Author: Kev <klmitch@mit.edu>

[ircu2.10.12-pk.git] / doc / example.conf

# ircd.conf  configuration file for ircd version ircu2.9.mu and ircu2.10
#
# Written by Niels <niels@undernet.org>, based on the original example.conf,
# server code and some real-life (ahem) experience.
#
# Thanks and credits to: Run, Trillian, Cym, Morrissey, Chaos, Flynn,
#                        Xorath, WildThang, Mmmm, SeKs, Ghostwolf and
#                        all other Undernet IRC Admins and Operators,
#                        and programmers working on the Undernet ircd.

# This is an example of the configuration file used by the Undernet ircd.
#
# This document is based on a (fictious) server in Europe with a
# connection to the Undernet IRC network. It is primarily a leaf server,
# but if all the other hubs in Europe aren't in service, it can connect
# to one in the US by itself.
#
# All configuration options start with a letter identifying the option,
# and a colon separated list of options. An asterisk indicates an
# unused field.
#
# Please note that when ircd puts the configuration lines into practice,
# it parses them exactly the other way round than they are listed here.
# This means that you should start your I: lines with the "fall through",
# most vanilla one and end with the most detailed.
#
# There is a difference between the ``hostname'' and the ``server name''
# of the machine that the server is run on. For example, the host can
# have ``veer.cs.vu.nl'' as FQDN, and ``Amsterdam.NL.EU.undernet.org'' as
# server name.
# A ``server mask'' is something like '*.EU.UnderNet.org'', which is
# matched by 'Amsterdam.NL.EU.undernet.org' but not by
# 'Manhattan.KS.US.undernet.org'.

#
# First some information about the server.
# M:<server name>:<virtual host>:<description>:<server port>:<server numeric>
#
# <virtual host> must contain either a * or a valid IPv4 address in
# dotted quad notation. (127.0.0.1) The address MUST be the address
# of a physical interface on the host. This address is used for outgoing
# connections only, see P:lines for listener virtual hosting.
# If in doubt put a * or the IP of your primary interface here.
# The server must be compiled with virtual hosting turned on to get this
# to work correctly.
#
# The <server port> is no longer used.
# Ports need to be specified with a P: line, see below.
# At some point in the future we may want to use the port value for
# server capacity. --Bleep
#
# Note that <server numeric> has to be unique on the network your server
# is running on, must be between 1 and 64, and is not updated on a rehash.

M:London.UK.Eu.UnderNet.org:*:University of London, England:0:1

#
# This sets information that can be retrieved with the /ADMIN command.
# It should contain at least an admin Email contact address.
# A:<line 1>:<line 2>:<line 3>

A:The University of London:Undernet IRC server:IRC Admins <irc@london.ac.uk>

#
# All connections to the server are associated with a certain ``connection
# class'', be they incoming or outgoing (initiated by the server), be they
# clients, servers or Martians. (Note that ircd doesn't have direct support
# for Martians (yet?); they will have to register as normal users. ;-)
# Take the following Y: lines only as a guide.
# Y:<class>:<ping freq>:<connect freq>:<maximum links>:<sendq size>

# <connect freq> applies only to servers, and specifies the frequency 
# that the server tries to autoconnect. setting this to 0 will cause
# the server to attempt to connect repeatedly with no delay until the 
# <maximum links> condition is satisfied. This is a Bad Thing(tm).

# <maximum links> has different meanings for clients and servers.
# For clients, it is the total number of connections allowed for the class.
# Thus, if it is set to 100, then up to 100 clients can connect in that class.

# Auto-connecting
# For servers, <maximum links> is the number of remote servers, in that class, that the
# server will attempt to be connected to. The server will initiate auto connections
# until it is connected to <maximum links> remote servers. This field DOES NOT limit
# the total number of servers that can be manually connected.
# To turn off auto connecting, <maximum links> should be set to 0.
# Note that MAXIMUM_LINKS (defined in make config) sets a hard limit on the number
# of servers that can be connected and still have the server attempt auto-connections.
# It is usually set to 1, which means a server will not attempt auto connects with a server
# already connected, regardless of how the Y:lines are set up.

