1 |
/* doc/example.conf.quick - ircd-hybrid-7 Example configuration file |
2 |
* Copyright (C) 2000-2011 Hybrid Development Team |
3 |
* |
4 |
* Written by ejb, wcampbel, db, leeh and others |
5 |
* |
6 |
* $Id$ |
7 |
*/ |
8 |
|
9 |
/* IMPORTANT NOTES: |
10 |
* |
11 |
* auth {} blocks MUST be specified in order of precedence. The first one |
12 |
* that matches a user will be used. So place spoofs first, then specials, |
13 |
* then general access, then restricted. |
14 |
* |
15 |
* Both shell style (#) and C style comments are supported. |
16 |
* |
17 |
* Files may be included by either: |
18 |
* .include "filename" |
19 |
* .include <filename> |
20 |
* |
21 |
* Times/durations are written as: |
22 |
* 12 hours 30 minutes 1 second |
23 |
* |
24 |
* Valid units of time: |
25 |
* month, week, day, hour, minute, second |
26 |
* |
27 |
* Valid units of size: |
28 |
* megabyte/mbyte/mb, kilobyte/kbyte/kb, byte |
29 |
* |
30 |
* Sizes and times may be singular or plural. |
31 |
*/ |
32 |
|
33 |
/* EFNET NOTE: |
34 |
* |
35 |
* This config file is NOT suitable for EFNet. EFNet admins should use |
36 |
* example.efnet.conf |
37 |
*/ |
38 |
|
39 |
serverinfo { |
40 |
name = "hades.arpa"; |
41 |
sid = "_CHANGE_ME_"; |
42 |
description = "hybrid-7 test server"; |
43 |
network_name = "MyNet"; |
44 |
network_desc = "This is My Network"; |
45 |
hub = no; |
46 |
#vhost = "192.169.0.1"; |
47 |
#vhost6 = "3ffe:80e8:546::2"; |
48 |
max_clients = 512; |
49 |
#rsa_private_key_file = "/usr/local/ircd/etc/rsa.key"; |
50 |
#ssl_certificate_file = "/usr/local/ircd/etc/cert.pem"; |
51 |
}; |
52 |
|
53 |
/* admin {}: contains admin information about the server. (OLD A:) */ |
54 |
admin { |
55 |
name = "Smurf target"; |
56 |
description = "Main Server Administrator"; |
57 |
email = "<syn@packets.r.us>"; |
58 |
}; |
59 |
|
60 |
/* class {}: contain information about classes for users (OLD Y:) */ |
61 |
class { |
62 |
name = "users"; |
63 |
ping_time = 2 minutes; |
64 |
number_per_ip = 2; |
65 |
max_number = 100; |
66 |
sendq = 100 kbytes; |
67 |
}; |
68 |
|
69 |
class { |
70 |
name = "restricted"; |
71 |
ping_time = 1 minute 30 seconds; |
72 |
number_per_ip = 1; |
73 |
max_number = 100; |
74 |
sendq = 60kb; |
75 |
}; |
76 |
|
77 |
class { |
78 |
name = "opers"; |
79 |
ping_time = 5 minutes; |
80 |
number_per_ip = 10; |
81 |
max_number = 100; |
82 |
sendq = 100kbytes; |
83 |
}; |
84 |
|
85 |
class { |
86 |
name = "server"; |
87 |
ping_time = 5 minutes; |
88 |
ping_warning = 15 seconds; |
89 |
connectfreq = 5 minutes; |
90 |
max_number = 1; |
91 |
sendq=2 megabytes; |
92 |
}; |
93 |
|
94 |
/* listen {}: contain information about the ports ircd listens on (OLD P:) */ |
95 |
listen { |
96 |
port = 6665 .. 6669; |
97 |
|
98 |
flags = ssl; |
99 |
port = 6697; |
100 |
|
101 |
host = "1.2.3.4"; |
102 |
port = 7000, 7001; |
103 |
|
104 |
host = "3ffe:1234:a:b:c::d"; |
105 |
port = 7002; |
106 |
}; |
107 |
|
108 |
/* auth {}: allow users to connect to the ircd (OLD I:) */ |
109 |
auth { |
110 |
user = "*@172.16.0.0/12"; |
111 |
user = "*test@123D:B567:*"; |
112 |
password = "letmein"; |
113 |
flags = need_password, spoof_notice, exceed_limit, kline_exempt, |
114 |
gline_exempt, no_tilde; |
115 |
spoof = "I.still.hate.packets"; |
116 |
class = "opers"; |
117 |
}; |
118 |
|
119 |
auth { |
120 |
redirserv = "irc.fi"; |
121 |
redirport = 6667; |
122 |
user = "*.fi"; |
123 |
class = "users"; |
124 |
}; |
125 |
|
126 |
auth { |
127 |
user = "*@*"; |
128 |
class = "users"; |
129 |
flags = need_ident; |
130 |
}; |
131 |
|
132 |
/* operator {}: defines ircd operators. (OLD O:) |
133 |
* ircd-hybrid no longer supports local operators, privileges are |
134 |
* controlled via flags. |
135 |
*/ |
136 |
operator { |
137 |
