1 |
/* doc/example.conf.quick - ircd-hybrid-7 Example configuration file |
2 |
* Copyright (C) 2000-2011 Hybrid Development Team |
3 |
* |
4 |
* Written by ejb, wcampbel, db, leeh and others |
5 |
* |
6 |
* $Id$ |
7 |
*/ |
8 |
|
9 |
/* IMPORTANT NOTES: |
10 |
* |
11 |
* auth {} blocks MUST be specified in order of precedence. The first one |
12 |
* that matches a user will be used. So place spoofs first, then specials, |
13 |
* then general access, then restricted. |
14 |
* |
15 |
* Both shell style (#) and C style comments are supported. |
16 |
* |
17 |
* Files may be included by either: |
18 |
* .include "filename" |
19 |
* .include <filename> |
20 |
* |
21 |
* Times/durations are written as: |
22 |
* 12 hours 30 minutes 1 second |
23 |
* |
24 |
* Valid units of time: |
25 |
* month, week, day, hour, minute, second |
26 |
* |
27 |
* Valid units of size: |
28 |
* megabyte/mbyte/mb, kilobyte/kbyte/kb, byte |
29 |
* |
30 |
* Sizes and times may be singular or plural. |
31 |
*/ |
32 |
|
33 |
/* EFNET NOTE: |
34 |
* |
35 |
* This config file is NOT suitable for EFNet. EFNet admins should use |
36 |
* example.efnet.conf |
37 |
*/ |
38 |
|
39 |
serverinfo { |
40 |
name = "hades.arpa"; |
41 |
sid = "_CHANGE_ME_"; |
42 |
description = "hybrid-7 test server"; |
43 |
network_name = "MyNet"; |
44 |
network_desc = "This is My Network"; |
45 |
hub = no; |
46 |
#vhost = "192.169.0.1"; |
47 |
#vhost6 = "3ffe:80e8:546::2"; |
48 |
max_clients = 512; |
49 |
#rsa_private_key_file = "/usr/local/ircd/etc/rsa.key"; |
50 |
#ssl_certificate_file = "/usr/local/ircd/etc/cert.pem"; |
51 |
}; |
52 |
|
53 |
/* admin {}: contains admin information about the server. (OLD A:) */ |
54 |
admin { |
55 |
name = "Smurf target"; |
56 |
description = "Main Server Administrator"; |
57 |
email = "<syn@packets.r.us>"; |
58 |
}; |
59 |
|
60 |
/* logging {}: contains information about logfiles. */ |
61 |
logging { |
62 |
use_logging = yes; |
63 |
fuserlog = "logs/userlog"; |
64 |
foperlog = "logs/operlog"; |
65 |
ffailed_operlog = "logs/foperlog"; |
66 |
log_level = L_INFO; |
67 |
}; |
68 |
|
69 |
/* class {}: contain information about classes for users (OLD Y:) */ |
70 |
class { |
71 |
name = "users"; |
72 |
ping_time = 2 minutes; |
73 |
number_per_ip = 2; |
74 |
max_number = 100; |
75 |
sendq = 100 kbytes; |
76 |
}; |
77 |
|
78 |
class { |
79 |
name = "restricted"; |
80 |
ping_time = 1 minute 30 seconds; |
81 |
number_per_ip = 1; |
82 |
max_number = 100; |
83 |
sendq = 60kb; |
84 |
}; |
85 |
|
86 |
class { |
87 |
name = "opers"; |
88 |
ping_time = 5 minutes; |
89 |
number_per_ip = 10; |
90 |
max_number = 100; |
91 |
sendq = 100kbytes; |
92 |
}; |
93 |
|
94 |
class { |
95 |
name = "server"; |
96 |
ping_time = 5 minutes; |
97 |
ping_warning = 15 seconds; |
98 |
connectfreq = 5 minutes; |
99 |
max_number = 1; |
100 |
sendq=2 megabytes; |
101 |
}; |
102 |
|
103 |
/* listen {}: contain information about the ports ircd listens on (OLD P:) */ |
104 |
listen { |
105 |
port = 6665 .. 6669; |
106 |
|
107 |
flags = ssl; |
108 |
port = 6697; |
109 |
|
110 |
host = "1.2.3.4"; |
111 |
port = 7000, 7001; |
112 |
|
113 |
host = "3ffe:1234:a:b:c::d"; |
114 |
port = 7002; |
115 |
}; |
116 |
|
117 |
/* auth {}: allow users to connect to the ircd (OLD I:) */ |
118 |
auth { |
119 |
user = "*@172.16.0.0/12"; |
120 |
user = "*test@123D:B567:*"; |
121 |
password = "letmein"; |
122 |
flags = need_password, spoof_notice, exceed_limit, kline_exempt, |
123 |
gline_exempt, no_tilde; |
124 |
spoof = "I.still.hate.packets"; |
125 |
class = "opers"; |
126 |
}; |
127 |
|
128 |
auth { |
129 |