# Server classes: 90 = all your uplinks for who you do not wish to hub;
# 80 = leaf servers (only used if your server is a hub)

Y:90:90:300:1:9000000
Y:80:90:300:0:9000000

# Client classes. 10 = locals; 2 = for all .net and .com that are not
# in Europe; 1 = for everybody.

Y:10:90:0:100:160000
Y:2:90:0:5:80000
Y:1:90:0:400:160000

#
# To allow clients to connect, they need authorization. This can be
# done based on hostmask, address mask, and/or with a password.
# With intelligent use of classes and the maxconnections field in the
# Y: lines, you can let in a specific domain, but get rid of all other
# domains in the same toplevel, thus setting up some sort of 'reverse
# K: line'.
# I:<IP mask or crap to force resolving>:<opt passwd>:<hostmask>::<class>

# Technical description (for examples, see below):
# For every connecting client, the IP-number is know.  A reverse lookup
# on this IP-number is done to get the (/all) hostname(s).
# Each hostname that belongs to this IP-number is matched to <hostmask>,
# and the I: line is used when any matches; the client will then show
# with this particular hostname.  If none of the hostnames matches, then
# the IP-number is matched against the <IP mask ...> field, if this matches
# then the I: line is used nevertheless and the client will show with the
# first (main) hostname if any; if the IP-number did not resolve then the
# client will show with the dot notation of the IP-number.
# There is a special case for the UNIX domain sockets and localhost connections
# though; in this case the <IP mask ...> field is compared with the
# name of the server (thus not with any IP-number representation). The name
# of the server is the one returned in the numeric 002 reply, for example:
# 002 Your host is 2.undernet.org[jolan.ppro], running version ...
# Then the "jolan.ppro" is the name used for matching.
# Therefore, unix domain sockets, and connections to localhost would
# match this I: line:
# I:jolan.ppro::foobar::1
# Finally, I: lines with empty <IP mask ..> or <hostmask> fields are skipped.

# This is the 'fallback' entry. All .uk, .nl, and all unresolved are
# in these two lines.
# By using two different lines, multiple connections from a single IP
# are only allowed from hostnames which have both valid forward and
# reverse DNS mappings.

I:*@*:1:Unresolved::1
I:Resolved::*@*::1

# If you don't want unresolved dudes to be able to connect to your
# server, use just:
# I:NotMatchingCrap::*@*::1

# Here, take care of all American ISPs.
I:Resolved::*@*.com::2
I:Resolved::*@*.net::2

# Now list all the .com / .net domains that you wish to have access...
# actually it's less work to do it this way than to do it the other
# way around - K: lining every single ISP in the US.
# I wish people in Holland just got a .nl domain, and not try to be
# cool and use .com...
I:Resolved::*@*.wirehub.net::1
I:Resolved::*@*.planete.net::1
I:Resolved::*@*.ivg.com::1
I:Resolved::*@*.ib.com::1
I:Resolved::*@*.ibm.net::1
I:Resolved::*@*.hydro.com::1
I:Resolved::*@*.NL.net::1

# You can request a more complete listing, including the "list of standard
# K-lines" from the Routing Committee; it will also be sent to you if
# you apply for a server and get accepted.

# Ourselves - this makes sure that we can get in, no matter how full
# the server is (hopefully).
I:*@193.37.*::*@*.london.ac.uk::10

# You can put a digit (0..9) in the password field, which will make ircd
# only accept a client when the total number of connections to the network
# from the same IP number doesn't exceed this number.
# The following example would accept at most one connection per IP number
# from "*.swipnet.se" and at most two connections from dial up accounts
# that have "dial??.*" as host mask:
# I:Resolved:1:*@*.swipnet.se::1
# I:Resolved:2:*@dial??.*::1