name = "god"; |
138 |
user = "*god@*"; |
139 |
user = "*@127.0.0.1"; |
140 |
password = "etcnjl8juSU1E"; |
141 |
encrypted = yes; |
142 |
#rsa_public_key_file = "/usr/local/ircd/etc/oper.pub"; |
143 |
class = "opers"; |
144 |
flags = global_kill, remote, kline, unkline, gline, module, |
145 |
xline, die, rehash, nick_changes, admin; |
146 |
}; |
147 |
|
148 |
/* connect {}: controls servers we connect to (OLD C:, N:, H:, L:) */ |
149 |
connect { |
150 |
name = "irc.uplink.com"; |
151 |
host = "192.168.0.1"; |
152 |
send_password = "password"; |
153 |
accept_password = "anotherpassword"; |
154 |
encrypted = no; |
155 |
port = 6666; |
156 |
hub_mask = "*"; |
157 |
#leaf_mask = "*.uk"; |
158 |
class = "server"; |
159 |
flags = autoconn; |
160 |
}; |
161 |
|
162 |
connect { |
163 |
name = "ipv6.some.server"; |
164 |
host = "3ffd:dead:beef::1"; |
165 |
send_password = "password"; |
166 |
accept_password = "password"; |
167 |
port = 6666; |
168 |
|
169 |
aftype = ipv6; |
170 |
class = "server"; |
171 |
}; |
172 |
|
173 |
/* cluster{}: servers that share klines/unkline/xline/unxline/resv/unresv/locops |
174 |
* automatically (OLD hyb6 SLAVE_SERVERS) |
175 |
*/ |
176 |
cluster { |
177 |
/* name: the server to share with, this can take wildcards */ |
178 |
/* NOTE: only local actions will be clustered, meaning if |
179 |
* the server receives a shared kline/unkline/etc, it |
180 |
* will not be propagated to clustered servers. |
181 |
*/ |
182 |
name = "*.arpa"; |
183 |
|
184 |
/* type: list of what to share, options are as follows: |
185 |
* kline - share klines |
186 |
* unkline - share unklines |
187 |
* xline - share xlines |
188 |
* unxline - share unxlines |
189 |
* resv - share resvs |
190 |
* unresv - share unresvs |
191 |
* locops - share locops |
192 |
* all - share all of the above |
193 |
*/ |
194 |
type = kline, unkline, locops, xline, resv; |
195 |
}; |
196 |
|
197 |
/* shared {}: users that are allowed to remote kline (OLD U:) */ |
198 |
shared { |
199 |
name = "irc2.some.server"; |
200 |
user = "oper@my.host.is.spoofed"; |
201 |
type = all; |
202 |
}; |
203 |
|
204 |
/* kill {}: users that are not allowed to connect (OLD K:) |
205 |
* Oper issued klines will be added to the specified kline config |
206 |
*/ |
207 |
kill { |
208 |
user = "bad@*.hacked.edu"; |
209 |
reason = "Obviously hacked account"; |
210 |
}; |
211 |
|
212 |
/* deny {}: IPs that are not allowed to connect (before DNS/ident lookup) |
213 |
* Oper issued dlines will be added to the specified dline config |
214 |
*/ |
215 |
deny { |
216 |
ip = "10.0.1.0/24"; |
217 |
reason = "Reconnecting vhosted bots"; |
218 |
}; |
219 |
|
220 |
/* exempt {}: IPs that are exempt from deny {} and Dlines. (OLD d:) */ |
221 |
exempt { |
222 |
ip = "192.168.0.0/16"; |
223 |
}; |
224 |
|
225 |
/* resv {}: nicks and channels users may not use/join (OLD Q:) */ |
226 |
resv { |
227 |
nick = "nickserv"; |
228 |
nick = "chanserv"; |
229 |
channel = "#services"; |
230 |
reason = "Clone bots"; |
231 |
nick = "clone*"; |
232 |
}; |
233 |
|
234 |
gecos { |
235 |
name = "*sex*"; |
236 |
reason = "Possible spambot"; |
237 |
}; |
238 |
|
239 |
gecos { |
240 |
name = "sub7server"; |
241 |
reason = "Trojan drone"; |
242 |
}; |
243 |
|
244 |
gecos { |
245 |
name = "*http*"; |
246 |
reason = "Spambot"; |
247 |
}; |
248 |
|
249 |
channel { |
250 |
restrict_channels = no; |
251 |
disable_local_channels = no; |
252 |
use_invex = yes; |
253 |
use_except = yes; |
254 |
use_knock = yes; |
255 |
knock_delay = 5 minutes; |
256 |
knock_delay_channel = 1 minute; |
257 |
burst_topicwho = yes; |
258 |
max_chans_per_user = 15; |
259 |
quiet_on_ban = yes; |
260 |
max_bans = 25; |
261 |
join_flood_count = 16; |
262 |
join_flood_time = 8 seconds; |
