# ircd.conf - configuration file for ircd version ircu2.10 # # Last Updated: 20, March 2002. # # Written by Niels , based on the original example.conf, # server code and some real-life (ahem) experience. # # Updated and heavily modified by Braden . # # Rewritten by A1kmm(Andrew Miller) to support # the new flex/bison configuration parser. # # Thanks and credits to: Run, Trillian, Cym, Morrissey, Chaos, Flynn, # Xorath, WildThang, Mmmm, SeKs, Ghostwolf and # all other Undernet IRC Admins and Operators, # and programmers working on the Undernet ircd. # # This is an example of the configuration file used by the Undernet ircd. # # This document is based on a (fictious) server in Europe with a # connection to the Undernet IRC network. It is primarily a leaf server, # but if all the other hubs in Europe aren't in service, it can connect # to one in the US by itself. # # The configuration format consists of a number of blocks in the format # BlockName { setting = number; setting2 = "string"; setting3 = yes; }; # Note that comments start from a #(hash) and go to the end of the line. # Whitespace(space, tab, or carriage return/linefeed) are ignored and may # be used to make the configuration file more readable. # # Please note that when ircd puts the configuration lines into practice, # it parses them exactly the other way round than they are listed here. # It uses the blocks in reverse order. # # This means that you should start your Client blocks with the # "fall through", most vanilla one, and end with the most detailed. # # There is a difference between the "hostname" and the "server name" # of the machine that the server is run on. For example, the host can # have "veer.cs.vu.nl" as FQDN, and "Amsterdam.NL.EU.undernet.org" as # server name. # A "server mask" is something like "*.EU.UnderNet.org", which is # matched by "Amsterdam.NL.EU.undernet.org" but not by # "Manhattan.KS.US.undernet.org". # # Please do NOT just rename the example.conf to ircd.conf and expect # it to work. # [General] # # First some information about the server. # General { # name = "servername"; # vhost = "virtualhost"; # description = "description"; # numeric = numericnumber; # }; # # must contain either a * or a valid IPv4 address in # dotted quad notation. (127.0.0.1) The address MUST be the address # of a physical interface on the host. This address is used for outgoing # connections only, see Port{} for listener virtual hosting. # If in doubt put a * or the IP of your primary interface here. # The server must be compiled with virtual hosting turned on to get this # to work correctly. # # Note that has to be unique on the network your server # is running on, must be between 0 and 4095, and is not updated on a rehash. General { name = "London.UK.Eu.UnderNet.org"; description = "University of London, England"; numeric = 1; }; # [Admin] # # This sets information that can be retrieved with the /ADMIN command. # It should contain at least an admin Email contact address. Admin { Location = "The University of London"; # At most two contact lines are allowed... Contact = "Undernet IRC server"; Contact = "IRC Admins "; }; # [Classes] # # All connections to the server are associated with a certain "connection # class", be they incoming or outgoing (initiated by the server), be they # clients, servers or Martians. (Note that ircd doesn't have direct support # Recommended client classes: # for Martians (yet?); they will have to register as normal users. ;-) # Take the following class blocks only as a guide. # Class { # name = ""; # pingfreq = time; # connectfreq = time; # maxlinks = number; # sendq = size; # usermode = "+i"; # }; # # applies only to servers, and specifies the frequency # that the server tries to autoconnect. setting this to 0 will cause # the server to attempt to connect repeatedly with no delay until the # condition is satisfied. This is a Bad Thing(tm). # Note that times can be specified as a number, or by giving something # like: 1 minutes 20 seconds, or 1*60+20. # Client { # host = "user@host"; # ip = "ip@host"; # password = "password"; # class = "classname"; # }; # # should be set at either 0 or 1. # # Recommended server classes: # All your server uplinks you are not a hub for. Class { name = "Server"; pingfreq = 1 minutes 30 seconds; connectfreq = 5 minutes; maxlinks = 1; sendq = 9000000; }; # All the leaf servers you hub for. Class { name = "LeafServer"; pingfreq = 1 minutes 30 seconds; connectfreq = 5 minutes; maxlinks = 0; sendq = 9000000; }; # Recommended client classes: # Client classes. 