ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/ircd-hybrid/trunk/doc/reference.conf
Revision: 5347
Committed: Sun Jan 11 12:42:20 2015 UTC (9 years, 2 months ago) by michael
File size: 39562 byte(s)
Log Message:
- Update copyright years

File Contents

# User Rev Content
1 michael 2962 /*
2     * This is an example configuration file for ircd-hybrid
3 db 897 *
4 michael 5347 * Copyright (c) 2000-2015 ircd-hybrid development team
5 db 897 *
6     * $Id$
7     */
8    
9 michael 1824 /*
10     * ########################################################################
11 michael 2322 * IMPORTANT NOTE:
12 db 897 *
13 michael 3882 * auth {} blocks MUST be specified in order of precedence. The first one
14     * that matches a user will be used. So place spoofs first, then specials,
15 db 897 * then general access.
16 michael 1824 * ########################################################################
17 db 897 *
18     * Shell style (#), C++ style (//) and C style comments are supported.
19     *
20     * Files may be included by either:
21     * .include "filename"
22     * .include <filename>
23     *
24     * Times/durations are written as:
25     * 12 hours 30 minutes 1 second
26 michael 2841 *
27 db 897 * Valid units of time:
28 michael 1783 * year, month, week, day, hour, minute, second
29 db 897 *
30     * Valid units of size:
31     * megabyte/mbyte/mb, kilobyte/kbyte/kb, byte
32     *
33 michael 2305 * Sizes and times may be singular or plural.
34     */
35 db 897
36 michael 1824
37 db 897 /*
38 michael 1336 * serverinfo {}: contains information about the server
39 db 897 */
40     serverinfo {
41     /*
42 michael 2345 * name: the name of this server. This cannot be changed at runtime.
43 db 897 */
44     name = "hades.arpa";
45    
46     /*
47 michael 2345 * sid: a server's unique ID. This is three characters long and must
48     * be in the form [0-9][A-Z0-9][A-Z0-9]. The first character must be
49 db 897 * a digit, followed by 2 alpha-numerical letters.
50 michael 2345 *
51 michael 1863 * NOTE: The letters must be capitalized. This cannot be changed at runtime.
52 db 897 */
53 michael 1817 sid = "0HY";
54 db 897
55     /*
56 michael 1533 * description: the description of the server.
57 db 897 */
58 michael 1534 description = "ircd-hybrid test server";
59 db 897
60     /*
61     * network info: the name and description of the network this server
62 michael 1863 * is on. Shown in the 005 reply and used with serverhiding.
63 db 897 */
64     network_name = "MyNet";
65     network_desc = "This is My Network";
66    
67     /*
68     * hub: allow this server to act as a hub and have multiple servers
69     * connected to it.
70     */
71     hub = no;
72    
73     /*
74     * vhost: the IP to bind to when we connect outward to ipv4 servers.
75 michael 959 * This should be an ipv4 IP only, or "*" for INADDR_ANY.
76 db 897 */
77 michael 2171 # vhost = "192.169.0.1";
78 db 897
79     /*
80 michael 2322 * vhost6: the address to bind to when we make outgoing connections
81     * to IPv6 servers. This should be an IPv6 address, or "*" for INADDR_ANY.
82 db 897 */
83 michael 2171 # vhost6 = "3ffe:80e8:546::2";
84 db 897
85 michael 1863 /* max_clients: the maximum number of clients allowed to connect. */
86 db 897 max_clients = 512;
87    
88     /*
89 michael 1751 * max_nick_length: only applies to local clients. Must be in the
90     * range of 9 to 30. Default is 9 if nothing else is specified.
91     */
92     max_nick_length = 9;
93    
94     /*
95     * max_topic_length: only applies to topics set by local clients.
96     * Must be in the range of 80 to 300. Default is 80 if nothing
97     * else is specified.
98     */
99     max_topic_length = 160;
100    
101     /*
102 michael 2322 * rsa_private_key_file: the path to the file containing the
103 michael 2844 * RSA key.
104 db 897 *
105 michael 2468 * Example commands to store a 2048 bit RSA key in rsa.key:
106 michael 2308 *
107 michael 1229 * openssl genrsa -out rsa.key 2048
108 michael 2464 * chown <ircd-user>.<ircd.group> rsa.key
109 db 897 * chmod 0600 rsa.key
110     */
111 michael 4173 # rsa_private_key_file = "etc/rsa.key";
112 db 897
113     /*
114 michael 951 * ssl_certificate_file: the path to the file containing our
115 michael 2322 * SSL certificate for encrypted client connection.
116 db 897 *
117     * This assumes your private RSA key is stored in rsa.key. You
118 michael 1863 * MUST have an RSA key in order to generate the certificate.
119 db 897 *
120 michael 1863 * Example command:
121     *
122 db 897 * openssl req -new -days 365 -x509 -key rsa.key -out cert.pem
123     *
124     * See http://www.openssl.org/docs/HOWTO/certificates.txt
125     *
126     * Please use the following values when generating the cert
127     *
128     * Organization Name: Network Name
129     * Organization Unit Name: changme.someirc.net
130     * Common Name: irc.someirc.net
131     * E-mail: you@domain.com
132     */
133 michael 4173 # ssl_certificate_file = "etc/cert.pem";
134 michael 967
135 michael 1351 /*
136 michael 4173 * ssl_dh_param_file: path to the PEM encoded Diffie-Hellman
137     * parameter file. DH parameters are required when using
138     * ciphers with EDH (ephemeral Diffie-Hellman) key exchange.
139 michael 1351 *
140     * A DH parameter file can be created by running:
141     *
142 michael 3013 * openssl dhparam -out dhparam.pem 2048
143 michael 1351 *
144 michael 1523 * Prime size must be at least 1024 bits. Further information
145     * regarding specific OpenSSL dhparam command-line options
146     * can be found in the OpenSSL manual.
147 michael 1351 */
148 michael 4173 # ssl_dh_param_file = "etc/dhparam.pem";
149 michael 1306
150 michael 967 /*
151 michael 4173 * ssl_dh_elliptic_curve: defines the curve to use for the
152     * Elliptic Curve Diffie-Hellman (ECDH) algorithm.
153 michael 4494 * Default is ANSI X9.62 prime256v1/secp256r1 if nothing else is specified.
154 michael 4070 *
155 michael 4185 * A list of supported curves by OpenSSL can be obtained by running:
156     *
157     * openssl ecparam -list_curves
158 michael 4070 */
159     # ssl_dh_elliptic_curve = "secp521r1";
160    
161     /*
162 michael 4173 * ssl_cipher_list: list of ciphers to support on _this_ server.
