pegasus/unrealircd
1
0
Fork 0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-06-23 07:16:37 +02:00
Code Activity

Compare commits

base: pegasus/unrealircd:unreal60_dev
Branches Tags
pegasus/unrealircd:unreal60_dev pegasus/unrealircd:unreal52 pegasus/unrealircd:unreal50 pegasus/unrealircd:unreal42 pegasus/unrealircd:unreal40 pegasus/unrealircd:tmcarthur-osx pegasus/unrealircd:master pegasus/unrealircd:unreal33 pegasus/unrealircd:unreal3_2_fixes pegasus/unrealircd:stable pegasus/unrealircd:devel pegasus/unrealircd:c-ares_resolver pegasus/unrealircd:beta pegasus/unrealircd:komara pegasus/unrealircd:u31_chatfirst pegasus/unrealircd:newio pegasus/unrealircd:unrealstorm pegasus/unrealircd:firestorm pegasus/unrealircd:experimentalweirdnes pegasus/unrealircd:unlabeled-1.1.1.1.4 pegasus/unrealircd:unlabeled-1.1.2
..
compare: pegasus/unrealircd:unreal52
Branches Tags
pegasus/unrealircd:unreal60_dev pegasus/unrealircd:unreal52 pegasus/unrealircd:unreal50 pegasus/unrealircd:unreal42 pegasus/unrealircd:unreal40 pegasus/unrealircd:tmcarthur-osx pegasus/unrealircd:master pegasus/unrealircd:unreal33 pegasus/unrealircd:unreal3_2_fixes pegasus/unrealircd:stable pegasus/unrealircd:devel pegasus/unrealircd:c-ares_resolver pegasus/unrealircd:beta pegasus/unrealircd:komara pegasus/unrealircd:u31_chatfirst pegasus/unrealircd:newio pegasus/unrealircd:unrealstorm pegasus/unrealircd:firestorm pegasus/unrealircd:experimentalweirdnes pegasus/unrealircd:unlabeled-1.1.1.1.4 pegasus/unrealircd:unlabeled-1.1.2

42 Commits
unreal60_dev .. unreal52

Author SHA1 Message Date
Bram Matthys a0ae1a5a66 Update release notes header to conform to style 2022-05-03 11:45:58 +02:00
Bram Matthys fc3711fcbe Refer to UnrealIRCd 6 module api page from the UnrealIRCd 5 module api page. 2022-02-06 07:42:59 +01:00
Bram Matthys 6604856973 ** UnrealIRCd 5.2.4 ** 2022-01-28 17:03:07 +01:00
Bram Matthys 0843ac64c0 Handle outdated version in the crash reporter: 
1) Warn when >= July 1, 2022 that we only do security fixes (but continue the report)
2) Error when >= July 1, 2023 that all support ceased (do not send a report)
3) Handle HTTP 403 condition
 2022-01-02 09:47:35 +01:00
Bram Matthys 5b3b50c084 Add variable declaration in innosetup file. 2021-12-29 20:09:59 +01:00
Bram Matthys 9ea7aebef2 Add link to UnrealIRCd 6 "what's new" 2021-12-29 15:29:00 +01:00
Bram Matthys 8f2e31f911 ** UnrealIRCd 5.2.3 ** 
This release will be put online at a later date, together with 6.0.1.
 2021-12-29 12:18:02 +01:00
Bram Matthys fb3becb30e Make ./unrealircd upgrade work on FreeBSD as well 
(fix ported from U6)
 2021-12-29 12:15:56 +01:00
k4bek4be 311cdc4639 Make CHATHISTORY not FAIL on a -H channel, sending empty history instead (#156) 2021-12-19 10:41:54 +01:00
Bram Matthys 191ecc0e11 Fix EOL date, apparently I promised July and not June :D. 2021-12-15 07:12:09 +01:00
Bram Matthys 8584058a61 Update release notes a bit more 
[skip ci]
 2021-12-13 19:02:08 +01:00
Bram Matthys 08afb5ce3a Update release notes for 5.2.3 
[skip ci]
 2021-12-13 18:59:24 +01:00
musk 26ad4b48f7 Add example.es.conf (#187) 2021-12-13 18:53:22 +01:00
Bram Matthys fb0aeb14c0 Mention 6.x (already) as a supported version and mention U5 EOL date 
explicitly in this document as well. (Even though it already contains
a reference to the EOL dates)
 2021-12-13 18:49:56 +01:00
Val Lorentz da34552027 Send nick!user@host in WALLOPS message from self. 2021-12-10 19:42:38 +01:00
Bram Matthys de31964738 Update release notes 
[skip ci]
 2021-12-06 17:50:51 +01:00
Bram Matthys e1b3016426 Fix set::anti-flood::connect-flood not obeying the 'per XX seconds' 
configuration. It was always cleaning up old entries after 2 minutes.
That is, until the first REHASH happened, after that the correct
connect-flood setting was applied.
In practice, with the default configuration, this means that instead
of 3:60 it was 3:120 until the first REHASH, and after that 3:60.

This was caused by update_throttling_timer_settings() being
called before init_throttling().
 2021-12-06 17:46:40 +01:00
Bram Matthys 343c4834ba Add CONTRIBUTING.md file 2021-12-06 12:55:24 +01:00
Bram Matthys 59ac6b8218 This looks better. Less = more. 
[skip ci]
 2021-12-06 12:29:18 +01:00
Bram Matthys 4a91f8c33a Update release notes a bit more 
[skip ci]
 2021-12-06 12:09:47 +01:00
Bram Matthys ca9fa7c2cc Update release notes a bit: dot dot dot 
[skip ci]
 2021-12-06 12:04:46 +01:00
Bram Matthys 7d4cafd068 Bump version to 5.2.3-git and write some early release notes 2021-12-06 11:54:06 +01:00
Bram Matthys fd81a98364 Add more warnings 3/6/9 months before EOL date (June 1, 2023) 
Just like we did in UnrealIRCd 4.
 2021-12-06 11:40:20 +01:00
Bram Matthys 40161cad0c Show EOL warning in 2023 2021-12-06 11:21:52 +01:00
Bram Matthys 14dadac9ff Remove some confusing examples about extended server bans in (G)ZLINE. 
And also remove some references to old oper privilege flags.
Reported by progval.
 2021-12-03 16:07:47 +01:00
Bram Matthys f65a2ba3d1 Backport fix for memory leak in websocket module. 2021-12-01 09:08:07 +01:00
Bram Matthys 22f5039180 Don't use slashes at start and end in SPAMFILTER example in HELPOP. 
Reported by srhuston in https://bugs.unrealircd.org/view.php?id=6002
[skip ci]
 2021-12-01 09:03:20 +01:00
Ramiro Bou a35b476b05 Sending WALLOPS back to the oper that issued it. (#159) 2021-11-28 10:54:05 +01:00
Bram Matthys dbdac4e304 ** UnrealIRCd 5.2.2 ** 2021-10-03 15:59:13 +02:00
Bram Matthys 98fa3a63c8 Update release notes a bit more 
[skip ci]
 2021-10-03 15:54:06 +02:00
Bram Matthys 8e3c3a1bd7 Also mention possible OpenBSD c-ares fix in release notes 
[skip ci]
 2021-10-03 12:17:05 +02:00
Bram Matthys d48acf638a Update text a bit 
[skip ci]
 2021-10-03 12:13:26 +02:00
Bram Matthys 82c8c9aed4 BuildBot: FreeBSD hangs with ASan enabled, in OPENSSL_init_ssl(), 
which calls qsort(). So disable it in the build tests (wtf?).
[skip ci]
 2021-10-03 12:12:47 +02:00
Bram Matthys 3715ae6789 Update release notes 
[skip ci]
 2021-10-03 11:02:19 +02:00
Bram Matthys a21168928f Update shipped c-ares from 1.17.1 to 1.17.2 (10-aug-2021) 2021-10-03 10:37:03 +02:00
Bram Matthys 745f3fbb06 Update release notes, get ready for 5.2.2. 2021-10-03 10:33:14 +02:00
Bram Matthys d2ef328147 Update curl-ca-bundle.crt to version of Thu Sep 30 03:12:05 2021 GMT 
from https://curl.se/ca/cacert.pem. Has a few changes, but the most
notable change is that they removed DST Root CA X3. This fixes
verifying Let's Encrypt certificates if you use the "DST Root CA X3"
chain (which is currently the default in certbot and all) on:
* OpenSSL 1.0.2 or earlier (old but in use on eg: Debian 8, Ubuntu 16.04, ..)
* LibreSSL below 3.3.5/3.2.7 (so until a day ago)

This only affects outgoing connections, so for remote includes and
for server linking. Server linking is only affected if you use the
link::verify-certificate option, which most people don't use.

On a side note, ISRG Root X1, so the "real root" for Let's Encrypt is
already included since August 2017 (c8a67f9436)
 2021-10-03 10:13:40 +02:00
Bram Matthys 3feac27c43 Put arabic-utf8 in the correct group and #if out the hard errror 
when mixing UTF8 groups, make it a general warning again as it
may or may not be an issue.
 2021-09-22 09:31:47 +02:00
Bram Matthys c51a3d96be Add support for arabic-utf8 in set::allowed-nickchars. Supplied by Sensiva 
in https://bugs.unrealircd.org/view.php?id=3734
 2021-09-22 09:20:19 +02:00
Bram Matthys 871b581a06 Module coders: add UNREAL_VERSION so you can more easily check UnrealIRCd 
versions in #ifdef's. Eg: #if UNREAL_VERSION > 0x05020100 to check if >5.2.1
 2021-08-10 14:32:32 +02:00
Bram Matthys 41d8a13b19 Fix crash in set::server-linking::autoconnect-strategy sequential-fallback 
when a remote server links to another server.
 2021-08-08 15:56:29 +02:00
Bram Matthys 0593dc4b73 Allow SVSLOGIN also if set::sasl-server is not set. 
Because yeah... why not.
 2021-07-15 10:30:23 +02:00
438 changed files with 42283 additions and 96199 deletions
Expand all files Collapse all files
.github/FUNDING.yml
-2
View File
@@ -1,2 +0,0 @@
github: [syzop]
patreon: UnrealIRCd
.github/workflows/linux-ci.yml
-59
View File
@@ -1,59 +0,0 @@
name: Linux CI
on:
push:
branches: ["unreal60_dev"]
pull_request:
branches: ["unreal60_dev"]
permissions:
contents: read
packages: read
env:
NOSERVICES: 1
RUNTESTFLAGS: "-slightlyfast"
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
compiler:
- { c: gcc, cpp: g++ }
- { c: clang, cpp: clang++ }
env:
CC: ${{ matrix.compiler.c }}
CXX: ${{ matrix.compiler.cpp }}
steps:
- name: Checkout
#uses: actions/checkout@v4
#no, pin to v4.2.2 for security reasons:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
#and we don't need the credentials later..
with:
persist-credentials: false
fetch-depth: 1
- name: Install dependencies
run: |
sudo rm -f /var/lib/man-db/auto-update
sudo apt-get update
sudo apt-get install -y --no-install-recommends \
build-essential pkg-config libssl-dev libpcre2-dev libargon2-dev \
libsodium-dev libc-ares-dev libcurl4-openssl-dev libjansson-dev
- name: Install python dependencies
run: |
python -m pip install --break-system-packages pyasyncore pyasynchat
- name: Build
run: extras/build-tests/nix/build
- name: Run tests
run: extras/build-tests/nix/run-tests
.gitignore
+1 -19
View File
@@ -9,6 +9,7 @@ extras/c-ares*
config.status
extras/ircdcron/ircd.cron
extras/ircdcron/ircdchk
src/modules/snomasks/Makefile
src/modules/chanmodes/Makefile
src/modules/extbans/Makefile
src/modules/usermodes/Makefile
@@ -34,7 +35,6 @@ tls.rnd
# Ignores for platform stuff
.DS_Store
[D|d]esktop.ini
# Ignores for build artifacts
*.so
@@ -45,24 +45,6 @@ src/ircd
src/version.c
src/include
# Ignores for windows stuff
## Binaries
*.dll
*.exe
*.map
*.pdb
*.lib
## Build artifacts
*.obj
*.exp
*.ilk
*.res
##Other
*.tmp
UnrealIRCd.def*
*.nativecodeanalysis.xml
# Ignores for mac stuff
## Various settings
*.pbxuser
BSDmakefile
-4
View File
@@ -1,4 +0,0 @@
.DONE:
@echo "Please use GNU Make (gmake) to build UnrealIRCd"
.DEFAULT:
@echo "Please use GNU Make (gmake) to build UnrealIRCd"
Config
+202 -313
View File
@@ -1,7 +1,7 @@
#!/bin/sh
#
# Config script for UnrealIRCd
# (C) 2001-2021 The UnrealIRCd Team
# (C) 2001-2019 The UnrealIRCd Team
#
# This configure script is free software; the UnrealIRCd Team gives
# unlimited permission to copy, distribute and modify as long as the
@@ -18,24 +18,7 @@
# some bits edited by baafie on March 17 2004, every change marked.
# Remove trailing slash in paths (if any)
FIX_PATHNAMES () {
BASEPATH="${BASEPATH%/}"
BINDIR="${BINDIR%/}"
DATADIR="${DATADIR%/}"
CONFDIR="${CONFDIR%/}"
MODULESDIR="${MODULESDIR%/}"
LOGDIR="${LOGDIR%/}"
CACHEDIR="${CACHEDIR%/}"
DOCDIR="${DOCDIR%/}"
TMPDIR="${TMPDIR%/}"
PRIVATELIBDIR="${PRIVATELIBDIR%/}"
SSLDIR="${SSLDIR%/}"
CURLDIR="${CURLDIR%/}"
}
# Create and run the ./configure command with the appropriate
# options based on the users settings.
RUN_CONFIGURE () {
ARG=" "
@@ -50,14 +33,13 @@ if [ -z "$BINDIR" -o -z "$DATADIR" -o -z "$CONFDIR" -o -z "$MODULESDIR" -o -z "$
fi
mkdir -p $BASEPATH
mkdir -p $TMPDIR
mkdir -p $CONFDIR
chmod 0700 $BASEPATH
chmod 0700 $TMPDIR
chmod 0700 $CONFDIR
mkdir -p $PRIVATELIBDIR
# Do this even if we're not in advanced mode
if [ "$SHOWLISTMODES" = "1" ] ; then
ARG="$ARG--with-showlistmodes "
fi
if [ "$ADVANCED" = "1" ] ; then
if [ "$NOOPEROVERRIDE" = "1" ] ; then
ARG="$ARG--with-no-operoverride "
@@ -71,29 +53,12 @@ ARG="$ARG--enable-ssl "
else
ARG="$ARG--enable-ssl=$SSLDIR "
fi
# Ensure we install curl even if someone does ./Config -quick...
if [ "x$CURLDIR" = "x$UNREALCWD/extras/curl" ]; then
INSTALLCURL=1
else
# And that the path does not refer to eg an old unrealircd-1.2.3 either ;)
if echo "$CURLDIR"|egrep -qi extras.*curl; then
CURLDIR="$UNREALCWD/extras/curl"
INSTALLCURL=1
fi
fi
if [ "$INSTALLCURL" = "1" ]; then
echo ""
echo "You previously used cURL with the auto-install-script. This is no longer"
echo "supported. You likely don't need it anyway, because since UnrealIRCd 6.0.0"
echo "we support remote includes with the 'https' protocol without cURL."
echo "You only need cURL for non-https such as insecure 'http', 'smb', 'ftp', etc."
echo "I am disabling cURL support for you..."
sleep 10
CURLDIR=""
fi
if [ "$REMOTEINC" = "1" ] ; then
ARG="$ARG--enable-libcurl=$CURLDIR "
fi
if [ "$PREFIXAQ" != "1" ]; then
ARG="$ARG--disable-prefixaq "
fi
if [ "$MAXCONNECTIONS_REQUEST" != "auto" ]; then
ARG="$ARG--with-maxconnections=$MAXCONNECTIONS_REQUEST "
fi
@@ -101,7 +66,6 @@ fi
ARG="$ARG--with-bindir=$BINDIR "
ARG="$ARG--with-datadir=$DATADIR "
ARG="$ARG--with-pidfile=$DATADIR/unrealircd.pid "
ARG="$ARG--with-controlfile=$DATADIR/unrealircd.ctl "
ARG="$ARG--with-confdir=$CONFDIR "
ARG="$ARG--with-modulesdir=$MODULESDIR "
ARG="$ARG--with-logdir=$LOGDIR "
@@ -113,19 +77,17 @@ ARG="$ARG--with-scriptdir=$BASEPATH "
ARG="$ARG--with-nick-history=$NICKNAMEHISTORYLENGTH "
ARG="$ARG--with-permissions=$DEFPERM "
ARG="$ARG--enable-dynamic-linking "
if [ "$GEOIP" = "classic" ]; then
ARG="$ARG--enable-geoip-classic "
fi
if [ "$GEOIP" = "mmdb" -o "$GEOIP" = "libmaxminddb" ]; then
ARG="$ARG--enable-mmdb "
fi
if [ "$SANITIZER" = "asan" ]; then
ARG="$ARG--enable-asan "
fi
ARG="$ARG $EXTRAPARA "
CONF="./configure $ARG"
# remove possibly old instances of curl in ~/unrealircd/lib/
rm -f $PRIVATELIBDIR/*curl* 1>/dev/null 2>&1
# Ensure we install curl even if someone does ./Config -quick...
if [ "x$CURLDIR" = "x$UNREALCWD/extras/curl" ]; then
INSTALLCURL=1
fi
if [ "x$INSTALLCURL" = "x1" ]; then
extras/curlinstall "$PRIVATELIBDIR" || exit 1
fi
# At least do SOME parallel compiling by default, IF:
# - the MAKE environment variable is not set
# - the MAKEFLAGS environment variable is not set
@@ -155,61 +117,95 @@ $CONF || exit 1
cd "$UNREALCWD"
if [ "$QUICK" != "1" ] ; then
if [ ! -f "$CONFDIR/unrealircd.conf" ]; then
echo ""
echo "You don't have an 'unrealircd.conf' yet in $CONFDIR"
echo "Shall I put the example configuration file there?"
echo "If so, enter the two letter language code that you want, or just press ENTER for English. Answer 'none' to skip."
AVLANGS="en"
cd doc/conf/examples 1>/dev/null 2>&1
for lang in example.??.conf
do
ADDTHIS=$(echo "$lang"|sed 's/example.//g'|sed 's/.conf//g')
AVLANGS="$AVLANGS $ADDTHIS"
done
cd - 1>/dev/null 2>&1
echo "The available options are: $AVLANGS none"
echo $n "[en] -> $c"
read cc
if [ "$cc" = "none" ]; then
echo "Example config not copied."
elif [ "$cc" = "en" -o "$cc" = "" ]; then
cp doc/conf/examples/example.conf $CONFDIR/unrealircd.conf
else
cp doc/conf/examples/example.$cc.conf $CONFDIR/unrealircd.conf
fi
fi
if [ ! -f $CONFDIR/tls/server.cert.pem -a ! -f $CONFDIR/ssl/server.cert.pem ]; then
export OPENSSLPATH
TEST=""
while [ -z "$TEST" ] ; do
if [ "$GENCERTIFICATE" = "1" ] ; then
TEST="Yes"
else
TEST="No"
fi
echo ""
echo "UnrealIRCd requires an SSL certificate in order to work."
echo "Do you want to generate an SSL certificate for the IRCd?"
echo "Only answer No if you already have one."
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
cc=$TEST
fi
case "$cc" in
[Yy]*)
GENCERTIFICATE="1"
;;
[Nn]*)
GENCERTIFICATE=""
;;
*)
echo ""
echo "You must enter either Yes or No"
TEST=""
;;
esac
done
if [ "$GENCERTIFICATE" = 1 ]; then
echo
echo "*******************************************************************************"
echo "Next you will be asked some questions in order to generate the TLS certificate."
echo "Next you will be asked some questions in order to generate the SSL certificate."
echo "IMPORTANT: If you don't own a domain or don't know what to answer, then you can"
echo " simply press ENTER or use fictional names for each question!"
echo "*******************************************************************************"
echo "Press ENTER to continue"
read cc
./unrealircd mkcert
make pem
echo "Certificate created successfully."
sleep 1
else
echo "Ok, not generating TLS certificate. Make sure that the certificate and key"
echo "Ok, not generating SSL certificate. Make sure that the certificate and key"
echo "are installed in conf/tls/server.cert.pem and conf/tls/server.key.pem prior to starting the IRCd."
fi
else
echo "TLS certificate already exists in configuration directory, no need to regenerate."
echo "SSL certificate already exists in configuration directory, no need to regenerate."
fi
fi
# Silently force a 'make clean' as otherwise part (or whole) of the
# compiled source could be using different settings than the user
# just requested when re-running ./Config.
$MAKE clean 1>/dev/null 2>&1
make clean 1>/dev/null 2>&1
}
RUN_ADVANCED () {
TEST=""
while [ -z "$TEST" ] ; do
if [ "$SHOWLISTMODES" = "1" ] ; then
TEST="Yes"
else
TEST="No"
fi
echo ""
echo "Do you want to show the modes a channel has set in the /list output?"
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
cc=$TEST
fi
case "$cc" in
[Yy]*)
SHOWLISTMODES="1"
;;
[Nn]*)
SHOWLISTMODES=""
;;
*)
echo ""
echo "You must enter either Yes or No"
TEST=""
;;
esac
done
TEST=""
while [ -z "$TEST" ] ; do
if [ "$NOOPEROVERRIDE" = "1" ] ; then
@@ -279,18 +275,34 @@ NICKNAMEHISTORYLENGTH="2000"
MAXCONNECTIONS_REQUEST="auto"
REMOTEINC=""
CURLDIR=""
PREFIXAQ="1"
SHOWLISTMODES="1"
NOOPEROVERRIDE=""
OPEROVERRIDEVERIFY=""
GENCERTIFICATE="1"
EXTRAPARA=""
SANITIZER=""
GEOIP="mmdb"
if [ "`eval echo -n 'a'`" = "-n a" ] ; then
c="\c"
else
n="-n"
fi
date|egrep '2021|2022' 1>/dev/null 2>&1
if [ "$?" -ne 0 ]; then
echo "*** WARNING ***"
echo "UnrealIRCd 5.x will no longer be supported after June 1, 2023."
echo "You should upgrade to a newer UnrealIRCd version before that date."
echo "See https://www.unrealircd.org/docs/UnrealIRCd_5_EOL"
echo $n . $c
sleep 1
echo $n . $c
sleep 1
echo $n . $c
echo ""
sleep 1
echo "Press ENTER to continue"
read xyz
fi
#parse arguments
IMPORTEDSETTINGS=""
@@ -298,7 +310,7 @@ NOINTRO=""
QUICK=""
ADVANCED=""
while [ $# -ge 1 ] ; do
if [ "$1" = "-help" -o "$1" = "--help" -o "$1" = "-h" ] ; then
if [ $1 = "--help" ] ; then
echo "Config utility for UnrealIRCd"
echo "-----------------------------"
echo "Syntax: ./Config [options]"
@@ -306,19 +318,18 @@ while [ $# -ge 1 ] ; do
echo "-quick Skip questions, go straight to configure"
echo "-advanced Include additional advanced questions"
exit 0
elif [ "$1" = "-nointro" ] ; then
elif [ $1 = "-nointro" ] ; then
NOINTRO="1"
elif [ "$1" = "-quick" -o "$1" = "-q" ] ; then
elif [ $1 = "-quick" -o $1 = "-q" ] ; then
QUICK="1"
echo "running quick config"
if [ -f "config.settings" ] ; then
. ./config.settings
fi
FIX_PATHNAMES
RUN_CONFIGURE
cd "$UNREALCWD"
exit 0
elif [ "$1" = "-advanced" ] ; then
elif [ $1 = "-advanced" ] ; then
PREADVANCED="1"
fi
shift 1
@@ -338,38 +349,10 @@ if [ "`id -u`" = "0" ]; then
exit
fi
# Check for gmake early...
if [ "$MAKE" = "" ]; then
MAKE="make"
fi
if ! $MAKE --version 2>&1|grep -q "GNU Make"; then
# So $MAKE is not GNU make, but do we have gmake?
if gmake --version 2>&1|grep -q "GNU Make"; then
# Great, use that one!
MAKE="gmake"
else
# Both $MAKE and gmake are not GNU make, do we have a working $MAKE at all?
if command -v "$MAKE" 1>/dev/null 2>&1; then
echo "Your system has 'make' but UnrealIRCd requires GNU Make ('gmake')"
echo "Please install 'gmake' "
echo "eg 'pkg install gmake' on FreeBSD and 'pkg_add gmake' on OpenBSD."
exit 1
else
echo "Your system does not have the required tools installed to build UnrealIRCd."
echo "Please check https://www.unrealircd.org/docs/Installing_from_source"
echo "and install the required tools listed under 'Prerequisites'."
echo "After that, you can run ./Config again"
exit 1
fi
fi
fi
clear
if [ -f "doc/Config.header" -a -z "$NOINTRO" ] ; then
cat doc/Config.header
more doc/Config.header
echo ""
echo $n "[Press Enter to continue]"
read cc
@@ -380,15 +363,15 @@ echo "We will now ask you a number of questions. You can just press ENTER to acc
echo ""
# This needs to be updated each release so auto-upgrading works for settings, modules, etc!!:
UNREALRELEASES="6.2.5 6.2.4 6.2.4-rc1 6.2.3 6.2.3-rc2 6.2.3-rc1 6.2.2 6.2.1 6.2.1-rc2 6.2.1-rc1 6.2.0.2 6.2.0.1 6.2.0 6.2.0-beta3 6.2.0-beta2 6.2.0-beta1 6.1.10 6.1.10-rc1 6.1.9 6.1.8 6.1.8.1 6.1.8 6.1.8-rc1 6.1.7 6.1.7-rc1 6.1.6 6.1.6-rc1 6.1.5 6.1.4 6.1.3 6.1.3-rc1 6.1.2.3 6.1.2.2 6.1.2.1 6.1.2 6.1.2-rc2 6.1.2-rc1 6.1.1.1 6.1.1 6.1.0 6.1.0-rc2 6.1.0-rc1 6.0.7 6.0.6 6.0.5 6.0.5-rc2 6.0.5-rc1 6.0.4.2 6.0.4.1 6.0.4 6.0.4-rc2 6.0.4-rc1 6.0.3 6.0.2 6.0.1.1 6.0.1 6.0.0"
UNREALRELEASES="unrealircd-5.2.3 unrealircd-5.2.2 unrealircd-5.2.1.1 unrealircd-5.2.1 unrealircd-5.2.1-rc1 unrealircd-5.2.0.2 unrealircd-5.2.0.1 unrealircd-5.2.0 unrealircd-5.2.0-rc1 unrealircd-5.0.9.1 unrealircd-5.0.9 unrealircd-5.0.9-rc1 unrealircd-5.0.8 unrealircd-5.0.8-rc1 unrealircd-5.0.7 unrealircd-5.0.7-rc1 unrealircd-5.0.6 unrealircd-5.0.5.1 unrealircd-5.0.5 unrealircd-5.0.4 unrealircd-5.0.3.1 unrealircd-5.0.3 unrealircd-5.0.2 unrealircd-5.0.1 unrealircd-5.0.0"
if [ -f "config.settings" ]; then
. ./config.settings
else
# Try to load a previous config.settings
for x in $UNREALRELEASES
do
if [ -f ../unrealircd-$x/config.settings ]; then
IMPORTEDSETTINGS="../unrealircd-$x"
if [ -f ../$x/config.settings ]; then
IMPORTEDSETTINGS="../$x"
break
fi
done
@@ -454,7 +437,7 @@ fi
TEST="$BASEPATH"
echo ""
echo "In what directory do you want to install UnrealIRCd?"
echo "(Note: UnrealIRCd 6 will need to be installed somewhere."
echo "(Note: UnrealIRCd 5 will need to be installed somewhere."
echo " If this directory does not exist it will be created.)"
echo $n "[$TEST] -> $c"
read cc
@@ -532,75 +515,6 @@ else
SSLDIR=`eval echo $cc` # modified
fi
if [ "$SSLDIR" != "" -a "$SSLDIR" != "/usr" ]; then
echo ""
echo "You answered previous question manually. Just note that if the library is not"
echo "in your default library path then UnrealIRCd may fail to start with an error"
echo "that it cannot find certain .so files (libraries). In that case you would have"
echo "to either set the LD_LIBARY_PATH environment variable, or you could update the"
echo "Makefile to link with -Wl,-rpath,$SSLDIR or similar."
echo ""
if [ "$SSLDIR" = "/usr/local" ]; then
echo "**** CAUTION ****"
echo "You have chosen to use OpenSSL from /usr/local. Just be aware that if you"
echo "use the LD_LIBRARY_PATH or -Wl,-rpath,$SSLDIR from above,"
echo "that you are diverting OTHER libraries to that path as well."
echo "It's not only loading OpenSSL from /usr/local but also potentially other"
echo "libraries like PCRE2, Jansson, or any of the other libraries that"
echo "UnrealIRCd uses (including dependencies about 40 libs in total!)"
echo "All that can result in weird issues and crashes!"
echo ""
fi
echo "Press enter to continue with the rest of the questions, or CTRL+C to abort."
read cc
fi
if [ ! -f $BASEPATH/conf/tls/server.cert.pem -a ! -f $BASEPATH/conf/ssl/server.cert.pem ]; then
TEST=""
while [ -z "$TEST" ] ; do
if [ "$GENCERTIFICATE" = "1" ] ; then
TEST="Yes"
else
TEST="No"
fi
echo ""
echo "UnrealIRCd requires a TLS certificate in order to work."
echo "Do you want to generate a self-signed TLS certificate for the IRCd?"
echo "Only answer No if you already have one."
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
cc=$TEST
fi
case "$cc" in
[Yy]*)
GENCERTIFICATE="1"
;;
[Nn]*)
GENCERTIFICATE=""
;;
*)
echo ""
echo "You must enter either Yes or No"
TEST=""
;;
esac
done
fi
if echo "$CURLDIR"|egrep -qi extras.*curl; then
REMOTEINC=""
CURLDIR=""
echo ""
echo "You previously used cURL with the auto-install-script. This is no longer"
echo "supported. You likely don't need it anyway, because since UnrealIRCd 6.0.0"
echo "we support remote includes with the 'https' protocol without cURL."
echo "You only need cURL for non-https such as insecure 'http', 'smb', 'ftp', etc."
echo "I am disabling cURL support for you..."
echo "(Press enter to continue)"
read cc
fi
TEST=""
while [ -z "$TEST" ] ; do
if [ "$REMOTEINC" = "1" ] ; then
@@ -609,11 +523,9 @@ while [ -z "$TEST" ] ; do
TEST="No"
fi
echo ""
echo "UnrealIRCd always supports 'remote includes' for https URLs like:"
echo "include \"https://www.example.org/files/opers.conf\";"
echo "Do you also need support for non-https, such as ftp, tftp, smb or insecure http?"
echo "Answer 'Yes' if you need such protocols and want to use the cURL library."
echo "By default (answer 'No') we only support the https protocol, which is perfectly fine for most people."
echo "Do you want to enable remote includes?"
echo "This allows stuff like this in your configuration file:"
echo "include \"https://www.somesite.org/files/opers.conf\";"
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
@@ -641,6 +553,7 @@ if [ "$REMOTEINC" = "1" ] ; then
CURLDIR=""
fi
INSTALLCURL="0"
SUGGESTCURLDIR=""
if [ -d "/usr/local/include/curl" ]; then
@@ -704,49 +617,99 @@ if [ "$REMOTEINC" = "1" ] ; then
if [ "x$CURLDIR" != "x" ]; then
"$CURLDIR/bin/curl-config" --features 2>/dev/null | grep -q -e AsynchDNS
if [ "$?" != 0 ]; then
echo "Curl from $CURLDIR seems unusable ($CURLDIR/bin/curl-config does not exist) -- cURL disabled."
echo "Curl from $CURLDIR seems unusable ($CURLDIR/bin/curl-config does not exist)"
CURLDIR=""
fi
fi
if [ "x$CURLDIR" = "x" ]; then
echo ""
echo "ERROR: the cURL library could not be found and you said you needed it for remote includes."
echo ""
echo "Note that you only need cURL if you need remote includes with protocols like insecure 'http', 'smb', 'ftp', etc."
echo "You DO NOT need this for 'https' remote includes, as https support works without cURL since UnrealIRCd 6.0.0!"
echo ""
echo "Solution:"
echo "A) Re-run ./Config and answer 'No' to the question 'Do you also need support for non-https'"
echo "B) Or install the cURL library in the system (eg 'apt-get install libcurl4-openssl-dev' or similar)"
echo " and then re-run ./Config"
exit 1
# Still empty?
TEST=""
while [ -z "$TEST" ] ; do
TEST="Yes"
echo ""
echo "Do you want me to automatically download and install curl for you?"
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
cc=$TEST
fi
case "$cc" in
[Yy]*)
INSTALLCURL="1"
CURLDIR="$UNREALCWD/extras/curl"
;;
[Nn]*)
INSTALLCURL="0"
;;
*)
echo ""
echo "You must enter either Yes or No"
TEST=""
;;
esac
done
fi
TEST=""
while [ -z "$TEST" ] ; do
TEST="$CURLDIR"
echo ""
echo "Specify the directory you installed libcurl to"
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
cc=$TEST
else
TEST=$cc
CURLDIR=`eval echo $cc` # modified
fi
done
if [ "x$CURLDIR" != "x" ]; then
"$CURLDIR/bin/curl-config" --libs 1>/dev/null 2>&1
if [ "$?" != 0 ]; then
echo "Curl from $CURLDIR seems unusable ($CURLDIR/bin/curl-config does not exist)"
CURLDIR=""
if [ "$INSTALLCURL" != "1" ]; then
TEST=""
while [ -z "$TEST" ] ; do
TEST="$CURLDIR"
echo ""
echo "Specify the directory you installed libcurl to"
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
cc=$TEST
else
TEST=$cc
CURLDIR=`eval echo $cc` # modified
fi
done
if [ "x$CURLDIR" != "x" ]; then
"$CURLDIR/bin/curl-config" --libs 1>/dev/null 2>&1
if [ "$?" != 0 ]; then
echo "Curl from $CURLDIR seems unusable ($CURLDIR/bin/curl-config does not exist)"
CURLDIR=""
fi
fi
fi
fi
TEST=""
while [ -z "$TEST" ] ; do
if [ "$PREFIXAQ" = "1" ] ; then
TEST="Yes"
else
TEST="No"
fi
echo ""
echo "Do you want to enable prefixes for chanadmin and chanowner?"
echo "This will give +a the & prefix and ~ for +q (just like +o is @)"
echo "Supported by the major clients (mIRC, xchat, epic, eggdrop, Klient,"
echo "PJIRC, irssi, CGI:IRC, etc.)"
echo "This feature should be enabled/disabled network-wide."
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
cc=$TEST
fi
case "$cc" in
[Yy]*)
PREFIXAQ="1"
;;
[Nn]*)
PREFIXAQ=""
;;
*)
echo ""
echo "You must enter either Yes or No"
TEST=""
;;
esac
done
TEST=""
while [ -z "$TEST" ] ; do
TEST="$NICKNAMEHISTORYLENGTH"
@@ -770,42 +733,7 @@ while [ -z "$TEST" ] ; do
esac
done
TEST=""
while [ -z "$TEST" ] ; do
TEST="$GEOIP"
echo ""
echo "GeoIP is a feature that allows converting an IP address to a location (country)"
echo "Possible build options:"
echo "classic: This is the classic (OLD) geoip engine. Slowly being phased out."
echo " It receives automatic updates."
echo " mmdb: This uses the build-in mmdb library. It is the NEW geoip engine."
echo " It receives automatic updates as well."
echo " none: Don't build classic, and load neither classic nor mmdb by default."
echo "Choose one of: classic, mmdb, none"
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
GEOIP=$TEST
break
fi
case "$cc" in
classic)
GEOIP="$cc"
;;
mmdb)
GEOIP="$cc"
;;
none)
GEOIP="$cc"
;;
*)
echo ""
echo "Invalid choice: $cc"
TEST=""
;;
esac
done
echo ""
TEST=""
while [ -z "$TEST" ] ; do
TEST="$MAXCONNECTIONS_REQUEST"
@@ -841,42 +769,6 @@ if [ -n "$ADVANCED" ] ; then
RUN_ADVANCED
fi
TEST=""
while [ -z "$TEST" ] ; do
if [ "$SANITIZER" = "asan" ] ; then
TEST="Yes"
else
TEST="No"
fi
echo ""
echo "Are you running UnrealIRCd as a test, debugging a problem or developing a module?"
echo "Then it is possible to run with AddressSanitizer and UndefinedBehaviorSanitizer"
echo "enabled. This will catch bugs, such as out-of-bounds and other memory corruption"
echo "issues, which can be really helpful in some cases. The downside is that it will"
echo "consume a lot more memory and run slower too. So, only answer 'Yes' if you are"
echo "OK with this. Also, on some systems (notably FreeBSD <14.2), when you enable"
echo "this UnrealIRCd may fail to start. So when in doubt, answer 'No'."
echo "Do you want to enable AddressSanitizer & UndefinedBehaviorSanitizer?"
echo $n "[$TEST] -> $c"
read cc
if [ -z "$cc" ] ; then
cc=$TEST
fi
case "$cc" in
[Yy]*)
SANITIZER="asan"
;;
[Nn]*)
SANITIZER=""
;;
*)
echo ""
echo "You must enter either Yes or No"
TEST=""
;;
esac
done
TEST="$EXTRAPARA"
echo ""
echo "Would you like to pass any custom parameters to configure?"