10 = locals; 2 = for all .net and .com that are not # in Europe; 1 = for everybody. Class { name = "Local"; pingfreq = 1 minutes 30 seconds; sendq = 160000; maxlinks = 100; usermode = "+iw"; }; Client { class = "Other"; host = "*@*"; }; Class { name = "America"; pingfreq = 1 minutes 30 seconds; sendq = 80000; maxlinks = 5; }; Class { name = "Other"; pingfreq = 1 minutes 30 seconds; sendq = 160000; maxlinks = 400; }; Class { name = "Opers"; pingfreq = 1 minutes 30 seconds; sendq = 160000; maxlinks = 10; # For connection classes intended for operator use, you can specify # privileges used when the Operator block (see below) names this # class. The local (aka globally_opered) privilege MUST be defined # by either the Class or Operator block. The following privileges # exist: # # local (or propagate, with the opposite sense) # whox (can use x flag with /WHO) # display (oper status visible to lusers) # chan_limit (can join local channels when in # MAXCHANNELSPERUSER channels) # mode_lchan (can /MODE &channel without chanops) # deop_lchan (cannot be deopped or kicked on local channels) # walk_lchan (can forcibly /JOIN &channel OVERRIDE) # show_invis (see +i users in /WHO x) # show_all_invis (see +i users in /WHO x) # unlimit_query (show more results from /WHO) # local_kill (can kill clients on this server) # rehash (can use /REHASH) # die (can use /DIE) # local_jupe_server (not used) # set (can use /SET) # local_gline (can set a G-line for this server only) # local_badchan (can set a Gchan for this server only) # see_chan (can see users in +s channels in /WHO) # wide_gline (can use ! to force a wide G-line) # see_opers (can see opers without DISPLAY privilege) # force_local_opmode (can use OPMODE/CLEARMODE on quarantined local channels) # kill (can kill clients on other servers) # gline (can issue G-lines to other servers) # jupe_server (not used) # opmode (can use /OPMODE) # badchan (can issue Gchans to other servers) # force_opmode (can use OPMODE/CLEARMODE on quarantined global channels) # # For global opers (with propagate = yes or local = no), the default # is to grant all of the above privileges. For local opers, the # default is to grant ONLY the following privileges: # chan_limit, mode_lchan, show_invis, show_all_invis, local_kill, # rehash, local_gline, local_jupe, local_opmode, whox, display, # force_local_opmode # Any privileges listed in a Class block override the defaults. local = no; }; # [Client] # # To allow clients to connect, they need authorization. This can be # done based on hostmask, address mask, and/or with a password. # With intelligent use of classes and the maxconnections field in the # Client blocks, you can let in a specific domain, but get rid of all other # domains in the same toplevel, thus setting up some sort of "reverse # Kill block". # Client { # host = "user@host"; # ip = "ip@host"; # password = "password"; # class = "classname"; # }; # # Technical description (for examples, see below): # For every connecting client, the IP address is known. A reverse lookup # on this IP-number is done to get the (/all) hostname(s). # Each hostname that belongs to this IP-number is matched to , # and the Client {} is used when any matches; the client will then show # with this particular hostname. If none of the hostnames match, then # the IP-number is matched against the field, if this matches # then the Client{} is used nevertheless and the client will show with the # first (main) hostname if any; if the IP-number did not resolve then the # client will show with the dot notation of the IP-number. # There is a special case for the UNIX domain sockets and localhost connections # though; in this case the field is compared with the # name of the server (thus not with any IP-number representation). The name # of the server is the one returned in the numeric 002 reply, for example: # 002 Your host is 2.undernet.org[jolan.ppro], running version ... # Then the "jolan.ppro" is the name used