163     * Can be used to enforce specific ciphers for incoming SSL/TLS
164     * connections. If a client (which also includes incoming server connections)
165     * is not capable of using any of the ciphers listed here, the connection will
166 michael 2322 * simply be rejected.
167 michael 1550 *
168 michael 2322 * A list of supported ciphers by OpenSSL can be obtained by running:
169 michael 1306 *
170     * openssl ciphers -ssl3 -tls1 -v
171     *
172 michael 1524 * Multiple ciphers are separated by colons. The order of preference is
173     * from left to right.
174 michael 1306 */
175 michael 3015 # ssl_cipher_list = "ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA:AES256-SHA";
176 michael 1306
177     /*
178 michael 4173 * ssl_message_digest_algorithm: defines what cryptographic hash function
179     * to use for generating fingerprint hashes of X.509 certificates.
180 michael 4122 * Default is SHA-256 if nothing else is specified.
181 michael 4114 *
182 michael 4122 * A list of supported message digest algorithms by OpenSSL can be obtained by running:
183 michael 4114 *
184     * openssl list-message-digest-algorithms
185     */
186     # ssl_message_digest_algorithm = "sha256";
187 db 897 };
188    
189     /*
190 michael 4560 * admin {}: contains administrative information about the server
191 db 897 */
192     admin {
193     name = "Smurf target";
194     description = "Main Server Administrator";
195     email = "<syn@packets.r.us>";
196     };
197    
198     /*
199 michael 1229 * class {}: contains information about classes for users
200 db 897 */
201     class {
202 michael 1863 /* name: the name of the class. */
203 db 897 name = "users";
204    
205     /*
206     * ping_time: how often a client must reply to a PING from the
207     * server before they are dropped.
208     */
209     ping_time = 90 seconds;
210    
211     /*
212     * number_per_ip: how many local users are allowed to connect
213 michael 4173 * from a single IP address (optional)
214 db 897 */
215     number_per_ip = 2;
216    
217     /*
218     * max_local: how many local users are allowed to connect
219 michael 4173 * from a single ident@host (optional)
220 db 897 */
221     max_local = 2;
222    
223     /*
224 michael 4173 * max_global: network-wide limit of users per ident@host (optional)
225 db 897 */
226     max_global = 10;
227    
228     /*
229     * max_number: the maximum number of users allowed in this class (optional)
230     */
231     max_number = 100;
232    
233     /*
234 michael 4173 * The following lines are optional and allow you to define
235 michael 1863 * how many users can connect from one /NN subnet.
236 db 897 */
237     cidr_bitlen_ipv4 = 24;
238     cidr_bitlen_ipv6 = 120;
239     number_per_cidr = 16;
240    
241     /*
242 michael 2322 * sendq: the amount of data allowed in a client's send queue before
243 db 897 * they are dropped.
244     */
245     sendq = 100 kbytes;
246 michael 1516
247     /*
248 michael 2322 * recvq: the amount of data allowed in a client's receive queue before
249 michael 4301 * they are dropped for flooding. Defaults to 2560 if the chosen value
250     * isn't within the range of 512 to 8000.
251 michael 1516 */
252     recvq = 2560 bytes;
253 db 897 };
254    
255     class {
256     name = "opers";
257     ping_time = 90 seconds;
258     number_per_ip = 10;
259     max_number = 100;
260 michael 1428 sendq = 100 kbytes;
261 michael 1783
262     /*
263 michael 3933 * max_channels: maximum number of channels users in this class can join.
264     */
265     max_channels = 60;
266    
267     /*
268 michael 1863 * min_idle: minimum idle time that is shown in /whois.
269 michael 1783 */
270     min_idle = 3 hours;
271    
272     /*
273 michael 1863 * max_idle: maximum idle time that is shown in /whois.
274 michael 1783 */
275     max_idle = 8 hours;
276    
277     /*
278     * flags:
279     *
280 michael 2322 * random_idle - a fake idle time is set randomly between
281     * min_idle and max_idle
282     * hide_idle_from_opers - the fake idle time will also be shown to operators
283 michael 1783 */
284     flags = random_idle, hide_idle_from_opers;
285 db 897 };
286    
287     class {
288     name = "server";
289     ping_time = 90 seconds;
290    
291     /*
292 michael 1863 * connectfreq: only used in server classes. Specifies the delay
293 db 897 * between autoconnecting to servers.
294     */
295     connectfreq = 5 minutes;
296    
297 michael 2322 /* max number: the number of servers to autoconnect to. */
298 db 897 max_number = 1;
299    
300 michael 1863 /* sendq: servers need a higher sendq as they send more data. */
301 db 897 sendq = 2 megabytes;
302     };
303    
304     /*
305 michael 2322 * motd {}: Allows the display of a different MOTD to a client
306 michael 2210 * depending on its origin. Applies to local users only.
307 michael 2150 */
308     motd {
309     /*
310     * mask: multiple mask entries are permitted. Mask can either be
311 michael 2993 * a class name or a hostname. CIDR is supported.
312 michael 2150 */
313     mask = "*.at";
314     mask = "*.de";
315     mask = "*.ch";
316    
317     /*
318 michael 2152 * file: path to the actual motd file.
319 michael 2150 */
320 michael 4173 file = "etc/german.motd";
321 michael 2150 };
322    
323     /*
324 michael 1229 * listen {}: contains information about the ports ircd listens on
325 db 897 */
326     listen {
327     /*
328 michael 3447 * port: the port to listen on. If no host is specified earlier
329     * in the listen {} block, it will listen on all available IPs.
330 db 897 *
331 michael 2328 * Ports are separated by commas; a range may be specified using ".."
332 db 897 */
333 michael 2345
334 michael 4301 /* port: listen on all available IP addresses, ports 6665 to 6669. */
335 db 897 port = 6665 .. 6669;
336    
337     /*
338 michael 2322 * Listen on 192.168.0.1/6697 with SSL enabled and hidden from STATS P
339 db 897 * unless you are an administrator.
340     *
341 michael 2322 * NOTE: The "flags" directive always has to come before "port".
342 michael 951 *
343     * Currently available flags are:
344     *
345 michael 1679 * ssl - Port may only accept TLS/SSL connections
346 michael 951 * server - Only server connections are permitted
347 michael 1229 * hidden - Port is hidden from /stats P, unless you're an admin
348 db 897 */
349     flags = hidden, ssl;
350     host = "192.168.0.1";
351     port = 6697;
352    
353     /*
354 michael 2322 * host: set a specific IP address/host to listen on using the
355     * subsequent port definitions. This may be IPv4 or IPv6.