#
# T:Lines
#
# It is possible to show a different Message of the Day to a connecting
# client depending on its origin.
# T:<hostmask>:<path to motd file>
# or:
# T:<classnumber>:<path to motd file>
#
# DPATH/net_com.motd contains a special MOTD where users are encouraged
# to register their domains and get their own I: lines if they're in
# Europe, or move to US.UnderNet.org if they're in the USA.
T:*.net:net_com.motd
T:*.com:net_com.motd

# A different MOTD for ourselves, where we point out that the helpdesk
# better not be bothered with questions regarding irc...
T:*.london.ac.uk:london.motd

#
# One of the many nice features of Undernet is ``Uworld'', a program
# connected to the net as a server. This allows it to broadcast any mode
# change, thus allowing opers to, for example, 'unlock' a channel that
# has been taken over.
# There is only one slight problem: the TimeStamp protocol prevents this.
# So there is a configuration option to allow them anyway from a certain
# server.
# Note: (1) These lines are agreed on by every server admin on Undernet;
# (2) These lines must be the same on every single server, or results
# will be disasterous; (3) This is a useful feature, not something that
# is a liability and abused regularly (well... :-)
# If you're on Undernet, you MUST have these lines. I cannnot stress
# this enough.
# As of ircu2.10.05 is it possible to Jupe nicks. Juped nicks need to be
# added to U: lines.  As per CFV-0095, the following nicks must be juped,
# it is not allowed to jupe others as well.

U:Uworld.EU.undernet.org:EuWorld,E,protocol,StatServ,NoteServ,Undernet:*
U:Uworld2.undernet.org:UWorld2,W,ChanSvr,ChanSaver,ChanServ,COM1,COM2,COM3,COM4:*
U:Uworld.undernet.org:Uworld,X,NickSvr,NickSaver,NickServ,LPT1,LPT2,AUX:*

#
# While running your server, you will most probably encounter individuals
# or groups of persons that you do not wish to have access to your server.
#
# For this purpose, the ircd understands "kill lines".
# K:<host/IP mask>:"<opt reason>":<username mask>
#
# It is possible to use a file as comment for the ban.
# K:<host/IP mask>:!<path to file>:<usermask>
#
# The default reason is: "You are banned from this server"
# Note that K: lines are local to the server; if you ban a person or a
# whole domain from your server, they can get on IRC via any other server
# that doesn't have them K: lined (yet).

# With a simple comment, using quotes:
K:*.au:"Please use a nearer server":*
K:*.edu:"Please use a nearer server":*

# With a file, prepending a '!' before the filename.
# The file can contain for example, a reason, a link to the
# server rules and a contact address.
K:unixbox.flooder.co.uk:!kline/youflooded.txt:*luser

#
# IP-based kill lines are designated with a lowercase 'k'.  These lines
# use the same format as normal K: lines, except they apply to all hosts,
# even if an IP address has a properly resolving host name.
k:192.168.*:!klines/martians:*

# Additionally, you may specify a hostmask prefixed with $R to indicate
# a match should be performed against the "real-name" / "info" field
# instead of the host/IP.
K:$R*sub7*:"You are infected with a Trojan":*

#
# You probably want your server connected to other servers, so your users
# have other users to chat with.
# IRC servers connect to other servers forming a network with a star or
# tree topology. Loops are not allowed.
# In this network, two servers can be distinguished: "hub" and "leaf"
# servers. Leaf servers connect to hubs; hubs connect to each other.
# Of course, many servers can't be directly classified in one of these
# categories. Both a fixed and a rule-based decision making system for
# server links is provided for ircd to decide what links to allow, what
# to let humans do themselves, and what links to (forcefully) disallow.
#
# The Connection lines (also known as C lines)
# define what servers the server connect to, and which servers are
# allowed to connect.
# C:<remote hostname or IP>:<password>:<remote server name>:<port>:<class>
#
# The "port" field defines the default port the server tries to connect
# to if an operator uses /connect without specifying a port. This is also
# the port used when the server attempts to auto-connect to the remote 
# server. (See Y:lines for more informationa about auto-connects).