for matching. # Therefore, unix domain sockets, and connections to localhost would # match this block: # host = "*@jolan.ppro"; # # This is the "fallback" entry. All .uk, .nl, and all unresolved are # in these two lines. # By using two different lines, multiple connections from a single IP # are only allowed from hostnames which have both valid forward and # reverse DNS mappings. Client { class = "Other"; ip = "*@*"; }; Client { class = "Other"; host = "*@*"; }; # If you don't want unresolved dudes to be able to connect to your # server, do not specify any "ip = " settings. # # Here, take care of all American ISPs. Client { host = "*@*.com"; class = "America"; }; Client { host = "*@*.net"; class = "America"; }; # Now list all the .com / .net domains that you wish to have access... # actually it's less work to do it this way than to do it the other # way around - K-lining every single ISP in the US. # I wish people in Holland just got a .nl domain, and not try to be # cool and use .com... Client { host = "*@*.wirehub.net"; class = "Other";}; Client { host = "*@*.planete.net"; class = "Other";}; Client { host = "*@*.ivg.com"; class = "Other";}; Client { host = "*@*.ib.com"; class = "Other";}; Client { host = "*@*.ibm.net"; class = "Other";}; Client { host = "*@*.hydro.com"; class = "Other";}; Client { host = "*@*.nl.net"; class = "Local";}; # You can request a more complete listing, including the "list of standard # Kill blocks" from the Routing Committee; it will also be sent to you if # you apply for a server and get accepted. # # Ourselves - this makes sure that we can get in, no matter how full # the server is (hopefully). Client { host = "*@*.london.ac.uk"; ip = "*@193.37.*"; class = "Local"; }; # You can put a digit (0..9) in the password value, which will make ircd # only accept a client when the total number of connections to the network # from the same IP number doesn't exceed this number. # The following example would accept at most one connection per IP number # from "*.swipnet.se" and at most two connections from dial up accounts # that have "dial??.*" as host mask: # Client { # host = "*@*.swipnet.se"; # password = "1"; # class = "Other"; # }; # Client { # host = "*@dial??.*"; # password = "2"; # class = "Other"; # }; # # If you are not worried about who connects, this line will allow everyone # to connect. Client { host = "*@*"; ip = "*@*"; class = "Other"; }; # [motd] # # It is possible to show a different Message of the Day to a connecting # client depending on its origin. # motd { # # Note: host can also be a classname. # host = "Other"; # file = "path/to/motd/file"; # }; # # DPATH/net_com.motd contains a special MOTD where users are encouraged # to register their domains and get their own client{} lines if they're in # Europe, or move to US.UnderNet.org if they're in the USA. motd { host = "*.net"; file = "net_com.motd"; }; motd { host = "*.com"; file = "net_com.motd"; }; motd { host = "America"; file = "net_com.motd"; }; # A different MOTD for ourselves, where we point out that the helpdesk # better not be bothered with questions regarding irc... motd { host = "*.london.ac.uk"; file = "london.motd"; }; # [Server] # # One of the many nice features of Undernet is "Uworld", a program # connected to the net as a server. This allows it to broadcast any mode # change, thus allowing opers to, for example, "unlock" a channel that # has been taken over. # There is only one slight problem: the TimeStamp protocol prevents this. # So there is a configuration option to allow them anyway from a certain # server. # Server { # # The servername or wildcard mask for it that this applies to. # name = "relservername"; # # The mask of servers they are allowed to introduce(for hub=yes;) or # # not allowed to introduce(for leaf=yes). # mask = "servermask"; # # No is assumed for these unless you set it to yes. # uworld = no; # leaf = no; # hub = yes; # }; # # Note: (1) These lines are agreed on by every server admin on Undernet; # (2) These lines must be the same on every single server, or results # will be disasterous; (3) This is a useful feature, not something that # is a liability and abused regularly (well... :-) # If you're on Undernet, you MUST have these lines. I cannnot stress # this enough. If all of the servers don't have the same lines, the # servers will try to undo the mode hacks that Uworld does. Make SURE that # all of the servers have the EXACT same Ulines. # # If your server starts on a bit larger network, you'll probably get # assigned one or two uplinks to which your server can connect. # If your uplink(s) also connect to other servers than yours (which is # probable), you need to define your uplink as being allowed to "hub". # To do this, set "hub = yes;" # You can also force a server(even one that doesn't connect to you) # to be a leaf with "leaf = yes;" Server { name = "uworld.eu.