@@ -888,8 +780,6 @@ if [ -z "$EXTRAPARA" ]; then
EXTRAPARA="$TEST"
fi
FIX_PATHNAMES
rm -f config.settings
cat > config.settings << __EOF__
#
@@ -910,17 +800,17 @@ CACHEDIR="$CACHEDIR"
DOCDIR="$DOCDIR"
TMPDIR="$TMPDIR"
PRIVATELIBDIR="$PRIVATELIBDIR"
PREFIXAQ="$PREFIXAQ"
MAXCONNECTIONS_REQUEST="$MAXCONNECTIONS_REQUEST"
NICKNAMEHISTORYLENGTH="$NICKNAMEHISTORYLENGTH"
GEOIP="$GEOIP"
DEFPERM="$DEFPERM"
SSLDIR="$SSLDIR"
REMOTEINC="$REMOTEINC"
CURLDIR="$CURLDIR"
SHOWLISTMODES="$SHOWLISTMODES"
NOOPEROVERRIDE="$NOOPEROVERRIDE"
OPEROVERRIDEVERIFY="$OPEROVERRIDEVERIFY"
GENCERTIFICATE="$GENCERTIFICATE"
SANITIZER="$SANITIZER"
EXTRAPARA="$EXTRAPARA"
ADVANCED="$ADVANCED"
__EOF__
@@ -934,17 +824,16 @@ cat << __EOF__
|_______________________________________________________________________|
|_______________________________________________________________________|
| |
| Now all you have to do is type 'make' and let it compile. When that's |
| done, you will receive other instructions on what to do next. |
| |
|_______________________________________________________________________|
|_______________________________________________________________________|
| - The UnrealIRCd Team - |
| |
| Bram Matthys (Syzop) - syzop@unrealircd.org |
| Krzysztof Beresztant (k4be) - k4be@unrealircd.org |
| Gottem - gottem@unrealircd.org |
| i - i@unrealircd.org |
|_______________________________________________________________________|
|_______________________________________________________________________|
| |
| Now all you have to do is type '$MAKE' and let it compile. When that's |
| done, you will receive other instructions on what to do next. |
| * Bram Matthys (Syzop) syzop@unrealircd.org |
| * Gottem gottem@unrealircd.org |
| * i i@unrealircd.org |
|_______________________________________________________________________|
__EOF__
Makefile.in
+27 -23
View File
@@ -34,11 +34,11 @@ FROMDOS=/home/cmunk/bin/4dos
#
#XCFLAGS=-O -g -export-dynamic
IRCDLIBS=@IRCDLIBS@ @PCRE2_LIBS@ @ARGON2_LIBS@ @CARES_LIBS@ @SODIUM_LIBS@ @JANSSON_LIBS@ @PTHREAD_LIBS@
IRCDLIBS=@IRCDLIBS@ @PCRE2_LIBS@ @ARGON2_LIBS@ @CARES_LIBS@ @SODIUM_LIBS@ @PTHREAD_LIBS@
CRYPTOLIB=@CRYPTOLIB@
OPENSSLINCLUDES=
XCFLAGS=@PTHREAD_CFLAGS@ @PCRE2_CFLAGS@ @ARGON2_CFLAGS@ @CARES_CFLAGS@ @SODIUM_CFLAGS@ @JANSSON_CFLAGS@ @CFLAGS@ @HARDEN_CFLAGS@ @CPPFLAGS@
XCFLAGS=@PTHREAD_CFLAGS@ @PCRE2_CFLAGS@ @ARGON2_CFLAGS@ @CARES_CFLAGS@ @SODIUM_CFLAGS@ @CFLAGS@ @HARDEN_CFLAGS@ @CPPFLAGS@
#
# use the following on MIPS:
#CFLAGS= -systype bsd43 -DSYSTYPE_BSD43 -I$(INCLUDEDIR)
@@ -89,11 +89,7 @@ XCFLAGS=@PTHREAD_CFLAGS@ @PCRE2_CFLAGS@ @ARGON2_CFLAGS@ @CARES_CFLAGS@ @SODIUM_C
# you are not defining CMDLINE_CONFIG
IRCDMODE = 711
# Objects that are optional due to optional libraries:
URL=@URL@
GEOIP_CLASSIC_OBJECTS=@GEOIP_CLASSIC_OBJECTS@
GEOIP_CLASSIC_LIBS=@GEOIP_CLASSIC_LIBS@
GEOIP_CLASSIC_CFLAGS=@GEOIP_CLASSIC_CFLAGS@
# Where is your openssl binary
OPENSSLPATH=@OPENSSLPATH@
@@ -120,10 +116,7 @@ MAKEARGS = 'CFLAGS=${CFLAGS}' 'CC=${CC}' 'IRCDLIBS=${IRCDLIBS}' \
'SHELL=${SHELL}' \
'CRYPTOLIB=${CRYPTOLIB}' \
'CRYPTOINCLUDES=${CRYPTOINCLUDES}' \
'URL=${URL}' \
'GEOIP_CLASSIC_OBJECTS=${GEOIP_CLASSIC_OBJECTS}' \
'GEOIP_CLASSIC_LIBS=${GEOIP_CLASSIC_LIBS}' \
'GEOIP_CLASSIC_CFLAGS=${GEOIP_CLASSIC_CFLAGS}'
'URL=${URL}'
custommodule:
@if test -z "${MODULEFILE}"; then echo "Please set MODULEFILE when calling \`\`make custommodule''. For example, \`\`make custommodule MODULEFILE=callerid''." >&2; exit 1; fi
@@ -142,7 +135,7 @@ build: Makefile
done
@echo ''
@echo '* UnrealIRCd compiled successfully'
@echo '* YOU ARE NOT DONE YET! Run "${MAKE} install" to install UnrealIRCd !'
@echo '* YOU ARE NOT DONE YET! Run "make install" to install UnrealIRCd !'
@echo ''
clean:
@@ -173,7 +166,6 @@ depend:
install: all
$(INSTALL) -m 0700 -d $(DESTDIR)@BINDIR@
$(INSTALL) -m 0700 src/ircd $(DESTDIR)@BINDIR@/unrealircd
$(INSTALL) -m 0700 src/unrealircdctl $(DESTDIR)@BINDIR@/unrealircdctl
$(INSTALL) -m 0700 extras/unrealircd-upgrade-script $(DESTDIR)@BINDIR@/unrealircd-upgrade-script
$(INSTALL) -m 0700 -d $(DESTDIR)@DOCDIR@
$(INSTALL) -m 0600 doc/Authors doc/coding-guidelines doc/tao.of.irc doc/KEYS doc/RELEASE-NOTES.md $(DESTDIR)@DOCDIR@
@@ -209,12 +201,12 @@ install: all
$(INSTALL) -m 0700 -d $(DESTDIR)@MODULESDIR@/chanmodes
@rm -f $(DESTDIR)@MODULESDIR@/chanmodes/*.so 1>/dev/null 2>&1
$(INSTALL) -m 0700 src/modules/chanmodes/*.so $(DESTDIR)@MODULESDIR@/chanmodes
$(INSTALL) -m 0700 -d $(DESTDIR)@MODULESDIR@/snomasks
@rm -f $(DESTDIR)@MODULESDIR@/snomasks/*.so 1>/dev/null 2>&1
$(INSTALL) -m 0700 src/modules/snomasks/*.so $(DESTDIR)@MODULESDIR@/snomasks
$(INSTALL) -m 0700 -d $(DESTDIR)@MODULESDIR@/extbans
@rm -f $(DESTDIR)@MODULESDIR@/extbans/*.so 1>/dev/null 2>&1
$(INSTALL) -m 0700 src/modules/extbans/*.so $(DESTDIR)@MODULESDIR@/extbans
$(INSTALL) -m 0700 -d $(DESTDIR)@MODULESDIR@/rpc
@rm -f $(DESTDIR)@MODULESDIR@/rpc/*.so 1>/dev/null 2>&1
$(INSTALL) -m 0700 src/modules/rpc/*.so $(DESTDIR)@MODULESDIR@/rpc
@#If the conf/ssl directory exists then rename it here to conf/tls
@#and add a symlink for backwards compatibility (so that f.e. certbot
@#doesn't randomly fail after an upgrade to U5).
@@ -224,7 +216,6 @@ install: all
fi
$(INSTALL) -m 0700 -d $(DESTDIR)@CONFDIR@/tls
$(INSTALL) -m 0600 doc/conf/tls/curl-ca-bundle.crt $(DESTDIR)@CONFDIR@/tls
$(INSTALL) -m 0600 doc/conf/tls/tls.cnf $(DESTDIR)@CONFDIR@/tls
@# delete modules/cap directory, to avoid confusing with U4 to U5 upgrades:
rm -rf $(DESTDIR)@MODULESDIR@/cap
$(INSTALL) -m 0700 -d $(DESTDIR)@MODULESDIR@/third
@@ -235,6 +226,11 @@ install: all
$(INSTALL) -m 0700 -d $(DESTDIR)@CACHEDIR@
$(INSTALL) -m 0700 -d $(DESTDIR)@PERMDATADIR@
$(INSTALL) -m 0700 -d $(DESTDIR)@LOGDIR@
-@if [ ! -f "$(DESTDIR)@CONFDIR@/tls/server.cert.pem" ] ; then \
$(INSTALL) -m 0600 server.req.pem $(DESTDIR)@CONFDIR@/tls ; \
$(INSTALL) -m 0600 server.key.pem $(DESTDIR)@CONFDIR@/tls ; \
$(INSTALL) -m 0600 server.cert.pem $(DESTDIR)@CONFDIR@/tls ; \
fi
@rm -f $(DESTDIR)@SCRIPTDIR@/source
ln -s @BUILDDIR@ $(DESTDIR)@SCRIPTDIR@/source
@echo ''
@@ -255,18 +251,26 @@ install: all
@echo '* Consult the documentation online at:'
@echo ' * https://www.unrealircd.org/docs/'
@echo ' * https://www.unrealircd.org/docs/FAQ'
@echo ''
@echo '* To ensure UnrealIRCd automatically starts on system startup:'
@echo ' * Install a cron job: https://www.unrealircd.org/docs/Cron_job'
@echo ' * Or, use systemd: https://www.unrealircd.org/docs/Using_systemd_with_UnrealIRCd'
@echo '* You may also wish to install a cron job to ensure UnrealIRCd is always running:'
@echo ' * https://www.unrealircd.org/docs/Cron_job'
@echo ''
-@if [ "@SCRIPTDIR@/bin" = "@BINDIR@" ] ; then \
echo 'Again, be sure to change to the @SCRIPTDIR@ directory!' ; \
fi
pem:
@echo "The command 'make pem' is no longer used to generate the TLS certificate."
@echo "Please run './unrealircd mkcert' instead."
pem: extras/tls.cnf
@echo "Generating server key..."
$(OPENSSLPATH) ecparam -out server.key.pem -name secp384r1 -genkey
@echo "Generating certificate request..."
$(OPENSSLPATH) req -new \
-config extras/tls.cnf -sha256 -out server.req.pem \
-key server.key.pem -nodes
@echo "Generating self-signed certificate..."
$(OPENSSLPATH) req -x509 -days 3650 -sha256 -nodes -in server.req.pem \
-key server.key.pem -out server.cert.pem
@echo "Setting permissions on server.*.pem files..."
chmod o-rwx server.req.pem server.key.pem server.cert.pem
chmod g-rwx server.req.pem server.key.pem server.cert.pem
Makefile: config.status Makefile.in
./config.status
Makefile.windows
+789 -1124
View File
File diff suppressed because it is too large Load Diff
README.md
+47 -42
View File
@@ -1,53 +1,58 @@
[![Mastodon Follow](https://img.shields.io/mastodon/follow/110769722108208212?domain=https%3A%2F%2Ffosstodon.org&style=social&label=Follow)](https://fosstodon.org/@unrealircd)
[![Twitter Follow](https://img.shields.io/twitter/follow/Unreal_IRCd.svg?style=social&label=Follow)](https://twitter.com/Unreal_IRCd)
[![Linux CI](https://github.com/unrealircd/unrealircd/actions/workflows/linux-ci.yml/badge.svg)](https://github.com/unrealircd/unrealircd/actions/workflows/linux-ci.yml)
## About UnrealIRCd
UnrealIRCd is an Open Source IRC Server, serving thousands of networks since 1999.
UnrealIRCd is an Open Source IRC Server, serving thousands of networks since 1999.
It runs on Linux, OS X and Windows and is currently the most widely deployed IRCd
with a [market share of 37%](https://www.ircstats.org/servers). UnrealIRCd is a
highly advanced IRCd with a strong focus on modularity and security. It uses an
advanced and highly configurable configuration file. Other key features include:
full IRCv3 support, SSL/TLS, cloaking, JSON-RPC, advanced anti-flood and anti-spam
systems, GeoIP, remote includes, and lots of [other features](https://www.unrealircd.org/docs/About_UnrealIRCd).
We are also particularly proud on our extensive online documentation.
## Versions
* UnrealIRCd 6 is the *stable* series since December 2021. It is the only supported version.
* For full details of release scheduling and EOL dates, see
[UnrealIRCd releases](https://www.unrealircd.org/docs/UnrealIRCd_releases) on the wiki
with a market share of 42%. UnrealIRCd is a highly advanced IRCd with a strong
focus on modularity, an advanced and highly configurable configuration file.
Key features include SSL/TLS, cloaking, its advanced anti-flood and anti-spam systems,
swear filtering and module support. We are also particularly proud on our extensive
online documentation.
## How to get started
Follow the installation guide on the wiki. See:
* [Installing from source for *NIX](https://www.unrealircd.org/docs/Installing_from_source)
* [Installation instructions for Windows](https://www.unrealircd.org/docs/Installing_(Windows))
Please consult our excellent online documentation at https://www.unrealircd.org/docs/
when setting up the IRCd!
## Documentation and Support
You can find all **documentation** online at: https://www.unrealircd.org/docs/
### Step 1: Installation
#### Windows
Simply download the UnrealIRCd Windows version from www.unrealircd.org
Alternatively you can compile UnrealIRCd for Windows yourself. However this is not straightforward and thus not recommended.
#### *BSD/Linux/macOS
Do the following steps under a separate account for running UnrealIRCd,
[do NOT compile or run as root](https://www.unrealircd.org/docs/Do_not_run_as_root).
### Step 1: Compile the IRCd
* Run `./Config`
* Run `make`
* Run `make install`
* Now change to the directory where you installed UnrealIRCd, e.g. `cd /home/xxxx/unrealircd`
### Step 2: Configuration
Configuration files are stored in the conf/ folder by default (eg: /home/xxxx/unrealircd/conf)
#### Create a configuration file
If you are new, then you need to create your own configuration file:
Copy conf/examples/example.conf to conf/ and call it unrealircd.conf.
Then open it in an editor and carefully modify it using the documentation and FAQ as a guide (see below).
### Step 3: Booting
#### Linux/*BSD/macOS
Run `./unrealircd start` in the directory where you installed UnrealIRCd.
#### Windows
Start -> All Programs -> UnrealIRCd -> UnrealIRCd
## Documentation & FAQ
You can find the **documentation** online at: https://www.unrealircd.org/docs/
We also have a good **FAQ**: https://www.unrealircd.org/docs/FAQ
If you are in need of support, you can pop up on [**#unreal-support** on `irc.unrealircd.org`](ircs://irc.unrealircd.org:6697/unreal-support)
or ask your question on the [forums](https://forums.unrealircd.org).
## Supported systems
We try to **support** all major *NIX systems: all Linux distros but also NetBSD, OpenBSD and macOS,
provided the OS version was released within the past ~5 years.
We use a private BuildBot instance to test each commit. The **tested** systems are (others are
likely to work too):
* Linux: Debian (10, 11, 12, 13), Ubuntu (18.04, 20.04, 22.04, 24.04, 26.04)
* FreeBSD: 15
* Windows: 11
UnrealIRCd is architecture-agnostic. Most of the BuildBot workers run on x64 but we
also have some on x86 and arm64 to ensure these work as well.
## Other links ##
* https://www.unrealircd.org - Main website
## Website, support, and other links ##
* https://www.unrealircd.org - Our main website
* https://forums.unrealircd.org - Support
* https://bugs.unrealircd.org - Bug tracker
* https://fosstodon.org/@unrealircd - Mastodon
* https://twitter.com/Unreal_IRCd - Twitter
* [SECURITY.md](https://github.com/unrealircd/unrealircd/blob/unreal60_dev/SECURITY.md#security-policy) - How to report security issues
* [LICENSE](https://github.com/unrealircd/unrealircd/blob/unreal60_dev/LICENSE) - LICENSE: GPLv2 or later
* [Contributing](https://www.unrealircd.org/docs/Contributing) - How to help: report bugs, test, write or translate documentations, ..
* ircs://irc.unrealircd.org:6697/unreal-support - IRC support
SECURITY.md
+8 -56
View File
@@ -1,70 +1,22 @@
# Security Policy
## Supported Versions
* The latest *stable* release of UnrealIRCd 6
* The latest *stable* release of the 5.x branch (until 2023-07-01)
* The latest *stable* release of the 6.x branch
See [UnrealIRCd releases](https://www.unrealircd.org/docs/UnrealIRCd_releases)
for information on older versions and End Of Life dates.
## Scope
In general, issues triggered by regular users involving memory safety issues
(such as OOB read/write or UAF), sensitive information disclosure, privilege elevation,
Denial of Service (e.g. a crash), or remote code execution fall within the scope of
this security policy.
Issues that require IRCOp rights, server-to-server traffic, or editing of config
files may still fall within scope, but are classified case by case depending on
the impact and circumstances.
Issues that require shell access as the same user running UnrealIRCd are not
considered security issues. See the
[full policy](https://www.unrealircd.org/docs/Policy:_Handling_of_security_issues)
for details.
## Use of AI or other tools
It is normal and acceptable to use tools for finding security vulnerabilities.
We use them ourselves as well: AI, static code analyzers, fuzzing. This is all fine.
If a tool flagged an issue then we ask only **one extra thing**: that you
**reproduce the issue** on your own local server. So: confirm the issue by
actually running UnrealIRCd with a reproducer (which usually means: by sending
IRC traffic to trigger the bug). This is because tools regularly flag something
as an issue but in practice it may be impossible to happen because of some extra
check somewhere or other requirements.
If you are trying to reproduce an issue, then we suggest running `./Config` and
answering `Yes` to the near-last question about AddressSanitizer (ASan),
especially for memory safety issues. Please include the reproducer and any
relevant ASan output in the bug report. ASan output is useful even if a normal
build does not visibly crash. It helps us a lot.
If you used AI, static code analyzers, fuzzing, or similar tools and fail to
follow the procedure above, expect us to ask you again to reproduce the issue.
If you refuse to do so, don't respond in a timely manner, or keep sending reports
without doing so after we asked, then we will close the bug report. For repeat
offenders, we may proceed with putting you on ignore, banning or deleting your
account, or similar. Giving a reproducer is not a big ask and is normal procedure
nowadays. It should be part of your standard workflow if you are a security
researcher.
See [UnrealIRCd releases](https://www.unrealircd.org/docs/UnrealIRCd_releases) for information on older versions and End Of Life dates.
## Reporting a Vulnerability
Please report issues on the [bug tracker](https://bugs.unrealircd.org) and in
the bug submit form **set the 'View Status' to 'private'**.
Please report issues on the [bug tracker](https://bugs.unrealircd.org) and in the bug submit form **set the 'View Status' to 'private'**.
Do not report security issues as a Pull Request, on the forums or in a public
IRC channel such as #unreal-support. If you insist on e-mail then you can use
syzop@unrealircd.org or security@unrealircd.org. Again, the bug tracker is
preferred.
Do not report security issues on the forums or in a public IRC channel such as #unreal-support.
If you insist on e-mail then you can use syzop@unrealircd.org or security@unrealircd.org. Again, the bug tracker is preferred.
If you found a real issue but are *unsure* if it is a security issue, then
report it at the bug tracker as a 'private' bug anyway. Better safe than sorry.
If you are *unsure* if something is a security issue, then report it at the bug tracker as a 'private' bug anyway. Better safe than sorry.
Do not ask around in public channels or forums.
You should get a response or at least an acknowledgement soon. If you don't hear
back within 24 hours, then please try to contact us again.
You should get a response or at least an acknowledgement soon. If you don't hear back within 24 hours, then please try to contact us again.
## Full policy
See https://www.unrealircd.org/docs/Policy:_Handling_of_security_issues for full information.
autoconf/config.guess
Vendored
+685 -995
View File
File diff suppressed because it is too large Load Diff
autoconf/config.sub
Vendored
+1410 -1484
View File
File diff suppressed because it is too large Load Diff
autoconf/m4/pkg.m4
-343
View File
@@ -1,343 +0,0 @@
# pkg.m4 - Macros to locate and use pkg-config. -*- Autoconf -*-
# serial 12 (pkg-config-0.29.2)
dnl Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
dnl Copyright © 2012-2015 Dan Nicholson <dbn.lists@gmail.com>
dnl
dnl This program is free software; you can redistribute it and/or modify
dnl it under the terms of the GNU General Public License as published by
dnl the Free Software Foundation; either version 2 of the License, or
dnl (at your option) any later version.
dnl
dnl This program is distributed in the hope that it will be useful, but
dnl WITHOUT ANY WARRANTY; without even the implied warranty of
dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
dnl General Public License for more details.
dnl
dnl You should have received a copy of the GNU General Public License
dnl along with this program; if not, write to the Free Software
dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
dnl 02111-1307, USA.
dnl
dnl As a special exception to the GNU General Public License, if you
dnl distribute this file as part of a program that contains a
dnl configuration script generated by Autoconf, you may include it under
dnl the same distribution terms that you use for the rest of that
dnl program.
dnl PKG_PREREQ(MIN-VERSION)
dnl -----------------------
dnl Since: 0.29
dnl
dnl Verify that the version of the pkg-config macros are at least
dnl MIN-VERSION. Unlike PKG_PROG_PKG_CONFIG, which checks the user's
dnl installed version of pkg-config, this checks the developer's version
dnl of pkg.m4 when generating configure.
dnl
dnl To ensure that this macro is defined, also add:
dnl m4_ifndef([PKG_PREREQ],
dnl [m4_fatal([must install pkg-config 0.29 or later before running autoconf/autogen])])
dnl
dnl See the "Since" comment for each macro you use to see what version
dnl of the macros you require.
m4_defun([PKG_PREREQ],
[m4_define([PKG_MACROS_VERSION], [0.29.2])
m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1,
[m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])])
])dnl PKG_PREREQ
dnl PKG_PROG_PKG_CONFIG([MIN-VERSION])
dnl ----------------------------------
dnl Since: 0.16
dnl
dnl Search for the pkg-config tool and set the PKG_CONFIG variable to
dnl first found in the path. Checks that the version of pkg-config found
dnl is at least MIN-VERSION. If MIN-VERSION is not specified, 0.9.0 is
dnl used since that's the first version where most current features of
dnl pkg-config existed.
AC_DEFUN([PKG_PROG_PKG_CONFIG],
[m4_pattern_forbid([^_?PKG_[A-Z_]+$])
m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$])
m4_pattern_allow([^PKG_CONFIG_(DISABLE_UNINSTALLED|TOP_BUILD_DIR|DEBUG_SPEW)$])
AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility])
AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path])
AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path])
if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
AC_PATH_TOOL([PKG_CONFIG], [pkg-config])
fi
if test -n "$PKG_CONFIG"; then
_pkg_min_version=m4_default([$1], [0.9.0])
AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version])
if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
AC_MSG_RESULT([yes])
else
AC_MSG_RESULT([no])
PKG_CONFIG=""
fi
fi[]dnl
])dnl PKG_PROG_PKG_CONFIG
dnl PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
dnl -------------------------------------------------------------------
dnl Since: 0.18
dnl
dnl Check to see whether a particular set of modules exists. Similar to
dnl PKG_CHECK_MODULES(), but does not set variables or print errors.
dnl
dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
dnl only at the first occurrence in configure.ac, so if the first place
dnl it's called might be skipped (such as if it is within an "if", you
dnl have to call PKG_CHECK_EXISTS manually
AC_DEFUN([PKG_CHECK_EXISTS],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
if test -n "$PKG_CONFIG" && \
AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then
m4_default([$2], [:])
m4_ifvaln([$3], [else
$3])dnl
fi])
dnl _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES])
dnl ---------------------------------------------
dnl Internal wrapper calling pkg-config via PKG_CONFIG and setting
dnl pkg_failed based on the result.
m4_define([_PKG_CONFIG],
[if test -n "$$1"; then
pkg_cv_[]$1="$$1"
elif test -n "$PKG_CONFIG"; then
PKG_CHECK_EXISTS([$3],
[pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`
test "x$?" != "x0" && pkg_failed=yes ],
[pkg_failed=yes])
else
pkg_failed=untried
fi[]dnl
])dnl _PKG_CONFIG
dnl _PKG_SHORT_ERRORS_SUPPORTED
dnl ---------------------------
dnl Internal check to see if pkg-config supports short errors.
AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])
if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
_pkg_short_errors_supported=yes
else
_pkg_short_errors_supported=no
fi[]dnl
])dnl _PKG_SHORT_ERRORS_SUPPORTED
dnl PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND],
dnl [ACTION-IF-NOT-FOUND])
dnl --------------------------------------------------------------
dnl Since: 0.4.0
dnl
dnl Note that if there is a possibility the first call to
dnl PKG_CHECK_MODULES might not happen, you should be sure to include an
dnl explicit call to PKG_PROG_PKG_CONFIG in your configure.ac
AC_DEFUN([PKG_CHECK_MODULES],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl
AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl
pkg_failed=no
AC_MSG_CHECKING([for $2])
_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2])
_PKG_CONFIG([$1][_LIBS], [libs], [$2])
m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS
and $1[]_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.])
if test $pkg_failed = yes; then
AC_MSG_RESULT([no])
_PKG_SHORT_ERRORS_SUPPORTED
if test $_pkg_short_errors_supported = yes; then
$1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1`
else
$1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1`
fi
# Put the nasty error message in config.log where it belongs
echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD
m4_default([$4], [AC_MSG_ERROR(
[Package requirements ($2) were not met:
$$1_PKG_ERRORS
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
_PKG_TEXT])[]dnl
])
elif test $pkg_failed = untried; then
AC_MSG_RESULT([no])
m4_default([$4], [AC_MSG_FAILURE(
[The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
_PKG_TEXT
To get pkg-config, see <http://pkg-config.freedesktop.org/>.])[]dnl
])
else
$1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS
$1[]_LIBS=$pkg_cv_[]$1[]_LIBS
AC_MSG_RESULT([yes])
$3
fi[]dnl
])dnl PKG_CHECK_MODULES
dnl PKG_CHECK_MODULES_STATIC(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND],
dnl [ACTION-IF-NOT-FOUND])
dnl ---------------------------------------------------------------------
dnl Since: 0.29
dnl
dnl Checks for existence of MODULES and gathers its build flags with
dnl static libraries enabled. Sets VARIABLE-PREFIX_CFLAGS from --cflags
dnl and VARIABLE-PREFIX_LIBS from --libs.
dnl
dnl Note that if there is a possibility the first call to
dnl PKG_CHECK_MODULES_STATIC might not happen, you should be sure to
dnl include an explicit call to PKG_PROG_PKG_CONFIG in your
dnl configure.ac.
AC_DEFUN([PKG_CHECK_MODULES_STATIC],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
_save_PKG_CONFIG=$PKG_CONFIG
PKG_CONFIG="$PKG_CONFIG --static"
PKG_CHECK_MODULES($@)
PKG_CONFIG=$_save_PKG_CONFIG[]dnl
])dnl PKG_CHECK_MODULES_STATIC
dnl PKG_INSTALLDIR([DIRECTORY])
dnl -------------------------
dnl Since: 0.27
dnl
dnl Substitutes the variable pkgconfigdir as the location where a module
dnl should install pkg-config .pc files. By default the directory is
dnl $libdir/pkgconfig, but the default can be changed by passing
dnl DIRECTORY. The user can override through the --with-pkgconfigdir
dnl parameter.
AC_DEFUN([PKG_INSTALLDIR],
[m4_pushdef([pkg_default], [m4_default([$1], ['${libdir}/pkgconfig'])])
m4_pushdef([pkg_description],
[pkg-config installation directory @<:@]pkg_default[@:>@])
AC_ARG_WITH([pkgconfigdir],
[AS_HELP_STRING([--with-pkgconfigdir], pkg_description)],,
[with_pkgconfigdir=]pkg_default)
AC_SUBST([pkgconfigdir], [$with_pkgconfigdir])
m4_popdef([pkg_default])
m4_popdef([pkg_description])
])dnl PKG_INSTALLDIR
dnl PKG_NOARCH_INSTALLDIR([DIRECTORY])
dnl --------------------------------
dnl Since: 0.27
dnl
dnl Substitutes the variable noarch_pkgconfigdir as the location where a
dnl module should install arch-independent pkg-config .pc files. By
dnl default the directory is $datadir/pkgconfig, but the default can be
dnl changed by passing DIRECTORY. The user can override through the
dnl --with-noarch-pkgconfigdir parameter.
AC_DEFUN([PKG_NOARCH_INSTALLDIR],
[m4_pushdef([pkg_default], [m4_default([$1], ['${datadir}/pkgconfig'])])
m4_pushdef([pkg_description],
[pkg-config arch-independent installation directory @<:@]pkg_default[@:>@])
AC_ARG_WITH([noarch-pkgconfigdir],
[AS_HELP_STRING([--with-noarch-pkgconfigdir], pkg_description)],,
[with_noarch_pkgconfigdir=]pkg_default)
AC_SUBST([noarch_pkgconfigdir], [$with_noarch_pkgconfigdir])
m4_popdef([pkg_default])
m4_popdef([pkg_description])
])dnl PKG_NOARCH_INSTALLDIR
dnl PKG_CHECK_VAR(VARIABLE, MODULE, CONFIG-VARIABLE,
dnl [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND])
dnl -------------------------------------------
dnl Since: 0.28
dnl
dnl Retrieves the value of the pkg-config variable for the given module.
AC_DEFUN([PKG_CHECK_VAR],
[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl
_PKG_CONFIG([$1], [variable="][$3]["], [$2])
AS_VAR_COPY([$1], [pkg_cv_][$1])
AS_VAR_IF([$1], [""], [$5], [$4])dnl
])dnl PKG_CHECK_VAR
dnl PKG_WITH_MODULES(VARIABLE-PREFIX, MODULES,
dnl [ACTION-IF-FOUND],[ACTION-IF-NOT-FOUND],
dnl [DESCRIPTION], [DEFAULT])
dnl ------------------------------------------
dnl
dnl Prepare a "--with-" configure option using the lowercase
dnl [VARIABLE-PREFIX] name, merging the behaviour of AC_ARG_WITH and
dnl PKG_CHECK_MODULES in a single macro.
AC_DEFUN([PKG_WITH_MODULES],
[
m4_pushdef([with_arg], m4_tolower([$1]))
m4_pushdef([description],
[m4_default([$5], [build with ]with_arg[ support])])
m4_pushdef([def_arg], [m4_default([$6], [auto])])
m4_pushdef([def_action_if_found], [AS_TR_SH([with_]with_arg)=yes])
m4_pushdef([def_action_if_not_found], [AS_TR_SH([with_]with_arg)=no])
m4_case(def_arg,
[yes],[m4_pushdef([with_without], [--without-]with_arg)],
[m4_pushdef([with_without],[--with-]with_arg)])
AC_ARG_WITH(with_arg,
AS_HELP_STRING(with_without, description[ @<:@default=]def_arg[@:>@]),,
[AS_TR_SH([with_]with_arg)=def_arg])
AS_CASE([$AS_TR_SH([with_]with_arg)],
[yes],[PKG_CHECK_MODULES([$1],[$2],$3,$4)],
[auto],[PKG_CHECK_MODULES([$1],[$2],
[m4_n([def_action_if_found]) $3],
[m4_n([def_action_if_not_found]) $4])])
m4_popdef([with_arg])
m4_popdef([description])
m4_popdef([def_arg])
])dnl PKG_WITH_MODULES
dnl PKG_HAVE_WITH_MODULES(VARIABLE-PREFIX, MODULES,
dnl [DESCRIPTION], [DEFAULT])
dnl -----------------------------------------------
dnl
dnl Convenience macro to trigger AM_CONDITIONAL after PKG_WITH_MODULES
dnl check._[VARIABLE-PREFIX] is exported as make variable.
AC_DEFUN([PKG_HAVE_WITH_MODULES],
[
PKG_WITH_MODULES([$1],[$2],,,[$3],[$4])
AM_CONDITIONAL([HAVE_][$1],
[test "$AS_TR_SH([with_]m4_tolower([$1]))" = "yes"])
])dnl PKG_HAVE_WITH_MODULES
dnl PKG_HAVE_DEFINE_WITH_MODULES(VARIABLE-PREFIX, MODULES,
dnl [DESCRIPTION], [DEFAULT])
dnl ------------------------------------------------------
dnl
dnl Convenience macro to run AM_CONDITIONAL and AC_DEFINE after
dnl PKG_WITH_MODULES check. HAVE_[VARIABLE-PREFIX] is exported as make
dnl and preprocessor variable.
AC_DEFUN([PKG_HAVE_DEFINE_WITH_MODULES],
[
PKG_HAVE_WITH_MODULES([$1],[$2],[$3],[$4])
AS_IF([test "$AS_TR_SH([with_]m4_tolower([$1]))" = "yes"],
[AC_DEFINE([HAVE_][$1], 1, [Enable ]m4_tolower([$1])[ support])])
])dnl PKG_HAVE_DEFINE_WITH_MODULES
autoconf/m4/unreal.m4
+4 -165
View File
@@ -97,7 +97,7 @@ AC_DEFUN([CHECK_LIBCURL],
with the system-installed libcURL, this is a bad idea which may result in error
messages looking like:
error downloading ... Could not resolve host: example.net (Successful completion)
\`\`[error] unrealircd.conf:9: include: error downloading '(http://example.net/ex.conf)': Could not resolve host: example.net (Successful completion)''
Or UnrealIRCd might even crash.
