From c4bd4a59b2527590375b4fa2073db78fdf8d2460 Mon Sep 17 00:00:00 2001 From: "Kevin L. Mitchell" Date: Fri, 22 Jun 2001 19:46:18 +0000 Subject: [PATCH] Author: Kev Log message: Document each feature, along with a document about how to configure logging. git-svn-id: file:///home/klmitch/undernet-ircu/undernet-ircu-svn/ircu2/trunk@511 c9e4aea6-c8fd-4c43-8297-357d70d61c8c --- ChangeLog | 7 + doc/readme.features | 669 ++++++++++++++++++++++++++++++++++++++++++++ doc/readme.log | 193 +++++++++++++ 3 files changed, 869 insertions(+) create mode 100644 doc/readme.features create mode 100644 doc/readme.log diff --git a/ChangeLog b/ChangeLog index 9ec07a1..7bd1729 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2001-06-22 Kevin L. Mitchell + + * doc/readme.log: documentation of how to configure logging + + * doc/readme.features: documentation of each feature (except for + logging) + 2001-06-21 Kevin L. Mitchell * Makefile.in (config): add a deprecation notice with a pointer to diff --git a/doc/readme.features b/doc/readme.features new file mode 100644 index 0000000..eca7aa7 --- /dev/null +++ b/doc/readme.features @@ -0,0 +1,669 @@ +Many of the old compile-time options are now configured through the +server configuration file, ircd.conf. This file is intended to +document each of these features. Logging, although also configured +through the use of F-lines, is documented in doc/readme.log. + +DOMAINNAME + * Type: string + * Default: picked by ./configure from /etc/resolv.conf + +This option allows you to specify what you consider to be "local." It +is only used for statistics. When you issue the IRC command /STATS w, +the server will respond with statistics of how many clients have been +connecting to your server in the last minute, hour and day. It will +give these statistics for all connections (including the servers), all +clients (from anywhere) and also for clients whose hostname ends on +the domain you specify here. So if you are an ISP and you want to +know what the client load from your own domain is, specify that domain +here. If you are unsure what to do, then it isn't really important +what you give here, just don't give an empty string. A good guess is +the last two parts of your own hostname (i.e., if your hostname is +foo.bar.nowhere.org, specify "nowhere.org"). Note that the string you +give should NOT start with a "." and you should not use quotes. + +RELIABLE_CLOCK + * Type: boolean + * Default: FALSE + +You should really ONLY specify "TRUE" here when your system clock is +stable and accurate at all times (within a few seconds). If you are +running ntpdate on a regular basis, or an equivalent like xntpd, to +keep your system clock synchronized over the network, then you might +have an accurate clock. However, this is not guaranteed; for example, +it is known that xntpd gives unstable results on Linux in some cases. +Note that an unstable clock is worse then an clock that has a constant +offset, because the servers attempt to correct for a constant offset, +but do not correct jumps of your system clock! In general you SHOULD +be running ntpdate or equivalent AND make sure it works when you run a +production server on Undernet. Otherwise leave your clock alone and +specify "FALSE" here. If unsure specify "FALSE"! + +BUFFERPOOL + * Type: integer + * Default: 27000000 + +This specifies the maximum amount of RAM that your server will +allocate for buffering sendQs. Small leafs can use a value as little +as 1000000, while large HUBs need to specify a value as high as +20000000. If you run out of memory, clients and/or servers are +dropped with the error "Buffer allocation error"; then you will have +to increase this number (and install more RAM if appropriate). If you +want a more educated guess for this value then realize that any value +is good if you _really_ would rather drop servers and clients than +allocate more memory; this will be the case when there is the danger +you may run out of memory for other allocations. Even if you run the +daemon on a dedicated machine, specifying all of the RAM you have is a +bad thing, because running out of memory is a lot worse than dropping +clients in a controlled way; if possible you should have memory left +for all the internal structures (channels, clients, ban lists, receive +buffers) at all times. On average, clients seem to use 150 bytes of +sendQ, but at peak moments this can easily increase to 2032 bytes per +client (sendQs are allocated in chunks of 2032 bytes). The maximum +possible amount that can be allocated for sendQs is the number of +connected clients times whatever you specified as the maximum sendQ in +your Y: lines in the ircd.conf file. That value will likely be larger +then the amount of RAM you have. The educated guess I talked about +earlier would be "number of