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "uworld2.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "uworld.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "channels.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "channels2.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "channels3.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "channels4.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "channels5.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "channels6.undernet.org"; mask = "*"; uworld = yes; hub = yes; }; Server { name = "Amsterdam.NL.Eu.UnderNet.org"; mask = "*"; hub = yes; }; # An example just to make sure IRCnet doesn't get on undernet... Server { name = "*"; mask = "eris.berkeley.edu"; hub = yes; }; # As of ircu2.10.05 is it possible to Jupe nicks. As per CFV-0095, the # following nicks must be juped, it is not allowed to jupe others as well. Jupe { nick = "EuWorld,E,StatServ,NoteServ"; nick = "UWorld2,ChanSvr,ChanSaver,ChanServ"; nick = "Uworld,NickSvr,NickSaver,NickServ"; nick = "LPT1,X,login,LPT2,W,Undernet,COM1,V,protocol,COM2"; nick = "U,pass,COM3,Y,AUX,COM4,Z,newpass"; }; # [Kill] # # While running your server, you will most probably encounter individuals # or groups of persons that you do not wish to have access to your server. # # For this purpose, the ircd understands "kill blocks". These are also # known as K-lines, by virtue of the former config file format. # Kill # { # host = "user@host"; # reason = "The reason the user will see"; # }; # It is possible to ban on the basis of the real name. # It is also possible to use a file as comment for the ban, using # file = "file": # Kill # { # realname = "realnametoban"; # file = "path/to/file/with/reason/to/show"; # }; # # # The default reason is: "You are banned from this server" # Note that K-lines are local to the server; if you ban a person or a # whole domain from your server, they can get on IRC via any other server # that doesn't have them K-lined (yet). # # With a simple comment, using quotes: Kill { host = "*.au"; reason = "Please use a nearer server"; }; Kill { host = "*.edu"; reason = "Please use a nearer server"; }; # The file can contain for example, a reason, a link to the # server rules and a contact address. Kill { host = "*luser@unixbox.flooder.co.uk"; file = "kline/youflooded.txt"; }; # IP-based kill lines apply to all hosts, even if an IP address has a # properly resolving host name. Kill { host = "192.168.*"; file = "klines/martians"; }; # The realname field lets you ban by realname... Kill { host = "*sub7*"; reason = "You are infected with a Trojan"; }; # [Connect] # # You probably want your server connected to other servers, so your users # have other users to chat with. # IRC servers connect to other servers forming a network with a star or # tree topology. Loops are not allowed. # In this network, two servers can be distinguished: "hub" and "leaf" # servers. Leaf servers connect to hubs; hubs connect to each other. # Of course, many servers can't be directly classified in one of these # categories. Both a fixed and a rule-based decision making system for # server links is provided for ircd to decide what links to allow, what # to let humans do themselves, and what links to (forcefully) disallow. # # The Connect blocks # define what servers the server connect to, and which servers are # allowed to connect. # Connect { # name = "servername"; # host = "hostnameORip"; # password = "passwd"; # port = portno; # class = "classname"; # }; # # The "port" field defines the default port the server tries to connect # to if an operator uses /connect without