@@ -130,13 +130,9 @@ AC_DEFUN([CHECK_LIBCURL],
LIBS="$LIBS_SAVEDA"
CFLAGS="$CFLAGS_SAVEDA"
dnl Finally, choose the cURL implementation of url.c
URL="url_curl.o"
],[
dnl Choose UnrealIRCds internal implementation of url.c
URL="url_unreal.o"
URL="url.o"
AC_SUBST(URL)
]) dnl AS_IF(enable_curl)
AC_SUBST(URL)
])
dnl the following 2 macros are based on CHECK_SSL by Mark Ethan Trostler <trostler@juniper.net>
@@ -182,11 +178,7 @@ AS_IF([test $enable_ssl != "no"],
else
CRYPTOLIB="-lssl -lcrypto";
if test ! "$ssldir" = "/usr" ; then
if test -d "$ssldir/lib64" ; then
LDFLAGS="$LDFLAGS -L$ssldir/lib64";
else
LDFLAGS="$LDFLAGS -L$ssldir/lib";
fi
LDFLAGS="$LDFLAGS -L$ssldir/lib";
dnl check if binary path exists
if test -f "$ssldir/bin/openssl"; then
OPENSSLPATH="$ssldir/bin/openssl";
@@ -221,26 +213,6 @@ AS_IF([test $enable_ssl != "no"],
])
])
AC_DEFUN([CHECK_SSL_CTX_SET1_SIGALGS_LIST],
[
AC_MSG_CHECKING([for SSL_CTX_set1_sigalgs_list in SSL library])
AC_LANG_PUSH(C)
SAVE_LIBS="$LIBS"
LIBS="$LIBS $CRYPTOLIB"
AC_TRY_LINK([#include <openssl/ssl.h>],
[SSL_CTX *ctx = NULL; SSL_CTX_set1_sigalgs_list(ctx, "test");],
has_function=1,
has_function=0)
LIBS="$SAVE_LIBS"
AC_LANG_POP(C)
if test $has_function = 1; then
AC_MSG_RESULT([yes])
AC_DEFINE([HAS_SSL_CTX_SET1_SIGALGS_LIST], [], [Define if ssl library has SSL_CTX_set1_sigalgs_list])
else
AC_MSG_RESULT([no])
fi
])
AC_DEFUN([CHECK_SSL_CTX_SET1_CURVES_LIST],
[
AC_MSG_CHECKING([for SSL_CTX_set1_curves_list in SSL library])
@@ -261,46 +233,6 @@ else
fi
])
AC_DEFUN([CHECK_SSL_CTX_SET1_GROUPS_LIST],
[
AC_MSG_CHECKING([for SSL_CTX_set1_groups_list in SSL library])
AC_LANG_PUSH(C)
SAVE_LIBS="$LIBS"
LIBS="$LIBS $CRYPTOLIB"
AC_TRY_LINK([#include <openssl/ssl.h>],
[SSL_CTX *ctx = NULL; SSL_CTX_set1_groups_list(ctx, "test");],
has_function=1,
has_function=0)
LIBS="$SAVE_LIBS"
AC_LANG_POP(C)
if test $has_function = 1; then
AC_MSG_RESULT([yes])
AC_DEFINE([HAS_SSL_CTX_SET1_GROUPS_LIST], [], [Define if ssl library has SSL_CTX_set1_groups_list])
else
AC_MSG_RESULT([no])
fi
])
AC_DEFUN([CHECK_SSL_GET_NEGOTIATED_GROUP],
[
AC_MSG_CHECKING([for SSL_get_negotiated_group in SSL library])
AC_LANG_PUSH(C)
SAVE_LIBS="$LIBS"
LIBS="$LIBS $CRYPTOLIB"
AC_TRY_LINK([#include <openssl/ssl.h>],
[SSL *ssl = NULL; SSL_get_negotiated_group(ssl);],
has_function=1,
has_function=0)
LIBS="$SAVE_LIBS"
AC_LANG_POP(C)
if test $has_function = 1; then
AC_MSG_RESULT([yes])
AC_DEFINE([HAS_SSL_GET_NEGOTIATED_GROUP], [], [Define if ssl library has SSL_get_negotiated_group])
else
AC_MSG_RESULT([no])
fi
])
AC_DEFUN([CHECK_SSL_CTX_SET_MIN_PROTO_VERSION],
[
AC_MSG_CHECKING([for SSL_CTX_set_min_proto_version in SSL library])
@@ -380,96 +312,3 @@ else
AC_MSG_RESULT([no])
fi
])
AC_DEFUN([CHECK_X509_check_host],
[
AC_MSG_CHECKING([for X509_check_host in SSL library])
AC_LANG_PUSH(C)
SAVE_LIBS="$LIBS"
LIBS="$LIBS $CRYPTOLIB"
AC_TRY_LINK([#include <openssl/x509v3.h>],
[X509_check_host(NULL, NULL, 0, 0, NULL);],
has_function=1,
has_function=0)
LIBS="$SAVE_LIBS"
AC_LANG_POP(C)
if test $has_function = 1; then
AC_MSG_RESULT([yes])
AC_DEFINE([HAS_X509_check_host], [], [Define if ssl library has X509_check_host])
OPENSSL_HOSTNAME_VALIDATION_OBJ=""
else
AC_MSG_RESULT([no])
OPENSSL_HOSTNAME_VALIDATION_OBJ="openssl_hostname_validation.o"
fi
AC_SUBST(OPENSSL_HOSTNAME_VALIDATION_OBJ)
])
dnl For geoip-api-c
AC_DEFUN([CHECK_GEOIP_CLASSIC],
[
AC_ARG_ENABLE(geoip_classic,
[AC_HELP_STRING([--enable-geoip-classic=no/yes],[enable GeoIP Classic support])],
[enable_geoip_classic=$enableval],
[enable_geoip_classic=no])
AS_IF([test "x$enable_geoip_classic" = "xyes"],
[
dnl First see if the system provides it
has_system_geoip_classic="no"
PKG_CHECK_MODULES([GEOIP_CLASSIC], [geoip >= 1.6.0],
[has_system_geoip_classic=yes
AS_IF([test "x$PRIVATELIBDIR" != "x"], [rm -f "$PRIVATELIBDIR/"libGeoIP.*])],
[has_system_geoip_classic=no])
dnl Otherwise fallback to our own..
AS_IF([test "$has_system_geoip_classic" = "no"],[
dnl REMEMBER TO CHANGE WITH A NEW GEOIP LIBRARY RELEASE!
geoip_classic_version="1.6.12"
AC_MSG_RESULT(extracting GeoIP Classic library)
cur_dir=`pwd`
cd extras
dnl remove old directory to force a recompile...
dnl and remove its installation prefix just to clean things up.
rm -rf GeoIP-$geoip_classic_version geoip-classic
if test "x$ac_cv_path_GUNZIP" = "x" ; then
tar xfz geoip-classic.tar.gz
else
cp geoip-classic.tar.gz geoip-classic.tar.gz.bak
gunzip -f geoip-classic.tar.gz
cp geoip-classic.tar.gz.bak geoip-classic.tar.gz
tar xf geoip-classic.tar
fi
AC_MSG_RESULT(configuring GeoIP Classic library)
cd GeoIP-$geoip_classic_version
save_cflags="$CFLAGS"
save_ldflags="$LDFLAGS"
CFLAGS="$orig_cflags $HARDEN_LIB_CFLAGS"
LDFLAGS="$HARDEN_LIB_LDFLAGS"
export CFLAGS LDFLAGS
./configure --prefix=$cur_dir/extras/geoip-classic --libdir=$PRIVATELIBDIR --enable-shared --disable-static || exit 1
CFLAGS="$save_cflags"
LDFLAGS="$save_ldflags"
AC_MSG_RESULT(compiling GeoIP Classic library)
$ac_cv_prog_MAKER || exit 1
AC_MSG_RESULT(installing GeoIP Classic library)
rm -f "$PRIVATELIBDIR/"libGeoIP.so*
$ac_cv_prog_MAKER install || exit 1
dnl Try pkg-config first...
AS_IF([test -n "$ac_cv_path_PKGCONFIG"],
[GEOIP_CLASSIC_LIBS="`$ac_cv_path_PKGCONFIG --libs geoip.pc`"
GEOIP_CLASSIC_CFLAGS="`$ac_cv_path_PKGCONFIG --cflags geoip.pc`"])
dnl In case the system does not have pkg-config, fallback to hardcoded settings...
AS_IF([test -z "$GEOIP_CLASSIC_LIBS"],
[GEOIP_CLASSIC_LIBS="-L$PRIVATELIBDIR -lGeoIP"
GEOIP_CLASSIC_CFLAGS="-I$cur_dir/extras/geoip-classic/include"])
cd $cur_dir
])
AC_SUBST(GEOIP_CLASSIC_LIBS)
AC_SUBST(GEOIP_CLASSIC_CFLAGS)
GEOIP_CLASSIC_OBJECTS="geoip_classic.so"
AC_SUBST(GEOIP_CLASSIC_OBJECTS)
AC_DEFINE([GEOIP_ENGINE], ["geoip_classic"], [Classic GeoIP engine])
]) dnl AS_IF(enable_geoip_classic)
])
configure
Vendored
+3856 -5707
View File
File diff suppressed because it is too large Load Diff
configure.ac
+49 -242
View File
@@ -7,7 +7,7 @@ dnl src/windows/unrealinst.iss
dnl doc/Config.header
dnl src/version.c.SH
AC_INIT([unrealircd], [6.2.6], [https://bugs.unrealircd.org/], [], [https://unrealircd.org/])
AC_INIT([unrealircd], [5.2.4], [https://bugs.unrealircd.org/], [], [https://unrealircd.org/])
AC_CONFIG_SRCDIR([src/ircd.c])
AC_CONFIG_HEADER([include/setup.h])
AC_CONFIG_AUX_DIR([autoconf])
@@ -18,13 +18,15 @@ if test "x$enable_dynamic_linking" = "x"; then
exit 1
fi
dnl Save CFLAGS, use this when building the libraries like c-ares
orig_cflags="$CFLAGS"
dnl Save build directory early on (used in our m4 macros too)
BUILDDIR_NOW="`pwd`"
dnl Calculate the versions. Perhaps the use of expr is a little too extravagant
# Generation version number (e.g.: X in X.Y.Z)
UNREAL_VERSION_GENERATION=["6"]
UNREAL_VERSION_GENERATION=["5"]
AC_DEFINE_UNQUOTED([UNREAL_VERSION_GENERATION], [$UNREAL_VERSION_GENERATION], [Generation version number (e.g.: X for X.Y.Z)])
# Major version number (e.g.: Y in X.Y.Z)
@@ -32,13 +34,13 @@ UNREAL_VERSION_MAJOR=["2"]
AC_DEFINE_UNQUOTED([UNREAL_VERSION_MAJOR], [$UNREAL_VERSION_MAJOR], [Major version number (e.g.: Y for X.Y.Z)])
# Minor version number (e.g.: Z in X.Y.Z)
UNREAL_VERSION_MINOR=["6"]
UNREAL_VERSION_MINOR=["4"]
AC_DEFINE_UNQUOTED([UNREAL_VERSION_MINOR], [$UNREAL_VERSION_MINOR], [Minor version number (e.g.: Z for X.Y.Z)])
# The version suffix such as a beta marker or release candidate
# marker. (e.g.: -rcX for unrealircd-3.2.9-rcX). This macro is a
# string instead of an integer because it contains arbitrary data.
UNREAL_VERSION_SUFFIX=["-rc1"]
UNREAL_VERSION_SUFFIX=[""]
AC_DEFINE_UNQUOTED([UNREAL_VERSION_SUFFIX], ["$UNREAL_VERSION_SUFFIX"], [Version suffix such as a beta marker or release candidate marker. (e.g.: -rcX for unrealircd-3.2.9-rcX)])
AC_PATH_PROG(RM,rm)
@@ -66,9 +68,6 @@ AC_PROG_CC_C99
AS_IF([test "$ac_cv_prog_cc_c99" = "no"],
[AC_MSG_ERROR([No C99 compiler was found. Please install gcc or clang and other build tools. Eg, on Debian/Ubuntu you probably want to run the following as root: apt-get install build-essential ])])
dnl Save CFLAGS, use this when building the libraries like c-ares
orig_cflags="$CFLAGS"
dnl Check for make moved down, so the above compiler check takes precedence.
AC_CHECK_PROG(MAKER, gmake, gmake, make)
AC_PATH_PROG(GMAKE,gmake)
@@ -132,7 +131,7 @@ AS_IF([test x"$hardening" != x"no"], [
check_cc_flag([-fno-strict-overflow], [HARDEN_CFLAGS="$HARDEN_CFLAGS -fno-strict-overflow"])
# This one will likely succeed, even on platforms where it does nothing.
check_cc_flag([-D_FORTIFY_SOURCE=3], [HARDEN_CFLAGS="$HARDEN_CFLAGS -D_FORTIFY_SOURCE=3"])
check_cc_flag([-D_FORTIFY_SOURCE=2], [HARDEN_CFLAGS="$HARDEN_CFLAGS -D_FORTIFY_SOURCE=2"])
check_cc_flag([-fstack-protector-all],
[check_link_flag([-fstack-protector-all],
@@ -145,21 +144,9 @@ AS_IF([test x"$hardening" != x"no"], [
# Added in UnrealIRCd 5.0.5 (default on Ubuntu 19.10)
check_cc_flag([-fstack-clash-protection], [HARDEN_CFLAGS="$HARDEN_CFLAGS -fstack-clash-protection"])
# Control Flow Enforcement (ROP hardening) - requires CPU hardware support (x64)
# Control Flow Enforcement (ROP hardening) - requires CPU hardware support
check_cc_flag([-fcf-protection], [HARDEN_CFLAGS="$HARDEN_CFLAGS -fcf-protection"])
# Similar to above but for arm64
check_cc_flag([-mbranch-protection=standard], [HARDEN_CFLAGS="$HARDEN_CFLAGS -mbranch-protection=standard"])
# Since we have moved from name[1] to name[], setting this should help bounds checking:
check_cc_flag([-fstrict-flex-arrays=3], [HARDEN_CFLAGS="$HARDEN_CFLAGS -fstrict-flex-arrays=3"])
# This zeroes out variables that COULD be accessed before being set.
# We are generally very careful about this in our code, but 3rd party
# modules are not always so careful. And still useful in case we ourselves
# screw up.
check_cc_flag([-ftrivial-auto-var-init=zero], [HARDEN_CFLAGS="$HARDEN_CFLAGS -ftrivial-auto-var-init=zero"])
# At the link step, we might want -pie (GCC) or -Wl,-pie (Clang on OS X)
#
# The linker checks also compile code, so we need to include -fPIE as well.
@@ -179,12 +166,6 @@ AC_SUBST([HARDEN_LDFLAGS])
AC_SUBST([HARDEN_BINCFLAGS])
AC_SUBST([HARDEN_BINLDFLAGS])
# Hardening flags to be used for libraries
# These are the same of what we have, except we leave out -fstrict-flex-arrays=3
# since that would break in some cases of code, and we don't control the libs..
HARDEN_LIB_CFLAGS=$(echo "$HARDEN_CFLAGS" | sed 's/-fstrict-flex-arrays=3//')
HARDEN_LIB_LDFLAGS="$HARDEN_LDFLAGS"
# End of flag tests.
CC="$saved_CC"
CXX="$saved_CXX"
@@ -208,26 +189,18 @@ CFLAGS="$CFLAGS -funsigned-char"
dnl Compiler -W checks...
dnl == ADD THESE WARNINGS ==
dnl We should be able to turn this on unconditionally:
CFLAGS="$CFLAGS -Wall"
dnl More warnings (if the compiler supports it):
check_cc_flag([-Wextra], [CFLAGS="$CFLAGS -Wextra"])
check_cc_flag([-Waggregate-return], [CFLAGS="$CFLAGS -Waggregate-return"])
check_cc_flag([-Wformat-nonliteral], [CFLAGS="$CFLAGS -Wformat-nonliteral"])
dnl The following few are more experimental, if they have false positives we'll have
dnl to disable them:
dnl Can't use this, too bad: check_cc_flag([-Wlogical-op], [CFLAGS="$CFLAGS -Wlogical-op"])
check_cc_flag([-Wduplicated-cond], [CFLAGS="$CFLAGS -Wduplicated-cond"])
check_cc_flag([-Wduplicated-branches], [CFLAGS="$CFLAGS -Wduplicated-branches"])
check_cc_flag([-Wparentheses], [CFLAGS="$CFLAGS -Wparentheses"])
dnl == REMOVE THESE WARNINGS ==
dnl And now to filter out certain warnings:
dnl [!] NOTE REGARDING THE check_cc_flag used by these:
dnl We check for the -Woption even though we are going to use -Wno-option.
@@ -256,8 +229,6 @@ check_cc_flag([-Wformat-zero-length], [CFLAGS="$CFLAGS -Wno-format-zero-length"]
check_cc_flag([-Wformat-truncation], [CFLAGS="$CFLAGS -Wno-format-truncation"])
check_cc_flag([-Wformat-overflow], [CFLAGS="$CFLAGS -Wno-format-overflow"])
dnl While it can be useful to occasionally to compile with warnings about
dnl unused variables and parameters, we often 'think ahead' when coding things
dnl so they may be useless now but not later. Similarly, for variables, we
@@ -276,37 +247,15 @@ check_cc_flag([-Wsign-compare], [CFLAGS="$CFLAGS -Wno-sign-compare"])
dnl Don't warn about empty body, we use this, eg via Debug(()) or in if's.
check_cc_flag([-Wempty-body], [CFLAGS="$CFLAGS -Wno-empty-body"])
dnl This warns about all our hook calls - RunHook() and others
check_cc_flag([-Wdeprecated-non-prototype], [CFLAGS="$CFLAGS -Wno-deprecated-non-prototype"])
dnl This one fails with ircstrdup(var, staticstring)
dnl Shame we have to turn it off completely...
check_cc_flag([-Waddress], [CFLAGS="$CFLAGS -Wno-address"])
dnl This warns about const char hexchars[16] = "0123456789abcdef";
check_cc_flag([-Wunterminated-string-initialization], [CFLAGS="$CFLAGS -Wno-unterminated-string-initialization"])
dnl This one breaks our TO_INTFUNC() that is used in m_tkl for tkl_typetochar
check_cc_flag([-Wcast-function-type], [CFLAGS="$CFLAGS -Wno-cast-function-type"])
dnl Yeah this old clang version is a bit problematic
dnl (ships in Ubuntu 16.04 for example)
dnl -Wtautological-compare has false positives
dnl -Wno-pragmas is needed, despite -Wno-unknown-warning-option
AS_IF([$CC --version | grep -q "clang version 3."],
[CFLAGS="$CFLAGS -Wno-tautological-compare -Wno-pragmas"])
dnl This one MUST be LAST!!
dnl It disables -Wsomeunknownoption being an error. Which is needed for
dnl the pragma's in individual files to selectively disable some warnings
dnl on clang/gcc (that may exist in eg gcc but not in clang or vice versa).
check_cc_flag([-Wpragmas], [no_pragmas=1],[no_pragmas=0])
check_cc_flag([-Wunknown-warning-option], [unknown_warning_option=1], [unknown_warning_option=0])
if test "$unknown_warning_option" = "1"; then
dnl This is the best option
CFLAGS="$CFLAGS -Wno-unknown-warning-option"
else
if test "$no_pragmas" = "1"; then
dnl This is a fallback needed for older gcc/clang, it also
dnl disables several other useful warnings/errors related
dnl to pragma's unfortunately.
CFLAGS="$CFLAGS -Wno-pragmas"
fi
fi
[CFLAGS="$CFLAGS -Wno-tautological-compare"])
dnl End of -W... compiler checks.
@@ -351,7 +300,7 @@ fi
])
AC_CACHE_CHECK(if your system prepends an underscore on symbols,ac_cv_underscore,[
cat >uscore.c << __EOF__
int main(void) {
int main() {
return 0;
}
__EOF__
@@ -368,7 +317,7 @@ if test "$ac_cv_underscore" = "yes"; then
AC_DEFINE([UNDERSCORE], [], [Define if your system prepends an underscore to symbols])
fi
MODULEFLAGS="$ac_cv_pic $DYNAMIC_LDFLAGS $HARDEN_LDFLAGS"
MODULEFLAGS="$ac_cv_pic $DYNAMIC_LDFLAGS"
dnl DYNAMIC_LINKING is not meant to be defined in include/setup.h, it's
dnl defined in the Makefiles using -D. Having it defined globally will
dnl only cause braindamage and symbol collisions :-D.
@@ -379,8 +328,7 @@ AC_CACHE_CHECK([if your system has IPv6 support], [ac_cv_ip6], [
AC_TRY_RUN([
#include <sys/types.h>
#include <sys/socket.h>
#include <stdlib.h>
int main(void) {
int main() {
int s = socket(AF_INET6, SOCK_STREAM, 0);
exit(0); /* We only check if the code compiles, that's enough. We can deal with missing runtime IPv6 */
}
@@ -392,32 +340,6 @@ if test "$ac_cv_ip6" = "no"; then
AC_MSG_ERROR([Your system does not support IPv6])
fi
AC_MSG_CHECKING([if you have getsockopt TCP_INFO])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
[[#include <sys/types.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <sys/socket.h>]],
[[
socklen_t optlen = sizeof(struct tcp_info);
struct tcp_info ti;
ti.tcpi_rtt = 0;
ti.tcpi_rttvar = 0;
#if defined(__FreeBSD__)
ti.__tcpi_pmtu = 0;
#else
ti.tcpi_pmtu = 0;
#endif
ti.tcpi_snd_cwnd = 0;
ti.tcpi_snd_mss = 0;
ti.tcpi_rcv_mss = 0;
getsockopt(0, IPPROTO_TCP, TCP_INFO, &ti, &optlen);
]])],
[AC_DEFINE(HAVE_TCP_INFO, 1, [Have getsockopt TCP_INFO])
AC_MSG_RESULT(yes)],[AC_MSG_RESULT(no)])
AC_CHECK_HEADER(sys/syslog.h,
AC_DEFINE([SYSSYSLOGH], [], [Define if you have the <sys/syslog.h> header file.]))
AC_CHECK_HEADER(sys/rusage.h,
@@ -433,8 +355,6 @@ AC_CHECK_FUNCS(strlcat,
AC_DEFINE([HAVE_STRLCAT], [], [Define if you have strlcat]))
AC_CHECK_FUNCS(strlncat,
AC_DEFINE([HAVE_STRLNCAT], [], [Define if you have strlncat]))
AC_CHECK_FUNCS(strlncpy,
AC_DEFINE([HAVE_STRLNCPY], [], [Define if you have strlncpy]))
AC_CHECK_FUNCS([getrusage],
[AC_DEFINE([GETRUSAGE_2], [], [Define if you have getrusage])],
@@ -457,7 +377,6 @@ AC_CHECK_FUNCS([setproctitle],
AC_CHECK_FUNCS(explicit_bzero,AC_DEFINE([HAVE_EXPLICIT_BZERO], [], [Define if you have explicit_bzero]))
AC_CHECK_FUNCS(syslog,AC_DEFINE([HAVE_SYSLOG], [], [Define if you have syslog]))
AC_CHECK_FUNCS(strnlen,AC_DEFINE([HAVE_STRNLEN], [], [Define if you have strnlen]))
AC_SUBST(CRYPTOLIB)
AC_SUBST(MODULEFLAGS)
AC_SUBST(DYNAMIC_LDFLAGS)
@@ -539,12 +458,6 @@ AC_ARG_WITH(pidfile, [AS_HELP_STRING([--with-pidfile=path],[Specify the path of
[AC_DEFINE_UNQUOTED([PIDFILE], ["$HOME/unrealircd/data/unrealircd.pid"], [Define the path of the pid file])
PIDFILE="$HOME/unrealircd/data/unrealircd.pid"])
AC_ARG_WITH(controlfile, [AS_HELP_STRING([--with-controlfile=path],[Specify the path of the control socket])],
[AC_DEFINE_UNQUOTED([CONTROLFILE], ["$withval"], [Define the path of the control socket])
CONTROLFILE="$withval"],
[AC_DEFINE_UNQUOTED([CONTROLFILE], ["$HOME/unrealircd/data/unrealircd.ctl"], [Define the path of the control socket])
CONTROLFILE="$HOME/unrealircd/data/unrealircd.ctl"])
dnl Ensure that this “feature” can be disabled as it makes it harder to package unrealircd.
dnl Users have always been able to specify “./configure LDFLAGS=-Wl,-rpath,/path/to/blah”—binki
AC_ARG_WITH(privatelibdir, [AS_HELP_STRING([--with-privatelibdir=path],[Specify the directory where private libraries are stored. Disable when building a package for a distro])],
@@ -558,11 +471,6 @@ AS_IF([test "x$with_privatelibdir" = "xno"],
AS_IF([test "x$PRIVATELIBDIR" = "x"],
[LDFLAGS_PRIVATELIBS=""],
[AC_DEFINE_UNQUOTED([PRIVATELIBDIR], ["$PRIVATELIBDIR"], [Define the location of private libraries])
# Create the private library directory now with restrictive permissions.
# This must happen here rather than in the Makefile because the bundled
# libraries are installed into it during configure. It must also work when
# configure is run directly without ./Config having created it first.
mkdir -p "$PRIVATELIBDIR" && chmod 0700 "$PRIVATELIBDIR"
LDFLAGS_PRIVATELIBS="-Wl,-rpath,$PRIVATELIBDIR"
LDFLAGS="$LDFLAGS $LDFLAGS_PRIVATELIBS"
export LDFLAGS])
@@ -580,7 +488,6 @@ dnl well, Because DATADIR conflicts with the Windows SDK header files.. amazing.
AC_SUBST(PERMDATADIR)
AC_SUBST(DOCDIR)
AC_SUBST(PIDFILE)
AC_SUBST(CONTROLFILE)
AC_SUBST(LDFLAGS_PRIVATELIBS)
AC_ARG_WITH(maxconnections, [AS_HELP_STRING([--with-maxconnections=size], [Specify the max file descriptors to use])],
@@ -588,6 +495,17 @@ AC_ARG_WITH(maxconnections, [AS_HELP_STRING([--with-maxconnections=size], [Speci
[ac_fd=0])
AC_DEFINE_UNQUOTED([MAXCONNECTIONS_REQUEST], [$ac_fd], [Set to the maximum number of connections you want])
AC_ARG_ENABLE([prefixaq],
[AS_HELP_STRING([--disable-prefixaq],[Disable chanadmin (+a) and chanowner (+q) prefixes])],
[],
[enable_prefixaq=yes])
AS_IF([test $enable_prefixaq = "yes"],
[AC_DEFINE([PREFIX_AQ], [], [Define if you want +a/+q prefixes])])
AC_ARG_WITH(showlistmodes,
[AS_HELP_STRING([--with-showlistmodes], [Specify whether modes are shown in /list])],
[AS_IF([test $withval = "yes"],
[AC_DEFINE([LIST_SHOW_MODES], [], [Define if you want modes shown in /list])])])
AC_ARG_WITH(no-operoverride, [AS_HELP_STRING([--with-no-operoverride], [Disable OperOverride])],
[AS_IF([test $withval = "yes"],
[AC_DEFINE([NO_OPEROVERRIDE], [], [Define if you want OperOverride disabled])])])
@@ -595,20 +513,15 @@ AC_ARG_WITH(operoverride-verify, [AS_HELP_STRING([--with-operoverride-verify], [
[AS_IF([test $withval = "yes"],
[AC_DEFINE([OPEROVERRIDE_VERIFY], [], [Define if you want opers to have to use /invite to join +s/+p channels])])])
AC_ARG_WITH(system-pcre2, [AS_HELP_STRING([--without-system-pcre2], [Use the system pcre2 package instead of bundled, discovered using pkg-config])], [], [with_system_pcre2=yes])
AC_ARG_WITH(system-argon2, [AS_HELP_STRING([--with-system-argon2], [Use system argon2 instead of bundled version. Normally we prefer the one shipped with unrealircd because it is much faster])], [], [with_system_argon2=no])
AC_ARG_WITH(system-argon2, [AS_HELP_STRING([--without-system-argon2], [Use bundled version instead of system argon2 library. Normally autodetected via pkg-config])], [], [with_system_argon2=yes])
AC_ARG_WITH(system-sodium, [AS_HELP_STRING([--without-system-sodium], [Use bundled version instead of system sodium library. Normally autodetected via pkg-config])], [], [with_system_sodium=yes])
AC_ARG_WITH(system-cares, [AS_HELP_STRING([--without-system-cares], [Use bundled version instead of system c-ares. Normally autodetected via pkg-config.])], [], [with_system_cares=yes])
AC_ARG_WITH(system-jansson, [AS_HELP_STRING([--without-system-jansson], [Use bundled version instead of system jansson. Normally autodetected via pkg-config.])], [], [with_system_jansson=yes])
CHECK_SSL
CHECK_SSL_CTX_SET1_SIGALGS_LIST
CHECK_SSL_CTX_SET1_CURVES_LIST
CHECK_SSL_CTX_SET1_GROUPS_LIST
CHECK_SSL_GET_NEGOTIATED_GROUP
CHECK_SSL_CTX_SET_MIN_PROTO_VERSION
CHECK_SSL_CTX_SET_SECURITY_LEVEL
CHECK_ASN1_TIME_diff
CHECK_X509_get0_notAfter
CHECK_X509_check_host
AC_ARG_ENABLE(dynamic-linking, [AS_HELP_STRING([--disable-dynamic-linking], [Make the IRCd statically link with shared objects rather than dynamically (noone knows if disabling dynamic linking actually does anything or not)])],
[enable_dynamic_linking=$enableval], [enable_dynamic_linking="yes"])
AS_IF([test $enable_dynamic_linking = "yes"],
@@ -642,12 +555,12 @@ export PATH_SEPARATOR
dnl Use system pcre2 when available, unless --without-system-pcre2.
has_system_pcre2="no"
AS_IF([test "x$with_system_pcre2" = "xyes"],[
PKG_CHECK_MODULES([PCRE2], libpcre2-8 >= 10.36,[has_system_pcre2=yes
PKG_CHECK_MODULES([PCRE2], libpcre2-8 >= 10.00,[has_system_pcre2=yes
AS_IF([test "x$PRIVATELIBDIR" != "x"], [rm -f "$PRIVATELIBDIR/"libpcre2*])],[has_system_pcre2=no])])
AS_IF([test "$has_system_pcre2" = "no"], [
dnl REMEMBER TO CHANGE WITH A NEW PCRE2 RELEASE!
pcre2_version="10.47"
pcre2_version="10.36"
AC_MSG_RESULT(extracting PCRE2 regex library)
cur_dir=`pwd`
cd extras
@@ -664,18 +577,10 @@ else
fi
AC_MSG_RESULT(configuring PCRE2 regex library)
cd pcre2-$pcre2_version
save_cflags="$CFLAGS"
save_ldflags="$LDFLAGS"
CFLAGS="$orig_cflags $HARDEN_LIB_CFLAGS"
LDFLAGS="$HARDEN_LIB_LDFLAGS"
export CFLAGS LDFLAGS
./configure --enable-jit --enable-shared --prefix=$cur_dir/extras/pcre2 --libdir=$PRIVATELIBDIR || exit 1
CFLAGS="$save_cflags"
LDFLAGS="$save_ldflags"
./configure --enable-jit --enable-shared --disable-unicode --prefix=$cur_dir/extras/pcre2 --libdir=$PRIVATELIBDIR || exit 1
AC_MSG_RESULT(compiling PCRE2 regex library)
$ac_cv_prog_MAKER || exit 1
AC_MSG_RESULT(installing PCRE2 regex library)
rm -f "$PRIVATELIBDIR/"libpcre2*
$ac_cv_prog_MAKER install || exit 1
PCRE2_CFLAGS="-I$cur_dir/extras/pcre2/include"
AC_SUBST(PCRE2_CFLAGS)
@@ -701,7 +606,7 @@ AS_IF([test "x$PRIVATELIBDIR" != "x"], [rm -f "$PRIVATELIBDIR/"libargon2*])],[ha
AS_IF([test "$has_system_argon2" = "no"],[
dnl REMEMBER TO CHANGE WITH A NEW ARGON2 RELEASE!
argon2_version="20190702"
argon2_version="20181209"
AC_MSG_RESULT(extracting Argon2 library)
cur_dir=`pwd`
cd extras
@@ -709,18 +614,13 @@ dnl remove old argon2 directory to force a recompile...
dnl and remove its installation prefix just to clean things up.
rm -rf argon2-$argon2_version argon2
if test "x$ac_cv_path_GUNZIP" = "x" ; then
tar xfz argon2.tar.gz
tar xfz argon2-$argon2_version.tar.gz
else
cp argon2.tar.gz argon2.tar.gz.bak
gunzip -f argon2.tar.gz
cp argon2.tar.gz.bak argon2.tar.gz
tar xf argon2.tar
cp argon2-$argon2_version.tar.gz argon2-$argon2_version.tar.gz.bak
gunzip -f argon2-$argon2_version.tar.gz
cp argon2-$argon2_version.tar.gz.bak argon2-$argon2_version.tar.gz
tar xf argon2-$argon2_version.tar
fi
save_cflags="$CFLAGS"
save_ldflags="$LDFLAGS"
CFLAGS="$orig_cflags $HARDEN_LIB_CFLAGS"
LDFLAGS="$HARDEN_LIB_LDFLAGS"
export CFLAGS LDFLAGS
AC_MSG_RESULT(compiling Argon2 library)
cd argon2-$argon2_version
$ac_cv_prog_MAKER || exit 1
@@ -733,9 +633,7 @@ $ac_cv_prog_MAKER install PREFIX=$cur_dir/extras/argon2 || exit 1
# lead to a crash of the currently running IRCd.
rm -f "$PRIVATELIBDIR/"libargon2*
# Now copy the new library files:
cp -av $cur_dir/extras/argon2/lib/* $PRIVATELIBDIR/ || exit 1
CFLAGS="$save_cflags"
LDFLAGS="$save_ldflags"
cp -av $cur_dir/extras/argon2/lib/* $PRIVATELIBDIR/
ARGON2_CFLAGS="-I$cur_dir/extras/argon2/include"
AC_SUBST(ARGON2_CFLAGS)
ARGON2_LIBS="-L$PRIVATELIBDIR -largon2"
@@ -751,7 +649,7 @@ AS_IF([test "x$PRIVATELIBDIR" != "x"], [rm -f "$PRIVATELIBDIR/"libsodium*])],[ha
AS_IF([test "$has_system_sodium" = "no"],[
dnl REMEMBER TO CHANGE WITH A NEW SODIUM RELEASE!
sodium_version="1.0.22"
sodium_version="1.0.18"
AC_MSG_RESULT(extracting sodium library)
cur_dir=`pwd`
cd extras
@@ -769,17 +667,13 @@ fi
AC_MSG_RESULT(compiling sodium library)
cd libsodium-$sodium_version
save_cflags="$CFLAGS"
save_ldflags="$LDFLAGS"
CFLAGS="$orig_cflags $HARDEN_LIB_CFLAGS"
LDFLAGS="$HARDEN_LIB_LDFLAGS"
export CFLAGS LDFLAGS
CFLAGS="$orig_cflags"
export CFLAGS
./configure --prefix=$cur_dir/extras/sodium --libdir=$PRIVATELIBDIR --enable-shared --disable-static --enable-opt || exit 1
CFLAGS="$save_cflags"
LDFLAGS="$save_ldflags"
AC_MSG_RESULT(compiling sodium resolver library)
$ac_cv_prog_MAKER || exit 1
AC_MSG_RESULT(installing sodium resolver library)
rm -f "$PRIVATELIBDIR/"libsodium*
$ac_cv_prog_MAKER install || exit 1
SODIUM_CFLAGS="-I$cur_dir/extras/sodium/include"
AC_SUBST(SODIUM_CFLAGS)
@@ -804,7 +698,9 @@ AS_IF([test "x$PRIVATELIBDIR" != "x"], [rm -f "$PRIVATELIBDIR/"libcares*])],[has
AS_IF([test "$has_system_cares" = "no"], [
dnl REMEMBER TO CHANGE WITH A NEW C-ARES RELEASE!
cares_version="1.34.6"
dnl NOTE: when changing this here, ALSO change it in extras/curlinstall
dnl and in the comment in this file around line 400!
cares_version="1.17.2"
AC_MSG_RESULT(extracting c-ares resolver library)
cur_dir=`pwd`
cd extras
@@ -821,17 +717,13 @@ fi
AC_MSG_RESULT(configuring c-ares library)
cd c-ares-$cares_version
save_cflags="$CFLAGS"
save_ldflags="$LDFLAGS"
CFLAGS="$orig_cflags $HARDEN_LIB_CFLAGS"
LDFLAGS="$HARDEN_LIB_LDFLAGS"
export CFLAGS LDFLAGS
CFLAGS="$orig_cflags"
export CFLAGS
./configure --prefix=$cur_dir/extras/c-ares --libdir=$PRIVATELIBDIR --enable-shared --disable-tests || exit 1
CFLAGS="$save_cflags"
LDFLAGS="$save_ldflags"
AC_MSG_RESULT(compiling c-ares resolver library)
$ac_cv_prog_MAKER || exit 1
AC_MSG_RESULT(installing c-ares resolver library)
rm -f "$PRIVATELIBDIR/"libcares*
$ac_cv_prog_MAKER install || exit 1
CARES_CFLAGS="-I$cur_dir/extras/c-ares/include"
AC_SUBST(CARES_CFLAGS)
@@ -874,97 +766,12 @@ AC_SUBST(CARES_LIBS)
cd $cur_dir
])
dnl Use system jansson when available, unless --without-system-jansson
has_system_jansson="no"
AS_IF([test "x$with_system_jansson" = "xyes"],[
PKG_CHECK_MODULES([JANSSON], [jansson >= 2.0.0],[has_system_jansson=yes
AS_IF([test "x$PRIVATELIBDIR" != "x"], [rm -f "$PRIVATELIBDIR/"libjansson*])],[has_system_jansson=no])])
AS_IF([test "$has_system_jansson" = "no"],[
dnl REMEMBER TO CHANGE WITH A NEW JANSSON RELEASE!
jansson_version="2.15.0"
AC_MSG_RESULT(extracting jansson library)
cur_dir=`pwd`
cd extras
dnl remove old jansson directory to force a recompile...
dnl and remove its installation prefix just to clean things up.
rm -rf jansson-$jansson_version jansson
if test "x$ac_cv_path_GUNZIP" = "x" ; then
tar xfz jansson.tar.gz
else
cp jansson.tar.gz jansson.tar.gz.bak
gunzip -f jansson.tar.gz
cp jansson.tar.gz.bak jansson.tar.gz
tar xf jansson.tar
fi
AC_MSG_RESULT(compiling jansson library)
cd jansson-$jansson_version
save_cflags="$CFLAGS"
save_ldflags="$LDFLAGS"
CFLAGS="$orig_cflags $HARDEN_LIB_CFLAGS"
LDFLAGS="$HARDEN_LIB_LDFLAGS"
export CFLAGS LDFLAGS
./configure --prefix=$cur_dir/extras/jansson --libdir=$PRIVATELIBDIR --enable-shared --disable-static || exit 1
CFLAGS="$save_cflags"
LDFLAGS="$save_ldflags"
AC_MSG_RESULT(compiling jansson resolver library)
$ac_cv_prog_MAKER || exit 1
AC_MSG_RESULT(installing jansson resolver library)
rm -f "$PRIVATELIBDIR/"libjansson*
$ac_cv_prog_MAKER install || exit 1
JANSSON_CFLAGS="-I$cur_dir/extras/jansson/include"
AC_SUBST(JANSSON_CFLAGS)
JANSSON_LIBS=
dnl See c-ares's compilation section for more info on this hack.
dnl ensure that we're linking against the bundled version
dnl (we only reach this code if linking against the bundled version is desired).