356 db 897 */
357     host = "1.2.3.4";
358     port = 7000, 7001;
359    
360     host = "3ffe:1234:a:b:c::d";
361     port = 7002;
362     };
363    
364     /*
365 michael 1229 * auth {}: allow users to connect to the ircd
366 db 897 */
367     auth {
368     /*
369 michael 1541 * user: the user@host allowed to connect. Multiple user
370 michael 4266 * lines are permitted within each auth {} block.
371 db 897 */
372     user = "*@172.16.0.0/12";
373     user = "*test@123D:B567:*";
374    
375 michael 4173 /* password: an optional password that is required to use this block. */
376 db 897 password = "letmein";
377    
378     /*
379     * encrypted: controls whether the auth password above has been
380     * encrypted.
381     */
382     encrypted = yes;
383    
384     /*
385 michael 2322 * spoof: fake the user's host to this. This is free-form, just do
386 michael 1863 * everyone a favor and don't abuse it. ('=' prefix on /stats I)
387 db 897 */
388     spoof = "I.still.hate.packets";
389    
390 michael 4173 /* class: the class the user is placed in. */
391 db 897 class = "opers";
392    
393     /*
394 michael 4392 * need_password - don't allow users who haven't supplied the correct | ('&' prefix on /stats I if disabled)
395 michael 4266 * password to connect using another auth {} block
396 michael 4392 * need_ident - require the user to have identd to connect | ('+' prefix on /stats I)
397 michael 1229 * spoof_notice - enable spoofing notification to admins
398 michael 4392 * exceed_limit - allow a user to exceed class limits | ('>' prefix on /stats I)
399     * kline_exempt - exempt this user from k/glines | ('^' prefix on /stats I)
400     * gline_exempt - exempt this user from glines | ('_' prefix on /stats I)
401     * resv_exempt - exempt this user from resvs | ('$' prefix on /stats I)
402     * no_tilde - remove ~ from a user with no ident | ('-' prefix on /stats I)
403     * can_flood - allow this user to exceed flood limits | ('|' prefix on /stats I)
404     * webirc - enables WEBIRC authentication for web-based | ('<' prefix on /stats I)
405     * clients such as Mibbit
406 db 897 */
407     flags = need_password, spoof_notice, exceed_limit, kline_exempt,
408 michael 1176 gline_exempt, resv_exempt, no_tilde, can_flood;
409 db 897 };
410    
411     auth {
412     /*
413 michael 4301 * redirserv, redirport: the server and port to redirect a user to.
414     * A user does not have to obey the redirection; the ircd just
415     * suggests an alternative server for them.
416 db 897 */
417 michael 4305 redirserv = "server.tld";
418 db 897 redirport = 6667;
419 michael 2345
420 michael 4305 user = "*@*.tld";
421 db 897
422 michael 4173 /* class: a class is required even though it is not used. */
423 db 897 class = "users";
424     };
425    
426     auth {
427     user = "*@*";
428     class = "users";
429     flags = need_ident;
430     };
431    
432     /*
433 michael 1229 * operator {}: defines ircd operators
434 db 897 */
435     operator {
436 michael 4301 /* name: the name of the operator */
437 michael 1537 name = "sheep";
438 db 897
439     /*
440 michael 3447 * user: the user@host required for this operator. Multiple user
441 michael 4266 * lines are permitted within each operator {} block.
442 db 897 */
443 michael 1537 user = "*sheep@192.168.0.0/16";
444 michael 1285 user = "*@127.0.0.0/8";
445 db 897
446     /*
447 michael 1863 * password: the password required to oper. By default this will
448 michael 1070 * need to be encrypted by using the provided mkpasswd tool.
449     * Several password hash algorithms are available depending
450     * on your system's crypt() implementation. For example, a modern
451 michael 2322 * glibc already has support for the SHA-256/512 and MD5 encryption
452 michael 1070 * algorithms.
453 db 897 */
454 michael 1070 password = "$5$x5zof8qe.Yc7/bPp$5zIg1Le2Lsgd4CvOjaD20pr5PmcfD7ha/9b2.TaUyG4";
455 db 897
456     /*
457     * encrypted: controls whether the oper password above has been
458 michael 4436 * encrypted. Default is 'yes' if nothing else is specified.
459 db 897 */
460     encrypted = yes;
461    
462     /*
463 michael 4301 * rsa_public_key_file: the public key for this oper when using /challenge.
464 michael 2841 * A password should not be defined when this is used; see
465 db 897 * doc/challenge.txt for more information.
466     */
467 michael 4173 # rsa_public_key_file = "etc/oper.pub";
468 db 897
469 michael 2228 /*
470 michael 2244 * ssl_certificate_fingerprint: enhances security by additionally checking
471     * the oper's client certificate fingerprint against the specified
472     * fingerprint below.
473 michael 2236 *
474     * Hint: your users can use the following command to obtain a SHA-256 hash
475     * of their ssl certificate:
476     *
477     * openssl x509 -sha256 -noout -fingerprint -in cert.pem | sed -e 's/^.*=//;s/://g'
478 michael 2228 */
479 michael 2244 # ssl_certificate_fingerprint = "4C62287BA6776A89CD4F8FF10A62FFB35E79319F51AF6C62C674984974FCCB1D";
480 michael 2228
481 michael 2248 /*
482     * ssl_connection_required: client must be connected over SSL/TLS
483 michael 4266 * in order to be able to use this operator {} block.
484 michael 2279 * Default is 'no' if nothing else is specified.
485 michael 2248 */
486     ssl_connection_required = no;
487    
488 michael 4173 /* class: the class the oper joins when they successfully /oper or /challenge. */
489 db 897 class = "opers";
490    
491     /*
492 michael 4173 * umodes: the default usermodes opers get when they /oper or /challenge.
493     * If defined, it will override oper_umodes settings in general {}.
494 db 897 * Available usermodes:
495     *
496     * +b - bots - See bot and drone flooding notices
497     * +c - cconn - Client connection/quit notices
498     * +D - deaf - Don't receive channel messages
499     * +d - debug - See debugging notices
500 michael 1818 * +e - external - See remote server connection and split notices
501 michael 1976 * +F - farconnect - Remote client connection/quit notices
502 michael 4266 * +f - full - See auth {} block full notices
503 db 897 * +G - softcallerid - Server Side Ignore for users not on your channels
504     * +g - callerid - Server Side Ignore (for privmsgs etc)
505 michael 1294 * +H - hidden - Hides operator status to other users
506 michael 2267 * +i - invisible - Not shown in NAMES or WHO unless you share a channel
507 michael 1290 * +j - rej - See rejected client notices
508 db 897 * +k - skill - See server generated KILL messages
509     * +l - locops - See LOCOPS messages
510     * +n - nchange - See client nick changes
511 michael 3513 * +p - hidechans - Hides channel list in WHOIS
512 michael 3506 * +q - hideidle - Hides idle and signon time in WHOIS
513 michael 1855 * +R - nononreg - Only receive private messages from registered clients
514 db 897 * +s - servnotice - See general server notices
515     * +u - unauth - See unauthorized client notices
516     * +w - wallop - See server generated WALLOPS
517     * +y - spy - See LINKS, STATS, TRACE notices etc.