specifying a port. This is also # the port used when the server attempts to auto-connect to the remote # server. (See Class blocks for more informationa about auto-connects). # # Our primary uplink. Connect { name = "Amsterdam.NL.Eu.UnderNet.org"; host = "1.2.3.4"; password = "passwd"; port = 4400; class = "Servers"; }; # [crule] # # For an advanced, real-time rule-based routing decision making system # you can use crule blocks. For more information, see doc/readme.crules. # CRULE # { # server = "servermask"; # rule = "connectrule"; # # Setting all to yes makes the rule always apply. Otherwise it only # # applies to autoconnects. # all = yes; # }; CRULE { server = "*.US.UnderNet.org"; rule = "connected(*.US.UnderNet.org)"; }; CRULE { server = "*.EU.UnderNet.org"; rule = "connected(Amsterdam.NL.EU.*)"; }; # The following block is recommended for leaf servers: CRULE { server = "*"; rule = "directcon(*)"; }; # [Operator] # # Inevitably, you have reached the part about "IRC Operators". Oper status # grants some special privileges to a user, like the power to make the # server break or (try to) establish a connection with another server, # and to "kill" users off IRC. # I can write many pages about this; I will restrict myself to saying that # if you want to appoint somebody as IRC Operator on your server, that # person should be aware of his/her responsibilities, and that you, being # the admin, will be held accountable for their actions. # # There are two sorts of IRC Operators: "local" and "global". Local opers # can squit, connect and kill - but only locally: their +o user mode # is not not passed along to other servers. On Undernet, this prevents # them from using Uworld as well. # # Operator { # host = "host/IP mask"; # name = "opername"; # password = "encryptedpass"; # class = "classname"; # # You can also set any operator privilege; see the Class block # # documentation for details. A privilege defined for a single # # Operator will override the privilege settings for the Class # # and the default setting. # }; # # The encrypted password is optional. If you wish to encrypt your # password, there is a utility in the ircd. Please read the file # tools/README. # All privileges are shown with their default values; if you wish to # override defaults, you should set only those privileges for the # operator. Listing defaulted privileges just makes things harder to # find. Operator { local = no; host = "*@*.cs.vu.nl"; password = "VRKLKuGKn0jLt"; name = "Niels"; class = "Local"; }; Operator { host = "*@*.uu.net"; password = "notencryptedpass"; name = "Niels"; class = "Opers"; }; # Note that the is optional, but leaving it away # puts the opers in class "default", which usually only accepts one # connection at a time. If you want users to Oper up more then once per # block, then use a connection class that allows more then one connection, # for example (using class Local as in the example above): # # Once you OPER your connection class changes no matter where you are or # your previous connection classes. If the defined connection class is # Local for the operator block, then your new connection class is Local. # [Port] # When your server gets more full, you will notice delays when trying to # connect to your server's primary listening port. It is possible via the # Port lines to specify additional ports for the ircd to listen to. # De facto ports are: 6667 - standard; 6660-6669 - additional client # ports; # Undernet uses 4400 for server listener ports. # These are just hints, they are in no way official IANA or IETF policies. # IANA says we should use port 194, but that requires us to run as root, # so we don't do that. # # Port { # port = number; # mask = "ipmask"; # # Use this to control the interface you bind to. # vhost = "virtualhostip"; # # Setting to yes makes this server only. # server = yes; # # Setting to yes makes the port "hidden" from stats. # hidden = yes; # }; # # The mask setting allows you to specify a range of IP addresses that # you will allow connections from. This should only contain IP addresses # and '*' if used. This field only uses IP addresses. This does not use # DNS in any way so you can't use it to allow *.nl or *.uk. Attempting # to specify anything other than numbers, dots and stars [0-9.