AS_IF([test -n "$ac_cv_path_PKGCONFIG"],
[JANSSON_LIBS="`$ac_cv_path_PKGCONFIG --libs jansson.pc`"])
dnl ^^^ FIXME FIXME this is likely incorrect the .pc etc
dnl For when pkg-config isn't available
AS_IF([test -z "$JANSSON_LIBS"],
[JANSSON_LIBS="-L$PRIVATELIBDIR -ljansson"])
AC_SUBST(JANSSON_LIBS)
cd $cur_dir
])
AX_PTHREAD()
CHECK_LIBCURL
CHECK_GEOIP_CLASSIC
dnl This does not do much anymore but..
AC_ARG_ENABLE(mmdb,
[AC_HELP_STRING([--enable-mmdb=no/yes],[enable GeoIP mmdb support])],
[enable_mmdb=$enableval],
[enable_mmdb=no])
AS_IF([test "x$enable_mmdb" = "xyes"],
[AC_DEFINE([GEOIP_ENGINE], ["geoip_mmdb"], [MMDB GeoIP engine])])
dnl Set to include dir
UNRLINCDIR="`pwd`/include"
dnl This is at the end so the (potential) -std=gnu17 is not used
dnl when compiling libraries, as their requirements may be different.
AC_MSG_CHECKING([if explicit -std=gnu17 is needed])
AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
[[#include <sys/types.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <sys/socket.h>]],
[[
void (*test)();
test = exit;
test(0);
]])],
[AC_MSG_RESULT(no)],
[CFLAGS="$CFLAGS -std=gnu17"
AC_MSG_RESULT(yes)])
dnl Moved to the very end to ensure it doesn't affect any libs or tests.
if test "$ac_cv_werror" = "yes" ; then
CFLAGS="$CFLAGS -Werror"
@@ -972,7 +779,7 @@ fi
dnl Address sanitizer build
if test "$ac_cv_asan" = "yes" ; then
CFLAGS="$CFLAGS -O2 -fno-inline -fsanitize=address,undefined -fno-omit-frame-pointer -DNOCLOSEFD"
CFLAGS="$CFLAGS -O1 -fno-inline -fsanitize=address -fno-omit-frame-pointer -DNOCLOSEFD"
IRCDLIBS="-fsanitize=address $IRCDLIBS"
fi
@@ -985,8 +792,8 @@ AC_CONFIG_FILES([Makefile
src/modules/Makefile
src/modules/chanmodes/Makefile
src/modules/usermodes/Makefile
src/modules/snomasks/Makefile
src/modules/extbans/Makefile
src/modules/rpc/Makefile
src/modules/third/Makefile
extras/unrealircd-upgrade-script
unrealircd])
doc/Config.header
+5 -6
View File
@@ -7,7 +7,7 @@
\___/|_| |_|_| \___|\__,_|_|\___/\_| \_| \____/\__,_|
Configuration Program
for UnrealIRCd 6.2.6-rc1
for UnrealIRCd 5.2.4
This program will help you to compile your IRC server, and ask you
questions regarding the compile-time settings of it during the process.
@@ -16,17 +16,16 @@ A short installation guide is available online at:
https://www.unrealircd.org/docs/Installing_from_source
Full documentation is available at:
https://www.unrealircd.org/docs/UnrealIRCd_6_documentation
https://www.unrealircd.org/docs/UnrealIRCd_5_documentation
--------------------------------------------------------------------------------------
The full release notes are available in doc/RELEASE-NOTES.md
For easier viewing, check out the latest online release notes at:
https://github.com/unrealircd/unrealircd/blob/unreal60_dev/doc/RELEASE-NOTES.md
https://github.com/unrealircd/unrealircd/blob/unreal52/doc/RELEASE-NOTES.md
UnrealIRCd 6 is compatible with the following services:
* anope 2.0.x (stable) with the "unreal4" protocol module - anope 2.0.7 or higher required
* anope 2.1.x (dev) with the "unrealircd" protocol module
UnrealIRCd 5 is compatible with the following services:
* anope with the "unreal4" protocol module - version 2.0.7 or higher required!
* atheme with the "unreal4" protocol module - tested with version 7.2.9
--------------------------------------------------------------------------------------
doc/Donation
+14
View File
@@ -0,0 +1,14 @@
Although UnrealIRCd is a free program, we do put a great deal of time,
effort, and money into keeping UnrealIRCd alive. If you like UnrealIRCd and
want to support us then please consider making a donation.
PayPal Donation Link: https://unrealircd.org/index/donations
If you don't want to use PayPal, or you want to donate something other than
money, then please contact Syzop (syzop@unrealircd.com).
All those who donate at least a certain minimum amount will have their name
and/or company listed in /CREDITS and will be listed on the website.
Thank you for your support,
The UnrealIRCd Team
doc/KEYS
+44 -30
View File
@@ -1,33 +1,47 @@
pub rsa4096 2024-11-18 [SC] [expires: 2030-11-17]
36E6F65706E36B0937280299101001DAF48BB56D
uid UnrealIRCd releases and patches (for verification of software downloads only!) <releases@unrealircd.org>
pub rsa4096 2015-07-02 [SC] [expires: 2025-06-29]
1D2D2B03A0B68ED11D68A24BA7A21B0A108FF4A9
uid UnrealIRCd releases (for verification of software downloads only!) <releases@unrealircd.org>
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGc7EBEBEADDZzlLVArYr2kE9NlhnuUF31rW3wvZ4avjhzhmO6bL0I0RESZC
PrtiFVJyjcSScObOVONFSC2YQiLVpezkKX4AYoqfnsuWfHg3xlGqCY8Ip+V5XJ6v
8G5haFFEgTL10UtqzPNymygWmoEr11u3BUKIzAJAuec7dl7PyfGU2JDkl+NtWm31
WyKCMuK3TKaD8UjGd5PPQR4jA6k1Hn8kvUl53EmkJjRyJc1XVz4AjZFywyUENGJv
HVdVFOPDaKzIx6N6+2dm0ZxXIPOISycwEQuk1++E7NyOS5u+lzlFN7RAXR/5Ogv5
pZzdcsPXp0RHHVeM8qgV7kvRTG9xhfFcXjs9Hanp2siy80HWs56o7nNN2eQNA31W
5lfGIWaA3pY4rpBoiQc3IMGD+vkACfRFH468+cx50zP9gbqSaxUaj6Z0e/jBNf26
7MIEKUjVCunQjO0Lob346FTAvdnXEXCwwJdQFF2tkxnpUBs6sSXjJwVgsfrkizXS
X0qsX7DTn9QpF9Z+0czqdoyJuLLPOFx+6Xj7l2riBYyzMAa8c6odLXTReMaVxFN+
clIVMCrfYXuURb4QGKB0ewW/wZd1fgsPAV4D1qypFAnM0D+qsfpKFI1QQY7WEUcC
YVMkzjZHPWaBdRQf7KLXasx7/ouM5nIlZdRrPDrCXXiqAlA20aWqvZ8N1wARAQAB
tGhVbnJlYWxJUkNkIHJlbGVhc2VzIGFuZCBwYXRjaGVzIChmb3IgdmVyaWZpY2F0
aW9uIG9mIHNvZnR3YXJlIGRvd25sb2FkcyBvbmx5ISkgPHJlbGVhc2VzQHVucmVh
bGlyY2Qub3JnPokCVAQTAQoAPhYhBDbm9lcG42sJNygCmRAQAdr0i7VtBQJnOxAR
AhsDBQkLRzUABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEBAQAdr0i7Vt1hoQ
ALCuqTuVqYOiwBsccS8Qt52l+8pOr0hcF49GM+eBM7Evq2tlwL4FOEyzbsO94yRH
qTxGg/0puYkF74+vZnS2Vlo/F90FTmypy4oVQr+K/dd11ZEVLEpNcdaXuj68vP4c
UCsUPmQyPGERCIlKMe1U+n6yQWgx7xLbuqlOuxcwKDddYa6hhToogUxBbdOZZrYl
I4LN38ztSr0xjp0b67gdrMgOByS/r1AOX61L4DL2/glGOCt4GpKWPj8bOrK+Y/eK
HRK72TezQ+XPFAqsXNmeaLBVVFM8L3fPBBEmVV5tULZ7+/3Qlyub78/OK3Y1/fV7
qFY1S0WnTWY5mBNtUSgF9bGK/UyySNtPFtihmyg0xGQ/cNwiH7QXp38LboEBDoTF
lRT42nX1Nw9KpIWqGPTowB4qhN7znAseYkuH1XtDJHm1OKQjUB8lyBupq3cXYUju
JJH4zfdpWeLWQktb3D8uQsvEBcIyaVRs8wlPdAQBZBL0cLvE0ACpcsbsua26ihzB
ZCGzYmdZvBPpRo2e5xzC9ur3VOQzHqsebFrRKzDD6PgYCgnqJ+03vMToGua9MVX+
FFd2BSLO3UGUPdZESNzik2cILyZPRucwGWnL4wh+v+eOP9ZS4QpACye38VkGWUVR
YqzzK4QaI3m1xrRbcuCXdiMymWnWV3yW6AU+eGB8aEDW
=p0TV
mQINBFWVOFYBEACsWFWM25VDaGXq22GSTJo1O53bgAMCZsqj9VKDriUmj7uvozlp
BGHgYFVM4ZT1FUAsWedeIP2aLLkYGmH4odVaAk7IeUa7HfpE45/F6+End6bCpYGe
1UdVQM/Bu3VHoUtVvtIFg788JwbplroapA/D0pi/EAN8WYnN9etgLM2lvzwbjBz9
xTOefwvgRsKbCH63VW7NCyquEcdEJxnMHB7JZUEuzrOUvhAiIkwKw8wbcn36zX0i
wcAFtVO5uVTA/Tdu6nWsZvqVc6R1E3usJzWSwbmoUtPUM5Mk9I9gL73EsqEbgs5N
trT00r75RcfiThNEP8NtDtB8AFum6OCSg/+8bdJmKcWVKpuB+lUvP0d4UAqm5vmH
/KQh/nyHXKvAvhWqHizozP1WGevpxLFHMjm/+1T167Iil/3UcUyn9qd0CuYSszJw
y5Vp6iJHkVo8qxI89rkzSDRi+ppLCBTwuN01ducftDxvIQMVrphdKZLPGzQrltkh
lIN4XNS6cOOsrbbk5+Kc2xih6qt+DyiRHaNFQnoMdRVeIrmf4u4ClMcHlzELV8gF
D+s0BbVqhVwAhbKMfKaVmvVlj8bSET0z2s0vhZODwlgANpDBLNsIU6leiYRAzub5
WY5Hz1m7P8ZXSMPh4/vGh1kg3E9IRKLZDZ65gEYr8nNCzbAYmDQ3IkplIwARAQAB
tFxVbnJlYWxJUkNkIHJlbGVhc2VzIChmb3IgdmVyaWZpY2F0aW9uIG9mIHNvZnR3
YXJlIGRvd25sb2FkcyBvbmx5ISkgPHJlbGVhc2VzQHVucmVhbGlyY2Qub3JnPokC
PgQTAQIAKAUCVZU4VgIbAwUJEswDAAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
CgkQp6IbChCP9KlFzQ/+ObuBgCtXvLcbpq7C2usHxgtEB1rV9khLGugJXevjMaf3
+vo4d5cd5go665po8oqDnSUfq+8LPDj/nnroKQcS5Kb4KdHz6rn+53rHWtw6PPGN
KswFS05Vy2AkYg4nVXvrGm0oV173qOms2REoStP0mEm7F7ZTJ6k1qgmZ8tcFgfMm
fqEl94O5zDWycaJx7K0h3n+xUyhh+lT9Zl3duzVzCc+YI+dD6UOIXBF9TF9fIb8m
300MBLwTTHq64nGsZbhfzCHNHAO6hTy5XmE+d1g4R87rKim6lP0V1LTbvhOhYhZg
0JrVOr9dhHY4tw1xglz++nMM24t2O9zoRoZjDMHBzzBm3gJq3G160kxVZKKcVaQd
nfYvPOBNtyEyaIIJD8vs2Z9jiJLjpoz0LhnE2TmE4M6YqBsSWfFuPrHE+PJQyEQg
2zEoTRCSFSLaq+5kl3vKM/cblwkQeKkNe8u6bDNk7bEPUCQstyOqcvoTWE2gs3f2
n7wI7BzW3uX5YUp1CcdPig1XxveI4XaKKrhRacvGvvNHdXw1scj1K0SCXvy4EPpf
dLthTC6BHwO2P56wlxK0MRL/GD72ttBCcsyLWYdL9OIT6Lx4bZVhvEjKDapWAL04
X1mXMHUK1iO4lunbqP3lu6F8qsuI/B2sIiJK7aSjv4bjVRw/jcESrhmCvnN3B3mI
RgQQEQIABgUCVZU9NQAKCRBpsoj7n/A5N4E2AJ4i5z98+mA8Ug9utdslGvHFRq+s
PgCeILJ7/dJFYZFz1YpaNTbRCHIesaWIXgQQEQgABgUCVZU9ZwAKCRBuZ21Ff+GZ
pueXAP9bJ1hPWa3ITIoapW9eTT1eNv+17KqcclwZzxCopbUkFAD+NptTuXpeivM+
USWsQJFpFlLdDckcv8QzLQwgzZ8TXtKJAhwEEAEIAAYFAlg796cACgkQ3pO4tH50
XrMyWQ/+NJyhO5yibAhN4RgCJ+qFdp9Llm+SQGFjVtw8L7nv3M0Us8xspmVlX7TZ
/OK6AhUyaqAmg3ZXruaetrBVIAlP675cXJ1NIPfyT+PvMUbupvqBhyPZKqdnh2WT
ZMYdQrvw503h+BlyjGeAWd34tLhtiM1A69tntFu2A7bKhkoxE7KoyCjKmLgUb30M
r5guxb6DCUXK8m5ooHl58kLtJrTpW9l3YYXpKe/POYPIK6ULZN7TChtFOTJ+ebx1
2LaQGGdRKaCSM1OX7mfvBG8GtljQcGoP+f5TmvRbCGGfiR9r6MdgG6LYTuYf7pR7
NBwxveqwJV4iOmd9b+doIra5tRX0TqEKdEqpVHhm4UTZlHVyIpg97Lc/7WiWS1Z5
UIhT4YxlztPUvWmCXlleNEqBYK86OsVFqryHDVKtPbH65k/xKfu8w/hHkv7TQ23r
eoMs1uBlaUWe3orgUOr0tnFLXz809SAwC9sxQq9TWTm50NqiaQvBVInSUssFYPkG
qBljIXtdUzFGBn3sTpFRY6p2yzIo54EQmQAvMQPEJkQ8JQJ47au82DxFUBZYKci5
lsJfRueGnn5A36eUZdkhZ6Dm61M3YldYcpRa4Xfi0AWbg5yW/uUipc36Ey+vwWyl
x+1IZgjnIIMsyDLuq2tm5p1tiJK2N9L0rxQb/DIK7j8+ZvmlFZQ=
=foLZ
-----END PGP PUBLIC KEY BLOCK-----
doc/RELEASE-NOTES.md
+1127 -2737
View File
File diff suppressed because it is too large Load Diff
doc/conf/badwords.conf
+1
View File
@@ -5,6 +5,7 @@
NOTE: Those words are not meant to insult you (the user)
but is meant to be a list of words so that the +G channel/user mode
will work properly. You can easily modify this file at your will.
If you got words to add to this file, please mail badwords@tspre.org
doc/conf/examples/example.conf
+148 -303
View File
@@ -1,15 +1,9 @@
/* Configuration file for UnrealIRCd 6
/* Configuration file for UnrealIRCd 5
*
* Simply copy this file to your conf/ directory and call it 'unrealircd.conf'
* Simply copy this file to your conf/ directory, call it
* 'unrealircd.conf' and walk through it line by line (edit it!)
*
* If you are in a hurry then you can CTRL+F for: CHANGE THIS
* The items that must be changed are indicated with those two words.
* However, we actually recommend going through the file line by line
* and edit it where needed, so you can see all the basic items and
* what they are set to.
*
* BEFORE YOU PROCEED:
* Important: all lines, except { and } end with an ;
* Important: All lines, except { and } end with an ;
* This is very important, if you miss a ; somewhere then the
* configuration file parser will complain and the file will not
* be processed correctly!
@@ -18,11 +12,12 @@
* this only takes a few minutes and will help you a lot:
* https://www.unrealircd.org/docs/Configuration#Configuration_file_syntax
*
* UnrealIRCd 6 documentation (very extensive!):
* https://www.unrealircd.org/docs/UnrealIRCd_6_documentation
* UnrealIRCd 5 documentation (very extensive!):
* https://www.unrealircd.org/docs/UnrealIRCd_5_documentation
*
* Frequently Asked Questions:
* https://www.unrealircd.org/docs/FAQ
*
*/
/* This is a comment, all text here is ignored (comment type #1) */
@@ -55,19 +50,12 @@ include "help/help.conf";
include "badwords.conf";
//include "spamfilter.conf";
include "operclass.default.conf";
include "snomasks.default.conf";
/* Load the default cloaking module (2021 onwards): */
loadmodule "cloak_sha256";
/* Or load the old module from UnrealIRCd 3.2/4/5 instead: */
//loadmodule "cloak_md5";
// CHANGE THIS (the 'name' and the 'info'):
/* This is the me { } block which basically says who we are.
* It defines our server name, some information line and an unique "sid".
* The server id (sid) must start with a digit followed by two digits or
* letters. The sid must be unique for your IRC network (each server should
* have it's own sid). It is common to use 001 for the first server.
* have it's own sid).
*/
me {
name "irc.example.org";
@@ -75,7 +63,6 @@ me {
sid "001";
}
// CHANGE THIS:
/* The admin { } block defines what users will see if they type /ADMIN.
* It normally contains information on how to contact the administrator.
*/
@@ -122,7 +109,7 @@ class servers
/* Allow blocks define which clients may connect to this server.
* This allows you to add a server password or restrict the server to
* specific IPs only. You also configure the maximum connections
* specific IP's only. You also configure the maximum connections
* allowed per IP here.
* See also: https://www.unrealircd.org/docs/Allow_block
*/
@@ -138,12 +125,12 @@ allow {
* Requires users on that IP to connect with a password. If the password
* is correct then it permits 20 connections on that IP.
*/
// allow {
// mask 192.0.2.1;
// class clients;
// password "somesecretpasswd";
// maxperip 20;
// }
allow {
mask 192.0.2.1;
class clients;
password "somesecretpasswd";
maxperip 20;
}
/* Oper blocks define your IRC Operators.
* IRC Operators are people who have "extra rights" compared to others,
@@ -157,25 +144,13 @@ allow {
* https://www.unrealircd.org/docs/Oper_block
*/
/* Here is an example oper block for 'bobsmith'
* YOU MUST CHANGE THIS!! (the oper name and the password)
/* Here is an example oper block for 'bobsmith' with password 'test'.
* You MUST change this!!
*/
oper bobsmith {
class opers;
mask *@*;
/* Technically you can put oper passwords in plaintext in the conf but
* this is HIGHLY DISCOURAGED. Instead you should generate a password hash:
* On *NIX, run: ./unrealircd mkpasswd
* On Windows, run: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" mkpasswd
* .. and then paste the result below:
*/
password "$argon2id..etc..";
/* See https://www.unrealircd.org/docs/Authentication_types for
* more information, including even better authentication types
* such as 'certfp', and how to generate hashes on Windows.
*/
password "test";
/* Oper permissions are defined in an 'operclass' block.
* See https://www.unrealircd.org/docs/Operclass_block
* UnrealIRCd ships with a number of default blocks, see
@@ -192,6 +167,7 @@ oper bobsmith {
*
* Syntax:
* listen {
* {
* ip <ip>;
* port <port>;
* options {
@@ -200,12 +176,7 @@ oper bobsmith {
* }
*/
/* Standard IRC port 6667:
* Insecure plaintext (NOT for production servers)
* This listen block is here only for quick testing.
* Delete or comment out this listen block on production servers
* and use TLS on port 6697 instead.
*/
/* Standard IRC port 6667 */
listen {
ip *;
port 6667;
@@ -237,54 +208,49 @@ listen {
* Link blocks allow you to link multiple servers together to form a network.
* See https://www.unrealircd.org/docs/Tutorial:_Linking_servers
*/
//link hub.example.org
//{
// incoming {
// mask *@something;
// }
//
// outgoing {
// bind-ip *; /* or explicitly an IP */
// hostname hub.example.org;
// port 6900;
// options { tls; }
// }
//
// /* We use the SPKI fingerprint of the other server for authentication.
// * Open a shell on the OTHER SERVER and run the command to get the fingerprint:
// * On *NIX, run: ./unrealircd spkifp
// * On Windows, run: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" spkifp
// */
// password "AABBCCDDEEFFGGHHIIJJKKLLMMNNOOPPQQRRSSTTUUV=" { spkifp; }
//
// class servers;
//}
link hub.example.org
{
incoming {
mask *@something;
}
outgoing {
bind-ip *; /* or explicitly an IP */
hostname hub.example.org;
port 6900;
options { tls; }
}
/* We use the SPKI fingerprint of the other server for authentication.
* Run './unrealircd spkifp' on the other side to get it.
*/
password "AABBCCDDEEFFGGHHIIJJKKLLMMNNOOPPQQRRSSTTUUV=" { spkifp; }
class servers;
}
/* The link block for services is usually much simpler.
* For more information about what Services are,
* see https://www.unrealircd.org/docs/Services
*/
//link services.example.org
//{
// incoming {
// mask 127.0.0.1;
// }
//
// password "changemeplease";
//
// class servers;
//}
link services.example.org
{
incoming {
mask 127.0.0.1;
}
password "changemeplease";
class servers;
}
/* U-lines give other servers (even) more power/commands.
* If you use services you MUST add them here. You must add the
* services server name in ulines { } in the config file on
* every UnrealIRCd server on your network.
* IMPORTANT: Never put the name of an UnrealIRCd server here,
* it's only for Services!
* If you use services you must add them here.
* NEVER put the name of an UnrealIRCd server here!!!
*/
//ulines {
// services.example.org;
//}
ulines {
services.example.org;
}
/* Here you can add a password for the IRCOp-only /DIE and /RESTART commands.
* This is mainly meant to provide a little protection against accidental
@@ -299,43 +265,20 @@ drpass {
* See also https://www.unrealircd.org/docs/Log_block
*/
/* This is a good default, it logs everything except
* debug stuff and join/part/kick.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.log" { maxsize 100M; }
}
}
/* In addition to regular logging, also add a JSON log file.
* This includes lots of information about every event so is great
* for auditing purposes and is machine readable. It is, however
* less readable for humans.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.json.log" { maxsize 250M; type json; }
/* This is a good default, it logs everything */
log "ircd.log" {
flags {
oper;
connects;
server-connects;
kills;
errors;
flood;
sadmin-commands;
chg-commands;
oper-override;
tkl;
spamfilter;
}
}
@@ -348,43 +291,43 @@ log {
include "aliases/anope.conf";
/* Ban nick names so they cannot be used by regular users */
// ban nick {
// mask "*C*h*a*n*S*e*r*v*";
// reason "Reserved for Services";
// }
ban nick {
mask "*C*h*a*n*S*e*r*v*";
reason "Reserved for Services";
}
/* Ban ip.
* Note that you normally use /KLINE, /GLINE and /ZLINE for this.
*/
// ban ip {
// mask 195.86.232.81;
// reason "Hate you";
// }
ban ip {
mask 195.86.232.81;
reason "Hate you";
}
/* Ban server - if we see this server linked to someone then we delink */
// ban server {
// mask eris.berkeley.edu;
// reason "Get out of here.";
// }
ban server {
mask eris.berkeley.edu;
reason "Get out of here.";
}
/* Ban user - just as an example, you normally use /KLINE or /GLINE for this */
// ban user {
// mask *tirc@*.saturn.bbn.com;
// reason "Idiot";
// }
ban user {
mask *tirc@*.saturn.bbn.com;
reason "Idiot";
}
/* Ban realname allows you to ban clients based on their 'real name'
* or 'gecos' field.
*/
// ban realname {
// mask "Swat Team";
// reason "mIRKFORCE";
// }
ban realname {
mask "Swat Team";
reason "mIRKFORCE";
}
// ban realname {
// mask "sub7server";
// reason "sub7";
// }
ban realname {
mask "sub7server";
reason "sub7";
}
/* Ban and TKL exceptions. Allows you to exempt users / machines from
* KLINE, GLINE, etc.
@@ -393,45 +336,45 @@ include "aliases/anope.conf";
* even if you accidentally place a *LINE ban on yourself.
*/
/* except ban with type 'all' protects you from GLINE, GZLINE, QLINE, SHUN */
// except ban {
// mask *@192.0.2.1;
// type all;
// }
/* This allows IRCCloud connections in without maxperip restrictions
* and also exempt them from connect-flood throttling.
*/
/* except ban protects you from KLINE and ZLINE */
except ban {
mask *.irccloud.com;
type { maxperip; connect-flood; }
mask *@192.0.2.1;
// you may add more mask entries here..
}
/* except ban with type 'all' protects you from GLINE, GZLINE, QLINE, SHUN */
except ban {
mask *@192.0.2.1;
type all;
}
/* With deny dcc blocks you can ban filenames for DCC */
// deny dcc {
// filename "*sub7*";
// reason "Possible Sub7 Virus";
// }
deny dcc {
filename "*sub7*";
reason "Possible Sub7 Virus";
}
/* deny channel allows you to ban a channel (mask) entirely */
// deny channel {
// channel "*warez*";
// reason "Warez is illegal";
// class "clients";
// }
deny channel {
channel "*warez*";
reason "Warez is illegal";
class "clients";
}
/* VHosts (Virtual Hosts) allow users to acquire a different host.
* See https://www.unrealircd.org/docs/Vhost_block
*/
/* Example vhost which you can use. On IRC type: /VHOST test test
* NOTE: only people with an 'unrealircd.com' host may use it so
* be sure to change the vhost::mask before you test.
*/
// vhost {
// vhost i.hate.microsefrs.com;
// mask *@*;
// login "test";
// password "test";
// }
vhost {
vhost i.hate.microsefrs.com;
mask *@unrealircd.com;
login "test";
password "test";
}
/* Blacklist blocks will query an external DNS Blacklist service
* whenever a user connects, to see if the IP address is known
@@ -483,38 +426,32 @@ blacklist efnetrbl {
/* Network configuration */
set {
// CHANGE THIS, ALL 4 ITEMS:
network-name "ExampleNET";
default-server "irc.example.org";
services-server "services.example.org";
stats-server "stats.example.org";
/* Normal defaults */
help-channel "#Help";
cloak-prefix "Clk";
hiddenhost-prefix "Clk";
prefix-quit "Quit";
/* Cloak keys should be the same at all servers on the network.
* They are used for generating masked hosts and should be kept secret.
* YOU MUST CHANGE THIS!
* The keys should be 3 random strings of 80 characters each (or more).
* The keys should be 3 random strings of 50-100 characters
* and must consist of lowcase (a-z), upcase (A-Z) and digits (0-9).
* On *NIX, you can run './unrealircd gencloak' in your shell to let
* UnrealIRCd generate 3 random strings for you.
* On Windows, you can run "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" gencloak
* HINT: On *NIX, you can run './unrealircd gencloak' in your shell to let
* UnrealIRCd generate 3 random strings for you.
*/
cloak-keys {
"Oozahho1raezoh0iMee4ohvegaifahv5xaepeitaich9tahdiquaid0geecipahdauVaij3zieph4ahi";
"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";
"and another one";
"and another one";
}
}
/* Server specific configuration */
set {
// FINALLY, YOU MUST CHANGE THIS NEXT ITEM:
kline-address 'set.this.to.email.address'; /* e-mail or URL shown when a user is banned */
set {
kline-address "set.this.to.email.address"; /* e-mail or URL shown when a user is banned */
modes-on-connect "+ixw"; /* when users connect, they will get these user modes */
modes-on-oper "+xws"; /* when someone becomes IRCOp they'll get these modes */
modes-on-join "+nt"; /* default channel modes when a new channel is created */
@@ -537,25 +474,11 @@ set {
/* static-part does the same for /PART */
/* static-part yes; */
/* Flood protection */
/* Flood protection:
* There are lots of settings for this and most have good defaults.
* See https://www.unrealircd.org/docs/Set_block#set::anti-flood
*/
anti-flood {
/* There are lots of settings for this and most have good defaults.
* See https://www.unrealircd.org/docs/Anti-flood_settings
*/
channel {
/* For channel-specific anti-flood settings, see
* https://www.unrealircd.org/docs/Channel_anti-flood_settings
* In UnrealIRCd 6.2.0+ the default is profile "normal".
* Chanops can override this via "MODE #channel +F relaxed"
* or "+F off". If you are afraid of too many false positives
* then you could set this to "relaxed" instead. Note that
* doing so would reduce protection for everyone. Another
* option is to set it here to "off" to disable this default
* channel protection entirely (not recommended).
*/
default-profile normal;
}
}
/* Settings for spam filter */
@@ -571,18 +494,14 @@ set {
*/
restrict-commands {
list {
except {
connect-time 60; /* after 60 seconds you can use LIST */
identified yes; /* or immediately, if you are identified to services */
reputation-score 24; /* or if you have a reputation score of 24 or more */
}
connect-delay 60;
exempt-identified yes;
exempt-reputation-score 24;
}
invite {
except {
connect-time 120;
identified yes;
reputation-score 24;
}
connect-delay 120;
exempt-identified yes;
exempt-reputation-score 24;
}
/* In addition to the ability to restrict any command,
* such as shown above. There are also 4 special types
@@ -591,47 +510,14 @@ set {
* They are commented out (disabled) in this example:
*/
//private-message {
// except { connect-time 10; }
// connect-delay 10;
//}
//private-notice {
// except { connect-time 10; }
// connect-delay 10;
//}
}
}
/* RECOMMENDED:
* Everyone should be using IRC over SSL/TLS on port 6697. However, to use
* it properly, you have to get a "real" certificate instead of the
* self-signed default certificate that was generated by the installer.
* The Let's Encrypt initiative allows you to get a free certificate that is
* issued by a trusted Certificate Authority. Instructions are at:
* https://www.unrealircd.org/docs/Using_Let's_Encrypt_with_UnrealIRCd
*
* When you follow that guide you will have a "dual certificate" setup:
* set::tls:
* Your trusted CA certificate, served to clients on port 6697.
* (key and certificate change and renew every xx days automatically)
* set::server-linking::tls-options
* A long-lived self-signed certificate for server linking, with
* a stable 'spkifp' signature that you use in link blocks.
* This certificate is used automatically in "serversonly" listen blocks
* (port 6900 in this configuration file) and automatically used for all
* link { } blocks.
*
*/
//set {
// tls {
// certificate "/etc/letsencrypt/live/irc.example.org/fullchain.pem";
// key "/etc/letsencrypt/live/irc.example.org/privkey.pem";
// }
// server-linking {
// tls-options {
// certificate "tls/server.cert.pem";
// key "tls/server.key.pem";
// }
// }
//}
/*
* The following will configure connection throttling of "unknown users".
*
@@ -647,21 +533,20 @@ set {
set {
connthrottle {
/* First we configure which users are exempt from the
* restrictions. These users are always allowed in!
/* First we must configure what we call "known users".
* By default these are users on IP addresses that have
* a score of 24 or higher. A score of 24 means that the
* IP was connected to this network for at least 2 hours
* in the past month (or minimum 1 hour if registered).
* We also allow users who are identified to services via
* SASL to bypass the restrictions.
* The sasl-bypass option is another setting. It means
* that users who authenticate to services via SASL
* are considered known users as well.
* Users in the "known-users" group (either by reputation
* or by SASL) are always allowed in by this module.
*/
except {
reputation-score 24;
identified yes;
/* for more options, see
* https://www.unrealircd.org/docs/Mask_item
*/
known-users {
minimum-reputation-score 24;
sasl-bypass yes;
}
/* New users are all users that do not belong in the
@@ -676,23 +561,6 @@ set {
global-throttle 30:60;
}
/* For IPv6 users, on top of 'maxperip' (which limits
* connections per /64), connthrottle also limits how
* many unknown users can be online from wider IPv6
* prefixes (/56, /48, /32). This is an additional
* security measure, separate from the rate-throttle
* above. People in the security-group "known-users"
* bypass this, as well as set::connthrottle::except.
* The defaults below should fit most networks unchanged.
* Uncomment to tune. Set a cidr-xx item to max 0;
* to disable it.
*/
//ipv6-unknown-users-limit {
// cidr-56 { max 8; }
// cidr-48 { max 32; }
// cidr-32 { max 256; }
//}
/* This configures when this module will NOT be active.
* The default settings will disable the module when:
* - The reputation module has been running for less than
@@ -707,29 +575,6 @@ set {
}
}
/* CHANNEL HISTORY:
* UnrealIRCd has channel mode +H which can be used by users to read back
* channel history, such as from before they joined. For general information
* on this feature, see https://www.unrealircd.org/docs/Channel_history
*
* The history limits can be configured via set::history. The defaults are
* probably already good for you, but if you are on a low-memory system
* or have thousands of channels then you may want to double check. See
* https://www.unrealircd.org/docs/Set_block#set::history for the options.
*
* In addition to that, you can have "persistent channel history", which
* means channel history is stored encrypted on disk so it is preserved
* between IRC server restarts, see
* https://www.unrealircd.org/docs/Set_block#Persistent_channel_history
* The persistent history feature is NOT enabled by default because you
* need to configure a secret { } block for it. The following is a simple
* example with passwords stored directly in the configuration file.
* To get better security, read https://www.unrealircd.org/docs/Secret_block
* on alternative ways so you don't store passwords directly in the config.
*/
//secret historydb { password "somepassword"; }
//set { history { channel { persist yes; db-secret "historydb"; } } }
/* Finally, you may wish to have a MOTD (Message of the Day), this can be
* done by creating an 'ircd.motd' text file in your conf/ directory.
* This file will be shown to your users on connect.
@@ -738,7 +583,7 @@ set {
/*
* Problems or need more help?
* 1) https://www.unrealircd.org/docs/
* 1) https://www.unrealircd.org/docs/UnrealIRCd_4_documentation
* 2) https://www.unrealircd.org/docs/FAQ <- answers 80% of your questions!
* 3) If you are still having problems then you can get support:
* - Forums: https://forums.unrealircd.org/
doc/conf/examples/example.es.conf
+265 -314
View File
@@ -1,89 +1,83 @@
/* Archivo de configuración para UnrealIRCd 6
/* Archivo de configuración para UnrealIRCd 5
*
* Simplemente copie este archivo a su directorio conf/, llámelo
* 'unrealircd.conf' y revíselo línea por línea (¡edítelo!)
* Simplemente copie este archivo a su directorio conf /, llámelo
* 'unrealircd.conf' y recorrerlo línea por línea (¡edítalo!)
*
* Importante: Todas las líneas, excepto { y } terminan con ;
* Esto es muy importante, si pierde un ; en algún lugar entonces el
* el analizador del archivo de configuración se quejará y el archivo no
* ser procesado correctamente!
* Si esta es tu primera experiencia con una configuración de UnrealIRCd
* entonces te recomendamos que leas un poco sobre la sintaxis,
* Importante: Todas las líneas, excepto { y } terminan con un;
* Esto es muy importante, si pierde un; en algún lugar entonces el
* el analizador de archivos de configuración se quejará y el archivo no
* ¡será procesado correctamente!
* Si esta es su primera experiencia con una configuración de UnrealIRCd
* entonces realmente le recomendamos que lea un poco sobre la sintaxis,
* esto solo toma unos minutos y te ayudará mucho:
* https://www.unrealircd.org/docs/Configuration#Configuration_file_syntax
*
* Documentación de UnrealIRCd 6 (¡muy extensa!):
* https://www.unrealircd.org/docs/UnrealIRCd_6_documentation
* Documentación de UnrealIRCd 5 (¡muy extensa!):
* https://www.unrealircd.org/docs/Main_Page/es
*
* Preguntas frecuentes:
* https://www.unrealircd.org/docs/FAQ
*
*/
/* Esto es un comentario, todo el texto aquí es ignorado (tipo de comentario #1) */
/* Esto es un comentario, todo el texto aquí se ignora (tipo de comentario #1) */
// Esto también es un comentario, esta línea se ignora (tipo de comentario #2)
# Esto también es un comentario, nuevamente esta línea se ignora (tipo de comentario #3)
#Esto también es un comentario, nuevamente esta línea se ignora (tipo de comentario # 3)
/* UnrealIRCd hace un uso intensivo de los módulos. Los módulos le permiten completamente
* personaliza el conjunto de características que deseas habilitar en UnrealIRCd.
* Ver: https://www.unrealircd.org/docs/Modules
/* UnrealIRCd hace un uso intensivo de módulos. Los módulos le permiten
* personalizar el conjunto de funciones que desea habilitar en UnrealIRCd.
* Vea más: https://www.unrealircd.org/docs/Modules
*
* Al usar el incluir a continuación, le indicamos al IRCd que lea el archivo
* 'modules.default.conf' que cargará más de 150 módulos
* enviado con UnrealIRCd. En otras palabras: esto simplemente cargará
* Al usar la inclusión a continuación, le indicamos al IRCd que lea el archivo
* 'modules.default.conf' este cargará más de 150 módulos
* cargados con UnrealIRCd. En otras palabras: esto simplemente cargará
* todas las funciones disponibles en UnrealIRCd.