518     */
519 michael 3869 umodes = locops, servnotice, wallop;
520 db 897
521     /*
522 michael 2305 * privileges: controls the activities and commands an oper is
523 michael 4301 * allowed to do on the server. All flags default to 'no'.
524     * Available flags:
525 db 897 *
526 michael 4308 * admin - gives administrator privileges | ('A' flag)
527 michael 2018 * connect - allows local CONNECT | ('P' flag)
528     * connect:remote - allows remote CONNECT | ('Q' flag)
529 michael 4308 * die - allows DIE | ('D' flag)
530     * dline - allows DLINE |
531     * gline - allows GLINE | ('G' flag)
532     * globops - allows GLOBOPS |
533 michael 2018 * kill - allows to KILL local clients | ('N' flag)
534     * kill:remote - allows remote users to be /KILL'd | ('O' flag)
535 michael 4308 * kline - allows KLINE | ('K' flag)
536     * locops - allows LOCOPS |
537     * module - allows MODULE |
538 michael 5004 * opme - allows OPME |
539 michael 4308 * rehash - allows oper to REHASH config | ('H' flag)
540 michael 2018 * remoteban - allows remote KLINE/UNKLINE | ('B' flag)
541 michael 4308 * restart - allows RESTART |
542     * set - allows SET |
543     * squit - allows local SQUIT | ('R' flag)
544     * squit:remote - allows remote SQUIT | ('S' flag)
545 michael 2018 * undline - allows UNDLINE |
546     * unkline - allows UNKLINE | ('U' flag)
547 michael 2852 * unxline - allows UNXLINE |
548 michael 2038 * wallops - allows WALLOPS |
549 michael 4308 * xline - allows XLINE | ('X' flag)
550 db 897 */
551 michael 4308 flags = admin, connect, connect:remote, die, globops, kill, kill:remote,
552     kline, module, rehash, restart, set, unkline, unxline, xline;
553 db 897 };
554    
555 michael 1552 /*
556 michael 2322 * connect {}: define a server to connect to
557 db 897 */
558     connect {
559 michael 4173 /* name: the name of the server. */
560 db 897 name = "irc.uplink.com";
561    
562     /*
563 michael 2322 * host: the host or IP address to connect to. If a hostname is used it
564     * must match the reverse DNS of the server.
565 db 897 */
566     host = "192.168.0.1";
567    
568     /*
569 michael 2322 * vhost: the IP address to bind to when making outgoing connections to
570     * servers.
571 db 897 * serverinfo::vhost and serverinfo::vhost6 will be overridden
572     * by this directive.
573     */
574     vhost = "192.168.0.2";
575    
576     /*
577 michael 4301 * send_password, accept_password: the passwords to send and accept.
578 michael 2322 * The remote server will have these passwords swapped.
579 db 897 */
580     send_password = "password";
581     accept_password = "anotherpassword";
582    
583     /*
584     * encrypted: controls whether the accept_password above has been
585 michael 1070 * encrypted.
586 db 897 */
587     encrypted = no;
588    
589 michael 4173 /* port: the port to connect to this server on. */
590 db 897 port = 6666;
591    
592     /*
593 michael 1863 * hub_mask: the mask of servers that this server may hub. Multiple
594     * entries are permitted.
595 db 897 */
596     hub_mask = "*";
597    
598     /*
599 michael 1863 * leaf_mask: the mask of servers this server may not hub. Multiple
600     * entries are permitted. Useful for forbidding EU -> US -> EU routes.
601 db 897 */
602     # leaf_mask = "*.uk";
603    
604 michael 4173 /* class: the class this server is in. */
605 db 897 class = "server";
606    
607 michael 1524 /*
608 michael 4173 * ssl_cipher_list: list of ciphers that the server we are connecting to
609     * must support. If the server is not capable of using any of the ciphers
610     * listed below, the connection will simply be rejected.
611 michael 1524 * Can be used to enforce stronger ciphers, even though this option
612     * is not necessarily required to establish a SSL/TLS connection.
613     *
614     * Multiple ciphers are separated by colons. The order of preference
615     * is from left to right.
616     */
617 michael 3059 # ssl_cipher_list = "ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA:AES256-SHA";
618 michael 1306
619 db 897 /*
620 michael 2244 * ssl_certificate_fingerprint: enhances security by additionally checking
621     * the server's client certificate fingerprint against the specified
622     * fingerprint below.
623 michael 2228 */
624 michael 2244 # ssl_certificate_fingerprint = "4C62287BA6776A89CD4F8FF10A62FFB35E79319F51AF6C62C674984974FCCB1D";
625 michael 2228
626     /*
627 michael 1229 * autoconn - controls whether we autoconnect to this server or not,
628     * dependent on class limits. By default, this is disabled.
629 michael 1303 * ssl - Initiates a TLS/SSL connection.
630 db 897 */
631 michael 1519 # flags = autoconn, ssl;
632 db 897 };
633    
634     connect {
635 michael 1285 name = "ipv6.some.server";
636 db 897 host = "3ffd:dead:beef::1";
637     send_password = "password";
638     accept_password = "password";
639     port = 6666;
640    
641     /*
642     * aftype: controls whether the connection uses "ipv4" or "ipv6".
643     * Default is ipv4.
644     */
645     aftype = ipv6;
646     class = "server";
647     };
648    
649     /*
650     * cluster {}: servers that share klines/unkline/xline/unxline/resv/unresv/locops
651 michael 1229 * automatically
652 db 897 */
653     cluster {
654     /*
655 michael 2322 * name: the server to share with; this can take wildcards
656 db 897 *
657 michael 2322 * NOTE: only local actions will be clustered, meaning that if
658 db 897 * the server receives a shared kline/unkline/etc, it
659     * will not be propagated to clustered servers.
660     *
661     * Remote servers are not necessarily required to accept
662 michael 4288 * clustered lines, they need a shared {} block for *THIS*
663     * server in order to accept them.
664 db 897 */
665     name = "*.arpa";
666    
667     /*
668 michael 2322 * type: list of what to share; options are as follows:
669 michael 1301 * dline - share dlines
670     * undline - share undlines
671 michael 1336 * kline - share klines
672     * unkline - share unklines
673     * xline - share xlines
674     * unxline - share unxlines
675     * resv - share resvs
676     * unresv - share unresvs
677     * locops - share locops
678     * all - share all of the above (default)
679 db 897 */
680     type = kline, unkline, locops, xline, resv;
681     };
682    
683     /*
684 michael 1229 * shared {}: users that are allowed to remote kline
685 db 897 *
686 michael 2322 * NOTE: This can effectively be used for remote klines.
