "hostnameORip"; +# vhost = "localIP"; # password = "passwd"; # port = portno; # class = "classname"; # maxhops = 2; # hub = "*.eu.undernet.org"; +# autoconnect = no; # }; # # The "port" field defines the default port the server tries to connect # to if an operator uses /connect without specifying a port. This is also # the port used when the server attempts to auto-connect to the remote # server. (See Class blocks for more informationa about auto-connects). +# You may tell ircu to not automatically connect to a server by adding +# "autoconnect = no;"; the default is to autoconnect. +# +# If the vhost field is present, the server will use that IP as the +# local end of connections that it initiates to this server. This +# overrides the vhost value from the General block. # # The maxhops field causes an SQUIT if a hub tries to introduce # servers farther away than that; the element 'leaf;' is an alias for @@ -554,6 +577,8 @@ Connect { # # For an advanced, real-time rule-based routing decision making system # you can use crule blocks. For more information, see doc/readme.crules. +# If more than one server mask is present in a single crule, the rule +# applies to all servers. # CRULE # { # server = "servermask"; @@ -596,6 +621,11 @@ CRULE # is not not passed along to other servers. On Undernet, this prevents # them from using Uworld as well. # +# More than one host = "mask"; entry may be present in one block; this +# has the same effect as one Operator block for each host entry, but +# makes it easier to update operator nicks, passwords, classes, and +# privileges. +# # Operator { # host = "host/IP mask"; # name = "opername"; @@ -610,7 +640,8 @@ CRULE # By default, the password is hashed using the system's native crypt() # function. Other password mechanisms are available; the umkpasswd # utility from the ircd directory can hash passwords using those -# mechanisms. +# mechanisms. If you use a password format that is NOT generated by +# umkpasswd, ircu will not recognize the oper's password. # # All privileges are shown with their default values; if you wish to # override defaults, you should set only those privileges for the @@ -625,7 +656,7 @@ Operator { }; Operator { host = "*@*.uu.net"; - password = "notencryptedpass"; + password = "$PLAIN$notencryptedpass"; name = "Niels"; class = "Opers"; }; @@ -651,17 +682,24 @@ Operator { # IANA says we should use port 194, but that requires us to run as root, # so we don't do that. # +# # Port { -# port = number; +# port = [ipv4] [ipv6] number; # mask = "ipmask"; # # Use this to control the interface you bind to. -# vhost = "virtualhostip"; +# vhost = [ipv4] [ipv6] "virtualhostip"; +# # You can specify both virtual host and port number in one entry. +# vhost = [ipv4] [ipv6] "virtualhostip" number; # # Setting to yes makes this server only. # server = yes; # # Setting to yes makes the port "hidden" from stats. # hidden = yes; # }; # +# The port and vhost lines allow you to specify one or both of "ipv4" +# and "ipv6" as address families to use for the port. The default is +# to listen on both IPv4 and IPv6. +# # The mask setting allows you to specify a range of IP addresses that # you will allow connections from. This should only contain IP addresses # and '*' if used. This field only uses IP addresses. This does not use @@ -681,11 +719,11 @@ Port { port = 4400; }; -# This is a Server port that is Hidden +# This is an IPv4-only Server port that is Hidden Port { server = yes; hidden = yes; - port = 4401; + port = ipv4 4401; }; # The following are normal client ports @@ -704,6 +742,24 @@ Port { port = 7000; }; +# More than one vhost may be present in a single Port block; in this case, +# we recommend listing the port number on the vhost line for clarity. +Port { + vhost = "172.16.0.1" 6667; + vhost = "172.16.3.1" 6668; + hidden = no; +}; + +# Quarantine blocks disallow operators from using OPMODE and CLEARMODE +# on certain channels. Opers with the force_opmode (for local +# channels, force_local_opmode) privilege may override the quarantine +# by prefixing the channel name with an exclamation point ('!'). +# Wildcards are NOT supported; the channel name must match exactly. +Quarantine { + "#shells" = "Thou shalt not support the h4><0rz"; + "&kiddies" = "They can take care of themselves"; +}; + # This is a server-implemented alias to send a message to a service. # The string after Pseudo is the command name; the name entry inside # is the service name, used for error messages. More than one nick @@ -721,13 +777,10 @@ Pseudo "LOGIN" { }; # You can ask a separate server whether to allow users to connect. -IAuth { - pass = "ircd-iauth"; - host = "127.0.0.1"; - port = 7700; - connectfreq = 30; - timeout = 60; -}; +# Uncomment this ONLY if you have an iauth helper program. +# IAuth { +# program = "../path/to/iauth" "-n" "options go here"; +# }; # [features] # IRC servers have a large number of options and features. Most of these @@ -799,8 +852,10 @@ features # "IPCHECK_CLONE_LIMIT" = "4"; # "IPCHECK_CLONE_PERIOD" = "40"; # "IPCHECK_CLONE_DELAY" = "600"; +# "CHANNELLEN" = "200"; # "CONFIG_OPERCMDS" = "FALSE"; # "OPLEVELS" = "TRUE"; +# "ZANNELS" = "TRUE"; # "LOCAL_CHANNELS" = "TRUE"; # "ANNOUNCE_INVITES" = "FALSE"; # These were introduced by Undernet CFV-165 to add "Head-In-Sand" (HIS) @@ -818,9 +873,9 @@ features # "HIS_STATS_e" = "TRUE"; # "HIS_STATS_f" = "TRUE"; # "HIS_STATS_g" = "TRUE"; -# "HIS_STATS_h" = "TRUE"; # "HIS_STATS_i" = "TRUE"; # "HIS_STATS_j" = "TRUE"; +# "HIS_STATS_J" = "TRUE"; # "HIS_STATS_k" = "TRUE"; # "HIS_STATS_l" = "TRUE"; # "HIS_STATS_L" = "TRUE"; @@ -840,11 +895,13 @@ features # "HIS_STATS_x" = "TRUE"; # "HIS_STATS_y" = "TRUE"; # "HIS_STATS_z" = "TRUE"; +# "HIS_STATS_IAUTH" = "TRUE"; # "HIS_WHOIS_SERVERNAME" = "TRUE"; # "HIS_WHOIS_IDLETIME" = "TRUE"; # "HIS_WHOIS_LOCALCHAN" = "TRUE"; # "HIS_WHO_SERVERNAME" = "TRUE"; # "HIS_WHO_HOPCOUNT" = "TRUE"; +# "HIS_MODEWHO" = "TRUE"; # "HIS_BANWHO" = "TRUE"; # "HIS_KILLWHO" = "TRUE"; # "HIS_REWRITE" = "TRUE"; @@ -853,6 +910,7 @@ features # "HIS_SERVERNAME" = "*.undernet.org"; # "HIS_SERVERINFO" = "The Undernet Underworld"; # "HIS_URLSERVERS" = "http://www.undernet.org/servers.php"; +# "URLREG" = "http://cservice.undernet.org/live/"; }; # Well, you have now reached the end of this sample configuration