* Si está configurando UnrealIRCd por primera vez, le sugerimos
* utilizar esta. Luego, cuando todo esté funcionando, puedes venir
* volver más tarde para personalizar la lista (si lo desea).
* utilizar este. Entonces, cuando todo esté en funcionamiento, puedes venir
* volver más tarde para personalizar la lista (si así lo desea).
*/
include "modules.default.conf";
/* Ahora incluyamos algunos otros archivos también:
* - help/help.conf para nuestro sistema on-IRC /HELPOP
/* Ahora incluyamos algunos otros archivos:
* - help / help.conf para nuestro sistema on-IRC /HELPOP
* - badwords.conf para canal y modo de usuario +G
* - spamfilter.conf como ejemplo para el uso de spamfilter
* (Comentado)
* - spamfilter.conf como ejemplo de uso de filtro de texto.
* (comentado)
* - operclass.default.conf contiene algunas buenas operclasses que
* puedes usar en tus bloques operativos.
* puedes usarlo en tus bloques operativos.
*/
include "help/help.conf";
include "badwords.conf";
//include "spamfilter.conf";
include "operclass.default.conf";
include "snomasks.default.conf";
/* Cargar el módulo de encubrimiento predeterminado (2021 en adelante): */
loadmodule "cloak_sha256";
/* O cargue el módulo antiguo de UnrealIRCd 3.2/4/5 en su lugar: */
//loadmodule "cloak_md5";
/* Este es el bloque yo { } que básicamente dice quiénes somos.
/* Este es el bloque me {} que básicamente dice quiénes somos.
* Define el nombre de nuestro servidor, alguna línea de información y un "sid" único.
* La identificación del servidor (sid) debe comenzar con un dígito seguido de dos dígitos o
* cartas. El sid debe ser único para su red IRC (cada servidor debe
* tener su propio sid).
* letras. El sid debe ser único para su red IRC (cada servidor debe
* tiene su propio sid).
*/
me {
name "irc.example.org";
info "ExampleNET Server";
me {
name "irc.ejemplo.org";
info "Servidor EjemploNET";
sid "001";
}
/* El bloque admin { } define lo que verán los usuarios si escriben /ADMIN.
* Normalmente contiene información sobre cómo contactar con el administrador.
/* El bloque admin {} define lo que los usuarios verán si escriben /ADMIN.
* Normalmente contiene información sobre cómo contactar al administrador.
*/
admin {
"Bob Smith";
"bob";
"email@example.org";
"correo-electrónico@ejemplo.org";
}
/* Los clientes y servidores se colocan en bloques de clase { }, los definimos aquí.
/* Los clientes y servidores se colocan en bloques de clase {}, los definimos aquí.
* Los bloques de clase constan de los siguientes elementos:
* - pingfreq: con qué frecuencia hacer ping a un usuario/servidor (en segundos)
* - pingfreq: con qué frecuencia hacer ping a un usuario /servidor (en segundos)
* - connfreq: con qué frecuencia intentamos conectarnos a este servidor (en segundos)
* - sendq: el tamaño máximo de cola para una conexión
* - recvq: máxima cola de recepción de una conexión (control de inundación)
* - recvq: cola de recepción máxima de una conexión (control de inundaciones)
*/
/* Clase de cliente con buenos valores predeterminados */
@@ -95,7 +89,7 @@ class clients
recvq 8000;
}
/* Clase especial para IRCOps con límites más altos */
/* Clase especial para IRCOps con límites superiores */
class opers
{
pingfreq 90;
@@ -109,63 +103,64 @@ class servers
{
pingfreq 60;
connfreq 15; /* intenta conectarte cada 15 segundos */
maxclients 10; /* maximo de servidores */
maxclients 10; /* máximo de servidores */
sendq 20M;
}
/* Permitir que los bloques definan qué clientes pueden conectarse a este servidor.
/* Bloques de permitir definen qué clientes pueden conectarse a este servidor.
* Esto le permite agregar una contraseña de servidor o restringir el servidor a
* IP específicas solamente. También configuras las conexiones máximas
* IP específicas únicamente. También configuras las conexiones máximas
* permitido por IP aquí.
* Ver también: https://www.unrealircd.org/docs/Allow_block
*/
/* Permitir el ingreso de todos, pero solo 3 conexiones por IP */
/* Permitir que todos entren, pero solo 3 conexiones por IP */
allow {
mask *;
class clients;
maxperip 3;
}
/* Los bloques Oper definen sus operadores IRC.
/* Ejemplo de un bloque de permiso especial en una IP específica:
* Requiere que los usuarios de esa IP se conecten con una contraseña. Si la contraseña
* es correcto, entonces permite 20 conexiones en esa IP.
*/
allow {
mask 192.0.2.1;
class clients;
password "algunacontraseña";
maxperip 20;
}
/* Los bloques de operaciones definen sus operadores de IRC.
* Los operadores de IRC son personas que tienen "derechos adicionales" en comparación con otros,
* por ejemplo, pueden /MATAR a otras personas, iniciar la vinculación del servidor,
* /ÚNETE a los canales aunque estén prohibidos, etc.
* por ejemplo, pueden /KILL a otras personas, iniciar la vinculación del servidor,
* /JOIN a canales aunque estén prohibidos, etc.
*
* Para obtener más información sobre cómo convertirse en un IRCOp y cómo ser administrador
* tareas, ver: https://www.unrealircd.org/docs/IRCOp_guide
* Para obtener más información sobre cómo convertirse en un IRCOp y cómo administrar
* tareas, consulte: https://www.unrealircd.org/docs/IRCOp_guide
*
* Para obtener detalles sobre el propio bloque oper { }, consulte
* Para obtener detalles sobre el bloque oper {} en sí, consulte
* https://www.unrealircd.org/docs/Oper_block
*/
/* Aquí hay un bloque de operación de ejemplo para 'bobsmith'.
* ¡DEBES cambiar esto!
/* Aquí hay un ejemplo de bloque de operador para 'bobsmith' con contraseña 'test'.
* ¡¡DEBES cambiar esto !!
*/
oper bobsmith {
class opers;
mask *@*;
/* Technically you can put oper passwords in plaintext in the conf but
* this is HIGHLY DISCOURAGED. Instead you should generate a password hash:
* On *NIX, run: ./unrealircd mkpasswd
* On Windows, run: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" mkpasswd
* .. and then paste the result below:
*/
password "$argon2id..etc..";
/* See https://www.unrealircd.org/docs/Authentication_types for
* more information, including even better authentication types
* such as 'certfp', and how to generate hashes on Windows.
*/
/* Los permisos de operación se definen en un bloque 'operclass'.
* Ver https://www.unrealircd.org/docs/Operclass_block
* UnrealIRCd se envía con una serie de bloques predeterminados, consulte
* el artículo para una lista completa. Elegimos 'netadmin' aquí.
*/
password "test";
/* Los permisos de operador se definen en un bloque 'operclass'.
* Ver https://www.unrealircd.org/docs/Operclass_block
* UnrealIRCd viene con una serie de bloques predeterminados, consulte
* el artículo para una lista completa. Elegimos 'netadmin' aquí.
*/
operclass netadmin;
swhois "is a Network Administrator";
vhost netadmin.example.org;
swhois "es un Administrador de Red";
vhost netadmin.ejemplo.org;
}
/* Los bloques de escucha definen los puertos donde el servidor debe escuchar.
@@ -174,51 +169,48 @@ oper bobsmith {
*
* Sintaxis:
* listen {
* {
* ip <ip>;
* port <port>;
* port <puerto>;
* options {
* <options....>;
* <opciones....>;
* }
* }
*/
/* Puerto IRC estándar 6667
* Insecure plaintext (NOT for production servers)
* This listen block is here only for quick testing.
* Delete or comment out this listen block on production servers
* and use TLS on port 6697 instead.
*/
/* Puerto estándar para IRC 6667 */
listen {
ip *;
port 6667;
}
/* Puerto IRC estándar 6697 */
/* Puerto estándar para IRC SSL/TLS 6697 */
listen {
ip *;
port 6697;
options { tls; }
}
/* Puerto especial solo para servidores SSL/TLS para vincular */
/* Puerto especial SSL/TLS servers-only/(Solo servidores) para enlaces */
listen {
ip *;
port 6900;
options { tls; serversonly; }
}
/* NOTA: Si está en una shell IRCd con múltiples IP y usa
* los bloques de escucha anteriores { } entonces probablemente obtendrás un
* Error 'Dirección ya en uso' y el ircd no se inicia.
/* NOTA: Si está en una shell IRCd con varias IP y usa
* los bloques listen {} anteriores, es probable que obtenga un
* Error "address is already in use" y el ircd no se inicia.
* Esto significa que DEBE vincularse a una IP específica en lugar de '*' como:
* escucha { ip 1.2.3.4; puerto 6667; }
* Por supuesto, reemplaza la IP con la IP que te fue asignada.
* escuchar { ip 1.2.3.4; puerto 6667; }
* Por supuesto, reemplace la IP con la IP que se le asignó.
*/
/*
* Los bloques de enlace le permiten vincular varios servidores para formar una red.
* Los bloques de enlaces le permiten enlazar varios servidores para formar una red.
* Ver https://www.unrealircd.org/docs/Tutorial:_Linking_servers
*/
link hub.ejemplo.org
{
incoming {
@@ -232,20 +224,21 @@ link hub.ejemplo.org
options { tls; }
}
/* Usamos la huella digital SPKI del otro servidor para la autenticación.
* Ejecute './unrealircd spkifp' en el otro lado del linkeo para obtenerlo.
* ( Windows: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" spkifp )
*/
/* Usamos la huella digital SPKI del otro servidor para la autenticación.
* Ejecute './unrealircd spkifp' en el otro lado para obtenerlo.
*/
password "AABBCCDDEEFFGGHHIIJJKKLLMMNNOOPPQQRRSSTTUUV=" { spkifp; }
class servers;
}
/* El bloque de enlace para servicios suele ser mucho más simple.
* Para más información sobre qué son los Servicios,
/* El bloqueo de enlaces para servicios suele ser mucho más sencillo.
* Para obtener más información sobre qué son los Servicios,
* ver https://www.unrealircd.org/docs/Services
*/
link services.ejemplo.org
link servicios.ejemplo.org
{
incoming {
mask 127.0.0.1;
@@ -257,103 +250,86 @@ link services.ejemplo.org
}
/* Las líneas U dan a otros servidores (incluso) más poder/comandos.
* Si usas servicios debes agregarlos aquí.
* ¡NUNCA pongas el nombre de un servidor UnrealIRCd aquí!
* Si utiliza servicios debe agregarlos aquí.
* ¡¡¡NUNCA ponga aquí el nombre de un servidor UnrealIRCd !!!
*/
ulines {
services.ejemnplo.org;
servicios.ejemplo.org;
}
/* Aquí puede agregar una contraseña para los comandos /DIE y /RESTART exclusivos de IRCOp.
* Esto está destinado principalmente a proporcionar un poco de protección contra accidentes
* reinicios y muertes del servidor.
/* Aquí puede agregar una contraseña para los comandos solo IRCOp /DIE y /RESTART.
* Esto está destinado principalmente a proporcionar una pequeña protección contra accidentes
* se reinicia y el servidor se mata.
*/
drpass {
restart "restart";
die "die";
}
/* El bloque de registro define qué debe registrarse y en qué archivo.
drpass {
restart "reiniciar";
die "muere";
}
/* El bloque de registros define qué se debe registrar y en qué archivo.
* Ver también https://www.unrealircd.org/docs/Log_block
*/
/* Este es un buen valor predeterminado, registra todo excepto
* cosas de depuración y unión/parte/kick.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.log" { maxsize 100M; }
/* Este es un buen valor predeterminado, registra todo */
log "ircd.log" {
flags {
oper;
connects;
server-connects;
kills;
errors;
flood;
sadmin-commands;
chg-commands;
oper-override;
tkl;
spamfilter;
}
}
/* In addition to regular logging, also add a JSON log file.
* This includes lots of information about every event so is great
* for auditing purposes and is machine readable. It is, however
* less readable for humans.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.json.log" { maxsize 250M; type json; }
}
}
/ * Con "aliases" puedes crear un alias como /ALGO para enviar un mensaje
* algún usuario o bot. Suelen utilizarse para servicios.
*
* Tenemos varios archivos de alias preestablecidos, consulte el directorio alias /.
* Como ejemplo, aquí incluimos todos los alias utilizados para los servicios de anope.
* /
/* Con "aliases" puedes crear un alias como /ALGO para enviar un mensaje a
* algún usuario o bot. Suelen utilizarse para servicios.
*
* Tenemos una cantidad de archivos de alias preestablecidos, consulte el directorio alias/.
* A modo de ejemplo, aquí incluimos todos los alias utilizados para los servicios de anope.
*/
include "aliases/anope.conf";
/* Prohibir los apodos para que no puedan ser utilizados por usuarios regulares */
/* Prohibir los apodos para que no puedan ser utilizados por usuarios habituales. */
ban nick {
mask "*C*h*a*n*S*e*r*v*";
reason "Reservado para Servicios";
}
/* Baneo por ip.
* Tenga en cuenta que normalmente usa /KLINE, /GLINE y /ZLINE para esto.
/* Prohibir ip.
* Tenga en cuenta que normalmente se usa /KLINE, /GLINE y /ZLINE para esto.
*/
ban ip {
mask 195.86.232.81;
reason "Te odio";
}
/* Baneo del servidor: si vemos que este servidor está vinculado a alguien, lo desvinculamos */
/* Ban server - if we see this server linked to someone then we delink */
ban server {
mask eris.berkeley.edu;
reason "Sal de aquí.";
}
/* Baneo de usuario: solo como ejemplo, normalmente usa /KLINE o /GLINE para esto */
/* Banear un user - solo como ejemplo, normalmente usa /KLINE or /GLINE para esto */
ban user {
mask *tirc@*.saturn.bbn.com;
reason "Idiot";
reason "Idiota";
}
/* Baneo del nombre real le permite prohibir clientes en función de su 'nombre real'
/* Banear realname te permite prohibir clientes en función de su 'nombre real'
* o campo 'gecos'.
*/
ban realname {
mask "Equipo Swat";
reason "mIRKFORCE";
@@ -364,71 +340,75 @@ ban realname {
reason "sub7";
}
/* Excepciones de baneo y TKL. Le permite eximir a los usuarios/máquinas de
/* Excepciones de prohibición y TKL. Le permite eximir a los usuarios/máquinas de
* KLINE, GLINE, etc.
* Si es un IRCOp con una IP estática (y no hay personas que no sean de confianza en esa IP)
* entonces te sugerimos que te añadas aquí. Así siempre puedes entrar
* incluso si accidentalmente colocas una prohibición de *LINE en ti mismo.
* entonces le sugerimos que se agregue aquí. De esa manera siempre puedes entrar
* incluso si accidentalmente te aplicas una prohibición de * LINE.
*/
/* excepto el baneo con el tipo 'todos' (all) te proteja de GLINE, GZLINE, QLINE, SHUN */
/* Excepciones, te protege de KLINE and ZLINE */
except ban {
mask *@192.0.2.1;
// puede agregar más entradas de máscara aquí..
}
/* excepto prohibir con tipo 'all' te protege de GLINE, GZLINE, QLINE, SHUN */
except ban {
mask *@192.0.2.1;
type all;
}
/* This allows IRCCloud connections in without maxperip restrictions
* and also exempt them from connect-flood throttling.
*/
except ban {
mask *.irccloud.com;
type { maxperip; connect-flood; }
}
/* Con deny dcc puedes prohibir nombres de archivo para DCC */
/* Con los bloques de denegación de DCC puede prohibir los nombres de archivo para DCC */
deny dcc {
filename "*sub7*";
reason "Posible Sub7 Virus";
}
/* denegar canal le permite prohibir un canal (máscara) por completo */
/* deny channel te perimte banear un canal entero (mascará) */
deny channel {
channel "*warez*";
reason "Warez es ilegal";
class "clients";
}
/* Los VHosts (hosts virtuales) permiten a los usuarios adquirir un host diferente.
/* VHosts (Virtual Hosts) permite a los usuarios adquirir un host diferente.
* Ver https://www.unrealircd.org/docs/Vhost_block
*/
/* Ejemplo de vhost que puede usar. En el tipo de IRC: prueba de prueba /VHOST
* NOTA: solo las personas con un host 'unrealircd.com' pueden usarlo para
* asegúrese de cambiar el vhost::mask antes de probar.
/* Ejemplo de vhost que puede usar. En el tipo de IRC: /VHOST test test
* NOTA: solo las personas con un host 'unrealircd.com' pueden usarlo así
* asegúrese de cambiar vhost :: mask antes de realizar la prueba.
*/
vhost {
vhost odio.microsefrs.com;
mask *@unrealircd.com;
login "test";
password "test";
login "testeo";
password "testeo";
}
/* Los bloques de la lista negra consultarán un servicio de lista negra de DNS externo
/* Los bloques de lista negra consultarán un servicio de lista negra de DNS externo
* cada vez que un usuario se conecta, para ver si se conoce la dirección IP
* para causar ataques de drones, es una máquina pirateada conocida, etc.
* por causar ataques con drones, es una máquina pirateada conocida, etc.
* Documentación: https://www.unrealircd.org/docs/Blacklist_block
* O simplemente eche un vistazo a los bloques a continuación.
*/
/* DroneBL, probablemente la lista negra más popular utilizada por los servidores IRC.
* Ver https://dronebl.org/ para su documentación y el
* significado de los tipos de respuesta. Al momento de escribir usamos tipos:
* Consulte https://dronebl.org/ para obtener su documentación y el
* significado de los tipos de respuesta. En el momento de escribir este artículo utilizamos tipos:
* 3: IRC Drone, 5: Embotellador, 6: Spambot o drone desconocido,
* 7: Drone DDoS, 8: Proxy SOCKS, 9: Proxy HTTP, 10: ProxyChain,
* 7: DDoS Drone, 8: Proxy SOCKS, 9: Proxy HTTP, 10: ProxyChain,
* 11: Proxy de página web, 12: Open DNS Resolver, 13: Atacantes de fuerza bruta,
* 14: Proxy Wingate abierto, 15: Enrutador / puerta de enlace comprometidos,
* 16: Gusanos autoenraizadores.
* 14: Proxy Wingate abierto, 15: Enrutador / puerta de enlace comprometido,
* 16: Gusanos de autorooting.
*/
blacklist dronebl {
dns {
name dnsbl.dronebl.org;
@@ -437,16 +417,17 @@ blacklist dronebl {
}
action gline;
ban-time 24h;
reason "Proxy/Drone Detectado. Chequea https://dronebl.org/lookup?ip=$ip para más detalles.";
reason "Proxy/Drone detectado. Consulte https://dronebl.org/lookup?ip=$ip para más detalles.";
}
/* EFnetRBL, consulte https://rbl.efnetrbl.org/ para obtener la documentación
/* EFnetRBL, consulte https://rbl.efnetrbl.org/ para obtener documentación
* y el significado de los tipos de respuesta.
* Al momento de escribir: 1 es proxy abierto, 4 es TOR, 5 es drones/inundaciones.
* Al momento de escribir este artículo: 1 es proxy abierto, 4 es TOR, 5 es drones/flooding.
*
* NOTA: Si desea permitir proxies TOR en su servidor, entonces
* necesita eliminar el '4;' abajo en la sección de respuesta.
* necesita eliminar el '4;' a continuación en la sección de respuesta.
*/
blacklist efnetrbl {
dns {
name rbl.efnetrbl.org;
@@ -455,12 +436,12 @@ blacklist efnetrbl {
}
action gline;
ban-time 24h;
reason "Proxy/Drone/TOR detected. Check https://rbl.efnetrbl.org/?i=$ip for details.";
reason "Proxy/Drone detectado. Consulte https://rbl.efnetrbl.org/?i=$ip para más detalles.";
}
/* Puede incluir otros archivos de configuración */
/* include "klines.conf"; */
/* Configuración de la red */
set {
network-name "EjemploNET";
@@ -468,62 +449,62 @@ set {
services-server "services.ejemplo.org";
stats-server "stats.ejemplo.org";
help-channel "#Ayuda";
cloak-prefix "Clk";
hiddenhost-prefix "Clk";
prefix-quit "Quit";
/* Las claves de ocultación deben ser las mismas en todos los servidores de la red.
* Se utilizan para generar hosts enmascarados y deben mantenerse en secreto.
* Las claves deben ser 3 cadenas aleatorias de 80 caracteres cada una (o más).
* y debe constar de minúsculas (a-z), mayúsculas (A-Z) y dígitos (0-9).
* SUGERENCIA: En *NIX, puede ejecutar './unrealircd gencloak' en su shell para dejar
* UnrealIRCd genera 3 cadenas aleatorias para ti.
* On Windows, you can run "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" gencloak
*/
* Se utilizan para generar hosts enmascarados y deben mantenerse en secreto.
* Las claves deben ser 3 cadenas aleatorias de 50-100 caracteres
* y debe constar de minúsculas (a-z), mayúsculas (A-Z) y dígitos (0-9).
* SUGERENCIA: en * NIX, puede ejecutar './unrealircd gencloak' en su shell/Vps para
* que UnrealIRCd genere 3 cadenas aleatorias para ti.
*/
cloak-keys {
"Oozahho1raezoh0iMee4ohvegaifahv5xaepeitaich9tahdiquaid0geecipahdauVaij3zieph4ahi";
"y otra llave";
"y otra llave";
"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";
"uno más";
"y otro más";
}
}
/* Configuración específica del servidor */
set {
kline-address 'agrega.una.dirección.de.correo-electrónico'; /* correo electrónico o URL que se muestra cuando un usuario está baneado */
modes-on-connect "+ixw"; /* cuando los usuarios se conecten, obtendrán estos modos de usuario */
kline-address "setea.un.correo.electrónico"; /* Correo electrónico o URL que se muestra cuando un usuario está baneado */
modes-on-connect "+ixw"; /* cuando los usuarios se conectan, obtendrán estos modos de usuario */
modes-on-oper "+xws"; /* cuando alguien se convierte en IRCOp obtendrá estos modos */
modes-on-join "+nt"; /* modos de canal predeterminados cuando se crea un nuevo canal */
oper-auto-join "#opers"; /* Los IRCOps se unen automáticamente a este canal */
oper-auto-join "#opers"; /* Las IRCOps se unen automáticamente a este canal. */
options {
hide-ulines; /* ocultar líneas U en /MAP y /LINKS */
show-connect-info; /* mostrar mensajes de "buscando su nombre de host" al conectarse */
hide-ulines; /* ocultar las líneas U en /MAP and /LINKS */
show-connect-info; /* muestra "looking up your hostname" cuando conectas */
}
maxchannelsperuser 10; /* número máximo de canales que un usuario puede /JOIN */
maxchannelsperuser 10; /* Número máximo de canales que un usuario puede /JOIN */
/* El tiempo mínimo que un usuario debe estar conectado antes de que se le permita
* use un mensaje SALIR. Con suerte, esto ayudará a detener el spam.
*/
* usar un mensaje QUIT. Con suerte, esto ayudará a detener el spam.
*/
anti-spam-quit-message-time 10s;
/* O simplemente establezca una salida estática, lo que significa que se ignora cualquier razón /QUIT */
/* static-quit "Salida del cliente"; */
/* O simplemente setea un quit estático, significa que cualquier /QUIT es ignorado */
/* static-quit "Client quit"; */
/* static-part hace lo mismo para /PART */
/* static-part yes; */
/* Protección contra inundaciones:
* Hay muchas configuraciones para esto y la mayoría tiene buenos valores predeterminados.
* Ver https://www.unrealircd.org/docs/Set_block#set::anti-flood
*/
/* Protección contra flood:
* Hay muchas configuraciones para esto y la mayoría tienen buenos valores predeterminados.
* Ver https://www.unrealircd.org/docs/Set_block#set::anti-flood
*/
anti-flood {
}
/* Configuración del filtro de spam */
/* Opciones de Filtro de texto */
spamfilter {
ban-time 1d; /* duración predeterminada de una prohibición de *LINE establecida por spamfilter */
ban-time 1d; /* la duracion por defecto de un *LINE seteado por el filtro de texto */
ban-reason "Spam/Publicidad"; /* razón por defecto */
virus-help-channel "#Ayuda"; /* canal a usar para la acción 'viruschan' */
/* except "#Ayuda"; canal para eximir de Spamfilter */
virus-help-channel "#ayuda"; /* canal de uso para 'viruschan' */
/* except "#ayuda"; inmunidad para el canal Ayuda del filtro de texto */
}
/* Restringir ciertos comandos.
@@ -531,87 +512,80 @@ set {
*/
restrict-commands {
list {
except {
connect-time 60;
identified yes;
reputation-score 24;
}
connect-delay 60;
exempt-identified yes;
exempt-reputation-score 24;
}
invite {
except {
connect-time 120;
identified yes;
reputation-score 24;
}
connect-delay 120;
exempt-identified yes;
exempt-reputation-score 24;
}
/* Además de la capacidad de restringir cualquier comando,
* como se muestra arriba. También hay 4 tipos especiales.
* que puedes restringir. Estos son "mensajes privados",
* "aviso privado", "mensaje de canal" y "aviso de canal".
* Están comentados (deshabilitados) en este ejemplo:
*/
* como se muestra arriba. También hay 4 tipos especiales
* que puede restringir. Estos son "private-message",
* "private-notice", "channel-message" y "channel-notice".
* Están comentados (desactivados) en este ejemplo:
*/
//private-message {
// except {
// connect-time 10;
// }
// connect-delay 10;
//}
//private-notice {
// except {
// connect-time 10;
// }
// connect-delay 10;
//}
}
}
/*
* Lo siguiente configurará la limitación de conexión de "usuarios desconocidos".
* Lo siguiente configurará la limitación de la conexión de "unknown users".
*
* Cuando UnrealIRCd detecta una gran cantidad de usuarios que se conectan desde direcciones IP
* que no se han visto antes, entonces se rechazan las conexiones de nuevas IP
* por encima de la tarifa establecida. Por ejemplo a las 10:60 solo se pueden conectar 10 usuarios por minuto
* que no se han visto antes. Las direcciones IP conocidas siempre pueden entrar,
* independientemente de la tarifa establecida. Lo mismo para los usuarios que inician sesión con SASL.
* que no se han visto antes, se rechazan las conexiones de las nuevas IP
* por encima de la configuración establecida. Por ejemplo, 10:60 solo pueden conectarse 10 usuarios por minuto
* que no se hayan visto antes. Las direcciones IP conocidas siempre pueden ingresar,
* independientemente de la configuración establecida. Lo mismo para los usuarios que inician sesión con SASL.
*
* Ver también https://www.unrealircd.org/docs/Connthrottle para más detalles.
* Consulte también https://www.unrealircd.org/docs/Connthrottle para obtener más detalles.
* O simplemente siga leyendo los ajustes de configuración predeterminados a continuación:
*/
set {
connthrottle {
/* Primero debemos configurar lo que llamamos "usuarios conocidos".
* De forma predeterminada, estos son usuarios en direcciones IP que tienen
* una puntuación de 24 o superior. Una puntuación de 24 significa que el
* La IP estuvo conectada a esta red durante al menos 2 horas
* en el último mes (o mínimo 1 hora si está registrado).
* La opción sasl-bypass es otra configuración. Significa
* que los usuarios que se autentican en los servicios a través de SASL
* también se consideran usuarios conocidos.
* Usuarios en el grupo de "usuarios conocidos" (ya sea por reputación
* o por SASL) siempre están permitidas en este módulo.
*/
except {
reputation-score 24;
identified yes;
/* Primero debemos configurar lo que llamamos "known users".
* De forma predeterminada, estos son usuarios en direcciones IP que tienen
* una puntuación de 24 o más. Una puntuación de 24 significa que
* La IP estuvo conectada a esta red durante al menos 2 horas
* en el último mes (o mínimo 1 hora si está registrado).
* La opción sasl-bypass es otra configuración. Significa
* que los usuarios que se autentican en los servicios a través de SASL
* también se consideran usuarios conocidos.
* Usuarios del grupo "known users" (ya sea por reputación
* o por SASL) siempre están permitidos por este módulo.
*/
known-users {
minimum-reputation-score 24;
sasl-bypass yes;
}
/* Los nuevos usuarios son todos los usuarios que no pertenecen al
* grupo de usuarios conocidos. Se consideran "nuevos" y en
* caso de un alto número de tales nuevos usuarios que se conectan
* están sujetos a limitación de velocidad de conexión.
* Por defecto la tarifa es de 20 nuevos usuarios locales por minuto
* y 30 nuevos usuarios globales por minuto.
*/
* grupo de usuarios conocidos. Se consideran "nuevos" y en
* caso de un gran número de nuevos usuarios que se conectan
* están sujetos a limitación de velocidad de conexión.
* Por defecto, la configuración es de 20 nuevos usuarios locales por minuto.
* y 30 nuevos usuarios globales por minuto.
*/
new-users {
local-throttle 20:60;
global-throttle 30:60;
}
/* Esto configura cuando este módulo NO estará activo.
* La configuración predeterminada deshabilitará el módulo cuando:
* - El módulo de reputación se ha estado ejecutando durante menos de
* una semana. Si se ejecuta menos de 1 semana, entonces hay
* datos insuficientes para considerar quién es un "usuario conocido".
* - El servidor acaba de iniciarse (primeros 3 minutos).
*/
/* Esta configuración es para cuando este módulo NO este activo.
* La configuración predeterminada deshabilitará el módulo cuando:
* - El módulo de reputación se ha estado ejecutando durante menos de
* una semana. Si se ejecuta menos de 1 semana, entonces hay
* Datos insuficientes para considerar quién es un "known users".
* - El servidor acaba de iniciarse (primeros 3 minutos).
*/
disabled-when {
reputation-gathering 1w;
start-delay 3m;
@@ -619,41 +593,18 @@ set {
}
}
/* HISTORIAL DE UN CANAL:
* UnrealIRCd tiene el modo de canal +H que los usuarios pueden usar para volver a leer
* los mensajes del canal, antes de que se unieran. Para información general
* en esta función, lee https://www.unrealircd.org/docs/Channel_history
*
* El historial del canal puede ser configurado vía set::history. Los valores predeterminados
* son probablemente buenos para ti, pero si está en un sistema con poca memoria
* o tiene miles de canales, entonces es posible que debas volver a verificar. Lee
* https://www.unrealircd.org/docs/Set_block#set::history para las opciones.
*
* Además de eso, puedes tener "persistent channel history", cual
* significa que el historial del canal se almacena encriptado en el disco
* para que se conserve entre reinicios del servidor IRC, lee
* https://www.unrealircd.org/docs/Set_block#Persistent_channel_history
* La función de historial persistente NO está habilitada de manera predeterminada
* porque usted necesita configurar un bloque de secreto { } para ello. Un sencillo
* ejemplo con contraseñas almacenadas directamente en el archivo de configuración.
* Para obtener una mejor seguridad, lee https://www.unrealircd.org/docs/Secret_block
* las diferentes alternativas para que no almacenes contraseñas directamente en la configuración.
*/
//secret historydb { password "somepassword"; }
//set { history { channel { persist yes; db-secret "historydb"; } } }
/* Finalmente, es posible que desee tener un MOTD (Mensaje del día), esto puede ser
* se hace creando un archivo de texto 'ircd.motd' en su directorio conf/.
* Este archivo se mostrará a tus usuarios al conectarse.
* hecho creando un archivo de texto 'ircd.motd' en su directorio conf /.
* Este archivo se mostrará a sus usuarios al conectarse.
* Para obtener más información, consulte https://www.unrealircd.org/docs/MOTD_and_Rules
*/
*/
/*
* Problemas o necesita más ayuda?
* 1) https://www.unrealircd.org/docs/
* 2) https://www.unrealircd.org/docs/Main_Page/es <- ¡responde el 80% de tus preguntas!
* 3) Si aún tiene problemas, puede obtener soporte:
* ¿Problemas o necesita más ayuda?
* 1) https://www.unrealircd.org/docs/Main_Page/es
* 2) https://www.unrealircd.org/docs/FAQ <- ¡responde el 80% de sus preguntas!
* 3) Si aún tiene problemas, puede obtener asistencia:
* - Foros: https://forums.unrealircd.org/
* - IRC: irc.unrealircd.org (SSL en el puerto 6697) / #unreal-support
* ¡Tenga en cuenta que primero le pedimos que lea la documentación y las preguntas frecuentes!
* Tenga en cuenta que primero le pedimos que lea la documentación y las preguntas frecuentes.
*/
doc/conf/examples/example.fr.conf
+36 -247
View File
@@ -1,4 +1,4 @@
/* Fichier de configuration pour UnrealIRCd 6
/* Fichier de configuration pour UnrealIRCd 5
*
* Copiez ce fichier dans le répertoire conf/, renommez le
* 'unrealircd.conf' et parcourez-le ligne par ligne (modifiez le !)
@@ -13,8 +13,8 @@
* beaucoup :
* https://www.unrealircd.org/docs/Configuration#Configuration_file_syntax
*
* Documentation pour UnrealIRCd 6 (très complète !) :
* https://www.unrealircd.org/docs/UnrealIRCd_6_documentation/fr
* Documentation pour UnrealIRCd 5 (très complète !) :
* https://www.unrealircd.org/docs/UnrealIRCd_5_documentation/fr
*
* Foire Aux Questions :
* https://www.unrealircd.org/docs/FAQ
@@ -51,12 +51,6 @@ include "help/help.conf";
include "badwords.conf";
//include "spamfilter.conf";
include "operclass.default.conf";
include "snomasks.default.conf";
/* Load the default cloaking module (2021 onwards): */
loadmodule "cloak_sha256";
/* Or load the old module from UnrealIRCd 3.2/4/5 instead: */
//loadmodule "cloak_md5";
/* Le bloc me { } indique qui est le serveur.
* Il définit le nom du serveur, une ligne d'informations et un identifiant
@@ -151,25 +145,14 @@ allow {
* Voir aussi : https://www.unrealircd.org/docs/Oper_block
*/
/* Voici un exemple de bloc oper pour 'bobsmith'.
/* Voici un exemple de bloc oper pour 'bobsmith' avec le mot de
* passe 'test'.
* Vous DEVEZ le modifier !!
*/
oper bobsmith {
class opers;
mask *@*;
/* Technically you can put oper passwords in plaintext in the conf but
* this is HIGHLY DISCOURAGED. Instead you should generate a password hash:
* On *NIX, run: ./unrealircd mkpasswd
* On Windows, run: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" mkpasswd
* .. and then paste the result below:
*/
password "$argon2id..etc..";
/* See https://www.unrealircd.org/docs/Authentication_types for
* more information, including even better authentication types
* such as 'certfp', and how to generate hashes on Windows.
*/
password "test";
/* Les permissions Oper sont définies dans un bloc 'operclass'.
* Voir https://www.unrealircd.org/docs/Operclass_block
* UnrealIRCd est fourni avec des classes par défaut, voir la doc
@@ -185,7 +168,8 @@ oper bobsmith {
* se connecter à ce serveur.
*
* Syntaxe :
* listen {
* listen
* {
* ip <adresse ip>;
* port <numéro de port>;
* options {
@@ -194,12 +178,7 @@ oper bobsmith {
* }
*/
/* Port standard pour IRC 6667
* Insecure plaintext (NOT for production servers)
* This listen block is here only for quick testing.
* Delete or comment out this listen block on production servers
* and use TLS on port 6697 instead.
*/
/* Port standard pour IRC 6667 */
listen {
ip *;
port 6667;
@@ -276,40 +255,18 @@ drpass {
*/
/* Ceci est une bonne valeur par défaut, elle journalise presque tout */
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.log" { maxsize 100M; }
}
}
/* In addition to regular logging, also add a JSON log file.
* This includes lots of information about every event so is great
* for auditing purposes and is machine readable. It is, however
* less readable for humans.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.json.log" { maxsize 250M; type json; }
log "ircd.log" {
flags {
oper;
connects;
server-connects;
kills;
errors;
sadmin-commands;
chg-commands;
oper-override;
tkl;
spamfilter;
}
}
@@ -374,20 +331,18 @@ ban realname {
* accidentellement.
*/
/* except ban vous protège des KLINE et ZLINE */
except ban {
mask *@192.0.2.1;
// vous pouvez ajouter d'autres lignes mask à la suite
}
/* except ban avec le type 'all' vous protège des GLINE, GZLINE, QLINE, SHUN */
except ban {
mask *@192.0.2.1;
type all;
}
/* This allows IRCCloud connections in without maxperip restrictions
* and also exempt them from connect-flood throttling.
*/
except ban {
mask *.irccloud.com;
type { maxperip; connect-flood; }
}
/* Avec un bloc deny dcc vous pouvez interdire des noms de fichiers dans
* les échanges DCC
*/
@@ -419,51 +374,6 @@ vhost {
password "test";
}
/* Les blocs de liste noire interrogeront un service de liste noire DNS externe
* chaque fois qu'un utilisateur se connecte, pour voir si l'adresse IP est connue
* pour provoquer des attaques de drones, est une machine piratée connue, etc..
* Documentation: https://www.unrealircd.org/docs/Blacklist_block
* Ou regardez simplement les blocs ci-dessous.
*/
/* DroneBL, probablement la liste noire la plus populaire utilisée par les serveurs IRC.