687 db 897 * Please note that there is no password authentication
688 michael 1863 * for users setting remote klines. You must also be
689 db 897 * /oper'd in order to issue a remote kline.
690     */
691     shared {
692     /*
693 michael 2322 * name: the server the user must be connected to in order to set klines.
694     * If this is not specified, the user will be allowed to kline from all
695     * servers.
696 db 897 */
697     name = "irc2.some.server";
698    
699     /*
700 michael 1863 * user: the user@host mask that is allowed to set klines. If this is
701 db 897 * not specified, all users on the server above will be allowed to set
702     * a remote kline.
703     */
704     user = "oper@my.host.is.spoofed";
705    
706     /*
707     * type: list of what to share, options are as follows:
708 michael 1301 * dline - allow oper/server to dline
709     * undline - allow oper/server to undline
710 michael 1336 * kline - allow oper/server to kline
711     * unkline - allow oper/server to unkline
712     * xline - allow oper/server to xline
713     * unxline - allow oper/server to unxline
714     * resv - allow oper/server to resv
715     * unresv - allow oper/server to unresv
716 db 897 * locops - allow oper/server to locops - only used for servers that cluster
717 michael 1336 * all - allow oper/server to do all of the above (default)
718 db 897 */
719     type = kline, unkline, resv;
720     };
721    
722     /*
723 michael 1229 * kill {}: users that are not allowed to connect
724 michael 4308 * Oper issued klines will be added to the specified kline database
725 db 897 */
726     kill {
727     user = "bad@*.hacked.edu";
728     reason = "Obviously hacked account";
729     };
730    
731     /*
732 michael 2322 * deny {}: IP addresses that are not allowed to connect
733     * (before DNS/ident lookup)
734 michael 4308 * Oper issued dlines will be added to the specified dline database
735 db 897 */
736     deny {
737     ip = "10.0.1.0/24";
738     reason = "Reconnecting vhosted bots";
739     };
740    
741     /*
742 michael 2322 * exempt {}: IP addresses that are exempt from deny {} and Dlines
743 db 897 */
744     exempt {
745     ip = "192.168.0.0/16";
746     };
747    
748     /*
749 michael 1229 * resv {}: nicks and channels users may not use/join
750 db 897 */
751 michael 1858 resv { mask = "clone*"; reason = "Clone bots"; };
752 michael 3659 resv { mask = "Global"; reason = "Reserved for services"; };
753 michael 1866 resv { mask = "ChanServ"; reason = "Reserved for services"; };
754 michael 1858 resv { mask = "NickServ"; reason = "Reserved for services"; };
755     resv { mask = "OperServ"; reason = "Reserved for services"; };
756     resv { mask = "MemoServ"; reason = "Reserved for services"; };
757     resv { mask = "BotServ"; reason = "Reserved for services"; };
758     resv { mask = "HelpServ"; reason = "Reserved for services"; };
759     resv { mask = "HostServ"; reason = "Reserved for services"; };
760     resv { mask = "StatServ"; reason = "Reserved for services"; };
761     resv { mask = "#*services*"; reason = "Reserved for services"; };
762 michael 1823
763 michael 1858 resv {
764     /*
765     * mask: masks starting with a '#' are automatically considered
766 michael 2322 * as channel name masks.
767 michael 1858 */
768     mask = "#helsinki";
769 michael 3550 reason = "Channel is reserved for Finnish inhabitants";
770 michael 1858
771     /*
772     * exempt: can be either a ISO 3166 alpha-2 two letter country
773     * code, or a nick!user@host mask. CIDR is supported. Exempt
774     * entries can be stacked.
775     */
776     exempt = "FI";
777     };
778    
779 db 897 /*
780 michael 4308 * gecos {}: used for banning users based on their "realname".
781 db 897 */
782     gecos {
783     name = "*sex*";
784     reason = "Possible spambot";
785     };
786    
787     gecos {
788     name = "sub7server";
789     reason = "Trojan drone";
790     };
791    
792     /*
793 michael 4919 * service {}: specifies a server which may act as a network service
794     *
795     * NOTE: it is very important that every server on the network
796     * has the same service {} block.
797     */
798     service {
799     name = "service.someserver";
800     name = "stats.someserver";
801     };
802    
803     /*
804 michael 4545 * pseudo {}: adds pseudo/custom commands also known as service aliases
805     */
806     pseudo {
807     /* command: the actual command/alias */
808     command = "IDENTIFY";
809    
810     /* prepend: optional text that can be prepended before the user's message */
811     prepend = "IDENTIFY ";
812    
813     /* name: the service name, used for error messages */
814     name = "NickServ";
815    
816     /* target: the actual target where this message should be sent to */
817     target = "NickServ@service.someserver";
818     };
819    
820     pseudo {
821 michael 4591 command = "CHANSERV";
822     name = "ChanServ";
823     target = "ChanServ@service.someserver";
824 michael 4545 };
825    
826     pseudo {
827 michael 4591 command = "CS";
828     name = "ChanServ";
829     target = "ChanServ@service.someserver";
830 michael 4545 };
831    
832     pseudo {
833 michael 4591 command = "NICKSERV";
834     name = "NickServ";
835     target = "NickServ@service.someserver";
836 michael 4545 };
837    
838     pseudo {
839 michael 4591 command = "NS";
840     name = "NickServ";
841     target = "NickServ@service.someserver";
842 michael 4545 };
843    
844     pseudo {
845 michael 4591 command = "MEMOSERV";
846     name = "MemoServ";
847     target = "MemoServ@service.someserver";
848 michael 4545 };
849    
850     pseudo {
851 michael 4591 command = "MS";
852     name = "MemoServ";
853     target = "MemoServ@service.someserver";
854 michael 4545 };
855    
856     pseudo {
857 michael 4591 command = "OPERSERV";
858     name = "OperServ";
859     target = "OperServ@service.someserver";
860 michael 4545 };
861    
862     pseudo {
863 michael 4591 command = "OS";
864     name = "OperServ";
865     target = "OperServ@service.someserver";
866 michael 4545 };
867    
868     pseudo {
869 michael 4591 command = "HOSTSERV";
870     name = "HostServ";
871     target = "HostServ@service.someserver";
872 michael 4545 };
873    
874     pseudo {
875 michael 4591 command = "HS";
876     name = "HostServ";
877     target = "HostServ@service.someserver";
878 michael 4545 };
879    
880     pseudo {
881 michael 4591 command = "BOTSERV";
882     name = "BotServ";
883     target = "BotServ@service.someserver";
884 michael 4545 };
885    
886     pseudo {
887 michael 4591 command = "BS";
888     name = "BotServ";
889     target = "BotServ@service.someserver";
890 michael 4545 };
891    
892     /*
893 michael 4308 * channel {}: the channel block contains options pertaining to channels
894 db 897 */
895     channel {
896     /*
897     * disable_fake_channels: this option, if set to 'yes', will
898 michael 2322 * disallow clients from creating or joining channels that have one
899 db 897 * of the following ASCII characters in their name:
900     *
901     * 2 | bold
902     * 3 | mirc color
903 michael 951 * 15 | plain text
904 db 897 * 22 | reverse
905 michael 1424 * 29 | italic
906 db 897 * 31 | underline
907     * 160 | non-breaking space
908     */
909     disable_fake_channels = yes;
910    
911     /*
912 michael 3860 * invite_client_count, invite_client_time: how many INVITE commands
913     * are permitted per client per invite_client_time.