*] will result # in the port allowing connections from anyone. # # The interface setting allows multiply homed hosts to specify which # interface to use on a port by port basis, if an interface is not specified # the default interface will be used. The interface MUST be the complete # IP address for a real hardware interface on the machine running ircd. # If you want to use virtual hosting *YOU* *MUST* *USE* *THIS* otherwise it # WILL bind to all interfaces - not what most people seem to expect. # Port { server = yes; port = 4400; }; # This is a Server port that is Hidden Port { server = yes; hidden = yes; port = 4401; }; # The following are normal client ports Port { port = 6667; }; Port { port = 6668; }; Port { mask = "192.168.*"; port = 6666; }; # This is a hidden client port, listening on the interface associated # with the IP address 168.8.21.107 Port { mask = "168.8.21.107"; hidden = yes; port = 7000; }; # This is a server-implemented alias to send a message to a service. # The string after Pseudo is the command name; the name entry inside # is the service name, used for error messages. More than one nick # entry can be provided; the last one listed has highest priority. Pseudo "CHANSERV" { name = "X"; nick = "X@channels.undernet.org"; }; # You can also prepend text before the user's message. Pseudo "LOGIN" { name = "X"; prepend = "LOGIN "; nick = "X@channels.undernet.org"; }; # You can ask a separate server whether to allow users to connect. IAuth { pass = "ircd-iauth"; host = "127.0.0.1"; port = 7700; connectfreq = 30; timeout = 60; }; # [features] # IRC servers have a large number of options and features. Most of these # are set at compile time through the use of #define's--see "make config" # for more details--but we are working to move many of these into the # configuration file. Features let you configure these at runtime. # You only need one feature block in which you use # "featurename" = "value1" , "value2", ..., "valuen-1", "valuen"; # # The entire purpose of F:lines are so that you do not have to recompile # the IRCD everytime you want to change a feature. All of the features # are listed below, and at the bottom is how to set logging. # # A Special Thanks to Kev for writing the documentation of F:lines. It can # be found at doc/readme.features and the logging documentation can be # found at doc/readme.log. The defaults used by the Undernet network are # below. # features { # "DOMAINNAME"=""; # "RELIABLE_CLOCK"="FALSE"; # "BUFFERPOOL"="27000000"; # "HAS_FERGUSON_FLUSHER"="FALSE"; # "CLIENT_FLOOD"="1024"; # "SERVER_PORT"="4400"; # "NODEFAULTMOTD"="TRUE"; # "MOTD_BANNER"="TRUE"; # "KILL_IPMISMATCH"="FALSE"; # "IDLE_FROM_MSG"="TRUE"; # "HUB"="FALSE"; # "WALLOPS_OPER_ONLY"="FALSE"; # "NODNS"="FALSE"; # "RANDOM_SEED"=""; # "DEFAULT_LIST_PARAM"="TRUE"; # "NICKNAMEHISTORYLENGTH"="800"; # "HOST_HIDING"="FALSE"; # "HIDDEN_HOST"="users.undernet.org"; # "HIDDEN_IP"="127.0.0.1"; # "KILLCHASETIMELIMIT"="30"; # "MAXCHANNELSPERUSER"="10"; # "NICKLEN" = "12"; # "AVBANLEN"="40"; # "MAXBANS"="30"; # "MAXSILES"="15"; # "HANGONGOODLINK="300"; # "HANGONRETRYDELAY" = "10"; # "CONNECTTIMEOUT" = "90"; # "TIMESEC" = "60"; # "MAXIMUM_LINKS" = "1"; # "PINGFREQUENCY" = "120"; # "CONNECTFREQUENCY" = "600"; # "DEFAULTMAXSENDQLENGTH" = "40000"; # "GLINEMAXUSERCOUNT" = "20"; # "MPATH" = "ircd.motd"; # "RPATH" = "remote.motd"; # "PPATH" = "ircd.pid"; # "VIRTUAL_HOST" = "FALSE"; # "TOS_SERVER" = "0x08"; # "TOS_CLIENT" = "0x08"; # "POLLS_PER_LOOP" = "200"; # "IRCD_RES_TIMEOUTS" = "4"; # "IRCD_RES_RETRIES" = "2"; # "AUTH_TIMEOUT" = "9"; # "IPCHECK_CLONE_LIMIT" = "4"; # "IPCHECK_CLONE_PERIOD" = "40"; # "IPCHECK_CLONE_DELAY" = "600"; # "CRYPT_OPER_PASSWORD" = "TRUE"; # "CONFIG_OPERCMDS" = "FALSE"; # "OPLEVELS" = "TRUE"; # "LOCAL_CHANNELS" = "TRUE"; }; # Well, you have now reached the end of this sample configuration # file. If you have any questions, feel free to mail # . If you are interested in linking your # server to the Undernet IRC network visit # http://www.routing-com.undernet.org/, and if there are any # problems then contact asking for # information. Upgrades of the Undernet ircd can be found on # http://coder-com.undernet.org/. # # For the rest: Good Luck! # # -- Niels.