* Voir https://dronebl.org/ pour leur documentation et les
* significations des types de réponse. AAu moment de la rédaction, nous utilisons des types:
* 3: IRC Drone, 5: Bottler, 6: Unknown spambot or drone,
* 7: DDoS Drone, 8: SOCKS Proxy, 9: HTTP Proxy, 10: ProxyChain,
* 11: Web Page Proxy, 12: Open DNS Resolver, 13: Brute force attackers,
* 14: Open Wingate Proxy, 15: Compromised router / gateway,
* 16: Autorooting worms.
*/
blacklist dronebl {
dns {
name dnsbl.dronebl.org;
type record;
reply { 3; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14; 15; 16; }
}
action gline;
ban-time 24h;
reason "Proxy/Drone detected. Check https://dronebl.org/lookup?ip=$ip for details.";
}
/* EFnetRBL, voir https://rbl.efnetrbl.org/ pour la documentation
* et la signification des types de réponse.
* Au moment de la rédaction: 1 is open proxy, 4 is TOR, 5 is drones/flooding.
*
* REMARQUE: Si vous souhaitez autoriser les proxys TOR sur votre serveur, alors
* vous devez supprimer le '4;' ci-dessous dans la section de réponse.
*/
blacklist efnetrbl {
dns {
name rbl.efnetrbl.org;
type record;
reply { 1; 4; 5; }
}
action gline;
ban-time 24h;
reason "Proxy/Drone/TOR detected. Check https://rbl.efnetrbl.org/?i=$ip for details.";
}
/* Vous pouvez inclure d'autres fichiers de configuration */
/* include "klines.conf"; */
@@ -474,21 +384,20 @@ set {
services-server "services.example.org";
stats-server "stats.example.org";
help-channel "#Help";
cloak-prefix "Clk";
hiddenhost-prefix "Clk";
prefix-quit "Quit";
/* Les clés de cloaking doivent être identiques sur tous les serveurs
* d'un réseau. Elles sont utilisées pour générer les noms d'hôtes
* masqués et doivent être gardées secrètes. Les clés doivent être
* 3 chaînes de 80 caractères aléatoires et ne comporter que des
* minuscules (a-z), des majuscules (A-Z) et des chiffres (0-9).
* (voir l'exemple)
* NB : sur *NIX, vous pouvez exécuter './unrealircd gencloak' sur votre
* serveur pour que Unrealircd génère 3 clés aléatoires pour vous.
* On Windows, use "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" gencloak
* 3 chaînes de 5 à 100 caractères aléatoires (entre 10 et 20 suffisent)
* et ne comporter que des minuscules (a-z), des majuscules (A-Z) et des
* chiffres (0-9). (voir l'exemple)
* NB : sur *NIX, vous pouvez exécuter './unreal gencloak' sur votre
* serveur pour que Unreal génère 3 clés aléatoires pour vous.
*/
cloak-keys {
"Oozahho1raezoh0iMee4ohvegaifahv5xaepeitaich9tahdiquaid0geecipahdauVaij3zieph4ahi";
"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";
"et une autre";
"et une troisième";
}
@@ -497,7 +406,7 @@ set {
/* Configuration spécifique au serveur */
set {
kline-address 'indiquez.une.adresse.email'; /* e-mail ou URL indiquée lorsqu'un utilisateur est banni */
kline-address "indiquez.une.adresse.email"; /* e-mail ou URL indiquée lorsqu'un utilisateur est banni */
modes-on-connect "+ixw"; /* modes utilisateur ajoutés lorsqu'un utilisateur se connecte */
modes-on-oper "+xws"; /* modes utilisateur ajoutés lorsqu'un utilisateur devient IRCOp */
oper-auto-join "#opers"; /* salon que les IRCOps joignent automatiquement */
@@ -534,131 +443,11 @@ set {
virus-help-channel "#help"; /* salon par défaut pour l'action 'viruschan' */
/* except "#help"; salon à exempter de Spamfilter */
}
/* Restreindre certaines commandes.
* Voir https://www.unrealircd.org/docs/Set_block#set::restrict-commands
*/
restrict-commands {
list {
except {
connect-time 60; /* après 60 secondes, vous pouvez utiliser LIST */
identified yes; /* ou immédiatement, si vous êtes identifié aux services */
reputation-score 24; /* ou si vous avez un score de réputation de 24 ou plus */
}
}
invite {
except {
connect-time 120;
identified yes;
reputation-score 24;
}
}
/* En plus de la possibilité de restreindre toute commande,
* tel qu'illustré ci-dessus. Il existe également 4 types spéciaux
* que vous pouvez restreindre. Ceux-ci sont "private-message",
* "private-notice", "channel-message" and "channel-notice".
* Ils sont commentés (désactivés) dans cet exemple :
*/
//private-message {
// except { connect-time 10; }
//}
//private-notice {
// except { connect-time 10; }
//}
}
}
/*
* Ce qui suit configurera la limitation de connexion de "unknown users".
*
* Quand UnrealIRCd détecte un nombre élevé d'utilisateurs se connectant à partir d'adresses IP
* qui n'ont pas été vus auparavant, les connexions des nouvelles IP sont rejetées
* au-dessus du taux fixé. Par exemple à 10:60 seuls 10 utilisateurs par minute peuvent se connecter
* qui n'ont pas été vus auparavant. Les adresses IP connues peuvent toujours entrer,
* quel que soit le tarif fixé. Idem pour les utilisateurs qui se connectent avec SASL.
*
* Voir également https://www.unrealircd.org/docs/Connthrottle pour les détails.
* Ou continuez simplement à lire les paramètres de configuration par défaut ci-dessous:
*/
set {
connthrottle {
/* Nous configurons d'abord quels utilisateurs sont exemptés de la
* restrictions. Ces utilisateurs sont toujours autorisés!
* Par défaut, ce sont des utilisateurs sur des adresses IP qui ont
* un score de 24 ou plus. Un score de 24 signifie que l'IP
* était connecté à ce réseauk pendant au moins 2 heures
* au cours du mois passé (ou minimum 1h si inscrit).
* Nous permettons également aux utilisateurs qui sont identifiés aux services via
* SASL contourner les restrictions.
*/
except {
reputation-score 24;
identified yes;
/* pour plus d'options, voir restrictions
* https://www.unrealircd.org/docs/Mask_item
*/
}
/* Les nouveaux utilisateurs sont tous les utilisateurs qui n'appartiennent pas au
* groupe d'utilisateurs connus. Ils sont considérés comme "nouveaux" et dans
* le cas d'un nombre élevé de ces nouveaux utilisateurs se connectant
* ils sont soumis à une limitation du débit de connexion.
* Par défaut, le taux est de 20 nouveaux utilisateurs locaux par minute
* et 30 nouveaux utilisateurs global par minute.
*/
new-users {
local-throttle 20:60;
global-throttle 30:60;
}
/* Ceci configure quand ce module ne sera PAS actif.
* Les paramètres par défaut désactiveront le module lors que:
* - Le module de réputation fonctionne depuis moins d'une
* semaine. Si vous courez moins d'une semaine, il y a
* données insuffisantes pour déterminer qui est un "utilisateur connu".
* - Le serveur vient d'être démarré (3 premières minutes).
*/
disabled-when {
reputation-gathering 1w;
start-delay 3m;
}
}
}
/* HISTORIQUE DES CANAUX:
* UnrealIRCd a le mode canal +H qui peut être utilisé par les utilisateurs pour relire
* historique de la chaîne, comme avant leur adhésion. Pour des informations générales
* sur cette fonctionnalité, voir https://www.unrealircd.org/docs/Channel_history
*
* Les limites de l'historique peuvent être configurées via set::history.
* Les valeurs par défaut sont probablement déjà bien pour toi, mais si vous êtes sur un
* système à faible mémoire ou ayant des milliers de canaux, vous voudrez peut-être re vérifier.
* Voir https://www.unrealircd.org/docs/Set_block#set::history pour les options.
*
* En plus de cela, vous pouvez avoir "persistent channel history", qui
* signifie que l'historique des chaînes est stocké crypté sur le disque
* afin qu'il soit préservé entre les redémarrages du serveur IRC, voir
* https://www.unrealircd.org/docs/Set_block#Persistent_channel_history
* La fonction d'historique persistant n'est PAS activée par défaut car vous
* devez de configurer un bloque de secret { }. Ce qui suit est un simple
* exemple avec des mots de passe stockés directement dans le fichier de configuration.
* Pour une meilleure sécurité, voir https://www.unrealircd.org/docs/Secret_block
* sur des moyens alternatifs pour ne pas stocker les mots de passe directement dans la configuration.
*/
//secret historydb { password "somepassword"; }
//set { history { channel { persist yes; db-secret "historydb"; } } }
/* Enfin, vous souhaiterez peut-être avoir un MOTD (Le message du jour), cela peut être
* fait en créant un archive de text 'ircd.motd' dans votre répertoire conf/.
* Ce fichier sera montré à vos utilisateurs lors de la connexion.
* Pour plus d'informations, voir https://www.unrealircd.org/docs/MOTD_and_Rules
*/
/*
* Un problème ou besoin d'aide supplémentaire ?
* 1) https://www.unrealircd.org/docs/
* 1) https://www.unrealircd.org/docs/UnrealIRCd_4_documentation/fr
* 2) https://www.unrealircd.org/docs/FAQ <- répond à 80% des questions !
* 3) Si vous avez toujours des problèmes, vous pouvez aller sur
* irc.unrealircd.org #unreal-support,
doc/conf/examples/example.pt.conf
-684
View File
@@ -1,684 +0,0 @@
/* Arquivo de configuração para o UnrealIRCd 6
* OBSERVAÇÃO: Este arquivo utiliza a tradução Português do Brasil (pt-br).
*
* Apenas copie este arquivo para seu diretório conf/ e renomeie-o para 'unrealircd.conf'
*
* Se você estiver com pressa, pode CTRL+F (localizar) pelo termo ALTERAR ISTO
* Os pontos que obrigatoriamente devem ser alterados estão indicados por essas duas palavras.
* No entanto, recomendamos que você revise este arquivo linha por linha
* e o altere conforme necessário, para que possa ver todos os pontos básicos e seus valores.
*
* ANTES DE PROSSEGUIR:
* Importante: Todas as linhas, exceto { e } terminam com ;
* Isto é muito importante, visto que se você esquecer um ; em algum lugar,
* a checagem do arquivo de configuração irá criticar e o arquivo não será processado!
* Se esta é sua primeira experiência com o arquivo de configuração do UnrealIRCd
* então nós recomendamos fortemente que você se dedique um pouco para ler sobre a sintaxe,
* isto levará apenas alguns minutos e o ajudará consideravelmente:
* https://www.unrealircd.org/docs/Configuration#Configuration_file_syntax
*
* Documentação completa do UnrealIRCd 6 (bem extensa!):
* https://www.unrealircd.org/docs/UnrealIRCd_6_documentation
*
* Questões Frequentes:
* https://www.unrealircd.org/docs/FAQ
*/
/* Este é um comentário, todo o texto aqui será ignorado (comentário de tipo #1) */
// Este também é um comentário, e esta linha será ignorada (comentário de tipo #2)
# Este também é um comentário, e novamente esta linha será ignorada (comentário de tipo #3)
/* O UnrealIRCd faz um intenso uso dos Módulos, que permitem que você personalize completamente
* o conjunto de recursos que você deseja habilitar no UnrealIRCd.
* Veja: https://www.unrealircd.org/docs/Modules
*
* Utilizando o include abaixo, nós instruímos o IRCd a ler o arquivo
* 'modules.default.conf' que carregará mais de 150 módulos
* que vem com o UnrealIRCd. Em outras palavras: Isso simplesmente irá carregar
* todos os recursos disponíveis no UnrealIRCd.
* Se você está configurando o UnrealIRCd pela primeira vez, nós sugerimos que você
* o use. Então, quando tudo estiver configurado e rodando, você poderá retornar
* e personalizar a lista (se você desejar).
*/
include "modules.default.conf";
/* Agora vamos incluir alguns outros arquivos de configuração também:
* - help/help.conf para nosso sistema de ajuda /HELPOP
* - badwords.conf para os modos de usuário e canal +G
* - spamfilter.conf como um exemplo para filtragem de spam
* (comentado)
* - operclass.default.conf contém algumas boas classes de operadores que
* você pode usar em seus blocos de operadores.
*/
include "help/help.conf";
include "badwords.conf";
//include "spamfilter.conf";
include "operclass.default.conf";
include "snomasks.default.conf";
/* Carrega por padrão o módulo de cloaking em SHA256 (implementado em 2021): */
loadmodule "cloak_sha256";
/* Ou carrega o antigo módulo de clocking em MD5 que veio do UnrealIRCd 3.2/4/5: */
//loadmodule "cloak_md5";
// ALTERAR ISTO (o 'name' e 'info')
/* Este é o bloco me { } que basicamente diz quem somos.
* Ele define o nome do nosso servidor, algumas linhas informativas e um "sid" único.
* O id do servidor (sid) precisa iniciar com um dígito numérico seguido por dois dígitos numéricos
* ou alfanuméricos de A à Z. O sid precisa ser único para a sua rede de IRC (cada servidor
* deve ter seu próprio sid). É comum utilizar 001 para seu primeiro servidor.
*/
me {
name "irc.exemplo.org";
info "Servidor ExemploNET";
sid "001";
}
// ALTERAR ISTO:
/* O bloco admin { } define quem os usuário verão quando eles digitarem /ADMIN.
* Normalmente contém infomações de como eles podem contatar o administrador.
*/
admin {
"Bob Smith";
"bob";
"email@exemplo.org";
}
/* Clientes e servidores são colocados no bloco class { }, e os definimos aqui.
* Blocos Class consistem nos seguintes itens:
* - pingfreq: com que frequência será efetuado ping em um usuário / servidor (em segundos)
* - connfreq: quantas vezes tentamos nos conectar a este servidor (em segundos)
* - sendq: o tamanho máximo da fila para uma conexão
* - recvq: o recebimento máximo da fila para uma conexão (controle de flood)
*/
/* Classe Client padrão, com valores de limites aceitáveis */
class clients
{
pingfreq 90;
maxclients 1000;
sendq 200k;
recvq 8000;
}
/* Uma classe Especial para IRCOps com valores de limites mais altos */
class opers
{
pingfreq 90;
maxclients 50;
sendq 1M;
recvq 8000;
}
/* Classe Server padrão, com valores de limites aceitáveis */
class servers
{
pingfreq 60;
connfreq 15; /* tenta se conectar a cada 15 segundos */
maxclients 10; /* máximo de servidores */
sendq 20M;
}
/* Blocos allow definem quais classe clients podem se conectar a este servidor.
* Isto permite que você adicione uma senha ao servidor ou restrinja o acesso ao servidor
* apenas por IPs específicos. Você também pode configurar o máximo de conexões
* permitidas por IP.
* Veja também: https://www.unrealircd.org/docs/Allow_block
*/
/* Permite todos entrarem, mas apenas 3 conexões simultâneas por IP */
allow {
mask *;
class clients;
maxperip 3;
}
/* Exemplo de um bloco especial allow em um IP específico:
* Requer que usuários neste IP conectem por uma senha. Se a senha
* estiver correta, então permite 20 conexões simultâneas deste IP.
*/
//allow {
// mask 192.0.2.1;
// class clients;
// password "alguma_senha_secreta";
// maxperip 20;
//}
/* Blocos oper definem os Operadores de IRC.
* Operadores de IRC são pessoas com "privilégios extras" comparado a outros,
* eles podem por exemplo dar /KILL (derrubar) outras pessoas, iniciar uma conexão com server,
* dar /JOIN (entrar) em canais ainda que eles estejam banidos, etc.
*
* Para mais informações sobre como se tornar um IRCOp e como executar
* tarefas administrativas, veja: https://www.unrealircd.org/docs/IRCOp_guide
*
* Para obter mais detalhes sobre o bloco oper { } , veja
* https://www.unrealircd.org/docs/Oper_block
*/
/* Aqui está um exemplo de um bloco oper para o 'bobsmith'
* VOCÊ DEVE ALTERAR ISTO!! (o nome do operador e a senha)
*/
oper bobsmith {
class opers;
mask *@*;
/* Tecnicamente você pode deixar as senhas de oper em texto puro no arquivo de configuração, mas
* isto é ALTAMENTE DESENCORAJADO. No lugar disso, você deve gerar uma senha hasheada:
* No *NIX, execute: ./unrealircd mkpasswd
* No Windows, execute: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" mkpasswd
* ... e então cole a senha no campo abaixo:
*/
password "$argon2id..etc..";
/* Veja https://www.unrealircd.org/docs/Authentication_types para
* mais informações, incluindo formas melhores de autenticação
* como por exemplo o 'certfp', e como gerar hashes no Windows.
*/
/* Permissões de oper são definidos no bloco 'operclass'.
* Veja https://www.unrealircd.org/docs/Operclass_block
* O UnrealIRCd vem com um número padrão de blocos, leia
* o artigo acima para ver a lista completa. Nós escolhemos o 'netadmin' aqui.
*/
operclass netadmin;
swhois "é o Administrador da Rede";
vhost netadmin.exemplo.org;
}
/* Blocos listen definem as portas onde o servidor irá escutar.
* Em outras palavras: as portas que os clientes e servidores podem usar
* para se conectar a este servidor.
*
* Sintaxe:
* listen {
* ip <ip>;
* port <port>;
* options {
* <options....>;
* }
* }
*/
/* Porta padrão 6667 do IRC
* Insecure plaintext (NOT for production servers)
* This listen block is here only for quick testing.
* Delete or comment out this listen block on production servers
* and use TLS on port 6697 instead.
*/
listen {
ip *;
port 6667;
}
/* Porta padrão 6697 do IRC sob tunel SSL/TLS */
listen {
ip *;
port 6697;
options { tls; }
}
/* Porta especial padrão para uso de servidores sob tunel SSL/TLS para vincular a outros servidores */
listen {
ip *;
port 6900;
options { tls; serversonly; }
}
/* OBSERVAÇÃO: Se você está em uma shell IRCd com múltiplos IPs e você usa
* os blocos listen { } acima, então você provavelmente receberá o erro
* 'Address already in use' e o IRCd não iniciará.
* Isto significa que você DEVE colocar em escuta um IP específico no lugar do '*', como por exemplo:
* listen { ip 1.2.3.4; port 6667; }
* Claro, substituindo o IP pelo IP que foi fornecido a você.
*/
/*
* Blocos link permitem que você vincule múltiplos servidores uns aos outros para formar uma rede.
* Veja https://www.unrealircd.org/docs/Tutorial:_Linking_servers
*/
//link hub.exemplo.org
//{
// incoming {
// mask *@alguma_coisa;
// }
//
// outgoing {
// bind-ip *; /* ou especificar um IP */
// hostname hub.exemplo.org;
// port 6900;
// options { tls; }
// }
//
// /* Nós usamos a impressão digital SPKI do outro servidor para autenticação.
// * Abra uma shell no OUTRO SERVIDOR e execute o comando abaixo para obter a impressão digital:
// * No *NIX, execute: ./unrealircd spkifp
// * No Windows, execute: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" spkifp
// */
// password "AABBCCDDEEFFGGHHIIJJKKLLMMNNOOPPQQRRSSTTUUV=" { spkifp; }
//
// class servers;
//}
/* O Bloco link para o services é muito mais simples.
* Para mais informações sobre o que são o Services,
* leia https://www.unrealircd.org/docs/Services
*/
//link services.exemplo.org
//{
// incoming {
// mask 127.0.0.1;
// }
//
// password "me_altere_por_favor";
//
// class servers;
//}
/* U-lines dão a outros servidores (ainda) mais poderes/comandos.
* Se você usa o services, você DEVE adicioná-los aqui. Você deve adicionar o
* nome do servidor do services no bloco ulines { } no arquivo de configuração
* em todo servidor UnrealIRCd da sua rede.
* IMPORTANTE: Jamais insira o nome do servidor do UnrealIRCd aqui,
* é apenas para o Services!
*/
//ulines {
// services.exemplo.org;
//}
/* Aqui você pode adicionar uma senha (apenas para IRCOps) para os comandos /DIE e /RESTART.
* Isto para que se tenha uma pouco mais de proteção contra reinicio acidental
* do servidor e ele seja derrubado inadvertidante.
*/
drpass {
restart "reiniciar";
die "matar";
}
/* O bloco log define o que deve ser registrado (logado) e em qual arquivo.
* Leia também https://www.unrealircd.org/docs/Log_block
*/
/* Este é um bom padrão, ele registra tudo, exceto
* coisas de depuração e comandos join/part/kick.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.log" { maxsize 100M; }
}
}
/* Além do log regular, também adicionamos um arquivo de log em JSON.
* Isso inclui muitas informações sobre cada evento, sendo ótimo
* para fins de auditoria e legível por máquinas. No entanto,
* é menos legível para humanos.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.json.log" { maxsize 250M; type json; }
}
}
/* Com o "aliases" você pode criar um atalho como /ALGUMACOISA para enviar uma mensagem para
* algum usuário ou bot. Eles são usados normalmente por services.
*
* Nós temos um arquivo com um número pré-definido de atalhos, confira o diretório alias/ .
* Como exemplo, aqui nós incluímos todos os atalhos utilizados pelo services anope.
*/
include "aliases/anope.conf";
/* Bane nicks para que eles não sejam utilizados por usuários comuns */
//ban nick {
// mask "*C*h*a*n*S*e*r*v*";
// reason "Reservado para Services";
//}
/* Bane um IP
* Observe que você normalmente usa /KLINE, /GLINE e /ZLINE para isto.
*/
//ban ip {
// mask 195.86.232.81;
// reason "Te odeio";
//}
/* Bane um servidor - se observarmos este servidor vinculado a alguém, então o expulsaremos */
//ban server {
// mask pedro.usp.br;
// reason "Caia fora daqui.";
//}
/* Bane um usuário - mas você normalmente usa /KLINE ou /GLINE para isso */
//ban user {
// mask *usuariotroll@*.saturn.bbn.com;
// reason "Idiota";
//}
/* Este tipo de banimento permite que clientes sejam banidos com base no seu nome real (realname)
* ou campo 'gecos'.
*/
//ban realname {
// mask "Time Swat";
// reason "FORCAOSTENSIVA";
//}
//ban realname {
// mask "sub7server";
// reason "sub7";
//}
/* Exceções de banimento e TKL. Permite que você crie exceções a usuários/IPs a um
* KLINE, GLINE, etc.
* Se você é um IRCOp com IP estático (e não há ninguém não confiável utilizando este IP),
* então nós sugerimos que você seja adicionado aqui. Desta forma, você sempre poderá entrar
* mesmo se acidentalmente você colocar um *LINE em si mesmo.
*/
/* Exceções de banimento de tipo 'all' protegem você de GLINE, GZLINE, QLINE, SHUN */
//except ban {
// mask *@192.0.2.1;
// type all;
//}
/* Isto permite que clientes do IRCCloud não tenham restrição de IP por conexão
* e também cria exceção a eles de flood por conexão.
*/
except ban {
mask *.irccloud.com;
type { maxperip; connect-flood; }
}
/* deny dcc permite você possa banir nomes de arquivos transferidos por DCC */
//deny dcc {
// filename "*sub7*";
// reason "Possível Virus Sub7";
//}
/* deny channel permite a você banir um canal (por máscara) */
//deny channel {
// channel "*warez*";
// reason "Warez é ilegal";
// class "clients";
//}
/* VHosts (Hosts Virtuais) permite aos usuários adquirirem um vhost diferente.
* Veja https://www.unrealircd.org/docs/Vhost_block
*/
/* Exemplo de vhost que você pode usar. No IRC digite: /VHOST teste teste
* OBSERVAÇÃO: apenas pessoas com o host 'unrealircd.com' podem usá-lo, então
* tenha certeza de modificar o vhost::mask antes de seu teste.
*/
//vhost {
// vhost eu.odeio.microsefrs.com;
// mask *@unrealircd.com;
// login "teste";
// password "teste";
//}
/* Blocos blacklist irão consultar um serviço externo de blacklist
* sempre que um usuário se conectar, para saber se seu endereço de IP é conhecido
* por ataques de drone, como uma máquina hackeada, etc.
* Documentação: https://www.unrealircd.org/docs/Blacklist_block
* Ou apenas dê uma olhada nos blocos abaixo.
*/
/* DroneBL é provavelmente o serviço de blacklist mais popular usada por servidores de IRC.
* Veja https://dronebl.org/ para ler a documentação e
* o significado dos tipos de resposta. No momento em que este arquivo foi escrito, nós usamos os tipos:
* 3: IRC Drone, 5: Flooder, 6: Drone ou bot de spam desconhecido,
* 7: Drone de DDoS, 8: Proxy SOCKS, 9: Proxy HTTP, 10: ProxyChain,
* 11: Proxy de página web, 12: Resolvedor de DNS aberto, 13: Atacantes de força bruta,
* 14: Proxy Wingate público, 15: Roteador/Gateway comprometido,
* 16: Virus que tentam conseguir root.
*/
blacklist dronebl {
dns {
name dnsbl.dronebl.org;
type record;
reply { 3; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14; 15; 16; }
}
action gline;
ban-time 24h;
reason "Proxy/Drone detectado. Confira https://dronebl.org/lookup?ip=$ip para detalhes.";
}
/* EFnetRBL, veja https://rbl.efnetrbl.org/ para ler a documentação
* e o significado dos tipos de resposta.
* No momento em que este arquivo foi escrito: 1 é proxy público, 4 é TOR, 5 é drones/flooders.
*
* OBSERVAÇÃO: Se você deseja permitir proxies TOR no seu servidor, então
* você precisa remover o '4;' abaixo da seção reply.
*/
blacklist efnetrbl {
dns {
name rbl.efnetrbl.org;
type record;
reply { 1; 4; 5; }
}
action gline;
ban-time 24h;
reason "Proxy/Drone/TOR detectado. Confira https://rbl.efnetrbl.org/?i=$ip para detalhes.";
}
/* Você pode incluir outros arquivos de configuração */
/* include "klines.conf"; */
/* Configuração da Rede */
set {
// ALTERAR ISTO, todos os 4 itens abaixo
network-name "ExemploNET";
default-server "irc.exemplo.org";
services-server "services.exemplo.org";
stats-server "stats.exemplo.org";
/* Valores Padrão */
help-channel "#ajuda";
cloak-prefix "Clk";
prefix-quit "Saindo";
/* Chaves cloak devem ser a mesma em todos os servidores da rede.
* Eles são usados para geração de hosts mascarados e devem ser mantidos em segredo.
* VOCÊ PRECISA ALTERAR ISTO!
* As chaves devem ser 3 strings (ou mais) de 80 caracteres randômicos
* e devem se constituir de letras minúsculas (a-z), maiúsculas (A-Z) e números (0-9).
* No *NIX, você pode executar './unrealircd gencloak' na sua shell para que o
* UnrealIRCd gere 3 strings randômicas para você.
* No Windows, você pode executar "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" gencloak
*/
cloak-keys {
"Oozahho1raezoh0iMee4ohvegaifahv5xaepeitaich9tahdiquaid0geecipahdauVaij3zieph4ahi";
"adicione a outra";
"adicione a outra";
}
}
/* Configurações específicas do servidor */
set {
// POR ÚLTIMO, VOCÊ PRECISA ALTERAR ISTO:
kline-address 'definir.seu.endereco.de.email'; /* e-mail ou URL exibido quando um usuário é banido */
modes-on-connect "+ixw"; /* quando os usuários conectam, esses modos de usuário é atribuído a eles */
modes-on-oper "+xws"; /* quado alguém se torna IRCOp, esses modos de usuário é atribuído a ele */
modes-on-join "+nt"; /* modos de canal padrão, quando um novo canal é criado */
oper-auto-join "#opers"; /* IRCOps entram automaticamente neste canal */
options {
hide-ulines; /* esconde U-lines do /MAP e /LINKS */
show-connect-info; /* exibe a mensagem "looking up your hostname" ao se conectar */
}
maxchannelsperuser 10; /* número máximo de canais que um usuário pode entrar com /JOIN */
/* O tempo mínimo que um usuário precisa estar conectado antes de ser permitido
* utilizar a mensagem de QUIT. Isto irá ajudar no combate a SPAM.
*/
anti-spam-quit-message-time 10s;
/* Ou simplesmente defina um quit estático, de forma que qualquer motivo de /QUIT seja ignorado */
/* static-quit "Cliente saindo"; */
/* static-part faz com que o mesmo acima aconteça ao comando /PART */
/* static-part yes; */
/* Proteção contra Flood:
* Há uma série de configurações para isso, e a maioria delas tem bons padrões.
* Veja https://www.unrealircd.org/docs/Set_block#set::anti-flood
*/
anti-flood {
}
/* Configurações para filtragem de SPAM */
spamfilter {
ban-time 1d; /* duração padrão de um ban *LINE definido pelo filtro de spam */
ban-reason "Spam/Propaganda"; /* motivo padrão */
virus-help-channel "#help"; /* canal utilizado para usar em uma ação de 'virus de canal' */
/* except "#help"; exceção de canal ao filtro de spam */
}
/* Restringindo certos comandos
* Veja https://www.unrealircd.org/docs/Set_block#set::restrict-commands
*/
restrict-commands {
list {
except {
connect-time 60; /* após 60 segundos, o usuário pode usar o comando /LIST */
identified yes; /* ou imediatamente, se estiver identificado ao services */
reputation-score 24; /* ou se tiver um score de reputação maior ou igual a 24 */
}
}
invite {
except {
connect-time 120;
identified yes;
reputation-score 24;
}
}
/* Somando a possibilidade de restringir qualquer comando,
* também existem 4 tipos especiais
* que você pode restringir. Eles são "private-message",
* "private-notice", "channel-message" e "channel-notice".
* Eles estão todos comentados neste exemplo:
*/
//private-message {
// except { connect-time 10; }
//}
//private-notice {
// except { connect-time 10; }
//}
}
}
/*
* A seguir será configurado o limite de conexão para "unknown users".
*
* Quando o UnrealIRCd detecta um número elevado de usuários conectando de um endereço IP
* que nunca viu antes, então conexões do novo IP são rejeitadas quando estiverem
* acima da taxa abaixo especificada. Por exemplo, na taxa 10:60 apenas 10 usuários por minuto podem conectar
* por este IP que nunca foi visto antes. Endereços de IP conhecidos sempre podem entrar,
* independente da taxa definida. O mesmo para usuários que se conectam via SASL.
*
* Leia também https://www.unrealircd.org/docs/Connthrottle para detalhes.
* Ou apenas continue lendo a configuração abaixo:
*/
set {
connthrottle {
/* Primeiro nós configuramos quais usuários serão excluídos
* das restrições. Estes usuários sempre conseguirão acessar.
* Por padrão, entra como exceção usuários identificados com o services
* com um score igual ou maior a 24. Um score 24 significa que
* este IP foi conectado a esta rede por pelo menos 2 horas em algum momento
* no mês passado (ou no mínimo por 1 hora se registrado).
* Nós também permitimos usuários que se identificaram através do services via
* SASL para passar por cima destas restrições.
*/
except {
reputation-score 24;
identified yes;
/* Para mais informações, leia
* https://www.unrealircd.org/docs/Mask_item
*/
}
/* Novos usuários são todos os usuários que não pertencem
* ao grupo known-users. Eles são considerados "novos" e no
* caso de um número elevado de novos usuários se conectando,
* eles serão sujeiros ao limite de taxa de conexão.
* Por padrão a taxa é 20 novos usuários locais por minuto
* e 30 novos usuários globais por minuto.
*/
new-users {
local-throttle 20:60;
global-throttle 30:60;
}
/* Esta seção configura quando este módulo não será ativado.
* As configurações padrão desabilitarão o módulo quando:
* - O módulo reputation esteja em execução a menos de
* uma semana. Se estiver rodando há menos de 1 semana, então ainda temos
* dados insuficientes para considerar quem é um "known user" (usuário conhecido).
* - O servidor acabou de ser inicializado (primeiros 3 minutos).
*/
disabled-when {
reputation-gathering 1w;
start-delay 3m;
}
}
}
/* HISTÓRICO DE CANAL:
* UnrealIRCd possui modo de canal +H que pode ser usado pelos usuários para recuperar
* o histórico do canal antes deles terem entrado. Para informações gerais
* sobre esta funcionalidade, leia https://www.unrealircd.org/docs/Channel_history
*
* Os limites do histórico podem ser configurados pelo set::history. Os padrões são
* provavelmente bons para você, mas se você estiver em um sistema com pouca memória
* ou tem centenas de canais, então você pode querer verificar esses padrões novamente. Leia
* https://www.unrealircd.org/docs/Set_block#set::history
* para ver as opções disponíveis.
*
* Além disso, você pode definir um "histórico de canal persistente", o que
* significa que o histórico do canal é armazenado de modo criptografado no disco e é preservado
* entre os reinícios do servidor. Leia
* https://www.unrealircd.org/docs/Set_block#Persistent_channel_history
* A funcionalidade de histórico persistente NÃO é habilitado por padrão porque você
* precisa configurar o Bloco secret { } para ele antes. A seguir um exemplo simples
* de senhas armazenadas diretamente no arquivo de configuração:
* Para obter uma melhor segurança, leia https://www.unrealircd.org/docs/Secret_block
* como formas alternativas para não armazenar senhas diretamente no arquivo de configuração.
*/
//secret historydb { password "algumasenha"; }
//set { history { channel { persist yes; db-secret "historydb"; } } }
/* Finalmente, você pode querer ter um MOTD (Mensagem do Dia), isto pode ser
* feito criando um arquivo de texto 'ircd.motd' no seu diretório conf/ .
* O texto dentro deste arquivo será exibido aos usuários ao se conectarem.
* Para mais informações, veja https://www.unrealircd.org/docs/MOTD_and_Rules
*/
/*
* Problemas ou precisa de ajuda?
* 1) https://www.unrealircd.org/docs/
* 2) https://www.unrealircd.org/docs/FAQ <- responde a 80% das suas perguntas!
* 3) Se ainda assim você está enfrentando problemas, você pode obter ajuda em:
* - Fóruns: https://forums.unrealircd.org/
* - IRC: irc.unrealircd.org (SSL na porta 6697) / #unreal-support
* Observe que pedimos que você leia a documentação e as perguntas frequentes (FAQ) primeiro!
*/
doc/conf/examples/example.tr.conf
+105 -293
View File
@@ -1,29 +1,21 @@
/* UnrealIRCd 6 için yapılandırma dosyası
*
/* UnrealIRCd 5 için yapılandırma dosyası
* Türkçe Çeviri: Diablo - (Serkan Sepetçi)
* İletişim: irc.turkirc.net:6667 - diablo@unrealircd.org
* İletişim: irc.trirc.com:6667 - diablo@unrealircd.org
*
* Bu dosyayı conf/ dizininize kopyalayın ve 'unrealircd.conf' olarak adlandırın.
* Biz buna basit bir 'unrealircd.conf' dosyası diyoruz.
* Bu dosyası satır satır editleyip conf/ dizinine kopyalayınız. (düzenleyin!)
*
* Aceleniz varsa CTRL+F tuşlarına basıp şunu yapabilirsiniz: BUNU DEĞİŞTİRİN
* Değiştirilmesi gereken maddeler bu iki kelimeyle belirtilir.
* Ancak aslında dosyayı satır satır incelemenizi ve gereken yerde
* düzenlemenizi öneririz. Böylece tüm temel öğeleri ve bunların nasıl
* ayarlandığını görebilirsiniz.
*
* DEVAM ETMEDEN ÖNCE:
* Önemli: { ve } dışındaki tüm satırlar ; ile biter
* Bu çok önemlidir. Eğer bir şeyi yanlış yaparsanız,
* yapılandırma dosyası ayrıştırıcısı hata verecek ve
* dosya doğru şekilde çalışmayacaktır!
*
* Eğer bu UnrealIRCd yapılandırma dosyasıyla ilk deneyiminizse
* sözdizimi hakkında biraz okumanızı öneririz.
* bu yalnızca birkaç dakika sürer ve size çok yardımcı olacaktır:
* Önemli: Satırların hepsi, açılış başına { satır sonuna ;
* }; dahil edin. Bu çok önemli, eğer siz ayrıştırıcıyı ;
* eksik koyarsanız yapılandırma dosyası hata verecek
* ve dosya doğru işlemde olmayacaktır!
* Bu sizin UnrealIRCd yapılandırması ile ilk deneyiminiz ise
* dosyayı okumanız için birkaç dakika ayırmanızı öneniriz,
* bu size bilgi edinmeniz açısından yardımcı olacaktır:
* https://www.unrealircd.org/docs/Configuration#Configuration_file_syntax
*
* UnrealIRCd 6 belgeleri (çok kapsamlı!):
* https://www.unrealircd.org/docs/UnrealIRCd_6_documentation
* UnrealIRCd 5 belgeleme (çok geniş!):
* https://www.unrealircd.org/docs/UnrealIRCd_5_documentation
*
* Sıkça Sorulan Sorular:
* https://www.unrealircd.org/docs/FAQ
@@ -52,7 +44,6 @@ include "modules.default.conf";
* - help/help.conf /HELPOP sistemi
* - badwords.conf kanal ve kullanıcı modu için +G
* - spamfilter.conf için örnek olarak spamfilter kullanımı
* (yorumlandı)
* - operclass.default.conf oper bloklarında kullanabileceğiniz
* oper sınıflarını görüntüler.