# Our primary uplink.
C:1.2.3.4:passwd:Amsterdam.NL.Eu.UnderNet.org:4400:90

#
# If your server starts on a bit larger network, you'll probably get
# assigned one or two uplinks to which your server can connect.
# If your uplink(s) also connect to other servers than yours (which is
# probable), you need to define your uplink as being allowed to "hub".
# H:<allowed hostmask>::<server name>
H:*.*::Amsterdam.NL.Eu.UnderNet.org

#
# Of course, the opposite is also possible: forcing a server to be
# a leaf. L: lines follow Murphy's Law: if you use them, there's a big
# chance that routing will be screwed up afterwards.
# L:<opt disallowed hostmask>::<server mask>:<opt max depth>

#
# For an advanced, real-time rule-based routing decision making system
# you can use Disallow lines. For more information, see doc/readme.crules.
# D:<server mask that ircd will refuse to connect to>::<rule>
# d:<server mask that ircd will not autoconnect to>::<rule>
# D:*.US.UnderNet.org::connected(*.US.UnderNet.org)
# d:*.EU.UnderNet.org::connected(Amsterdam.NL.EU.*)

# The following line is recommended for leaf servers:
# d:*::directcon(*)

#
# Inevitably, you have reached the part about "IRC Operators". Oper status
# grants some special privileges to a user, like the power to make the
# server break or (try to) establish a connection with another server,
# and to "kill" users off IRC.
# I can write many pages about this; I will restrict myself to saying that
# if you want to appoint somebody as IRC Operator on your server, that
# person should be aware of his/her responsibilities, and that you, being
# the admin, will be held accountable for their actions.
#
# There are two sorts of IRC Operators: "local" and "global". Local opers
# can squit, connect and kill - but only locally: their +o user mode
# is not not passed along to other servers. On Undernet, this prevents
# them from using Uworld as well.
# Depending on some defines in include/config.h, local operators are also
# not allowed to /DIE and /RESTART the server.
# Local operators are designated with a lowercase 'o'
# O:<host/IP mask>:<encrypted password>:<Nick>::<connection class>
# o:<host/IP mask>:<encrypted password>:<Nick>::<connection class>

O:*@*.cs.vu.nl:VRKLKuGKn0jLs:Niels::10

# Note that the <connection class> is optional, but leaving it away
# puts the O: lines in class 0, which usually only accepts one connection
# at a time.  If you want users to Oper up more then once per O: line,
# then use a connection class that allows more then one connection,
# for example (using class 10 as in the example above):
# Y:10:90:0:100:160000

# [P:lines]
# When your server gets fuller, you will notice delays when trying to
# connect to your server's primary listening port. Via the Port lines
# it is possible to specify additional ports for ircd to listen to.
# De facto ports are: 6667 - standard; 6660-6669 - additional client
# ports;
# Undernet uses 4400 for server listener ports.
# These are just hints, they are in no way official IANA or IETF policies.
# IANA says we should use port 194, but that requires us to run as root, so
# we don't do that.
#
# P:<hostmask>:<interface>:<[CS][H]>:<port number>
#
# The hostmask setting allows you to specify a range of IP addresses that
# you will allow connections from. This should only contain IP addresses
# and '*' if used. This field only uses IP addresses. This does not use
# DNS in any way so you can't use it to allow *.nl or *.uk. Attempting
# to specify anything other than numbers, dots and stars [0-9.*] will result
# in the port allowing connections from anyone.
#
# The interface setting allows multiply homed hosts to specify which
# interface to use on a port by port basis, if an interface is not specified
# the default interface will be used. The interface MUST be the complete
# IP address for a real hardware interface on the machine running ircd.
# If you want to use virtual hosting *YOU* *MUST* *USE* *THIS* otherwise it
# WILL bind to all interfaces - not what most people seem to expect.
#
# The [CS][H] field is an optional field to specify that a port is a
# server port or a client port and whether it's hidden or not.
# If used the first character MUST be either a C or S.
# If you want to hide a port from /stats p from non-opers follow the C
# or S with an H
#
# P:<hostmask>:<interface>:<[CS][H]>:<port number>
#
# This is a normal server port, you need to have at least one server
# port defined if you want to connect your server to other servers.
P:::S:4400
# This is a Server port that is Hidden
#P:::SH:4401

