1 |
Server Hide Reference |
2 |
|
3 |
$Id$ |
4 |
|
5 |
Copyright (c) 2001 by ircd-hybrid team |
6 |
|
7 |
---------------------------------------------------------------------- |
8 |
|
9 |
Due to pressures from abusers, the Hybrid developers have created a set of |
10 |
options to limit what users can and cannot do on the server. Each option |
11 |
can be enabled or disabled at runtime. |
12 |
|
13 |
This document describes the Hybrid 7 implementation of the server hiding |
14 |
ideas originated by (and credited to) numerous people. |
15 |
|
16 |
* LINKS as a file: This option is always enabled. It will generate a |
17 |
file at a certain interval, defined by the links_delay in ircd.conf, |
18 |
that contains the current LINKS data. This data is sent to users |
19 |
whenever a LINKS is requested. Opers will always see the current |
20 |
server structure. |
21 |
|
22 |
The file that the LINKS data is stored in is by default etc/links.txt. |
23 |
|
24 |
The benefits of this are that transient splits will not be seen by |
25 |
users issuing LINKS commands, and if a server is split, users can |
26 |
still see what other servers are normally available. |
27 |
|
28 |
* Flattened LINKS: This option forces every server to look as if it is |
29 |
connected to the local server. Users will see a flat LINKS tree. |
30 |
|
31 |
The benefit to using LINKS flattening is that users cannot get |
32 |
information on how servers are routed. |
33 |
|
34 |
The flatten_links in the serverhide {} block in the ircd.conf controls |
35 |
this feature. |
36 |
|
37 |
As a side effect, all netsplit quit messages will appear to originate |
38 |
from the local server. |
39 |
|
40 |
+--------------------------------------------------------------------+ |
41 |
| Flattened LINKS is needed for any network that uses the hidden hub | |
42 |
| option. See below for more details. | |
43 |
+--------------------------------------------------------------------+ |
44 |
|
45 |
|
46 |
|
47 |
* Hidden server option: This option will hide the server from a |
48 |
flattened LINKS list on other servers. Opers will of course see the |
49 |
true routing of the network. |
50 |
|
51 |
This is controlled by the hidden option in ircd.conf. |
52 |
|
53 |
+--------------------------------------------------------------------+ |
54 |
| Technically, this code is a hack. With this option enabled, the | |
55 |
| server will prepend '(H) ' to the server info field when | |
56 |
| connecting to other servers. Other servers must understand that | |
57 |
| the (H) means hidden. | |
58 |
+--------------------------------------------------------------------+ |
59 |
|
60 |
* The allow_hidden option is needed to allow servers to use the hidden |
61 |
server option described above. |
62 |
|
63 |
* The hide_servers option forces the server to not be shown when a user |
64 |
issues WHOIS and other commands which may show what server a user is |
65 |
on. |
66 |
|
67 |
Local user counts, as normally displayed in LUSERS, USERS, and the 255 |
68 |
numeric, will be shown with the same values as the global counts. |
69 |
Displaying it this way will help protect servers and avoid breaking |
70 |
scripts that depend on the 265 and 266 numerics on connect. |
71 |
|
72 |
To be effective, this option must be used network wide. |
73 |
|
74 |
* The disable_remote_commands option takes care of most of the remaining |
75 |
issues. These include, for example, ADMIN some.hub.server, VERSION |
76 |
someuser, and similar commands. A server with this option enabled will |
77 |
only prevent local users from issuing remote commands. Remote users |
78 |
will not be affected. |
79 |
|
80 |
Remote WHOIS is not blocked. It is, however, restricted to only |
81 |
querying WHOIS nick nick. The ircd will disregard the server parameter |
82 |
and always use queried nick. |
83 |
|
84 |
* All server modes appear to originate from the server you are using. |
85 |
This feature is not tunable; and opers also do not see the real server |
86 |
setting the mode. |
87 |
|
88 |
Each item is briefly described in the serverhide {} block in ircd.conf. |
89 |
|
90 |
---------------------------------------------------------------------- |
91 |
|
92 |
Using Non-QS Compliant Hubs |
93 |
|
94 |
The flattened LINKS option will, as a side effect, display all user QUIT's |
95 |
due to network splits in the following format: |
96 |
|
97 |
:user QUIT :*.net *.split |
98 |
|
99 |
This works extremely well as long as all servers on your network are |
100 |
compliant with the QS capability, which sends a single SQUIT to the |
101 |
network when a server (or tree of servers) splits. All quit messages are |
102 |
generated on the local server. Certain older servers do not have this |
103 |
ability, and as such will generate their own quit messages for users who |
104 |
left because of the split. This can cause leaks in the hub server names |
105 |
and the structure of the network. |
106 |
|
107 |
A quick example is the following network structure: |
108 |
|
109 |
servA(Hyb7) --- hubA(nonQS) --- servB(not-important) |
110 |
|
111 |
When servB splits from hubA, hubA will generate a QUIT command for every |
112 |
user on servB (and anything behind servB). Since the QUIT message was not |
113 |
created on your server, with server hiding enabled, the QUIT message will |
114 |
contain the real server names. |
115 |
|
116 |
The only way to prevent this leak on a network is to only use hubs |
117 |
supporting the QS capability. Hybrid 6, Hybrid 7, and csircd all are |
118 |
currently running daemons that support QS. Hybrid 5 and 2.8.21+CSr servers |
119 |
do not support QS, and will leak server names (and therefore routing |
120 |
information) on splits. |