*/
@@ -60,19 +51,12 @@ include "help/help.conf";
include "badwords.conf";
//include "spamfilter.conf";
include "operclass.default.conf";
include "snomasks.default.conf";
/* Varsayılan gizleme modülünü yükleyin (2021'den itibaren): */
loadmodule "cloak_sha256";
/* Veya eski modülü UnrealIRCd 3.2/4/5'ten yükleyin: */
//loadmodule "cloak_md5";
// BUNU DEĞİŞTİRİN ('ad' ve 'bilgi'):
/* me { } bloğu genelde kim olduğumuzu belirtir.
* Sunucumuz için isim, birkaç satır bazı bilgileri belirler "sid".
* Sunucu kimliği (sid) iki basamağı veya harf tarafından izlenen bir rakam ile
* başlamalıdır. Sid IRC ağı için benzersiz olmalıdır (her sunucu için
* kendi sid olmalıdır). İlk sunucu için 001 kullanılması uygundur.
* kendi sid olmalıdır).
*/
me {
name "irc.example.org";
@@ -80,7 +64,6 @@ me {
sid "001";
}
// BUNU DEĞİŞTİRİN:
/* admin { } bloğu /ADMIN sorgusunda kullanıcılara görüntülenecek metni belirler.
* Normalde yöneticiye ulaşma konusunda bilgi içerir.
*/
@@ -122,7 +105,7 @@ class servers
pingfreq 60;
connfreq 15; /* Her 15 saniyede bir bağlanmayı dener */
maxclients 10; /* maksimum kullanıcı */
sendq 20M;
sendq 5M;
}
/* Allow blockları sunucunuza kimlerin bağlanabileceğini belirtir.
@@ -132,7 +115,7 @@ class servers
* Görmeniz için: https://www.unrealircd.org/docs/Allow_block
*/
/* IP başına sadece 3 bağlantı izini verir */
/* IP başına sadece 5 bağlantı izini verir */
allow {
mask *;
class clients;
@@ -143,12 +126,12 @@ allow {
* Bu IP bir şifre ile bağlantı yapması olduğunu gerektirir.
* Şifre doğru ise o zaman bu IP 20 bağlantıya izin verecektir.
*/
// allow {
// mask 192.0.2.1;
// class clients;
// password "somesecretpasswd";
// maxperip 20;
// }
allow {
mask 192.0.2.1;
class clients;
password "somesecretpasswd";
maxperip 20;
}
/* Oper bloğu, IRC Operatorleri tanımlar.
* IRC Operatörler, diğer kullanıcılara göre "ekstra haklara" sahip kullanıcılardır.
@@ -162,33 +145,18 @@ allow {
* https://www.unrealircd.org/docs/Oper_block
*/
/* İşte 'bobsmith' için örnek bir oper bloğu
* BUNU DEĞİŞTİRMELİSİN!! (oper adı ve şifre)
/* Örnek bir oper bloğu için 'bobsmith' ile şifresi 'test'.
* Bunu değiştirmeniz GEREKİR!!
*/
oper bobsmith {
class opers;
mask *@*;
/* Teknik olarak oper şifrelerini conf'a düz metin olarak koyabilirsiniz, ancak bu
* KESİNLİKLE ÖNERİLEN bir durum değildir. Bunun yerine bir şifre karması oluşturmalısınız:
* *NIX'te şunu çalıştırın: ./unrealircd mkpasswd
* Windows'ta şunu çalıştırın: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" mkpasswd
* .. ve ardından sonucu aşağıya yapıştırın:
*/
password "$argon2id..etc..";
/* 'Certfp' gibi daha iyi kimlik doğrulama türleri ve Windows'ta
* karmaların nasıl oluşturulacağı da dahil olmak üzere daha fazla bilgi için
* https://www.unrealircd.org/docs/Authentication_types adresine bakın.
*/
password "test";
/* Oper izinleri bir "operclass 'bloğunda tanımlanır.
* Görmeniz için: https://www.unrealircd.org/docs/Operclass_block
* UnrealIRCd varsayılan bloklar makalesi için,
* tam listesine bakınız. Buradan 'netadmin' seçiyoruz.
*/
operclass netadmin;
swhois "is a Network Administrator";
vhost netadmin.example.org;
@@ -199,7 +167,8 @@ oper bobsmith {
* sunucuya bağlantı kurmasını sağlar.
*
* Kullanımı:
* listen {
* listen
* {
* ip <ip numarası>;
* port <port numarası>;
* options {
@@ -208,12 +177,7 @@ oper bobsmith {
* }
*/
/* Standard IRC port 6667
* Insecure plaintext (NOT for production servers)
* This listen block is here only for quick testing.
* Delete or comment out this listen block on production servers
* and use TLS on port 6697 instead.
*/
/* Standard IRC port 6667 */
listen {
ip *;
port 6667;
@@ -260,8 +224,6 @@ link hub.example.org
/* Kimlik doğrulaması için diğer sunucunun SPKI parmak izini kullanıyoruz.
* Kullanmamız için diğer tarafda './unrealircd spkifp' uygulayıp çalıştırıyoruz.
* *NIX'te şunu çalıştırın: ./unrealircd spkifp
* Windows'ta şunu çalıştırın: "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" spkifp
*/
password "AABBCCDDEEFFGGHHIIJJKKLLMMNNOOPPQQRRSSTTUUV=" { spkifp; }
@@ -285,7 +247,7 @@ link services.example.org
/* U-lines satırları sunuculara daha güç/komut kazandırır.
* Eğer hizmetlerini kullanmak istiyorsanız onları buraya eklemeniz gerekir.
* ÖNEMLİ: ASLA buraya (normal) UnrealIRCd sunucunun adını yazmayınız!!!
* ASLA buraya (normal) UnrealIRCd sunucunun adını yazmayınız!!!
*/
ulines {
services.example.org;
@@ -304,42 +266,19 @@ drpass {
* Görmeniz için: https://www.unrealircd.org/docs/Log_block
*/
/* Bu iyi bir varsayılandır, hata ayıklama ve
* join/part/kick dışındaki her şeyi günlüğe kaydeder.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.log" { maxsize 100M; }
}
}
/* Düzenli günlük kaydına ek olarak bir JSON günlük dosyası ekleyin.
* Bu her olayla ilgili birçok bilgi içerir dolayısıyla denetim amaçları
* için mükemmeldir ve makine tarafından okunabilir. Ancak insanlar için daha az okunabilir.
*/
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
file "ircd.json.log" { maxsize 250M; type json; }
/* Varsayılan ayarlar, neredeyse her şeyi kaydedecektir */
log "ircd.log" {
flags {
oper;
connects;
server-connects;
kills;
errors;
sadmin-commands;
chg-commands;
oper-override;
tkl;
spamfilter;
}
}
@@ -352,43 +291,43 @@ log {
include "aliases/anope.conf";
/* Ban nick bloğu bir nickin sunucuda kullanımını yasaklamanıza olanak sağlar */
// ban nick {
// mask "*C*h*a*n*S*e*r*v*";
// reason "Servisler için ayrılmış";
// }
ban nick {
mask "*C*h*a*n*S*e*r*v*";
reason "Servisler için ayrılmış";
}
/* Ban ip.
* Normalde bunun için /KLINE, /GLINE ve /ZLINE kullanıldığını unutmayınız.
*/
// ban ip {
// mask 195.86.232.81;
// reason "Senden nefret ediyorum";
// }
ban ip {
mask 195.86.232.81;
reason "Senden nefret ediyorum";
}
/* Ban server - bir sunucunun bağlanmasını devredışı kılar */
// ban server {
// mask eris.berkeley.edu;
// reason "Defol buradan.";
// }
ban server {
mask eris.berkeley.edu;
reason "Defol git buradan.";
}
/* Ban user - normalde /KLINE veya /GLINE kullanıldığını unutmayınız */
// ban user {
// mask *tirc@*.saturn.bbn.com;
// reason "Aptal";
// }
ban user {
mask *tirc@*.saturn.bbn.com;
reason "Salak";
}
/* Ban realname bloğu bir kullanıcıyı, GECOS kısmı esas alınarak
* banlamanıza olanak sağlar.
*/
// ban realname {
// mask "Swat Team";
// reason "mIRKFORCE";
// }
ban realname {
mask "Swat Team";
reason "mIRKFORCE";
}
// ban realname {
// mask "sub7server";
// reason "sub7";
// }
ban realname {
mask "sub7server";
reason "sub7";
}
/* Ban ve TKL istisnaları. Kullanıcıları / makineleri gözetmeksizin
* KLINE, GLINE, gibi banlardan muaf tutmanıza olanak sağlar.
@@ -397,32 +336,30 @@ include "aliases/anope.conf";
* bir *LINE ban koyarsanız bile yinede muaf tutulacaksınız.
*/
/* except ban bloğu, sizi 'tüm' GLINE, GZLINE, QLINE, SHUN gibi banlardan koruyacaktır */
// except ban {
// mask *@192.0.2.1;
// type all;
// }
/* This allows IRCCloud connections in without maxperip restrictions
* and also exempt them from connect-flood throttling.
*/
/* except ban bloğu, sizi KLINE ve ZLINE gibi banlardan koruyacaktır */
except ban {
mask *.irccloud.com;
type { maxperip; connect-flood; }
mask *@192.0.2.1;
// burada daha fazla mask girdileri ekleyebilirsiniz..
}
/* except ban bloğu, sizi 'tüm' GLINE, GZLINE, QLINE, SHUN gibi banlardan koruyacaktır */
except ban {
mask *@192.0.2.1;
type all;
}
/* Deny dcc bloğu, sunucu üzerinden DCC yoluyla dosya gönderilmesine izin vermeyecektir */
// deny dcc {
// filename "*sub7*";
// reason "Possible Sub7 Virus";
// }
deny dcc {
filename "*sub7*";
reason "Olası Sub7 Virüsü";
}
/* Deny channel bloğu, kullanıcıların belirtilen kanallara girmesini engeller */
// deny channel {
// channel "*warez*";
// reason "Warez is illegal";
// class "clients";
// }
deny channel {
channel "*warez*";
reason "Warez is illegal";
class "clients";
}
/* VHosts (Virtual Hosts) bloğu, kullanıcının yeni bir host alabilmesine olanak sağlar.
* Görmeniz için; https://www.unrealircd.org/docs/Vhost_block
@@ -432,12 +369,12 @@ except ban {
* DiKKAT: Güvenlik açısından aşağıdaki vhost::mask yönergesinde
* maske 'unrealircd.com' olarak belirlenmiştir.
*/
// vhost {
// vhost i.hate.microsefrs.com;
// mask *@unrealircd.com;
// login "test";
// password "test";
// }
vhost {
vhost i.hate.microsefrs.com;
mask *@unrealircd.com;
login "test";
password "test";
}
/* Blacklist blokları, bir kullanıcı bağlandığında IP adresinin drone saldırılarına
* neden olduğunu, bilinen bir saldırıya uğramış bir makine olup olmadığını görmek
@@ -481,7 +418,7 @@ blacklist efnetrbl {
}
action gline;
ban-time 24h;
reason "Proxy/Drone/TOR tespit edildi. Ayrıntılar için https://rbl.efnetrbl.org/?i=$ip adresine bakınız.";
reason "Proxy/Drone/TOR belirlendi. Ayrıntılar için https://rbl.efnetrbl.org/?i=$ip adresine bakınız.";
}
/* Diğer yapılandırma dosyalarını dahil edebilirsiniz */
@@ -489,26 +426,23 @@ blacklist efnetrbl {
/* Ağ yapılandırması */
set {
// BU 4 ÖĞENİN TÜMÜNÜ DEĞİŞTİRİN:
network-name "ExampleNET";
default-server "irc.example.org";
services-server "services.example.org";
stats-server "stats.example.org";
/* Normal varsayılanlar */
help-channel "#Help";
cloak-prefix "Clk";
hiddenhost-prefix "Clk";
prefix-quit "Quit";
/* Gizleme anahtarları ağ üzerindeki bütün sunucularda aynı olmalı.
* Bu anahtarlar maskeli hostlar yaratmak ve bunları saklamak için kullanılır.
* Anahtarlar 80 karakterlik 3 rastgele diziden oluşmalı ve küçük harf (a-z),
* büyük harf (A-Z) ve rakamlardan (0-9) meydana gelmelidirler.. [ilk örneğe bakınız].
* IPUCU: './unrealircd gencloak' Unrealircd sizin için rastgele 3 adet dizin oluşturur.
* Anahtarlar 5-100 karakterlik (10-20 karakter yeterli) 3 rastgele diziden oluşmalı ve
* küçük harf (a-z), büyük harf (A-Z) ve rakamlardan (0-9) meydana gelmelidirler.. [ilk örneğe bakınız].
* IPUCU: './unreal gencloak' Unreal sizin için rastgele 3 adet dizin oluşturur.
* Bunu NIX üzerinde çalıştırabilirsiniz.
* On Windows, use "C:\Program Files\UnrealIRCd 6\bin\unrealircdctl" gencloak
*/
cloak-keys {
"Oozahho1raezoh0iMee4ohvegaifahv5xaepeitaich9tahdiquaid0geecipahdauVaij3zieph4ahi";
"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";
"ve diğeri";
"ve diğeri";
}
@@ -517,11 +451,9 @@ set {
/* Sunucunun kendine özgü yapılandırması */
set {
// SON OLARAK, BU SONRAKİ ÖĞEYİ DEĞİŞTİRMENİZ GEREKİR:
kline-address 'set.this.to.email.address'; /* bir kullanıcı banlandığında e-mail yada URL satırı gösterir */
kline-address "set.this.to.email.address"; /* bir kullanıcı banlandığında e-mail yada URL satırı gösterir */
modes-on-connect "+ixw"; /* kullanıcılar bağlandığında, bu modları alacaktır */
modes-on-oper "+xws"; /* Birisi IRC Operatör olduğunda bu modları alacaktır */
modes-on-join "+nt"; /* yeni bir kanal oluşturulduğunda varsayılan kanal modlarını alacaktır */
oper-auto-join "#opers"; /* IRCoplar bu kanala otomatik olarak giriş yapacaktır */
options {
hide-ulines; /* U-lines satırları /MAP ve /LINKS komutunda gözükmez */
@@ -541,8 +473,7 @@ set {
/* static-part /PART komutu ile aynı işi görür */
/* static-part yes; */
/* Flood Koruması:
* Bunun için birçok ayarları vardır ve çoğu iyi varsayılanlara sahiptir.
/* Anti flood Koruması
* Görmeniz için: https://www.unrealircd.org/docs/Set_block#set::anti-flood
*/
anti-flood {
@@ -555,135 +486,16 @@ set {
virus-help-channel "#help"; /* 'viruschan' eylemi için kullanılacak kanal */
/* except "#help"; Spamfilter'den muaf tutulacak kanal */
}
/* Belirli komutları kısıtlayın.
* See https://www.unrealircd.org/docs/Set_block#set::restrict-commands
*/
restrict-commands {
list {
except {
connect-time 60;
identified yes;
reputation-score 24;
}
}
invite {
except {
connect-time 120;
identified yes;
reputation-score 24;
}
}
/* Yukarıda gösterildiği gibi herhangi bir komutu kısıtlama
* yeteneğine sahiptir. Ayrıca kısıtlayabileceğiniz 4
* özel tip vardır. Bunlar "private-message",
* "private-notice", "channel-message" ve "channel-notice".
* Bu örnekte olduğu gibi (kapalı) yorumlanmıştır:
*/
//private-message {
// except { connect-time 10; }
//}
//private-notice {
// except { connect-time 10; }
//}
}
}
/* Son olarak, bir MOTD (Günün Mesajı) oluşturabilirsiniz, bu
* conf/ dizininde 'ircd.motd' metin dosyası oluşturarak yapabilirsiniz.
* Bu dosyanın içeriği bağlantı kuran kullanıcılara gösterilecektir.
* Daha fazla bilgi için https://www.unrealircd.org/docs/MOTD_and_Rules bölümünü inceleyiniz.
*/
/*
* Aşağıdaki ayar "bilinmeyen kullanıcılar" için bağlantı kısıtlamasını yapılandıracaktır.
*
* UnrealIRCd, IP adreslerinden bağlanan çok sayıda kullanıcı tespit ettiğinde
* daha önce görülmemişse, yeni IP'lerden gelen bağlantılar ayarlanan
* hızın üzerinde reddedilir. örneğin 10:60'ta dakikada sadece 10 kullanıcı daha önce
* görülmemiş şekilde bağlanabilir. Bilinen IP adresleri, ayarlanan orandan bağımsız olarak
* her zaman girebilir. SASL kullanarak giriş yapan kullanıcılar için de aynıdır.
*
* Ayrıntılar için https://www.unrealircd.org/docs/Connthrottle adresine bakınız.
* Veya aşağıdaki varsayılan yapılandırma ayarlarını okumaya devam edin:
*/
set {
connthrottle {
/* ilk önce "bilinen kullanıcılar" dediğimiz şeyi yapılandırmalıyız.
* Varsayılan olarak bunlar, IP adresleri üzerinde 24 veya
* daha yüksek puana sahip kullanıcılardır. 24 puan IP'nin geçen ay
* en az 2 saat (veya kayıtlıysa en az 1 saat) boyunca bu sunucuya
* bağlı olduğu anlamına gelir.
* Sasl-bypass seçeneği başka bir ayardır. Bu ayar
* SASL aracılığıyla hizmetlere kimlik doğrulaması yapan
* kullanıcıların da bilinen kullanıcılar olarak kabul edildiği anlamına gelir.
* "known-users" grubundaki kullanıcılar (herhangi bir reputation
* veya SASL) modülleri tarafından her zaman izin verilir.
*/
except {
reputation-score 24;
identified yes;
/* daha fazla seçenek için bkz.
* https://www.unrealircd.org/docs/Mask_item
*/
}
/* Yeni kullanıcılar, aşağıdakilere ait olmayan tüm
* bilinen-kullanıcılar grubundandır. Bunlar "yeni" ve
* bu tür yeni kullanıcıların çok sayıda bağlanması durumunda
* bağlantı hızı sınırlamasına tabidirler.
* Varsayılan bu oran dakikada 20 yeni yerel kullanıcı
* ve dakikada 30 yeni global kullanıcı olarak belirlenmiştir.
*/
new-users {
local-throttle 20:60;
global-throttle 30:60;
}
/* Bu modülün ne zaman aktif OLMAYACAĞINI yapılandırır.
* Varsayılan ayarlar, şu durumlarda modülü devre dışı bırakacaktır:
* - Reputation modülü 1 haftadan kısa bir süredir çalışıyor ise.
* 1 haftadan az çalışıyorsa, kimin "bilinen kullanıcı"
* olduğunu düşünmek için yeterli veri yoktur.
* - Sunucu yeni açıldı (ilk 3 dakika).
*/
disabled-when {
reputation-gathering 1w;
start-delay 3m;
}
}
}
/* KANAL GEÇMİŞİ:
* UnrealIRCd, kullanıcılar tarafından bir kanala katılmadan önce
* kanal geçmişini okumak için, kullanılabilen +H kanal moduna sahip olmalıdır.
* Bu özellik hakkında bilgi için bkz. https://www.unrealircd.org/docs/Channel_history
*
* Geçmiş limitleri set::history aracılığıyla yapılandırılabilir. Varsayılan ayarlar
* muhtemelen sizin için zaten iyidir, ancak düşük bellekli bir sistemdeyseniz veya
* binlerce kanalınız varsa, iki kez kontrol etmek isteyebilirsiniz. Seçenekler için
* https://www.unrealircd.org/docs/Set_block#set::history adresine bakın.
*
* Buna ek olarak "kalıcı kanal geçmişine" sahip olabilirsiniz. Bu kanal
* geçmişinin diskte şifreli olarak depolandığı ve böylece IRC sunucusu yeniden
* başlatılması halinde korunması anlamına gelir.
* bkz. https://www.unrealircd.org/docs/Set_block#Persistent_channel_history
* Kalıcı geçmiş özelliği varsayılan olarak ETKİNLEŞTİRİLMEMİŞTİR bunun için
* bir secret { } bloğu yapılandırmanız gerekir. Aşağıdaki yapılandırma dosyasında
* saklanan parolalar doğrudan bunlara basit bir örnektir.
* Daha iyi güvenlik elde etmek için https://www.unrealircd.org/docs/Secret_block
* adresini okuyun böylece şifreleri doğrudan yapılandırmada saklamazsınız.
*/
//secret historydb { password "somepassword"; }
//set { history { channel { persist yes; db-secret "historydb"; } } }
/* Son olarak, bir MOTD'ye (Günün Mesajı) sahip olmak isteyebilirsiniz, bunu
* conf/ dizininizde bir 'ircd.motd' metin dosyası oluşturarak yapabilirsiniz.
* Bu dosya bağlantıda kullanıcılarınıza gösterilecektir.
* Daha fazla bilgi için bkz. https://www.unrealircd.org/docs/MOTD_and_Rules
*/
/*
* Sorun mu yaşıyorsunuz veya daha fazla yardıma mı ihtiyacınız var?
* 1) https://www.unrealircd.org/docs/
* Sorununuza veya daha fazla yardımamı ihtiyacınız var?
* 1) https://www.unrealircd.org/docs/UnrealIRCd_4_documentation
* 2) https://www.unrealircd.org/docs/FAQ <- sorularınızın %80 ini kapsamakta!
* 3) Eğer probleminiz hala devam ediyorsa:
* - Forums: https://forums.unrealircd.org/
doc/conf/help/help.conf
+189 -282
View File
@@ -1,4 +1,4 @@
/* UnrealIRCd 6 Help Configuration
/* UnrealIRCd 5 Help Configuration
* Based on the original help text written by hAtbLaDe
* Revised by CC (07/2002) and many others
*/
@@ -21,8 +21,9 @@ help {
" ==-------------------------oOo--------------------------==";
}
/* NOTE: the indexes were generate by the command:
* cat listofcmds|sort|column -c 60 -S 8|awk '{ print "\t\" " $0 "\";" }'
/* note: indexes were generated by cat somecmds|sort|column -c 70
* along with tab->space conversion (tabwidth 8).
* Perhaps we should automate this step :). -- Syzop
*/
help Usercmds {
@@ -31,22 +32,18 @@ help Usercmds {
" a specific command.";
" -";
" ==-------------------------oOo-------------------------==";
" ADMIN LINKS PART USERHOST";
" AWAY LIST PING USERIP";
" CREDITS LUSERS PRIVMSG VERSION";
" CYCLE MAP QUIT VHOST";
" ADMIN LICENSE PART USERHOST";
" AWAY LINKS PING USERIP";
" CREDITS LIST PONG VERSION";
" CYCLE LUSERS PRIVMSG VHOST";
" DALINFO MAP QUIT WATCH";
" DCCALLOW MODE RULES WHO";
" INVITE MODULE SETIDENT WHOIS";
" JOIN MOTD SETNAME WHOWAS";
" KICK NAMES SILENCE";
" KNOCK NICK TIME";
" LICENSE NOTICE TOPIC";
" INVITE MODULE SETNAME WHOIS";
" ISON MOTD SILENCE WHOWAS";
" JOIN NAMES STATS";
" KICK NICK TIME";
" KNOCK NOTICE TOPIC";
" ==-------------------------oOo-------------------------==";
" We only document commands that are to be used by end-users,";
" not all client commands (such as CAP, PONG, WATCH, MONITOR).";
" If you are a developer and writing an IRC client, then check";
" out https://modern.ircdocs.horse (not UnrealIRCd specific).";
" If you are looking for IRCOp commands, see /HELPOP OPERCMDS";
}
help Opercmds {
@@ -57,19 +54,17 @@ help Opercmds {
" See also https://www.unrealircd.org/docs/IRCOp_guide";
" -";
" ==-------------------------oOo-------------------------==";
" ADDMOTD GZLINE SAPART";
" ADDOMOTD INVITE SDESC";
" CHGHOST KILL SETHOST";
" CHGIDENT KLINE SHUN";
" CHGNAME LAG SPAMFILTER";
" CLOSE LOCOPS STATS";
" CONNECT MKPASSWD TEMPSHUN";
" DCCDENY OPER TLINE";
" DIE OPERMOTD TRACE";
" DNS REHASH TSCTL";
" ELINE RESTART UNDCCDENY";
" GLINE SAJOIN WALLOPS";
" GLOBOPS SAMODE ZLINE";
" DNS SETIDENT";
" ADDMOTD ELINE OPER SHUN";
" ADDOMOTD GLINE OPERMOTD SPAMFILTER";
" GLOBOPS REHASH SQUIT";
" CHGHOST GZLINE RESTART TEMPSHUN";
" CHGIDENT KILL TRACE";
" CHGNAME KLINE SAJOIN TSCTL";
" CLOSE LAG SAMODE UNDCCDENY";
" CONNECT LOCOPS SAPART WALLOPS";
" DCCDENY MKPASSWD SDESC ZLINE";
" DIE MODULE SETHOST";
" ==-------------------------oOo-------------------------==";
}
@@ -101,55 +96,49 @@ help Umodes {
" p = Hide all channels in /whois and /who";
" q = Only U-Lines can kick you (Services Admins/Net Admins only)";
" r = Identifies the nick as being Registered (settable by services only)";
" s = Can listen to Server notices (see /HELPOP SNOMASKS)";
" s = Can listen to Server notices";
" t = Says that you are using a /VHOST";
" w = Can listen to Wallop messages";
" x = Gives the user Hidden Hostname (security)";
" z = Marks the client as being on a Secure Connection (SSL/TLS)";
" z = Marks the client as being on a Secure Connection (SSL)";
" B = Marks you as being a Bot";
" D = Only receive PRIVMSGs from IRCOps, servers and services (privdeaf)";
" G = Filters out all Bad words in your messages with <censored>";
" H = Hide IRCop status in /WHO and /WHOIS. (IRC Operators only)";
" I = Hide a user's idle time (in /whois output). Limited to IRCops, by default.";
" I = Hide an oper's idle time (in /whois output) from regular users.";
" R = Allows you to only receive PRIVMSGs/NOTICEs from registered (+r) users";
" S = For Services only. (Protects them)";
" T = Prevents you from receiving CTCPs";
" W = Lets you see when people do a /WHOIS on you (IRC Operators only)";
" Z = Only receive/send PRIVMSGs from/to users using a Secure Connection (SSL/TLS)";
" Z = Only receive/send PRIVMSGs from/to users using a Secure Connection (SSL)";
" ==---------------------------oOo---------------------------==";
}
help Snomasks {
" Snomask stands for 'Service NOtice MASK', it controls which";
" Snomask stands for 'Service NOtice MASK', it (mainly) controls which";
" server notices you will receive.";
" Usage: /MODE nick +s <snomask>";
" Ex: /MODE blah +s +cC-j";
" Ex: /MODE blah +s +cF-j";
" The parameter specifies which snomasks you want (or don't want).";
" You can also remove all snomasks by simply doing /MODE nick -s.";
"-";
" Below is a list of possible snomasks:";
" ==-------------------------oOo-----------------------==";
"b = Server bans (KLINE, GLINE, SHUN, etc)";
"B = Messages from the DNS Blacklist module";
"c = Local client connects";
"C = Remote client connects (on other servers, except services/u-lines)";
"d = Rejected DCC's due to Deny dcc blocks";
"D = Debugging / junk (NOT recommended, possibly harmless things, noisy!)";
"f = flood notices (recommended)";
"j = joins, parts and kicks";
"k = kill notices (/KILL usage)";
"n = Local nick changes";
"N = Remote nick change notices";
"q = Deny nick rejection notices (QLINE)";
"s = Server notices: all other notices that do not fit in the other snomasks";
" (includes very important messages, so highly recommended)";
"S = Spamfilter hits";
"o = IRCOp overriding in channels (OperOverride)";
"O = IRCOp changing user properties (/CHGNAME, /CHGIDENT, /CHGHOST, ..)";
" or forcing a user to do things (/SAJOIN, /SAPART)";
"R = JSON-RPC usage";
"v = VHOST usage";
"x = Connection rejections (maxperip, connthrottle)";
" b = View blacklist hits";
" c = View connects/disconnects on local server";
" e = View 'Eyes' server messages (OperOverride, /CHG* and /SET* usage, ..)";
" f = View flood alerts";
" F = View connects/disconnects on remote servers (except U-Lines)";
" G = View TKL notices (Gline, GZline, Shun, etc)";
" j = View Junk notices (not recommended for normal use)";
" k = View KILL notices";
" n = View nick changes on local server";
" N = View nick changes on remote servers";
" o = View oper-up notices";
" q = View rejected nick changes due to Q-Lines";
" s = View general notices";
" S = View spamfilter matches";
" v = View usage of /VHOST command";
" ==-------------------------oOo------------------------==";
}
@@ -167,11 +156,9 @@ help Chmodes {
" (For more info on extended bantypes, see /HELPOP EXTBANS)";
" c = Block messages containing mIRC color codes [o]";
" C = No CTCPs allowed in the channel [h]";
" d = Delayed users remaining after unsetting D [server]";
" D = Delay showing joins until someone actually speaks [o]";
" e <nick!ident@host> = Overrides a ban for matching users [h]";
" F <floodprofile> = Apply flood protection profile (see /HELPOP CHMODEF) [o]";
" f <floodparams> = Advanced flood protection (see /HELPOP CHMODEF) [o]";
" f <floodparams> = Flood protection (for more info see /HELPOP CHMODEF) [o]";
" G = Filters out all Bad words in messages with <censored> [o]";
" H <max-lines:max-minutes> = Record channel history with specified maximums [o]";
" i = A user must be invited to join the channel [h]";
@@ -195,206 +182,106 @@ help Chmodes {
" T = No NOTICEs allowed in the channel [o]";
" t = Only +hoaq may change the topic [h]";
" V = /INVITE is not allowed [o]";
" z = Only Clients on a Secure Connection (SSL/TLS) can join [o]";
" Z = All users on the channel are on a Secure connection (SSL/TLS) [server]";
" z = Only Clients on a Secure Connection (SSL) can join [o]";
" Z = All users on the channel are on a Secure connection (SSL) [server]";
" (This mode is set/unset by the server. Only if the channel is also +z)";
" -";
" [h] requires at least halfop, [o] requires at least chanop";
" [server] (un)settable only by the server";
" ==------------------------------oOo----------------------------==";
}
help ExtBans {
" These bans let you ban based on things other than the traditional nick!user@host";
" mask. For example MODE #chan +e ~account:SomeAccount can be used to add a ban";
" exception for someone who is identified to services with the account SomeAccount.";
" Extended bans start with a tilde, followed by a name or letter.";
" UnrealIRCd 6 uses 'named' extended bans by default: +e ~account:SomeAccount";
" while previous versions use 'letter' extended bans: +e ~a:SomeAccount";
" See also https://www.unrealircd.org/docs/Extended_Bans";
" mask. These bans start with a tilde, followed by a letter denoting the extban type.";
" For example +b ~q:nick!user@host denotes a quiet extban.";
" -";
" ==[ Group 1: time limit ]==";
" The following ban type can be used in front of any (ext)ban:";
" =Letter-------Name---------------------------Explanation------------------------==";
" ==-Type--------Name---------------------------Explanation-----------------------==";
" | | Timed bans are automatically unset by the server after ";
" ~t | ~time | the specified number of minutes. For example: ";
" | | +b ~time:3:*!*@hostname ";
" ~t | timedban | the specified number of minutes. For example: ";
" | | +b ~t:3:*!*@hostname ";
" ==------------------------------------------------------------------------------==";
" -";
" ==[ Group 2: actions ]==";
" These bantypes specify which actions are affected by a ban:";
" =Letter-------Name---------------------------Explanation------------------------==";
" ==-Type--------Name---------------------------Explanation-----------------------==";
" | | People matching these bans can join but are unable to ";
" ~q | ~quiet | speak, unless they have +v or higher. ";
" | | Example: +bb ~quiet:*!*@blah.blah.com ~quiet:nick*!*@* ";
" ~q | quiet | speak, unless they have +v or higher. ";
" | | Example: ";
" | | +bb ~q:*!*@blah.blah.com ~q:nick*!*@* ";
"-----------------------------------------------------------------------------------";
" | | People matching these bans cannot change nicks, unless ";
" ~n | ~nickchange | they have +v or higher. ";
" | | Example: +bb ~nickchange:*!*@*.uk ~nickchange:nick*!*@* ";
" ~n | nickchange | they have +v or higher. ";
" | | Example: ";
" | | +bb ~n:*!*@*.aol.com ~n:nick*!*@* ";
"-----------------------------------------------------------------------------------";
" | | Users matching this may not join the channel. However, ";
" ~j | ~join | if they are already in the channel then they may still ";
" | | speak, change nicks, etc. ";
" | | If a user matches this, he may not join the channel. ";
" ~j | join | He may perform all other activities if he is already on ";
" | | the channel, such as speaking and changing his nick. ";
"-----------------------------------------------------------------------------------";
" | | Bypass message restrictions. This extended ban is only ";
" | | available as a ban exception (+e) and not as a ban (+b).";
" | | The syntax is: +e ~msgbypass:type:mask. Valid types are:";
" | | 'external' (bypass +n), 'censor' (bypass +G), ";
" | | available as +e and not as +b. Syntax: +e ~m:type:mask. ";
" | | Valid types: 'external' (bypass +n), 'censor' (bypass +G),";
" | | 'moderated' (bypass +m/+M), 'color' (bypass +S/+c), and ";
" ~m | ~msgbypass | 'notice' (bypass +T). Some examples: ";
" | | Allow an IP to bypass +m and +n: ";
" | | +e ~msgbypass:moderated:*!*@192.168.1.1 ";
" | | +e ~msgbypass:external:*!*@192.168.1.1 ";
" | | Allow the account 'ColorBot' bypass color restrictions: ";
" | | +e ~msgbypass:color:~account:ColorBot ";
" ~m | msgbypass | 'notice' (bypass +T). Some examples: ";
" | | +e ~m:moderated:*!*@192.168.* Allow IP to bypass +m ";
" | | +e ~m:external:*!*@192.168.* Allow IP to bypass +n ";
" | | +e ~m:color:~a:ColorBot Allow account 'ColorBot' ";
" | | to bypass +c ";
"-----------------------------------------------------------------------------------";
" | | If a user matches the ban or other limits (eg +l/+k/etc)";
" ~f | ~forward | then they will be forwarded to the specified channel. ";
" | | Example: +b ~forward:#badisp:*!*@*.isp.xx ";
"-----------------------------------------------------------------------------------";
" | | Bypass mode +f/+F flood protection. This extended ban is";
" | | only available as +e and not as +b. ";
" | | Syntax: +e ~flood:types:mask. ";
" | | Valid flood types are: c, j, k, m, n, t, r, and ";
" ~F | ~flood | * for all. ";
" | | For the meaning of the letters, see /HELPOP CHMODEF ";
" | | Example: +e ~flood:*:*!*@192.168.* ";
" | | +e ~flood:m:*!*@192.168.* ";
" | | If a user matches the ban, he will be forwarded to the ";
" ~f | forward | specified channel. For example: ";
" | | +b ~f:#badisp:*!*@*.isp.xx ";
" ==------------------------------------------------------------------------------==";
" -";
" ==[ Group 3: selectors ]==";
" These bantypes introduce new criteria which can be used:";
" =Letter-------Name---------------------------Explanation------------------------==";
" ==-Type--------Name---------------------------Explanation-----------------------==";
" | | If a user is logged in to services with this account ";
" | | name, then this ban will match. ";
" ~a | ~account | There are also two special bans: ~account:* matches all ";
" | | authenticated users and ~account:0 matches all ";
" | | unauthenticated users. ";
" | | Example: +e ~account:Name +I ~account:Name ";
" ~a | account | name, then this ban will match. ";
" | | Example: +e ~a:Name ";
"-----------------------------------------------------------------------------------";
" | | The GEOIP also module tries to map a users IP address to";
" | | an ASN (Autonamous System Number), like 16276 (OVH SAS) ";
" ~A | ~asn | and 36925 (ASMedi). You can ban (+b) or exempt (+e) and ";
" | | invite (+I) based on this number. ";
" | | Example: +b ~asn:36925 +e ~asn:16276 ";
"-----------------------------------------------------------------------------------";
" | | If the user is in this channel then they are unable to ";
" | | If the user is in this channel then (s)he is unable to ";
" | | join. A prefix can also be specified (+/%/@/&/~) which ";
" ~c | ~channel | means that it will only match if the user has that ";
" ~c | channel | means that it will only match if the user has that ";
" | | rights or higher on the specified channel. ";
" | | Example: +b ~channel:#lamers +e ~channel:@#trusted ";
"-----------------------------------------------------------------------------------";
" | | The GEOIP module tries to map IP addresses of users to ";
" | | a country code, like NL and US. You can ban or exempt a ";
" ~C | ~country | user based on the two letter country code this way. ";
" | | Example: +b ~country:NL +e ~country:NL ";
" | | Example: +b ~c:#lamers, +e ~c:@#trusted ";
"-----------------------------------------------------------------------------------";
" | | If the user is an IRCOp and is logged in with an oper ";
" | | block with a matching oper::operclass name then this ";
" ~O | ~operclass | will match. This way you can create channels which only ";
" ~O | operclass | will match. This way you can create channels which only ";
" | | specific type(s) of opers may join. Set +i and use +I. ";
" | | Example: +iI ~operclass:*admin* ";
" | | Example: +iI ~O:*admin* ";
"-----------------------------------------------------------------------------------";
" | | If the realname of a user matches this then they are ";
" | | If the realname of a user matches this then (s)he is ";
" | | unable to join. ";
" ~r | ~realname | Example: +b ~realname:*Stupid_bot_script* ";
" ~r | realname | Example: +b ~r:*Stupid_bot_script* ";