clients" times * 2048 bytes + "size of +net.burst" * n, where "n" is 1 for leafs and up to 5 for HUBs. The +"size of net.burst" is about 125 bytes per online client (on the whole +network). For large HUBs with 4000 clients on a network with 30,000 +users, this results in 27 Mb. Leafs could use 12 Mb. Of course you +can use less when you have less than 4000 local clients. This value +is in bytes. + +HAS_FERGUSON_FLUSHER + * Type: boolean + * Default: FALSE + +If you have a server with a lot of resources available, this option +will cause the server to attempt to flush its internal buffers before +dropping clients during a net break. Don't define this if you don't +know for certain; if you're not careful this can end up rebooting +FreeBSD boxes. For more information, refer to freebsd.txt, also in +this directory. + +CLIENT_FLOOD + * Type: integer + * Default: 1024 + +Currently, everything that a client sends to a server is read by the +server and stored in a buffer (the clients receive queue). The server +will process messages from this queue one by one (running over all +clients each time). When a client sends new messages faster they get +processed, and the size of its receive buffer reaches this value, the +client is dropped with the error "Excess flood." A reasonable value +is 1024 bytes. The maximum size is 8000 bytes. + +SERVER_PORT + * Type: integer + * Default: 4400 + +When an IRC operator attempts a connect to another server, he or she +may not know which port the connect should go to. In this server +version, that operator may use the special port 0, in which case the +server will take the port from the C-line. If no port is specified in +the C-line, however, the port specified by this option will be used +instead. + +NODEFAULTMOTD + * Type: boolean + * Default: TRUE + +Every time a client connects to your server, the full Message of the +Day (as specified by the T-lines or by the file specified by the MPATH +option) is sent to the client. The server sends the Message of the +Day even though many clients permit the user to ignore it. Many users +never read the message of the day anyway, making it a huge waste of +bandwidth. If you specify "TRUE" here, then the server won't send the +MOTD to the client by default; instead, it will only tell the client +when the MOTD was last changed, and give instructions on how to obtain +it by typing /MOTD. + +KILL_IPMISMATCH + * Type: boolean + * Default: FALSE + +When a client connects to your server, the IP address of the client is +reverse-resolved to obtain a hostname. Then that hostname is resolved +to an IP address and compared with the IP address of the client. If +they don't match, the client will appear with the IP address instead +of the hostname, unless KILL_IPMISMATCH is "TRUE," in which case the +client is simply disconnected. + +IDLE_FROM_MSG + * Type: boolean + * Default: TRUE + +The IRC command WHOIS gives an idle time for clients. If you want +this idle time to be set to zero only when the client sends a PRIVMSG, +then you should specify "TRUE" here. If you specify "FALSE," then the +idle time will be nullified on all messages except the server +PING/PONG. + +HUB + * Type: boolean + * Default: FALSE + +All servers of an IRC "network" are connected in a "tree" (no loops). +Servers that are only connected to one other server (called the +"uplink") are called "leafs"; servers that are connected to more than +one other server are called HUBs. If you specify "FALSE" here then +your server will prevent itself from accidentally connecting to two +servers at once, thus keeping servers in poor network locations from +routing traffic. Note that on Undernet, all newly linked servers are +linked as leafs during their test phase, and should specify "FALSE" +here. + +WALLOPS_OPER_ONLY + * Type: boolean + * Default: FALSE + +Setting this option removes the ability for clients that are not IRC +operators to see wallops messages. + +NODNS + * Type: boolean + * Default: FALSE + +If you are playing with the server off-line, and no DNS is available, +then long delays occur before the server starts up because it tries to +resolve the name given on the M-line (which usually isn't given in +/etc/hosts) and for each connecting client. If you specify "TRUE" +here, then a call to gethostbyname() will be done only for the real +hostname, and the server will not try to resolve clients that connect +to "localhost." Note that other calls to gethostbyname() are still +done if you use VIRTUAL_HOST; also note that the server still tries to +resolve clients that connect to the real IP address of the server. + +RANDOM_SEED + * Type: string + * Default: none + +When a client connects, the server sends the client a "cookie," +consisting of a random number. The client must return the cookie to +the server