1 |
/* doc/example.conf.quick - ircd-hybrid-7 Example configuration file |
2 |
* Copyright (C) 2000-2011 Hybrid Development Team |
3 |
* |
4 |
* Written by ejb, wcampbel, db, leeh and others |
5 |
* |
6 |
* $Id$ |
7 |
*/ |
8 |
|
9 |
/* IMPORTANT NOTES: |
10 |
* |
11 |
* auth {} blocks MUST be specified in order of precedence. The first one |
12 |
* that matches a user will be used. So place spoofs first, then specials, |
13 |
* then general access, then restricted. |
14 |
* |
15 |
* Both shell style (#) and C style comments are supported. |
16 |
* |
17 |
* Files may be included by either: |
18 |
* .include "filename" |
19 |
* .include <filename> |
20 |
* |
21 |
* Times/durations are written as: |
22 |
* 12 hours 30 minutes 1 second |
23 |
* |
24 |
* Valid units of time: |
25 |
* month, week, day, hour, minute, second |
26 |
* |
27 |
* Valid units of size: |
28 |
* megabyte/mbyte/mb, kilobyte/kbyte/kb, byte |
29 |
* |
30 |
* Sizes and times may be singular or plural. |
31 |
*/ |
32 |
|
33 |
/* EFNET NOTE: |
34 |
* |
35 |
* This config file is NOT suitable for EFNet. EFNet admins should use |
36 |
* example.efnet.conf |
37 |
*/ |
38 |
|
39 |
serverinfo { |
40 |
name = "hades.arpa"; |
41 |
sid = "_CHANGE_ME_"; |
42 |
description = "hybrid-7 test server"; |
43 |
network_name = "MyNet"; |
44 |
network_desc = "This is My Network"; |
45 |
hub = no; |
46 |
#vhost = "192.169.0.1"; |
47 |
#vhost6 = "3ffe:80e8:546::2"; |
48 |
max_clients = 512; |
49 |
#rsa_private_key_file = "/usr/local/ircd/etc/rsa.key"; |
50 |
#ssl_certificate_file = "/usr/local/ircd/etc/cert.pem"; |
51 |
#ssl_server_method = tlsv1, sslv3; |
52 |
#ssl_client_method = tlsv1; |
53 |
}; |
54 |
|
55 |
/* admin {}: contains admin information about the server. (OLD A:) */ |
56 |
admin { |
57 |
name = "Smurf target"; |
58 |
description = "Main Server Administrator"; |
59 |
email = "<syn@packets.r.us>"; |
60 |
}; |
61 |
|
62 |
/* class {}: contain information about classes for users (OLD Y:) */ |
63 |
class { |
64 |
name = "users"; |
65 |
ping_time = 2 minutes; |
66 |
number_per_ip = 2; |
67 |
max_number = 100; |
68 |
sendq = 100 kbytes; |
69 |
}; |
70 |
|
71 |
class { |
72 |
name = "restricted"; |
73 |
ping_time = 1 minute 30 seconds; |
74 |
number_per_ip = 1; |
75 |
max_number = 100; |
76 |
sendq = 60kb; |
77 |
}; |
78 |
|
79 |
class { |
80 |
name = "opers"; |
81 |
ping_time = 5 minutes; |
82 |
number_per_ip = 10; |
83 |
max_number = 100; |
84 |
sendq = 100kbytes; |
85 |
}; |
86 |
|
87 |
class { |
88 |
name = "server"; |
89 |
ping_time = 5 minutes; |
90 |
ping_warning = 15 seconds; |
91 |
connectfreq = 5 minutes; |
92 |
max_number = 1; |
93 |
sendq=2 megabytes; |
94 |
}; |
95 |
|
96 |
/* listen {}: contain information about the ports ircd listens on (OLD P:) */ |
97 |
listen { |
98 |
port = 6665 .. 6669; |
99 |
|
100 |
flags = ssl; |
101 |
port = 6697; |
102 |
|
103 |
host = "1.2.3.4"; |
104 |
port = 7000, 7001; |
105 |
|
106 |
host = "3ffe:1234:a:b:c::d"; |
107 |
port = 7002; |
108 |
}; |
109 |
|
110 |
/* auth {}: allow users to connect to the ircd (OLD I:) */ |
111 |
auth { |
112 |
user = "*@172.16.0.0/12"; |
113 |
user = "*test@123D:B567:*"; |
114 |
password = "letmein"; |
115 |
flags = need_password, spoof_notice, exceed_limit, kline_exempt, |
116 |
gline_exempt, no_tilde; |
117 |
spoof = "I.still.hate.packets"; |
118 |
class = "opers"; |
119 |
}; |
120 |
|
121 |
auth { |
122 |
redirserv = "irc.fi"; |
123 |
redirport = 6667; |
124 |
user = "*.fi"; |
125 |
class = "users"; |
126 |
}; |
127 |
|
128 |
auth { |
129 |
user = "*@*"; |
130 |
class = "users"; |
131 |
flags = need_ident; |
132 |
}; |
133 |
|
134 |
/* operator {}: defines ircd operators. (OLD O:) |
135 |
* ircd-hybrid no longer supports local operators, privileges are |
136 |