914 michael 3762 */
915 michael 3860 invite_client_count = 10;
916     invite_client_time = 5 minutes;
917 michael 3762
918     /*
919 michael 3860 * knock_client_count, knock_client_time: how many KNOCK commands
920     * are permitted per client per knock_client_time.
921 michael 3762 */
922 michael 3860 knock_client_count = 1;
923     knock_client_time = 5 minutes;
924 michael 3762
925     /*
926 michael 3933 * knock_delay_channel: how often a KNOCK to any specific channel
927 michael 3762 * is permitted, regardless of the user sending the KNOCK.
928 db 897 */
929     knock_delay_channel = 1 minute;
930    
931     /*
932 michael 3933 * max_channels: the maximum number of channels a user can join/be on.
933 michael 4266 * This is a default value which can be overriden with class {} blocks.
934 db 897 */
935 michael 3933 max_channels = 25;
936 db 897
937     /* max_bans: maximum number of +b/e/I modes in a channel */
938 michael 1522 max_bans = 100;
939 db 897
940     /*
941 michael 2322 * how many joins in how many seconds constitute a flood. Use 0 to
942 db 897 * disable. +b opers will be notified (changeable via /set)
943     */
944     join_flood_count = 16;
945     join_flood_time = 8 seconds;
946    
947     /*
948 michael 2322 * The ircd will now check splitmode (whether a server is split from
949     * the network) every few seconds; this functionality is known as
950     * splitcode and is influenced by the options below.
951 db 897 *
952     * Either split users or split servers can activate splitmode, but
953     * both conditions must be met for the ircd to deactivate splitmode.
954 michael 2345 *
955 db 897 * You may force splitmode to be permanent by /quote set splitmode on
956     */
957    
958     /*
959     * default_split_user_count: when the usercount is lower than this level,
960 michael 1863 * consider ourselves split. This must be set for automatic splitmode.
961 db 897 */
962     default_split_user_count = 0;
963    
964     /*
965     * default_split_server_count: when the servercount is lower than this,
966 michael 1863 * consider ourselves split. This must be set for automatic splitmode.
967 db 897 */
968     default_split_server_count = 0;
969    
970 michael 2322 /* no_create_on_split: do not allow users to create channels on split. */
971 db 897 no_create_on_split = yes;
972    
973 michael 2322 /* no_join_on_split: do not allow users to join channels on a split. */
974 db 897 no_join_on_split = no;
975     };
976    
977     /*
978 michael 4308 * serverhide {}: the serverhide block contains the options regarding
979 michael 4205 * to server hiding. For more information regarding server hiding,
980     * please see doc/serverhide.txt
981 db 897 */
982     serverhide {
983     /*
984 michael 2322 * disable_remote_commands: disable users issuing commands
985 michael 2196 * on remote servers.
986     */
987     disable_remote_commands = no;
988    
989     /*
990 db 897 * flatten_links: this option will show all servers in /links appear
991 michael 2322 * as though they are linked to this current server.
992 db 897 */
993     flatten_links = no;
994    
995     /*
996     * links_delay: how often to update the links file when it is
997     * flattened.
998     */
999     links_delay = 5 minutes;
1000    
1001     /*
1002     * hidden: hide this server from a /links output on servers that
1003 michael 1863 * support it. This allows hub servers to be hidden etc.
1004 db 897 */
1005     hidden = no;
1006    
1007     /*
1008     * hide_servers: hide remote servernames everywhere and instead use
1009     * hidden_name and network_desc.
1010     */
1011     hide_servers = no;
1012    
1013     /*
1014 michael 1851 * hide_services: define this if you want to hide the location of
1015 michael 4266 * services servers that are specified in the service {} block.
1016 michael 1851 */
1017     hide_services = no;
1018    
1019     /*
1020 michael 4308 * hidden_name: use this as the servername users see if hide_servers = yes.
1021 db 897 */
1022     hidden_name = "*.hidden.com";
1023    
1024     /*
1025 michael 4301 * hide_server_ips: if this is disabled, opers will be unable to see
1026 michael 2322 * servers' IP addresses and will be shown a masked IP address; admins
1027     * will be shown the real IP address.
1028 db 897 *
1029 michael 2322 * If this is enabled, nobody can see a server's IP address.
1030     * *This is a kludge*: it has the side effect of hiding the IP addresses
1031     * everywhere, including logfiles.
1032 db 897 *
1033     * We recommend you leave this disabled, and just take care with who you
1034 michael 1729 * give administrator privileges to.
1035 db 897 */
1036     hide_server_ips = no;
1037     };
1038    
1039     /*
1040 michael 4308 * general {}: the general block contains many of the options that were once
1041 michael 1783 * compiled in options in config.h
1042 db 897 */
1043     general {
1044 michael 2286 /*
1045     * cycle_on_host_change: sends a fake QUIT/JOIN combination
1046     * when services change the hostname of a specific client.
1047     */
1048     cycle_on_host_change = yes;
1049    
1050 michael 951 /* max_watch: maximum WATCH entries a client can have. */
1051 michael 3882 max_watch = 30;
1052 db 897
1053 michael 3882 /* max_accept: maximum allowed /accept's for +g usermode. */
1054     max_accept = 30;
1055    
1056 michael 2322 /* gline_enable: enable glines (network-wide temporary klines). */
1057 michael 1459 gline_enable = yes;
1058    
1059 db 897 /*
1060 michael 4173 * gline_duration: the amount of time a G-line will remain on your
1061 michael 1863 * server before expiring.
1062 michael 1459 */
1063     gline_duration = 1 day;
1064    
1065     /*
1066 michael 1863 * gline_request_duration: how long a pending G-line can be around.