verbatim. This is done to prevent IP spoofing. The cookie +is generated by a pseudorandom number generator included in ircd. +This generator must be seeded with a phrase that is kept secret, to +ensure that the numbers it generates are not easily guessed. The +value given to RANDOM_SEED may be a string of any length. It should +not contain any characters that are considered special by the +configuration file system, such as ":" or "#"; the string should be at +least 8 characters long, but longer strings are better. The +RANDOM_SEED may not be retrieved online. + +DEFAULT_LIST_PARAM + * Type: string + * Default: none + +The LIST command takes a single optional argument. If given, that +argument is either a channel or a filter. If that argument is not +given, then by default, /LIST will list all channels on the network. +Needless to say, this can generate a large amount of data on large +networks with many channels, as well as chewing up a lot of CPU time. +Server administrators can therefore set a default filter to be applied +to the channel list if the optional argument to LIST is omitted. + +NICKNAMEHISTORYLENGTH + * Type: integer + * Default: 800 + +This value specifies the length of the nick name history list, which +is used for /WHOWAS and some nickname chasing in /KILL and /KICK. It +uses about 300 to 400 bytes per entry. Note that at a net break, so +many client disappear that the whole "whowas" list is refreshed a few +times (unless you make it rather large). A reasonable value is "total +number of clients" / 25. + +KILLCHASETIMELIMIT + * Type: integer + * Default: 30 + +If a user changes his or her nickname just before an operator issues a +/KILL, the /KILL will be changed to follow the user the operator +intended to get. This option specifies the time limit, in seconds, +for this nickname change; if the user changed his or her nickname more +than this many seconds ago, the /KILL will not be changed. Don't +change this unless you really need to. + +MAXCHANNELSPERUSER + * Type: integer + * Default: 10 + +This is the maximum number of channels a user can be in at a time. +The "mandatory" value on Undernet is currently 10. Since it only +influences the local server when you decrease it, its up to you to +decide if you want to use a smaller value. Do not use a larger value +however, because it DOES cost more memory and bandwidth on all other +servers when you allow users to join more channels simultaneously. +One of the most important reasons to choose a smaller value is the +fact that the "GUI" clients tend to stay on every channel they join +(they aren't bothered by flooding in other channels). It DOES take +your bandwidth however to send all those messages for 10 different +channels to all your users. + +AVBANLEN + * Type: integer + * Default: 40 + +This is the expected average ban mask length. Leave it at 40. + +MAXBANS + * Type: integer + * Default: 30 + +This is the maximum number of bans a user may set on a given channel. + +MAXSILES + * Type: integer + * Default: 15 + +This is the maximum number of masks a user can silence at a time. The +silence command allows users to filter messages directed at them from +certain users or domains, at the source server. Increasing this +number allows users to use up more memory with inefficient use of the +command. If you're not sure, don't change this. + +HANGONGOODLINK + * Type: integer + * Default: 300 + +Often the net breaks for a short time and it is useful to try to +reestablish the same connection faster than CONNECTFREQUENCY would +allow, but to keep from trying again on a bad connection, we require +that the connection be open for a certain minimum time. The +recommended value is 300 seconds. + +HANGONRETRYDELAY + * Type: integer + * Default: 10 + +When attempting to quickly reestablish a connection to a good link, we +give the net a few seconds to calm down. This time must be long enough +for the other end to also notice that the connection is broken. The +recommended value is 10 seconds. + +CONNECTTIMEOUT + * Type: integer + * Default: 90 + +Number of seconds to wait for a connect(2) call to complete. NOTE: +this must be at *LEAST* 10. When a client connects, it has +CONNECTTIMEOUT - 10 seconds for its host to respond to an ident lookup +query and for a DNS lookup to complete. It is recommended that you not +change this value, but if you do, consider the fact that users whose +clients do not support NOSPOOF will have to type /QUOTE PING before registration. + +TIMESEC + * Type: integer + * Default: 60 + +This is the maximum idle time for the server. If no messages are +received in TIMESEC seconds, PINGFREQUENCY and CONNECTFREQUENCY are +checked. Recommended value is 60 seconds. + +MAXIMUM_LINKS + * Type: integer + * Default: 1 + +This is the maximum number of links for the