redirserv = "irc.fi"; |
130 |
redirport = 6667; |
131 |
user = "*.fi"; |
132 |
class = "users"; |
133 |
}; |
134 |
|
135 |
auth { |
136 |
user = "*@*"; |
137 |
class = "users"; |
138 |
flags = need_ident; |
139 |
}; |
140 |
|
141 |
/* operator {}: defines ircd operators. (OLD O:) |
142 |
* ircd-hybrid no longer supports local operators, privileges are |
143 |
* controlled via flags. |
144 |
*/ |
145 |
operator { |
146 |
name = "god"; |
147 |
user = "*god@*"; |
148 |
user = "*@127.0.0.1"; |
149 |
password = "etcnjl8juSU1E"; |
150 |
encrypted = yes; |
151 |
#rsa_public_key_file = "/usr/local/ircd/etc/oper.pub"; |
152 |
class = "opers"; |
153 |
flags = global_kill, remote, kline, unkline, gline, |
154 |
xline, die, rehash, nick_changes, admin; |
155 |
}; |
156 |
|
157 |
/* connect {}: controls servers we connect to (OLD C:, N:, H:, L:) */ |
158 |
connect { |
159 |
name = "irc.uplink.com"; |
160 |
host = "192.168.0.1"; |
161 |
send_password = "password"; |
162 |
accept_password = "anotherpassword"; |
163 |
encrypted = no; |
164 |
port = 6666; |
165 |
hub_mask = "*"; |
166 |
#leaf_mask = "*.uk"; |
167 |
class = "server"; |
168 |
flags = autoconn; |
169 |
}; |
170 |
|
171 |
connect { |
172 |
name = "encrypted.auth.example"; |
173 |
host = "some.host.somewhere"; |
174 |
port = 6667; |
175 |
|
176 |
flags = cryptlink; |
177 |
rsa_public_key_file = "etc/remote.server.keyfile"; |
178 |
#cipher_preference = "BF/168"; |
179 |
}; |
180 |
|
181 |
connect { |
182 |
name = "ipv6.some.server"; |
183 |
host = "3ffd:dead:beef::1"; |
184 |
send_password = "password"; |
185 |
accept_password = "password"; |
186 |
port = 6666; |
187 |
|
188 |
aftype = ipv6; |
189 |
class = "server"; |
190 |
}; |
191 |
|
192 |
/* cluster{}: servers that share klines/unkline/xline/unxline/resv/unresv/locops |
193 |
* automatically (OLD hyb6 SLAVE_SERVERS) |
194 |
*/ |
195 |
cluster { |
196 |
/* name: the server to share with, this can take wildcards */ |
197 |
/* NOTE: only local actions will be clustered, meaning if |
198 |
* the server receives a shared kline/unkline/etc, it |
199 |
* will not be propagated to clustered servers. |
200 |
*/ |
201 |
name = "*.arpa"; |
202 |
|
203 |
/* type: list of what to share, options are as follows: |
204 |
* kline - share klines |
205 |
* unkline - share unklines |
206 |
* xline - share xlines |
207 |
* unxline - share unxlines |
208 |
* resv - share resvs |
209 |
* unresv - share unresvs |
210 |
* locops - share locops |
211 |
* all - share all of the above |
212 |
*/ |
213 |
type = kline, unkline, locops, xline, resv; |
214 |
}; |
215 |
|
216 |
/* shared {}: users that are allowed to remote kline (OLD U:) */ |
217 |
shared { |
218 |
name = "irc2.some.server"; |
219 |
user = "oper@my.host.is.spoofed"; |
220 |
type = all; |
221 |
}; |
222 |
|
223 |
/* kill {}: users that are not allowed to connect (OLD K:) |
224 |
* Oper issued klines will be added to the specified kline config |
225 |
*/ |
226 |
kill { |
227 |
user = "bad@*.hacked.edu"; |
228 |
reason = "Obviously hacked account"; |
229 |
}; |
230 |
|
231 |
/* deny {}: IPs that are not allowed to connect (before DNS/ident lookup) |
232 |
* Oper issued dlines will be added to the specified dline config |
233 |
*/ |
234 |
deny { |
235 |
ip = "10.0.1.0/24"; |
236 |
reason = "Reconnecting vhosted bots"; |
237 |
}; |
238 |
|
239 |
/* exempt {}: IPs that are exempt from deny {} and Dlines. (OLD d:) */ |
240 |
exempt { |
241 |
ip = "192.168.0.0/16"; |
242 |
}; |
243 |
|
244 |
/* resv {}: nicks and channels users may not use/join (OLD Q:) */ |
245 |
resv { |
246 |
nick = "nickserv"; |