263 |
default_split_user_count = 0; |
264 |
default_split_server_count = 0; |
265 |
no_create_on_split = yes; |
266 |
no_join_on_split = no; |
267 |
}; |
268 |
|
269 |
serverhide { |
270 |
flatten_links = no; |
271 |
links_delay = 5 minutes; |
272 |
hidden = no; |
273 |
disable_hidden = no; |
274 |
hide_servers = no; |
275 |
hidden_name = "*.hidden.com"; |
276 |
hide_server_ips = no; |
277 |
}; |
278 |
|
279 |
general { |
280 |
kill_chase_time_limit = 90 seconds; |
281 |
hide_spoof_ips = yes; |
282 |
ignore_bogus_ts = no; |
283 |
|
284 |
disable_auth = no; |
285 |
disable_remote_commands = no; |
286 |
default_floodcount = 10; |
287 |
failed_oper_notice = yes; |
288 |
dots_in_ident=2; |
289 |
min_nonwildcard = 4; |
290 |
min_nonwildcard_simple = 3; |
291 |
max_accept = 20; |
292 |
anti_nick_flood = yes; |
293 |
|
294 |
max_nick_time = 20 seconds; |
295 |
max_nick_changes = 5; |
296 |
|
297 |
anti_spam_exit_message_time = 5 minutes; |
298 |
ts_warn_delta = 30 seconds; |
299 |
ts_max_delta = 5 minutes; |
300 |
|
301 |
kline_with_reason = yes; |
302 |
kline_with_connection_closed = no; |
303 |
reject_hold_time = 0; |
304 |
|
305 |
invisible_on_connect = yes; |
306 |
warn_no_nline = yes; |
307 |
stats_o_oper_only=yes; |
308 |
stats_P_oper_only=no; |
309 |
stats_i_oper_only=masked; |
310 |
stats_k_oper_only=masked; |
311 |
caller_id_wait = 1 minute; |
312 |
pace_wait_simple = 1 second; |
313 |
pace_wait = 10 seconds; |
314 |
short_motd = no; |
315 |
ping_cookie = no; |
316 |
no_oper_flood = yes; |
317 |
true_no_oper_flood = yes; |
318 |
oper_pass_resv = yes; |
319 |
|
320 |
/* REMOVE ME. The following line checks you've been reading. */ |
321 |
havent_read_conf = 1; |
322 |
|
323 |
max_targets = 4; |
324 |
client_flood = 2560; |
325 |
message_locale = "standard"; |
326 |
oper_only_umodes = bots, cconn, debug, full, skill, nchange, |
327 |
rej, spy, external, operwall, locops, unauth; |
328 |
|
329 |
oper_umodes = bots, locops, servnotice, operwall, wallop; |
330 |
|
331 |
|
332 |
#use_egd = yes; |
333 |
#egdpool_path = "/var/run/egd-pool"; |
334 |
throttle_time = 10; |
335 |
}; |
336 |
|
337 |
glines { |
338 |
enable = yes; |
339 |
duration = 1 day; |
340 |
log = reject; |
341 |
|
342 |
user = "god@I.still.hate.packets"; |
343 |
name = "hades.arpa"; |
344 |
action = reject, block; |
345 |
|
346 |
user = "god@*"; |
347 |
name = "*"; |
348 |
action = block; |
349 |
}; |
350 |
|
351 |
modules { |
352 |
path = "/usr/local/ircd/lib/ircd-hybrid/modules"; |
353 |
path = "/usr/local/ircd/lib/ircd-hybrid/modules/autoload"; |
354 |
#module = "some_module.so"; |
355 |
}; |
356 |
|
357 |
/* |
358 |
* log {}: contains information about logfiles. |
359 |
*/ |
360 |
log { |
361 |
/* Do you want to enable logging to ircd.log? */ |
362 |
use_logging = yes; |
363 |
timestamp = yes; |
364 |
|
365 |
file { |
366 |
type = oper; |
367 |
name = "/home/ircd/var/log/oper.log"; |
368 |
size = unlimited; |
369 |
}; |
370 |
|
371 |
file { |
372 |
type = user; |
373 |
name = "/home/ircd/var/log/user.log"; |
374 |
size = 50 megabytes; |
375 |
}; |
376 |
|
377 |
file { |
378 |
type = kill; |
379 |
name = "/home/ircd/var/log/kill.log"; |
380 |
size = 50 megabytes; |
381 |
}; |
382 |
|
383 |
file { |
384 |
type = kline; |
385 |
name = "/home/ircd/var/log/kline.log"; |
386 |
size = 50 megabytes; |
387 |
}; |
388 |
|
389 |
file { |
390 |
type = dline; |
391 |
name = "/home/ircd/var/log/dline.log"; |
392 |
size = 50 megabytes; |
393 |
}; |
394 |
|
395 |
file { |
396 |
type = gline; |
397 |
name = "/home/ircd/var/log/gline.log"; |
398 |
size = 50 megabytes; |
399 |
}; |
400 |
|
401 |
file { |
402 |
type = debug; |
403 |
name = "/home/ircd/var/log/debug.log"; |
404 |
size = 50 megabytes; |
405 |
}; |
406 |
}; |