1067     * 10 minutes should be plenty.
1068 michael 1459 */
1069     gline_request_duration = 10 minutes;
1070    
1071     /*
1072 db 897 * gline_min_cidr: the minimum required length of a CIDR bitmask
1073 michael 4173 * for IPv4 based G-lines.
1074 db 897 */
1075     gline_min_cidr = 16;
1076    
1077     /*
1078     * gline_min_cidr6: the minimum required length of a CIDR bitmask
1079 michael 4173 * for IPv6 based G-lines.
1080 db 897 */
1081     gline_min_cidr6 = 48;
1082    
1083     /*
1084 michael 3445 * invisible_on_connect: whether to automatically set mode +i on
1085     * connecting users.
1086 db 897 */
1087     invisible_on_connect = yes;
1088    
1089     /*
1090 michael 2322 * kill_chase_time_limit: KILL chasing is a feature whereby a KILL
1091     * issued for a user who has recently changed nickname will be applied
1092     * automatically to the new nick. kill_chase_time_limit is the maximum
1093     * time following a nickname change that this chasing will apply.
1094 db 897 */
1095 michael 3341 kill_chase_time_limit = 30 seconds;
1096 db 897
1097     /*
1098 michael 4173 * ignore_bogus_ts: ignore bogus timestamps from other servers.
1099     * Yes, this will desync the network, but it will allow chanops
1100     * to resync with a valid non TS 0.
1101 db 897 *
1102     * This should be enabled network wide, or not at all.
1103     */
1104     ignore_bogus_ts = no;
1105    
1106     /*
1107     * disable_auth: completely disable ident lookups; if you enable this,
1108     * be careful of what you set need_ident to in your auth {} blocks
1109     */
1110     disable_auth = no;
1111    
1112     /*
1113     * tkline_expire_notices: enables or disables temporary kline/xline
1114     * expire notices.
1115     */
1116     tkline_expire_notices = no;
1117    
1118     /*
1119     * default_floodcount: the default value of floodcount that is configurable
1120 michael 4173 * via /quote set floodcount. This is the number of lines a user may send
1121     * to any other user/channel in one second.
1122 db 897 */
1123     default_floodcount = 10;
1124    
1125     /*
1126 michael 2305 * failed_oper_notice: send a notice to all opers on the server when
1127 db 897 * someone tries to OPER and uses the wrong password, host or ident.
1128     */
1129     failed_oper_notice = yes;
1130    
1131     /*
1132 michael 2322 * dots_in_ident: the number of '.' characters permitted in an ident
1133 db 897 * reply before the user is rejected.
1134     */
1135     dots_in_ident = 2;
1136    
1137     /*
1138 michael 2322 * min_nonwildcard: the minimum number of non-wildcard characters in
1139     * k/d/g lines placed via the server. K-lines hand-placed are exempt from
1140     * this limit.
1141 michael 4173 * Wildcard characters: '.', ':', '*', '?', '@', '!'
1142 db 897 */
1143     min_nonwildcard = 4;
1144    
1145     /*
1146 michael 2322 * min_nonwildcard_simple: the minimum number of non-wildcard characters
1147 michael 4173 * in gecos bans. Wildcard characters: '*', '?'
1148 db 897 */
1149     min_nonwildcard_simple = 3;
1150    
1151 michael 1863 /* anti_nick_flood: enable the nickflood control code. */
1152 db 897 anti_nick_flood = yes;
1153    
1154 michael 4173 /* nick flood: the number of nick changes allowed in the specified period. */
1155 db 897 max_nick_time = 20 seconds;
1156     max_nick_changes = 5;
1157    
1158     /*
1159 michael 4313 * away_count, away_time: how many AWAY command are permitted per
1160     * client per away_time.
1161     */
1162     away_count = 2;
1163     away_time = 10 seconds;
1164    
1165     /*
1166 db 897 * anti_spam_exit_message_time: the minimum time a user must be connected
1167     * before custom quit messages are allowed.
1168     */
1169     anti_spam_exit_message_time = 5 minutes;
1170    
1171     /*
1172 michael 3882 * ts_warn_delta, ts_max_delta: the time delta allowed between server
1173     * clocks before a warning is given, or before the link is dropped.
1174 michael 4173 * All servers should run ntpdate/rdate to keep clocks in sync.
1175 db 897 */
1176 michael 4403 ts_warn_delta = 3 seconds;
1177     ts_max_delta = 15 seconds;
1178 db 897
1179     /*
1180 michael 3473 * warn_no_connect_block: warn opers about servers that try to connect
1181     * but for which we don't have a connect {} block. Twits with
1182     * misconfigured servers can become really annoying with this enabled.
1183 db 897 */
1184 michael 3473 warn_no_connect_block = yes;
1185 db 897
1186     /*
1187     * stats_e_disabled: set this to 'yes' to disable "STATS e" for both
1188 michael 1863 * operators and administrators. Doing so is a good idea in case
1189 michael 4173 * there are any exempted (exempt {}) server IPs you don't want to
1190 db 897 * see leaked.
1191     */
1192     stats_e_disabled = no;
1193    
1194 michael 5025 /* stats_m_oper_only: make /stats m/M (messages) oper only. */
1195     stats_m_oper_only = yes;
1196    
1197 michael 4173 /* stats_o_oper_only: make stats o (opers) oper only. */
1198 db 897 stats_o_oper_only = yes;
1199    
1200 michael 4173 /* stats_P_oper_only: make stats P (ports) oper only. */
1201 db 897 stats_P_oper_only = yes;
1202    
1203 michael 4173 /* stats_u_oper_only: make stats u (uptime) oper only. */
1204 michael 2269 stats_u_oper_only = no;
1205    
1206 db 897 /*
1207 michael 3520 * stats_i_oper_only: make stats i (auth {}) oper only. Set to:
1208 michael 4266 * yes - show users no auth {} blocks, made oper only
1209     * masked - show users the first matching auth {} block
1210     * no - show users all auth {} blocks
1211 db 897 */
1212     stats_i_oper_only = yes;
1213    
1214     /*
1215 michael 1863 * stats_k_oper_only: make stats k/K (klines) oper only. Set to:
1216 michael 5029 * yes - show users no klines, made oper only
1217     * masked - show users the first matching kline
1218     * no - show users all klines
1219 db 897 */
1220     stats_k_oper_only = yes;
1221    
1222     /*
1223     * caller_id_wait: time between notifying a +g user that somebody
1224     * is messaging them.
1225     */
1226     caller_id_wait = 1 minute;
1227    
1228     /*
1229     * opers_bypass_callerid: allows operators to bypass +g and message
1230 michael 4786 * anyone who has it set.