built-in client class 0. +Leave this value at 1. + +PINGFREQUENCY + * Type: integer + * Default: 120 + +If the daemon doesn't receive anything from any of its links within +PINGFREQUENCY seconds, then the it will attempt to check for an active +link with a PING message. If no reply is received within +(PINGFREQUENCY * 2) seconds, then the connection will be closed. This +value may be overridden by a Y-line in "ircd.conf" if the connection's +I- or C-line in "ircd.conf" assigns a specific class to the connection +(recommended). + +CONNECTFREQUENCY + * Type: integer + * Default: 600 + +This is the default frequency that the server attempts to reconnect +with its uplink server if it is set to auto connect to it. Note that +this value is overridden by a Y-line in ircd.conf if the C-lines in +ircd.conf assign a specific class to the connection (recommended). + +DEFAULTMAXSENDQLENGTH + * Type: integer + * Default: 40000 + +This is the default value of the maximum sendQ length of Y-line +classes (see doc/example.conf for details on Y-lines). You will +probably always override this value in your "ircd.conf" with the +Y-lines. The given value used to be an often used value for client +sendQs. + +MPATH + * Type: string + * Default: "ircd.motd" + +MPATH is the filename (relative to DPATH) or the full path of the +"Message of the Day" file. The contents of this file will be sent to +every client that connects to the server, after registration. + +RPATH + * Type: string + * Default: "remote.motd" + +RPATH is the filename (relative to DPATH) or the full path of the +"Remote Message of the Day" file. The contents of this file will be +sent to every remote client that issues a /MOTD . +Only the first three lines are sent, so you might want to keep that in +mind while writing the file. + +PPATH + * Type: string + * Default: "ircd.pid" + +PPATH is the filename (relative to DPATH) or the full path of the +"PID" file. It is used for storing the server's process ID so that a +ps(1) isn't necessary. + +VIRTUAL_HOST + * Type: boolean + * Default: FALSE + +This option is only needed when you wish to run multiple IRC servers +on the same machine, and they must share at least one port. This will +require having multiple IP addresses for the machine that will be +hosting the servers. If you specify "TRUE" here, you can cause the +server to bind to one of these IP addresses. Use the second field of +the M-line (the "password" field) to specify the IP address. If you +are unsure, stick with "FALSE." + +TOS_SERVER + * Type: integer + * Default: 0x08 + +This option is used to specify the type of service that will be +requested for connections to other servers. The value may be given as +a hexadecimal integer. + +TOS_CLIENT + * Type: integer + * Default: 0x08 + +This option is used to specify the type of service that will be +requested for connections to users. The value may be given as a +hexadecimal integer. + +CRYPT_OPER_PASSWORD + * Type: boolean + * Default: TRUE + +In order to allow certain users to become IRC operators, they must +authenticate themselves with a password. This password is matched +against an O-line in the "ircd.conf" configuration file; see +doc/example.conf for more details. If you specify "TRUE" here, you +must use the crypted form of these passwords in your "ircd.conf" file. +Since compromises of the "ircd.conf" file have happened in the past, +you are highly encouraged to use this option. You can find a program +called "mkpasswd" in the tools directory that will allow you to +generate crypted passwords. + +OPER_NO_CHAN_LIMIT + * Type: boolean + * Default: TRUE + +If this option is set to "TRUE," IRC operators may join as many +channels as they need to. This is primarily intended to permit +administrators to run a channel service for local ("&") channels. + +OPER_MODE_LCHAN + * Type: boolean + * Default: TRUE + +If this option is set to "TRUE," IRC operators may change the channel +modes on local ("&") channels. This is primarily intended to permit +administrators to run a channel service for local channels. + +OPER_WALK_THROUGH_LMODES + * Type: boolean + * Default: FALSE + +If this option is set to "TRUE," IRC operators may join local ("&") +channels regardless of any restrictive modes, including bans. This +requires giving the special password "OVERRIDE." This is primarily +intended to permit administrators to run a channel service for local +channels. + +NO_OPER_DEOP_LCHAN + * Type: boolean + * Default: FALSE + +If this option is set to "TRUE," IRC operators may not be deopped on +local ("&") channels. This is primarily intended to permit +administrators to run a channel service for local channels. + +SHOW_INVISIBLE_USERS + * Type: boolean + * Default: TRUE + +If you specify "TRUE" here, then your (local) IRC Operators will be +able to see