* controlled via flags. |
137 |
*/ |
138 |
operator { |
139 |
name = "god"; |
140 |
user = "*god@*"; |
141 |
user = "*@127.0.0.1"; |
142 |
password = "etcnjl8juSU1E"; |
143 |
encrypted = yes; |
144 |
#rsa_public_key_file = "/usr/local/ircd/etc/oper.pub"; |
145 |
class = "opers"; |
146 |
flags = global_kill, remote, kline, unkline, gline, module, |
147 |
xline, die, rehash, nick_changes, admin; |
148 |
}; |
149 |
|
150 |
/* connect {}: controls servers we connect to (OLD C:, N:, H:, L:) */ |
151 |
connect { |
152 |
name = "irc.uplink.com"; |
153 |
host = "192.168.0.1"; |
154 |
send_password = "password"; |
155 |
accept_password = "anotherpassword"; |
156 |
encrypted = no; |
157 |
port = 6666; |
158 |
hub_mask = "*"; |
159 |
#leaf_mask = "*.uk"; |
160 |
class = "server"; |
161 |
flags = autoconn; |
162 |
}; |
163 |
|
164 |
connect { |
165 |
name = "ipv6.some.server"; |
166 |
host = "3ffd:dead:beef::1"; |
167 |
send_password = "password"; |
168 |
accept_password = "password"; |
169 |
port = 6666; |
170 |
|
171 |
aftype = ipv6; |
172 |
class = "server"; |
173 |
}; |
174 |
|
175 |
/* cluster{}: servers that share klines/unkline/xline/unxline/resv/unresv/locops |
176 |
* automatically (OLD hyb6 SLAVE_SERVERS) |
177 |
*/ |
178 |
cluster { |
179 |
/* name: the server to share with, this can take wildcards */ |
180 |
/* NOTE: only local actions will be clustered, meaning if |
181 |
* the server receives a shared kline/unkline/etc, it |
182 |
* will not be propagated to clustered servers. |
183 |
*/ |
184 |
name = "*.arpa"; |
185 |
|
186 |
/* type: list of what to share, options are as follows: |
187 |
* kline - share klines |
188 |
* unkline - share unklines |
189 |
* xline - share xlines |
190 |
* unxline - share unxlines |
191 |
* resv - share resvs |
192 |
* unresv - share unresvs |
193 |
* locops - share locops |
194 |
* all - share all of the above |
195 |
*/ |
196 |
type = kline, unkline, locops, xline, resv; |
197 |
}; |
198 |
|
199 |
/* shared {}: users that are allowed to remote kline (OLD U:) */ |
200 |
shared { |
201 |
name = "irc2.some.server"; |
202 |
user = "oper@my.host.is.spoofed"; |
203 |
type = all; |
204 |
}; |
205 |
|
206 |
/* kill {}: users that are not allowed to connect (OLD K:) |
207 |
* Oper issued klines will be added to the specified kline config |
208 |
*/ |
209 |
kill { |
210 |
user = "bad@*.hacked.edu"; |
211 |
reason = "Obviously hacked account"; |
212 |
}; |
213 |
|
214 |
/* deny {}: IPs that are not allowed to connect (before DNS/ident lookup) |
215 |
* Oper issued dlines will be added to the specified dline config |
216 |
*/ |
217 |
deny { |
218 |
ip = "10.0.1.0/24"; |
219 |
reason = "Reconnecting vhosted bots"; |
220 |
}; |
221 |
|
222 |
/* exempt {}: IPs that are exempt from deny {} and Dlines. (OLD d:) */ |
223 |
exempt { |
224 |
ip = "192.168.0.0/16"; |
225 |
}; |
226 |
|
227 |
/* resv {}: nicks and channels users may not use/join (OLD Q:) */ |
228 |
resv { |
229 |
nick = "nickserv"; |
230 |
nick = "chanserv"; |
231 |
channel = "#services"; |
232 |
reason = "Clone bots"; |
233 |
nick = "clone*"; |
234 |
}; |
235 |
|
236 |
gecos { |
237 |
name = "*sex*"; |
238 |
reason = "Possible spambot"; |
239 |
}; |
240 |
|
241 |
gecos { |
242 |
name = "sub7server"; |
243 |
reason = "Trojan drone"; |
244 |
}; |
245 |
|
246 |
gecos { |
247 |
name = "*http*"; |
248 |
reason = "Spambot"; |
249 |
}; |
250 |
|
251 |
channel { |
252 |
restrict_channels = no; |
253 |
disable_local_channels = no; |
254 |
use_invex = yes; |
255 |
use_except = yes; |
256 |
use_knock = yes; |
257 |
knock_delay = 5 minutes; |
258 |
knock_delay_channel = 1 minute; |
259 |
burst_topicwho = yes; |
260 |
max_chans_per_user = 15; |
261 |
quiet_on_ban = yes; |
262 |
max_bans = 25; |
263 |
join_flood_count = 16; |