247 |
nick = "chanserv"; |
248 |
channel = "#services"; |
249 |
reason = "Clone bots"; |
250 |
nick = "clone*"; |
251 |
}; |
252 |
|
253 |
gecos { |
254 |
name = "*sex*"; |
255 |
reason = "Possible spambot"; |
256 |
}; |
257 |
|
258 |
gecos { |
259 |
name = "sub7server"; |
260 |
reason = "Trojan drone"; |
261 |
}; |
262 |
|
263 |
gecos { |
264 |
name = "*http*"; |
265 |
reason = "Spambot"; |
266 |
}; |
267 |
|
268 |
channel { |
269 |
restrict_channels = no; |
270 |
disable_local_channels = no; |
271 |
use_invex = yes; |
272 |
use_except = yes; |
273 |
use_knock = yes; |
274 |
knock_delay = 5 minutes; |
275 |
knock_delay_channel = 1 minute; |
276 |
burst_topicwho = yes; |
277 |
max_chans_per_user = 15; |
278 |
quiet_on_ban = yes; |
279 |
max_bans = 25; |
280 |
join_flood_count = 16; |
281 |
join_flood_time = 8 seconds; |
282 |
default_split_user_count = 0; |
283 |
default_split_server_count = 0; |
284 |
no_create_on_split = yes; |
285 |
no_join_on_split = no; |
286 |
}; |
287 |
|
288 |
serverhide { |
289 |
flatten_links = no; |
290 |
links_delay = 5 minutes; |
291 |
hidden = no; |
292 |
disable_hidden = no; |
293 |
hide_servers = no; |
294 |
hidden_name = "*.hidden.com"; |
295 |
hide_server_ips = no; |
296 |
}; |
297 |
|
298 |
general { |
299 |
kill_chase_time_limit = 90 seconds; |
300 |
hide_spoof_ips = yes; |
301 |
ignore_bogus_ts = no; |
302 |
|
303 |
disable_auth = no; |
304 |
disable_remote_commands = no; |
305 |
default_floodcount = 10; |
306 |
failed_oper_notice = yes; |
307 |
dots_in_ident=2; |
308 |
min_nonwildcard = 4; |
309 |
min_nonwildcard_simple = 3; |
310 |
max_accept = 20; |
311 |
anti_nick_flood = yes; |
312 |
|
313 |
max_nick_time = 20 seconds; |
314 |
max_nick_changes = 5; |
315 |
|
316 |
anti_spam_exit_message_time = 5 minutes; |
317 |
ts_warn_delta = 30 seconds; |
318 |
ts_max_delta = 5 minutes; |
319 |
|
320 |
kline_with_reason = yes; |
321 |
kline_with_connection_closed = no; |
322 |
reject_hold_time = 0; |
323 |
|
324 |
invisible_on_connect = yes; |
325 |
warn_no_nline = yes; |
326 |
stats_o_oper_only=yes; |
327 |
stats_P_oper_only=no; |
328 |
stats_i_oper_only=masked; |
329 |
stats_k_oper_only=masked; |
330 |
caller_id_wait = 1 minute; |
331 |
pace_wait_simple = 1 second; |
332 |
pace_wait = 10 seconds; |
333 |
short_motd = no; |
334 |
ping_cookie = no; |
335 |
no_oper_flood = yes; |
336 |
true_no_oper_flood = yes; |
337 |
oper_pass_resv = yes; |
338 |
idletime = 0; |
339 |
/* REMOVE ME. The following line checks you've been reading. */ |
340 |
havent_read_conf = 1; |
341 |
|
342 |
max_targets = 4; |
343 |
client_flood = 2560; |
344 |
message_locale = "standard"; |
345 |
oper_only_umodes = bots, cconn, debug, full, skill, nchange, |
346 |
rej, spy, external, operwall, locops, unauth; |
347 |
|
348 |
oper_umodes = bots, locops, servnotice, operwall, wallop; |
349 |
|
350 |
|
351 |
#servlink_path = "/usr/local/ircd/bin/servlink"; |
352 |
#default_cipher_preference = "BF/168"; |
353 |
#use_egd = yes; |
354 |
#egdpool_path = "/var/run/egd-pool"; |
355 |
#compression_level = 6; |
356 |
throttle_time = 10; |
357 |
}; |
358 |
|
359 |
glines { |
360 |
enable = yes; |
361 |
duration = 1 day; |
362 |
logging = reject; |
363 |
|
364 |
user = "god@I.still.hate.packets"; |
365 |
name = "hades.arpa"; |
366 |
action = reject, block; |
367 |
|
368 |
user = "god@*"; |
369 |
name = "*"; |
370 |
action = block; |
371 |
}; |
372 |
|
373 |
modules { |
374 |
path = "/usr/local/ircd/lib/ircd-hybrid/modules"; |
375 |
path = "/usr/local/ircd/lib/ircd-hybrid/modules/autoload"; |
376 |
#module = "some_module.so"; |
377 |
}; |