all local invisible users (clients connected to your own +server). This should be used only for investigating instances of +abuse; make sure your operators do not use this for spying on +individuals. + +SHOW_ALL_INVISIBLE_USERS + * Type: boolean + * Default: TRUE + +If you specify "TRUE" here, then your global IRC Operators will be +able to see ALL invisible users. This should be used only for +investigating instances of abuse; make sure your operators do not use +this for spying on individuals. + +UNLIMIT_OPER_QUERY + * Type: boolean + * Default: FALSE + +A /WHO command can sometimes return several hundred lines of +information. To reduce the flood potential, the output is truncated. +By setting this option to "TRUE," when an IRC Operator uses /WHO, the +output will not be truncated, no matter how much data is returned. + +LOCAL_KILL_ONLY + * Type: boolean + * Default: FALSE + +If this option is set to "TRUE," operators of this server may only +KILL clients directly connected to this server. Operators will not be +able to issue KILLs for clients on other servers. Some networks may +require that this be turned on for newly linking servers. + +CONFIG_OPERCMDS + * Type: boolean + * Default: FALSE + +For u2.10.11, several new oper-only features have been added that +involve changes to the server<->server protocol. Until the entire +network is running the new version, these features cannot be enabled. +This configuration option provides a single switch to prevent the use +of these features until the entire network has been upgraded. It is +not required that all servers set this to "TRUE" in order for the +features to be used. + +OPER_KILL + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to issue the /KILL command. + +OPER_REHASH + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to issue the /REHASH command. + +OPER_RESTART + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to issue the /RESTART command. + +OPER_DIE + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to issue the /DIE command. + +OPER_GLINE + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to issue global G-lines. + +OPER_LGLINE + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to issue local G-lines. + +OPER_JUPE + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to issue global jupes. + +OPER_LJUPE + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to issue local jupes. + +OPER_OPMODE + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to use /OPMODE and /CLEARMODE on ordinary ("#") channels. + +OPER_LOPMODE + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to use /OPMODE and /CLEARMODE on local ("&") channels. + +OPER_BADCHAN + * Type: boolean + * Default: FALSE + +This selects whether global IRC operators on this server are permitted +to issue global BADCHANs. USE OF THIS ON THE UNDERNET IS STRICTLY +REGULATED BY THE UNDERNET ADMINISTRATION. + +OPER_LBADCHAN + * Type: boolean + * Default: FALSE + +This selects whether global IRC operators on this server are permitted +to issue local BADCHANs. USE OF THIS ON THE UNDERNET IS STRICTLY +REGULATED BY THE UNDERNET ADMINISTRATION. + +OPER_SET + * Type: boolean + * Default: TRUE + +This selects whether global IRC operators on this server are permitted +to use the /SET command to set various feature values. + +OPERS_SEE_IN_SECRET_CHANNELS + * Type: boolean + * Default: TRUE + +If you specify "TRUE" here, then your global IRC Operators will be +able to see who is on a specified secret channel, without joining +themselves. This can be used to make a reasonable judgment in the +case of a "channel takeover" being reported, while the channel is set +invite-only. See doc/readme.who for more details. + +LOCOP_KILL + * Type: boolean + * Default: TRUE + +This selects whether local IRC operators are permitted to use the +/KILL command on local clients. + +LOCOP_REHASH + * Type: boolean + * Default: TRUE + +This selects whether local IRC operators are permitted to use the +/REHASH command. + +LOCOP_RESTART + * Type: boolean + * Default: FALSE + +This selects whether local IRC operators are permitted to use the +/RESTART command. + +LOCOP_DIE + * Type: boolean + * Default: FALSE + +This selects whether local IRC operators are permitted to use the /DIE +command. + +LOCOP_LGLINE + * Type: boolean + * Default: TRUE + +This selects whether local IRC operators are permitted to issue local +G-lines. + +LOCOP_LJUPE + * Type: boolean + * Default: TRUE + +This selects whether local IRC operators are permitted to issue local +jupes. + +LOCOP_LOPMODE + * Type: boolean + * Default: TRUE + +This selects whether local IRC operators are permitted to use /OPMODE +and /CLEARMODE on local ("&") channels. + +LOCOP_LBADCHAN + * Type: boolean + * Default: FALSE + +This selects whether local IRC operators are permitted to