264 |
join_flood_time = 8 seconds; |
265 |
default_split_user_count = 0; |
266 |
default_split_server_count = 0; |
267 |
no_create_on_split = yes; |
268 |
no_join_on_split = no; |
269 |
}; |
270 |
|
271 |
serverhide { |
272 |
flatten_links = no; |
273 |
links_delay = 5 minutes; |
274 |
hidden = no; |
275 |
disable_hidden = no; |
276 |
hide_servers = no; |
277 |
hidden_name = "*.hidden.com"; |
278 |
hide_server_ips = no; |
279 |
}; |
280 |
|
281 |
general { |
282 |
kill_chase_time_limit = 90 seconds; |
283 |
hide_spoof_ips = yes; |
284 |
ignore_bogus_ts = no; |
285 |
|
286 |
disable_auth = no; |
287 |
disable_remote_commands = no; |
288 |
default_floodcount = 10; |
289 |
failed_oper_notice = yes; |
290 |
dots_in_ident=2; |
291 |
min_nonwildcard = 4; |
292 |
min_nonwildcard_simple = 3; |
293 |
max_accept = 20; |
294 |
anti_nick_flood = yes; |
295 |
|
296 |
max_nick_time = 20 seconds; |
297 |
max_nick_changes = 5; |
298 |
|
299 |
anti_spam_exit_message_time = 5 minutes; |
300 |
ts_warn_delta = 30 seconds; |
301 |
ts_max_delta = 5 minutes; |
302 |
|
303 |
kline_with_reason = yes; |
304 |
kline_with_connection_closed = no; |
305 |
reject_hold_time = 0; |
306 |
|
307 |
invisible_on_connect = yes; |
308 |
warn_no_nline = yes; |
309 |
stats_o_oper_only=yes; |
310 |
stats_P_oper_only=no; |
311 |
stats_i_oper_only=masked; |
312 |
stats_k_oper_only=masked; |
313 |
caller_id_wait = 1 minute; |
314 |
pace_wait_simple = 1 second; |
315 |
pace_wait = 10 seconds; |
316 |
short_motd = no; |
317 |
ping_cookie = no; |
318 |
no_oper_flood = yes; |
319 |
true_no_oper_flood = yes; |
320 |
oper_pass_resv = yes; |
321 |
|
322 |
/* REMOVE ME. The following line checks you've been reading. */ |
323 |
havent_read_conf = 1; |
324 |
|
325 |
max_targets = 4; |
326 |
client_flood = 2560; |
327 |
message_locale = "standard"; |
328 |
oper_only_umodes = bots, cconn, debug, full, skill, nchange, |
329 |
rej, spy, external, operwall, locops, unauth; |
330 |
|
331 |
oper_umodes = bots, locops, servnotice, operwall, wallop; |
332 |
|
333 |
|
334 |
#use_egd = yes; |
335 |
#egdpool_path = "/var/run/egd-pool"; |
336 |
throttle_time = 10; |
337 |
}; |
338 |
|
339 |
glines { |
340 |
enable = yes; |
341 |
duration = 1 day; |
342 |
log = reject; |
343 |
|
344 |
user = "god@I.still.hate.packets"; |
345 |
name = "hades.arpa"; |
346 |
action = reject, block; |
347 |
|
348 |
user = "god@*"; |
349 |
name = "*"; |
350 |
action = block; |
351 |
}; |
352 |
|
353 |
modules { |
354 |
path = "/usr/local/ircd/lib/ircd-hybrid/modules"; |
355 |
path = "/usr/local/ircd/lib/ircd-hybrid/modules/autoload"; |
356 |
#module = "some_module.so"; |
357 |
}; |
358 |
|
359 |
/* |
360 |
* log {}: contains information about logfiles. |
361 |
*/ |
362 |
log { |
363 |
/* Do you want to enable logging to ircd.log? */ |
364 |
use_logging = yes; |
365 |
|
366 |
file { |
367 |
type = oper; |
368 |
name = "/home/ircd/var/log/oper.log"; |
369 |
size = unlimited; |
370 |
}; |
371 |
|
372 |
file { |
373 |
type = user; |
374 |
name = "/home/ircd/var/log/user.log"; |
375 |
size = 50 megabytes; |
376 |
}; |
377 |
|
378 |
file { |
379 |
type = kill; |
380 |
name = "/home/ircd/var/log/kill.log"; |
381 |
size = 50 megabytes; |
382 |
}; |
383 |
|
384 |
file { |
385 |
type = kline; |
386 |
name = "/home/ircd/var/log/kline.log"; |
387 |
size = 50 megabytes; |
388 |
}; |
389 |
|
390 |
file { |
391 |
type = dline; |
392 |
name = "/home/ircd/var/log/dline.log"; |
393 |
size = 50 megabytes; |
394 |
}; |
395 |
|
396 |
file { |
397 |
type = gline; |
398 |
name = "/home/ircd/var/log/gline.log"; |
399 |
size = 50 megabytes; |
400 |
}; |
401 |
|
402 |
file { |
403 |
type = debug; |
404 |
name = "/home/ircd/var/log/debug.log"; |
405 |
size = 50 megabytes; |
406 |
}; |
407 |
}; |