# The following are normal client ports
P:::C:6667
P::::6668
P:192.168.*:::6666

# This is a hidden client port, listening on the interface associated
# with the IP address 168.8.21.107
#P:*:168.8.21.107:CH:7000

# [F:lines]
# IRC servers have a large number of options and features.  Most of these
# are set at compile time through the use of #define's--see "make config"
# for more details--but we are working to move many of these into the
# configuration file.  Feature lines are the hook we're using for this.
#
# F:<key>:<value>[:<value>[...]]
#
# Currently, the only defined value for <key> is "LOG," and it allows you
# to customize the settings of the logging architecture.  You can set the
# default logging facility to, say, local7 (F:LOG:LOCAL7), or set a log
# file for one of the subsystems (F:LOG:GLINE:FILE:gline.log).  More than
# one subsystem can log to the same file without danger of interleaving.
#
# The currently defined subsystems are SYSTEM, CONFIG, OPERMODE (used by
# /opmode and /clearmode), GLINE, JUPE, WHO (used by /whox), NETWORK
# (connects and disconnects), OPERKILL, SERVKILL, USER, OPER, OPERLOG,
# USERLOG, RESOLVER, SOCKET, DEBUG, and OLDLOG.  You can set log files
# for these subsystems to log to, or you can tell them to syslog their
# data, or even send server notices.  You can do any of these in
# combination, but you can't log to more than one file.  You can also set
# minimum log levels per subsystem, if you wish.
#
# The format for LOG Feature lines is as follows:
#
# F:LOG:<facility>
# F:LOG:<subsystem>:<type>[:<value>]
#
# The first sets the default facility for ircu to log to to <facility>.
# Valid <facility> values are listed in the syslog(3) man page; just
# remove the "LOG_" prefix.
#
# The list of subsystems is given above.  The valid values for <type> are
# FILE, FACILITY, SNOMASK, and LEVEL, which respectively set the log file,
# the syslog facility, a server notice mask value, and the minimum log
# level.  If no <value> is given, or if <value> is empty, the default
# value for that type is set.
#
# Valid <value>'s for the FACILITY type are the normal syslog values (with
# the "LOG_" prefix removed) or the special values "NONE" (which specifies
# that syslogging should not be attempted) and "DEFAULT" (which specifies
# that the server-wide facility should be used); the default for all
# subsystems is "NONE."
#
# Valid <value>'s for the SNOMASK type are OLDSNO, SERVKILL, OPERKILL,
# HACK2, HACK3, UNAUTH, TCPCOMMON, TOOMANY, HACK4, GLINE, NETWORK,
# IPMISMATCH, THROTTLE, OLDREALOP, and CONNEXIT, as well as the special
# values NONE, which specifies that no server notices should be sent,
# and DEBUG, which is only available if DEBUGMODE has been enabled.
#
# Valid <value>'s for the LEVEL type are CRIT, ERR, WARNING, NOTICE,
# TRACE, INFO, and DEBUG.  Note that logs with level CRIT always result
# in server notices to mask SNO_OLDSNO, and logs with level DEBUG always
# send server notices to mask SNO_DEBUG.
#
# A couple of things to note: log settings are not reset to defaults prior
# to a rehash; this means that if you delete F-lines and rehash, logs will
# continue going to the same place.  Also, all subsystems are defaulted to
# minimum log level INFO (or DEBUG if DEBUGMODE is #define'd).

#
# Well, you have now reached the end of this sample configuration file
# If you have any questions, feel free to mail <doco-com@undernet.org>
# or <coder-com@undernet.org>.
# If you are interested in linking your server to the Undernet IRC network
# visit http://www.routing-com.undernet.org/, and if there are any problems
# then contact <routing-com@undernet.org> asking for information.
# Upgrades of the Undernet ircd can be found on http://coder-com.undernet.org/.
#
# For the rest:  Good Luck!
#
#       -- Niels.