issue local +BADCHANs. USE OF THIS ON THE UNDERNET IS STRICTLY REGULATED BY THE +UNDERNET ADMINISTRATION. + +LOCOP_SET + * Type: boolean + * Default: FALSE + +This selects whether local IRC operators are permitted to use the /SET +command to set various feature values. + +LOCOP_SEE_IN_SECRET_CHANNELS + * Type: boolean + * Default: FALSE + +If you specify "TRUE" here, then your local IRC Operators will be +able to see who is on a specified secret channel, without joining +themselves. This can be used to make a reasonable judgment in the +case of a "channel takeover" being reported, while the channel is set +invite-only. See doc/readme.who for more details. diff --git a/doc/readme.log b/doc/readme.log new file mode 100644 index 0000000..f1ac51f --- /dev/null +++ b/doc/readme.log @@ -0,0 +1,193 @@ +Older versions of ircd had no consistent way of logging various +actions. Some things, such as G-lines, were written out to log files +with names compiled into the server. Others could only be logged +through syslog. Some required that their log files exist beforehand. +For u2.10.11, this situation has changed dramatically. + +All logging in the server is now unified through a single logging +subsystem. Unfortunately, the server still does not generate all the +logs that it could, and some more tuning is in store for the next +major release of ircd. Nevertheless, the logs that are generated are +far more consistent, and those log messages may be sent to a given +file, to syslog, or even to online operators--or any combination of +these three methods. This file is intended to describe configuration +of the logging subsystem. + +All logs are classified by a "subsystem" and a "level." The subsystem +is a major classification; each subsystem may be configured +individually. The level classification is used to indicate how +important the message is; subsystems may be configured to omit log +messages with less than a certain importance--not unlike syslog. + +Levels + +Levels are used to classify the importance of various log messages. +The most important level is the "CRIT" level; the least important is +the "DEBUG" level. Each of the levels is also mapped to a +corresponding syslog level, and some may even force generation of +certain types of server notices. Each importance level is described +below. + + * CRIT - Used for very critical notifications, such as server + termination. This is mapped to the corresponding "CRIT" syslog + priority. This will also generate server notices to the "OLDSNO" + server notice mask. + + * ERROR - Used to report important error conditions. This is mapped + to the corresponding "ERR" syslog priority. + + * WARNING - Used to warn about certain conditions. This is mapped to + the corresponding "WARNING" syslog priority. + + * NOTICE - Used for reporting important information. This is mapped + to the corresponding "NOTICE" syslog priority. + + * TRACE - Used to tracing operation of the server. This is mapped to + the corresponding "INFO" syslog priority. + + * INFO - Used for reporting unimportant but potentially useful + information. This is mapped to the corresponding "INFO" syslog + priority. + + * DEBUG - Used for reporting debugging information. This is mapped + to the corresponding "DEBUG" syslog priority. This will also + generate server notices to the "DEBUG" server notice mask. + +Subsystems + +All of the subsystems are described below, along with their default +logging configuration. There are no default log files to log to, and +the default logging level is INFO (unless the server is compiled with +debugging enabled)--this means that only notices of importance INFO or +higher will be logged. + + * SYSTEM - Used to report information that affects the server as a + whole. By default, log messages to this subsystem go nowhere. + + * CONFIG - Used to report information concerning the configuration + file. By default, log messages to this subsystem go to the default + syslog facility, which defaults to "USER," and to the "OLDSNO" + server notice mask. + + * OPERMODE - Used to report usage of /OPMODE and /CLEARMODE. By + default, log messages to this subsystem go to the "HACK4" server + notice mask. + + * GLINE - Used to report usage of /GLINE, particularly BADCHANs. By + default, log messages to this subsystem go to the "GLINE" server + notice mask. + + * JUPE - Used to report usage of /JUPE. By default, log messages to + this subsystem go to the "NETWORK" server notice mask. + + * WHO - Used to report usage of the extended features of /WHO + (/WHOX). By default, log messages to this subsystem go nowhere. + + * NETWORK - Used to report net junctions and net breaks. By default, + log messages to this subsystem go to the "NETWORK" server notice + mask. + + * OPERKILL - Used to report usage of /KILL by IRC operators. By + default, log messages to this subsystem go nowhere. + + * SERVKILL - Used to report usage of /KILL by other servers. By + default, log messages to this subsystem go nowhere. + + * USER - Used to report user sign-ons and sign-offs. By default, log + messages to this subsystem go nowhere. + + * OPER - Used to report usage of /OPER, either successfully or + unsuccessfully. By default, log messages to this subsystem go to + the "OLDREALOP" server notice mask. + + * RESOLVER - Used to report error messages or other conditions from + the resolver and authentication system. By default, log messages + to this subsystem go nowhere. + + * SOCKET - Used to report problems with sockets. By default, log + messages to this subsystem go nowhere. + + * DEBUG - Used only when debugging is enabled. All log messages to + this subsystem go either to the console or to the debug log file + compiled into the server, as well as to the "DEBUG" server notice + mask. This is the only subsystem with a default log file. + + * OLDLOG - Not used anywhere. This is a left-over from when the + logging subsystem was first created. Log messages to this + subsystem go nowhere. + +Configuration + +The true power of the logging subsystem comes from its extremely +flexible configuration. The default server facility can be +configured, as can the facility for each individual subsystem +described above. Moreover, administrators can configure the server to +log to specific files, send selected log messages to operators +subscribed to any server notice mask, and even change the default log +level for each subsystem. + +The logging subsystem has a set of tables mapping names to the +numerical values used internally. Subsystems, levels, syslog +facilities, and server notice masks are all configured using strings. +These tables even include special strings, such as "DEFAULT" and +"NONE." Each possible configuration piece is described below. + +Default Syslog Facility + +The IRC server has a default facility that it uses when sending log +messages to syslog. The default facility may be overridden for each +individual subsystem, but the default itself can be changed with an +appropriate F-line in the configuration file. The facility normally +defaults to "USER," but may be configured to be any of AUTH, CRON, +DAEMON, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, +LOCAL7, LPR, MAIL, NEWS, USER, or UUCP. Some systems also have the +AUTHPRIV facility. To configure this default, add an F-line to the +configuration file that looks like "F:LOG:"; +should be replaced with the string for the desired default syslog +facility. + +Log Files + +Each subsystem may be configured to send its log messages to any +single log file with an F-line like "F:LOG::FILE:"; + should be replaced with one of the subsystem names described +above, and should be a file name for the log file. The file +name may be relative to the server's data directory ("DPATH"), or it +may be an absolute path name. Note that if you're using chroot, these +absolute path names will be relative to the server's root directory. + +Logging to Syslog + +By default, except for the CONFIG subsystem, no logs are sent to +syslog. This can be overridden using an F-line like +"F:LOG::SYSLOG:"; , as above, should be +replaced with one of the subsystem names described above, and + must be one of the facility strings mentioned under +"Default Syslog Facility." The facility string may also be "NONE," to +turn off syslog for that subsystem, and "DEFAULT," to use the server's +default facility. Please don't confuse a DEFAULT facility with the +default for a particular subsystem; only the CONFIG subsystem defaults +to DEFAULT, whereas all the rest default to NONE. + +Logging via Server Notices + +Log messages can be sent to online IRC operators. Many subsystems +actually default to this behavior, in fact. For security, log +messages containing IP addresses or other extremely sensitive data +will never be sent via server notices, but all others can be sent to a +specific server notice mask. (For more information about server +notice masks, please see doc/snomask.html.) The available mask names +are OLDSNO, SERVKILL, OPERKILL, HACK2, HACK3, UNAUTH, TCPCOMMON, +TOOMANY, HACK4, GLINE, NETWORK, IPMISMATCH, THROTTLE, OLDREALOP, +CONNEXIT, and DEBUG. The special mask name "NONE" inhibits sending of +server notices for a particular subsystem. The F-line for this +configuration looks like "F:LOG::SNOMASK:"; again, + is one of the subsystems described above, and is one +of the mask names. + +Setting Minimum Logging Level + +The minimum log level for a particular subsystem may be set with an +F-line like "F:LOG::LEVEL:"; here, is yet +again one of the subsystems described above, and is one of the +level names, also described above. -- 2.20.1