1231 db 897 */
1232     opers_bypass_callerid = no;
1233    
1234     /*
1235 michael 2322 * pace_wait_simple: minimum time required between use of less
1236     * intensive commands
1237 michael 3520 * (ADMIN, HELP, LUSERS, VERSION, remote WHOIS)
1238 db 897 */
1239     pace_wait_simple = 1 second;
1240    
1241     /*
1242 michael 2322 * pace_wait: minimum time required between use of more intensive commands
1243 michael 4313 * (INFO, LINKS, MAP, MOTD, STATS, WHO, WHOWAS)
1244 db 897 */
1245     pace_wait = 10 seconds;
1246    
1247     /*
1248 michael 2322 * short_motd: send clients a notice telling them to read the MOTD
1249     * instead of forcing an MOTD to clients who may simply ignore it.
1250 db 897 */
1251     short_motd = no;
1252    
1253     /*
1254 michael 4173 * ping_cookie: require clients to respond exactly to a PING command,
1255 db 897 * can help block certain types of drones and FTP PASV mode spoofing.
1256     */
1257     ping_cookie = no;
1258    
1259     /* no_oper_flood: increase flood limits for opers. */
1260     no_oper_flood = yes;
1261    
1262 michael 1863 /* oper_pass_resv: allow opers to over-ride RESVs on nicks/channels. */
1263 db 897 oper_pass_resv = yes;
1264    
1265 michael 2345 /* REMOVE ME. The following line checks that you have been reading. */
1266 db 897 havent_read_conf = 1;
1267    
1268     /*
1269 michael 2322 * max_targets: the maximum number of targets in a single
1270 michael 1863 * PRIVMSG/NOTICE. Set to 999 NOT 0 for unlimited.
1271 db 897 */
1272     max_targets = 4;
1273    
1274     /*
1275     * usermodes configurable: a list of usermodes for the options below
1276     *
1277     * +b - bots - See bot and drone flooding notices
1278     * +c - cconn - Client connection/quit notices
1279     * +D - deaf - Don't receive channel messages
1280     * +d - debug - See debugging notices
1281 michael 1818 * +e - external - See remote server connection and split notices
1282 michael 1976 * +F - farconnect - Remote client connection/quit notices
1283 michael 4266 * +f - full - See auth {} block full notices
1284 db 897 * +G - softcallerid - Server Side Ignore for users not on your channels
1285     * +g - callerid - Server Side Ignore (for privmsgs etc)
1286 michael 1294 * +H - hidden - Hides operator status to other users
1287 michael 2345 * +i - invisible - Not shown in NAMES or WHO unless you share a channel
1288 michael 1290 * +j - rej - See rejected client notices
1289 db 897 * +k - skill - See server generated KILL messages
1290     * +l - locops - See LOCOPS messages
1291     * +n - nchange - See client nick changes
1292 michael 3513 * +p - hidechans - Hides channel list in WHOIS
1293 michael 3506 * +q - hideidle - Hides idle and signon time in WHOIS
1294 michael 1855 * +R - nononreg - Only receive private messages from registered clients
1295 db 897 * +s - servnotice - See general server notices
1296     * +u - unauth - See unauthorized client notices
1297     * +w - wallop - See server generated WALLOPS
1298     * +y - spy - See LINKS, STATS, TRACE notices etc.
1299     */
1300    
1301 michael 4301 /* oper_only_umodes: usermodes only operators may set. */
1302 michael 4308 oper_only_umodes = bots, cconn, debug, external, farconnect, full, hidden, locops,
1303     nchange, rej, skill, spy, unauth;
1304 db 897
1305 michael 4301 /* oper_umodes: default usermodes operators get when they /oper or /challenge. */
1306 michael 3869 oper_umodes = bots, locops, servnotice, wallop;
1307 db 897
1308     /*
1309 michael 3877 * throttle_count: the maximum number of connections from the same
1310     * IP address allowed in throttle_time duration.
1311     */
1312     throttle_count = 1;
1313    
1314     /*
1315 michael 2322 * throttle_time: the minimum amount of time required between
1316 michael 3877 * connections from the same IP address. exempt {} blocks are
1317     * excluded from this throttling.
1318 michael 1863 * Offers protection against flooders who reconnect quickly.
1319 db 897 * Set to 0 to disable.
1320     */
1321 michael 3877 throttle_time = 2 seconds;
1322 db 897 };
1323    
1324     modules {
1325     /*
1326 michael 951 * path: other paths to search for modules specified below
1327 michael 1441 * and in "/module load".
1328 db 897 */
1329 michael 4173 path = "lib/ircd-hybrid/modules";
1330 michael 5007 # path = "lib/ircd-hybrid/modules/extra";
1331 michael 4173 path = "lib/ircd-hybrid/modules/autoload";
1332 db 897
1333 michael 1863 /* module: the name of a module to load on startup/rehash. */
1334 michael 2171 # module = "some_module.la";
1335 db 897 };
1336 michael 1247
1337     /*
1338     * log {}: contains information about logfiles.
1339     */
1340     log {
1341     /* Do you want to enable logging to ircd.log? */
1342     use_logging = yes;
1343    
1344     file {
1345     type = oper;
1346 michael 4173 name = "var/log/oper.log";
1347 michael 1250 size = unlimited;
1348 michael 1247 };
1349    
1350     file {
1351     type = user;
1352 michael 4173 name = "var/log/user.log";
1353 michael 1247 size = 50 megabytes;
1354     };
1355    
1356     file {
1357     type = kill;
1358 michael 4173 name = "var/log/kill.log";
1359 michael 1247 size = 50 megabytes;
1360     };
1361    
1362     file {
1363     type = kline;
1364 michael 4173 name = "var/log/kline.log";
1365 michael 1247 size = 50 megabytes;
1366     };
1367    
1368     file {
1369     type = dline;
1370 michael 4173 name = "var/log/dline.log";
1371 michael 1247 size = 50 megabytes;
1372     };
1373    
1374     file {
1375     type = gline;
1376 michael 4173 name = "var/log/gline.log";
1377 michael 1247 size = 50 megabytes;
1378     };
1379    
1380     file {
1381 michael 2336 type = xline;
1382 michael 4173 name = "var/log/xline.log";
1383 michael 2336 size = 50 megabytes;
1384     };
1385    
1386     file {
1387     type = resv;
1388 michael 4173 name = "var/log/resv.log";
1389 michael 2336 size = 50 megabytes;
1390     };
1391    
1392     file {
1393 michael 1247 type = debug;
1394 michael 4173 name = "var/log/debug.log";
1395 michael 1247 size = 50 megabytes;
1396 michael 1824 };
1397 michael 1247 };

Properties

Name Value
svn:eol-style native
svn:keywords Id Revision