" | | NOTE: an underscore ('_') matches both a space (' ') and";
" | | an underscore ('_'), so this ban would ";
" | | match 'Stupid bot script v1.4'. ";
"-----------------------------------------------------------------------------------";
" | | If the security group of a user matches this then they ";
" ~G | ~security- | are unable to join. ";
" | group | Example: +b ~security-group:unknown-users ";
"-----------------------------------------------------------------------------------";
" | | When a user is using SSL/TLS with a client certificate ";
" | | then you can match the certificate fingerprint (the one ";
" ~S | ~certfp | you see in /WHOIS). Good for ban and invite exceptions. ";
" | | Example: +iI ~certfp:00112233445566778899aabbccddeeff.. ";
" ==------------------------------------------------------------------------------==";
" -";
" ==[ Group 4: special ]==";
" These bantypes are special and don't fit anywhere else:";
" =Letter-------Name---------------------------Explanation------------------------==";
"-----------------------------------------------------------------------------------";
" | | Inherit channel bans from another channel:";
" | | If in #test you +b ~inherit:#main then if the user is ";
" | | banned in #main they cannot JOIN #test either. ";
" ~i | ~inherit | Note that: 1) Bans are only checked on-join, so not on- ";
" | | message or on nick-change. 2) If the other channel also ";
" | | has ~inherit bans then they are ignored. 3) You can only";
" | | add a limited number of ~inherit bans (by default: 1). ";
" | | then you can match the user by his/her SSL fingerprint ";
" ~S | certfp | (the one you see in /WHOIS). Mostly useful for safe ";
" | | ban exceptions and invite exceptions. ";
" | | Example: +iI ~S:00112233445566778899aabbccddeeff..etc.. ";
"-----------------------------------------------------------------------------------";
" | | Channel-specific text filtering. Supports two actions: ";
" ~T | ~text | 'censor' and 'block'. Two examples: ";
" | | +b ~text:censor:*badword* and +b ~text:block:*something*";
"-----------------------------------------------------------------------------------";
" | | Hide part/quit messages on matching users. ";
" ~p | ~partmsg | Example: +b ~partmsg:*!*@*.isp.com ";
" ~T | textban | 'censor' and 'block'. Two examples: ";
" | | +b ~T:censor:*badword* and +b ~T:block:*something* ";
" ==------------------------------------------------------------------------------==";
" -";
" ==[ Stacking ]==";
"* You may stack extended bans from the 2nd group with the 3rd group.";
" For example +b ~quiet:~channel:#lamers would quiet all users who are also in #lamers.";
"* Bans from the 3rd group may also be used for invite exceptions (+I),";
" such as +I ~channel:@#trusted and +I ~account:accountname. The same is also";
" true for the ~inherit extban, if used in +e/+I it inherits exceptions/invex.";
"* You may put a time limit (group 1) in front of any extended ban,";
" and even chain group 1 + group 2 + group 3:";
" +b ~time:60:~join:~country:BD";
}
help ExtServerBans {
"This allows you to match on things other than user/host/ip. This can be useful";
"for banning (GLINE, KLINE) and for exempting users (ELINE).";
" ";
"===[ ~account:<accountname> ]===";
"This matches when the user is logged into services with SASL using the specified";
"account name. There are also two special cases: ~account:* matches any logged in users";
"and ~account:0 which matches all unauthenticated users.";
" ";
"===[ ~asn:<number> ]===";
"Ban or exempt an AS Number. As an IRCOp you can see the AS Number in WHOIS and also";
"when users connect in the connect notice like [asn: XXX]. For more information see";
"https://www.unrealircd.org/docs/ASN";
" ";
"===[ ~country:<TLD> ]===";
"Matches a country, as determined by the GeoIP module. This uses the two letter country";
"code like NL or US.";
" ";
"===[ ~realname:<mask> ]===";
"This ban will match if the realname (gecos) of a user matches the specified string.";
"Since real names may contain spaces you can use an underscore to match a space or an";
"underscore. Eg: ~realname:*Stupid_bot_script* matches 'Stupid bot script'.";
" ";
"===[ ~security-group:<name> ]===";
"Ban users matching the specified security group. Note that this can ban large amounts";
"of users! See also https://www.unrealircd.org/docs/Security-group_block";
" ";
"===[ ~certfp:<fingerprint> ]===";
"Match a user based on their certificate fingerprint (when using SSL/TLS).";
"This can be very useful in ELINE to give trusted users certain exemptions.";
"See https://www.unrealircd.org/docs/Certificate_fingerprint";
" ";
"===[ More information ]===";
"See https://www.unrealircd.org/docs/Extended_server_bans";
"You may stack extended bans from the 2nd group with the 3rd group.";
"For example +b ~q:~c:#lamers would quiet all users who are also in #lamers.";
"Bans from the 3rd group may also be used for invite exceptions (+I),";
"such as +I ~c:@#trusted and +I ~a:accountname.";
}
help Chmodef {
" Both channel mode +F and +f offer advanced anti-flood protection for channels,";
" they (can) protect against join floods, message floods, nick floods and more.";
" The +f channel mode provides comprehensive flood protection for a channel.";
" This mode allows you to prevent join, nick change, CTCP, text, and knock";
" floods. The syntax for this mode's parameter is as follows:";
" -";
" The +F channel mode (uppercase F) allows you to pick a \"flood profile\"";
" For example \"MODE #channel +F normal\" would apply the \"normal\" profile,";
" while \"MODE #channel +F strict\" would apply a more strict flood profile.";
" For a list of all profiles that are available and what their settings are,";
" such as the thresholds for flood protection to kick in and where exactly";
" they protect against, see:";
" https://www.unrealircd.org/docs/Channel_anti-flood_settings#flood-profiles";
" -";
" There also exists an +f channel mode (lowercase f). This allows fine-tuning";
" of flood settings, especially the 't' and 'r' types that +F does not handle.";
" The syntax for this mode's parameter is as follows:";
" +f [<amount><type>{#<action>}{,...}]:<seconds>";
" -";
" The amount specifies the number of times the specified flood must occur";
" before action is taken. Below are the available types:";
" -";
@@ -402,18 +289,16 @@ help Chmodef {
" c CTCP +C m, M";
" j Join +i R";
" k Knock +K";
" m Messages +m M";
" m Messages +m M, d";
" n Nickchange +N";
" p Paste drop m, M";
" t Text kick b, d";
" r Repeat kick d, b";
" -";
" The difference between type m and t is that m is tallied for the entire";
" channel whereas t is tallied per user.";
" Type p counts multiline paste events (3+ lines) for the entire channel.";
" -";
" If you choose to specify an action for a mode, you may also specify a";
" time (in minutes) after which the specific action will be reversed.";
" See also https://www.unrealircd.org/docs/Channel_anti-flood_settings#Channel_mode_f";
}
help Nick {
@@ -466,7 +351,6 @@ help Who {
" i: IP address [*]";
" s: server name [*]";
" r: real name (gecos)";
" t: connect time (mask is >seconds or <seconds) [*]";
" a: account name (services account)";
" m: user modes (the mask contains for example +z or -z) [*]";
" R: sets output to show real hostnames [*]";
@@ -507,8 +391,6 @@ help Who {
" all users on SSL/TLS. (IRCOp only command)";
" WHO -z m - Show all insecure users, without umode z.";
" (IRCOp only command)";
" WHO <300 t - Show all users that are connected for";
" less than 300 seconds (IRCOp only command)";
" Examples of WHOX requests using output modifiers:";
" WHO #test %acfhnru - Show all users in the channel #test and show";
" various fields, among which 'a' (services";
@@ -568,6 +450,14 @@ help Names {
"Example: NAMES #Support";
}
help Ison {
" Used to determine if certain user(s) are";
" currently online based upon their nickname.";
" -";
" Syntax: ISON <user> <user2> <user3> <user4>";
" Example: ISON hAtbLaDe Stskeeps OperServ AOLBot";
}
help Join {
" Used to enter one or more channels on an IRC server.";
" All occupants of the channel will be notified of your arrival.";
@@ -643,6 +533,17 @@ help Ping {
" PING hAtbLaDe irc2.dynam.ac";
}
help Pong {
" PONG message is a reply to PING message. If parameter <server2> is";
" given, this message will be forwarded to given target. The <server>";
" parameter is the name of the entity who has responded to PING message";
" and generated this message.";
" -";
" Syntax: PONG <server> <server2>";
" Example: PONG irc.example.org irc2.dynam.ac";
" (PONG message from irc.example.org to irc2.dynam.ac)";
}
help Version {
" Provides Version information of the IRCd software in usage.";
" -";
@@ -727,6 +628,20 @@ help Away {
" Example: AWAY Lunch time!";
}
help Watch {
" Watch is a notify-type system on the server which is both faster";
" and uses less network resources than any old-style notify";
" system. The server will send you a message when any nickname";
" in your watch list logs on or off.";
" The watch list DOES NOT REMAIN BETWEEN SESSIONS - You (or your";
" script or client) must add the nicknames to your watch list every";
" time you connect to an IRC server.";
" -";
" Syntax: WATCH +nick1 +nick2 +nick3 (Add nicknames)";
" WATCH -nick (Delete nicknames)";
" WATCH (View which users are online)";
}
help List {
" Provides a complete listing of all channels on the network.";
" If a search string is specified, it will only show those";
@@ -838,6 +753,13 @@ help Credits {
" CREDITS <server>";
}
help Dalinfo {
" This command will show historical credits (from ircu, etc..)";
" -";
" Syntax: DALINFO";
" Syntax: DALINFO <server>";
}
help License {
" This command displays information about the license UnrealIRCd is released under.";
" Syntax: LICENSE";
@@ -905,8 +827,8 @@ help Kline {
" You may also specify the time in the format 1d10h15m30s.";
" IRC Operator only command.";
" -";
" Syntax: KLINE <user@hostmask or nick> [time] <reason> (adds a K-Line)";
" KLINE -<user@hostmask> (removes a K-Line)";
" Syntax: KLINE <hostmask or nick> [time] <reason> (adds a K-Line)";
" KLINE -<hostmask> (removes a K-Line)";
" Example: KLINE *@*.aol.com Abuse (Adds a permanent K-Line)";
" KLINE *@*.someisp.com 2d Abuse (Adds a K-Line for 2 days)";
" KLINE Idiot 1d Please go away";
@@ -920,12 +842,10 @@ help Kline {
" KLINE %Idiot 1d Please go away";
" KLINE -%*@*.aol.com";
" -";
" Extended server bans:";
" These allow you to match on criteria other than user/host/ip.";
" Syntax: KLINE ~<name>:<mask> [time] <reason>";
" Example: KLINE ~realname:*Stupid_bot_script*";
" See /HELPOP EXTSERVERBANS for more ban criteria or the docs online at";
" https://www.unrealircd.org/docs/Extended_server_bans";
" Extended server bans (more info at https://www.unrealircd.org/docs/Extended_server_bans)";
" Syntax: KLINE ~<flag>:<mask> [time] <reason>";
" Example: KLINE ~r:*Stupid_bot_script*";
}
help Zline {
@@ -949,8 +869,9 @@ help Gline {
" You may also specify the time in the format 1d10h15m30s.";
" IRC Operator only command.";
" -";
" Syntax: GLINE <user@hostmask or nick> [time] <reason> (Adds a G-Line)";
" GLINE -<user@hostmask> (Removes a G-Line)";
" Syntax: GLINE <user@host mask or nick> [time] <reason>";
" (Adds a G-Line for user@host)";
" GLINE -<user@host mask> (Removes a G-Line for user@host)";
" Example: GLINE *@*.idiot.net 900 Spammers (Adds a 15 min G-Line)";
" GLINE *@*.idiot.net 1d5h Spammers (Adds a 29 hour G-Line)";
" GLINE Idiot 1d Abuse";
@@ -958,21 +879,22 @@ help Gline {
" -";
" Soft Actions (More info at https://www.unrealircd.org/docs/Actions)";
" -";
" Syntax: GLINE %<user@hostmask or nick> [time] <reason>";
" (Adds a G-Line for user@host, but still allows the connection";
" if the user has a registered account and identifies using SASL)";
" GLINE -%<user@hostmask> (Removes a soft G-Line for user@host)";
" Syntax: GLINE %<user@host mask or nick> [time] <reason>";
" (Adds a G-Line for user@host, but still allows the connection if the";
" user has a registered account and identifies using SASL)";
" GLINE -%<user@host mask> (Removes a soft G-Line for user@host)";
" Example: GLINE %*@*.idiot.net 900 Spammers (Adds a 15 min soft G-Line)";
" GLINE %*@*.idiot.net 1d5h Spammers (Adds a 29 hour soft G-Line)";
" GLINE %Idiot 1d Abuse (Adds a 1 hour soft G-Line)";
" GLINE -%*@*.idiot.net (Remove an existing G-Line)";
" GLINE %Idiot 1d Abuse";
" GLINE -%*@*.idiot.net";
" -";
" Extended server bans:";
" These allow you to match on criteria other than user/host/ip.";
" Syntax: GLINE ~<name>:<mask> [time] <reason>";
" Example: GLINE ~realname:*Stupid_bot_script*";
" See /HELPOP EXTSERVERBANS for more ban criteria or the docs online at";
" https://www.unrealircd.org/docs/Extended_server_bans";
" Extended server bans (more info at https://www.unrealircd.org/docs/Extended_server_bans)";
" Syntax: GLINE ~<flag>:<mask> [time] <reason>";
" Example: GLINE ~r:*Stupid_bot_script*";
" Supported <flags> are:";
" a - Services account name";
" r - gecos/realname string";
" S - SSL/TLS client certificate fingerprint";
}
help Shun {
@@ -992,8 +914,8 @@ help Shun {
" SHUN +foobar@aol.com 1d6h :Spamming (Adds a 30 hour SHUN)";
" -";
" Extended server bans (more info at https://www.unrealircd.org/docs/Extended_server_bans)";
" Syntax: SHUN ~<name>:<mask> [time] <reason>";
" Example: SHUN ~realname:*Stupid_bot_script*";
" Syntax: SHUN ~<flag>:<mask> [time] <reason>";
" Example: SHUN ~r:*Stupid_bot_script*";
}
help Gzline {
@@ -1035,26 +957,13 @@ help Eline {
" v | version | Bypass ban version { } blocks ";
" ==------------------------------------------------------------------------------==";
" -";
" Extended server bans:";
" These allow you to match on criteria other than user/host/ip.";
" Syntax: ELINE ~<name>:<mask> <bantypes> <expire-time> <reason>";
" Example: ELINE ~certfp:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef kGF 0 Trusted user with this certificate fingerprint";
" See /HELPOP EXTSERVERBANS for more ban criteria or the docs online at";
" https://www.unrealircd.org/docs/Extended_server_bans";
}
help Tline {
" Shows number of clients matching a server ban mask.";
" IRC Operator only command.";
" Syntax: TLINE <nick!user@host>";
" Example: TLINE *!*@127.0.0.0/8";
" -";
" Extended server bans:";
" These allow you to match on criteria other than user/host/ip.";
" Syntax: TLINE ~<name>:<mask>";
" Example: TLINE ~realname:*Stupid_bot_script*";
" See /HELPOP EXTSERVERBANS for more ban criteria or the docs online at";
" https://www.unrealircd.org/docs/Extended_server_bans";
" Extended server bans (more info at https://www.unrealircd.org/docs/Extended_server_bans)";
" Syntax: ELINE ~<flag>:<mask> <bantypes> <expire-time> <reason>";
" Example: ELINE ~S:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef kGF 0 Trusted user with this certificate fingerprint";
" Supported <flags> are:";
" a - Services account name";
" r - gecos/realname string";
" S - SSL/TLS client certificate fingerprint";
}
help Rehash {
@@ -1073,6 +982,8 @@ help Rehash {
" The flags are used to rehash other config files, valid flags are:";
" -dns - Reinitializes and reloads the resolver";
" -garbage - Force garbage collection";
" -motd - Only re-read all MOTD, BOTMOTD, OPERMOTD and RULES files";
" (including those in tld{} blocks)";
" -tls - Reloads SSL/TLS certificates";
}
@@ -1334,17 +1245,13 @@ help Svspart {
}
help Svso {
" Gives a user oper privileges, as if they /OPER'ed up.";
" Gives nick Operflags like the ones in O-Lines.";
" Remember to set SVSMODE +o and alike.";
" Must be sent through an U-Lined server.";
" -";
" Syntax: SVSO <uid|nick> <oper account> <operclass> <class> <modes> <snomask> <vhost>";
" All these parameters need to be set, you cannot leave any of them out.";
" However, some parameters can be sent as '-' to skip setting them or to";
" use defaults, this is true for: <class>, <modes>, <snomask> and <vhost>.";
" -";
" Example: SVSO Syzop Syzop netadmin-with-override opers - - i.am.an.oper";
" -";
" To un-oper someone, use 'SVS2MODE Nick -o'";
" Syntax: SVSO <nick> <+operflags> (Adds the Operflags)";
" SVSO <nick> - (Removes all O-Line flags)";
" Example: SVSO SomeNick +bBkK";
}
help Swhois {
@@ -1403,7 +1310,7 @@ help Svsnline {
" Adds a global realname ban.";
" Must be sent through an U-Lined server.";
" The reason must be a single parameter therefore";
" spaces are indicated by _, UnrealIRCd will internally";
" spaces are indicated by _, Unreal will internally";
" translate these to spaces.";
" -";
" Syntax: SVSNLINE + <reason_for_ban> :<realname> (To add a ban)";
@@ -1456,19 +1363,19 @@ help Svs2sno {
}
help Svsnolag {
" Enable 'no fake lag' for a user.";
" Must be sent through an U-Lined server.";
" -";
" Syntax: SVSNOLAG [+|-] <nickname>";
" Example: SVSNOLAG + joe";
" Enable 'no fake lag' for a user.";
" Must be sent through an U-Lined server.";
" -";
" Syntax: SVSNOLAG [+|-] <nickname>";
" Example: SVSNOLAG + joe";
}
help Svs2nolag {
" Enable 'no fake lag' for a user.";
" Must be sent through an U-Lined server.";
" -";
" Syntax: SVS2NOLAG [+|-] <nickname>";
" Example: SVS2NOLAG + joe";
" Enable 'no fake lag' for a user.";
" Must be sent through an U-Lined server.";
" -";
" Syntax: SVS2NOLAG [+|-] <nickname>";
" Example: SVS2NOLAG + joe";
}
help Spamfilter {
doc/conf/help/help.de.conf
+59 -28
View File
@@ -1,4 +1,4 @@
/* UnrealIRCd 6 Help Configuration
/* UnrealIRCd 5 Help Configuration
* Based on the original help text written by hAtbLaDe
* Revised by CC (07/2002) and many others
*
@@ -36,16 +36,17 @@ help Usercmds {
" einen bestimmten Befehl zu erhalten.";
" -";
" ==-------------------------oOo-------------------------==";
" ADMIN LINKS PART USERHOST";
" AWAY LIST PING USERIP";
" CREDITS LUSERS PRIVMSG VERSION";
" CYCLE MAP QUIT VHOST";
" ADMIN LICENSE PART USERHOST";
" AWAY LINKS PING USERIP";
" CREDITS LIST PONG VERSION";
" CYCLE LUSERS PRIVMSG VHOST";
" DALINFO MAP QUIT WATCH";
" DCCALLOW MODE RULES WHO";
" INVITE MODULE SETIDENT WHOIS";
" JOIN MOTD SETNAME WHOWAS";
" KICK NAMES SILENCE";
" KNOCK NICK TIME";
" LICENSE NOTICE TOPIC";
" INVITE MODULE SETNAME WHOIS";
" ISON MOTD SILENCE WHOWAS";
" JOIN NAMES STATS";
" KICK NICK TIME";
" KNOCK NOTICE TOPIC";
" ==-------------------------oOo-------------------------==";
}
@@ -56,19 +57,17 @@ help Opercmds {
" einen bestimmten Befehl zu erhalten.";
" -";
" ==-------------------------oOo-------------------------==";
" ADDMOTD GZLINE SAPART";
" ADDOMOTD INVITE SDESC";
" CHGHOST KILL SETHOST";
" CHGIDENT KLINE SHUN";
" CHGNAME LAG SPAMFILTER";
" CLOSE LOCOPS STATS";
" CONNECT MKPASSWD TEMPSHUN";
" DCCDENY OPER TLINE";
" DIE OPERMOTD TRACE";
" DNS REHASH TSCTL";
" ELINE RESTART UNDCCDENY";
" GLINE SAJOIN WALLOPS";
" GLOBOPS SAMODE ZLINE";
" ADCHAT DNS NACHAT SETIDENT";
" ADDMOTD GLINE OPER SHUN";
" ADDOMOTD GLOBOPS OPERMOTD SPAMFILTER";
" CHATOPS GZLINE REHASH SQUIT";
" CHGHOST RESTART TEMPSHUN";
" CHGIDENT KILL TRACE";
" CHGNAME KLINE SAJOIN TSCTL";
" CLOSE LAG SAMODE UNDCCDENY";
" CONNECT LOCOPS SAPART WALLOPS";
" DCCDENY MKPASSWD SDESC ZLINE";
" DIE MODULE SETHOST";
" ==-------------------------oOo-------------------------==";
}
@@ -111,7 +110,7 @@ help Umodes {
" v = Lässt den User DCC-Ablehnungs Notices sehen.";
" w = Sieht Wallop Nachrichten";
" x = Verschlüsselt den Host (Sicherheit)";
" z = Markiert alle Clients, die über eine sichere Verbindung chatten (SSL/TLS)";
" z = Markiert alle Clients, die über eine sichere Verbindung chatten (SSL)";
" B = Markiert dich als einen BOT";
" G = Filtert alle BadWords aus deinen Nachrichten und ersetzt sie durch <censored>";
" H = Versteckt den IRCOP-Status in /WHO und /WHOIS (Nur Für IRCOPS)";
@@ -179,7 +178,7 @@ help Chmodes {
" r = Der Channel ist registriert (kann nur durch Services gesetzt werden)";
" s = Geheimer Channel [o]";
" t = Nur User mit +hoaq können Topic des Channels ändern [h]";
" z = Nur Clients mit sicherer Verbindung (SSL/TLS) können joinen [o]";
" z = Nur Clients mit sicherer Verbindung (SSL) können joinen [o]";
" A = Channel ausschliesslich für Server/Net Admin (Kann durch Admins gesetzt werden)";
" C = Im Channel sind keine CTCPs erlaubt [o]";
" G = Filtert alle Badwords in Nachrichten und ersetzt sie durch <censored> [o]";
@@ -248,12 +247,10 @@ help Chmodef {
" k Knock +K";
" m Messages +m M";
" n Nickchange +N";
" p Paste drop m, M";
" t Text kick b";
" -";
" Der Unterschied zwischen m und t besteht darin, dass m für den ";
" gesamten Channel gilt, während t pro User gilt.";
" Typ p zählt Multiline-Einfüge-Ereignisse (3+ Zeilen) für den gesamten Channel.";
" -";
" Wird eine aktion für einen Modus gewählt, kann eine Zeit (in Minuten)";
" angegeben werden, nach der die gewählte aktion aufgehoben wird.";
@@ -498,6 +495,17 @@ help Ping {
" PING hAtbLaDe irc2.dynam.ac";
}
help Pong {
" Die PONG Nachricht ist die Antwort auf die PING Nachricht. Wird der";
" Parameter <server2> angegeben, wird die Nachricht an das angegebene Ziel";
" geleitet. Parameter <server> ist der Name der Einheit, die auf die Ping";
" Nachricht geantwortet hat und diese Nachricht erzeugt hat.";
" -";
" Syntax: PONG <server> <server2>";
" Beispiel: PONG irc.example.org irc2.dynam.ac";
" (PONG Nachricht von irc.example.org to irc2.dynam.ac)";
}
help Version {
" Liefert versions Informationen über den benutzten IRCd.";
" -";
@@ -584,6 +592,20 @@ help Away {
" Beispiel: AWAY Essenszeit!";
}
help Watch {
" Watch ist ein Benachrichtigungssystem welches schneller und ressourcenschonender";
" arbeitet, als das alte Notify System. Der Server sendet eine Nachricht an einen";
" selbst, wann immer ein User, der in der eigenen \"Watch\" Liste steht, ein- oder";
" ausloggt.";
" Die Watch Liste wird nicht gespeichert, man muß über den eigenen Client oder ein";
" Script bei jeder neuen Verbindung dafür sorgen, dass sie erneut an den Server";
" übertragen wird. D.h. der Watch Befehl ist dann erneut einzugeben.";
" -";
" Syntax: WATCH +nick1 +nick2 +nick3 (Fügt Nickname hinzu)";
" WATCH -nick (Löscht Nickname)";
" WATCH (Zeigt die Watch Liste an)";
}
help List {
" Liefert eine vollständige Liste sämtlicher Channels im Netzwerk.";
" Wird ein Suchstring angegeben, so werden nur die Channels angezeigt,";
@@ -676,6 +698,13 @@ help Credits {
" CREDITS <server>";
}
help Dalinfo {
" Diser Befehl liefert historische Danksagungen (von ircu, etc..)";
" -";
" Syntax: DALINFO";
" Syntax: DALINFO <server>";
}
help License {
" Dieser Befehl zeigt die Lizenzinformationen für UnrealIRCd an.";
" Syntax: LICENSE";
@@ -883,7 +912,9 @@ help Rehash {
" -";
" Die Flags werden benutzt, um andere Configdateien zu rehashen.";
" Gültige Flags sind:";
" -dns - Rehasht der DNS resolver";
" -motd - Rehasht alle MOTD Dateien und RULES Dateien (incl. tld{})";
" -opermotd - Rehasht die OPERMOTD";
" -botmotd - Rehasht die BOTMOTD";
" -garbage - bewirkt garbage collection";
" Anmerkung des Übersetzers: Garbage collection (GC) (englisch,";
" wörtlich deutsch: Mülleinsammeln, auch Freispeichersammlung) ist";
doc/conf/help/help.es.conf
+85 -59
View File
@@ -1,4 +1,4 @@
/* UnrealIRCd 6 Help Configuration
/* UnrealIRCd 5 Help Configuration
* Based on the original help text written by hAtbLaDe
* Revised by CC (07/2002) and many others
*
@@ -45,16 +45,17 @@ help Usercmds {
" un comando específico.";
" -";
" ==-------------------------oOo-------------------------==";
" ADMIN LINKS PART USERHOST";
" AWAY LIST PING USERIP";
" CREDITS LUSERS PRIVMSG VERSION";
" CYCLE MAP QUIT VHOST";
" ADMIN LICENSE PART USERHOST";
" AWAY LINKS PING USERIP";
" CREDITS LIST PONG VERSION";
" CYCLE LUSERS PRIVMSG VHOST";
" DALINFO MAP QUIT WATCH";
" DCCALLOW MODE RULES WHO";
" INVITE MODULE SETIDENT WHOIS";
" JOIN MOTD SETNAME WHOWAS";
" KICK NAMES SILENCE";
" KNOCK NICK TIME";
" LICENSE NOTICE TOPIC";
" INVITE MODULE SETNAME WHOIS";
" ISON MOTD SILENCE WHOWAS";
" JOIN NAMES STATS";
" KICK NICK TIME";
" KNOCK NOTICE TOPIC";
" ==-------------------------oOo-------------------------==";
};
@@ -66,19 +67,17 @@ help Opercmds {
" Ver también https://www.unrealircd.org/docs/IRCOp_guide";
" -";
" ==-------------------------oOo-------------------------==";
" ADDMOTD GZLINE SAPART";
" ADDOMOTD INVITE SDESC";
" CHGHOST KILL SETHOST";
" CHGIDENT KLINE SHUN";
" CHGNAME LAG SPAMFILTER";
" CLOSE LOCOPS STATS";
" CONNECT MKPASSWD TEMPSHUN";
" DCCDENY OPER TLINE";
" DIE OPERMOTD TRACE";
" DNS REHASH TSCTL";
" ELINE RESTART UNDCCDENY";
" GLINE SAJOIN WALLOPS";
" GLOBOPS SAMODE ZLINE";
" DNS SETIDENT";
" ADDMOTD GLINE OPER SHUN";
" ADDOMOTD GLOBOPS OPERMOTD SPAMFILTER";
" GZLINE REHASH SQUIT";
" CHGHOST RESTART TEMPSHUN";
" CHGIDENT KILL TRACE";
" CHGNAME KLINE SAJOIN TSCTL";
" CLOSE LAG SAMODE UNDCCDENY";
" CONNECT LOCOPS SAPART WALLOPS";
" DCCDENY MKPASSWD SDESC ZLINE";
" DIE MODULE SETHOST";
" ==-------------------------oOo-------------------------==";
};
@@ -114,7 +113,7 @@ help Umodes {
" t = dice que está utilizando un /VHOST";
" w = Puede leer mensajes Wallop";
" x = Da al usuario un nombre de host oculto (seguridad de ocultacion de IPs)";
" z = Marca que el cliente está en una Conexión segura (SSL/TLS)";
" z = Marca que el cliente está en una Conexión segura (SSL)";
" B = Te marca como un BOT del IRC";
" D = Solo recibir PRIVMSG de IRCOps, servidores y servicios (privdeaf)";
" G = filtra todas las Bad words en tus mensajes con <censurado>";
@@ -124,41 +123,37 @@ help Umodes {
" S = Solo para los Servicios (los protege)";
" T = Le impide recibir CTCP";
" W = Le permite ver cuándo las personas le hacen un /WHOIS (Solo para Operadores del IRC)";
" Z = Solo recibir/enviar PRIVMSGs de/a usuarios que usan una Conexión segura (SSL/TLS)";
" Z = Solo recibir/enviar PRIVMSGs de/a usuarios que usan una Conexión segura (SSL)";
" ==---------------------------oOo---------------------------==";
};
help Snomasks {
"Snomask significa 'Service NOTice MASK', controla cuál";
" Snomask significa 'Service NOtice MASK', controla (principalmente) qué";
" avisos del servidor que recibirá.";
" Uso: /MODE nick +s <snomask>";
"Ej: /MODE blah +s +cC-j";
" El parámetro especifica qué snomasks quiere (o no quiere).";
" También puedes eliminar todos los snomasks simplemente haciendo /MODE nick -s.";
" Use: /MODE nick +s <snomask>";
" Ej: /MODE blah +s +cF-j";
" El parámetro especifica qué snomasks quieres (o no quieres).";
" También puede eliminar todos los snomasks simplemente haciendo /MODE nick -s.";
"-";
" A continuación se muestra una lista de posibles snomasks:";
" ==--------------------------oOo--------------------- --==";
"b = bloqueos de servidores (KLINE, GLINE, SHUN, etc.)";
"B = Mensajes del módulo DNS Blacklist";
"c = El cliente local se conecta";
"C = El cliente remoto se conecta (en otros servidores, excepto servicios/líneas u)";
"d = DCC rechazados debido a bloques Deny dcc";
"D = Depuración / basura (NO recomendado, cosas posiblemente inofensivas, ¡ruidoso!)";
"f = avisos de inundación (recomendado)";
"j = une, parte y patea";
"k = avisos de eliminación (uso de /KILL)";
"n = Cambios de nick locales";
"N = Avisos de cambio de nick remoto";
"q = Denegar avisos de rechazo de nick (QLINE)";
"s = Avisos del servidor: todos los demás avisos que no encajan en los otros snomasks";
" (incluye mensajes muy importantes, muy recomendable)";
"S = Aciertos del filtro de spam";
"o = anulación de IRCOp en canales (OperOverride)";
"O = IRCOp cambiando propiedades de usuario (/CHGNAME, /CHGIDENT, /CHGHOST, ..)";
" u obligar a un usuario a hacer cosas (/SAJOIN, /SAPART)";
"v = uso de VHOST";
" ==--------------------------oOo--------------------- ---==";
}
" ==-------------------------oOo-----------------------==";
" b = Ver resultados de blacklist";
" c = Ver conexiones/desconexiones en el servidor local";
" e = Ver mensajes del servidor 'Eyes' (OperOverride, /CHG* and /SET* usage, ..)";
" f = Ver alertas de inundación";
" F = Ver conexiones/desconexiones en servidores remotos (excepto U-Lines)";
" G = Ver avisos TKL (Gline, GZline, Shun, etc)";
" j = Ver avisos Junk (no recomendado para uso normal)";
" k = Ver avisos de KILL";
" n = Ver cambios de nick en el servidor local";
" N = Ver cambios de nick en servidores remotos";
" o = Ver avisos de oper-up";
" q = Ver cambios de nick rechazados debido a Q-Lines";
" s = Ver avisos generales";
" S = Ver coincidencias de spamfilter";
" v = Ver el uso del comando /VHOST";
" ==-------------------------oOo------------------------==";
};
help Chmodes {
" Esta sección enumera todos los modos de canal posibles que pueden usarse con /MODE";
@@ -200,8 +195,8 @@ help Chmodes {
" T = No hay NOTICEs permitidos en el canal [o]";
" t = Solo +hoaq pueden cambiar el topic [h]";
" V = /INVITE no está permitido [o]";
" z = Solo los clientes en una conexión segura (SSL/TLS) pueden entrar al canal [o]";
" Z = Todos los usuarios en el canal están en una conexión segura (SSL/TLS) [server]";
" z = Solo los clientes en una conexión segura (SSL) pueden entrar al canal [o]";
" Z = Todos los usuarios en el canal están en una conexión segura (SSL) [server]";
" (Este modo es activado/desactivado por el servidor. Solo si el canal también es +z)";
" -";
" [h] requiere al menos halfop, [o] requiere al menos chanop";
@@ -288,7 +283,7 @@ help ExtBans {
"-----------------------------------------------------------------------------------";
" | | Cuando un usuario usa SSL/TLS con un certificado de ";
" | | cliente entonces puede hacer coincidir al usuario con ";
" ~S | certfp | su/el cert fingerprint (el que ves en /WHOIS). Muy útil ";
" ~S | certfp | su/el SSL fingerprint (el que ves en /WHOIS). Muy útil ";
" | | para excepciones de ban seguros y excepciones de ";
" | | invitación. ";
" | | Ejemplo: +iI ~S:00112233445566778899aabbccddeeff..etc.. ";
@@ -318,15 +313,13 @@ help Chmodef {
" c CTCP +C m, M";
" j Join +i R";
" k Knock +K";
" m Messages +m M";
" m Messages +m M, d";
" n Nickchange +N";
" p Paste drop m, M";
" t Text kick b, d";
" r Repeat kick d, b";
" -";
" La diferencia entre el tipo m y t es que m se calcula para todo el";
" canal, mientras que t se calcula por usuario.";
" El tipo p cuenta eventos de pegado multiline (3+ líneas) para todo el canal.";
" -";
" Si elige especificar una acción para un modo, también puede especificar un";
" tiempo (en minutos) después del cual se revertirá la acción específica.";
@@ -579,6 +572,16 @@ help Ping {
" PING hAtbLaDe irc2.dynam.ac";
};
help Pong {
" El mensaje PONG es una respuesta al mensaje PING. Si se proporciona el parámetro";
" <servidor2>, este mensaje se reenviará al objetivo dado. El parámetro <servidor>";
" es el nombre de la entidad que respondió al mensaje PING y generó este mensaje.";
" -";
" Sintaxis: PONG <servidor> <servidor2>";
" Ejemplo: PONG irc.fyremoon.net irc2.dynam.ac";
" (mensaje PONG de irc.fyremoon.net a irc2.dynam.ac)";
};
help Version {
" Proporciona información de la versión del software de IRCd en uso.";
" -";
@@ -663,6 +666,20 @@ help Away {
" Ejemplo: AWAY La hora del almuerzo!";
};
help Watch {
" Watch es un sistema de notificación en el servidor que es más rápido";
" y usa menos recursos de red que cualquier sistema de notificación ";
" antiguo. El servidor le enviará un mensaje cuando cualquier nickname";
" en su lista de watch incie o cierre sesion.";
" La lista de watch NO PERMANECE ENTRE SESIONES - Usted (o su script";
" o cliente) debe añadir los nicknames a su lista de watch cada vez";
" que se conecte a un servidor IRC.";
" -";
" Sintaxis: WATCH +nick1 +nick2 +nick3 (Añade nicknames)";
" WATCH -nick (Elimina nicknames)";
" WATCH (Ver qué usuarios están en línea)";
};
help List {
" Proporciona una lista completa de todos los canales de la red.";
" Si se especifica una cadena de búsqueda, solo mostrará esas";
@@ -779,6 +796,13 @@ help Credits {
" CREDITS <servidor>";
};
help Dalinfo {
" Este comando mostrará créditos históricos (de ircu, etc..)";
" -";
" Sintaxis: DALINFO";
" Sintaxis: DALINFO <servidor>";
};
help License {
" Este comando muestra información sobre la licencia bajo la cual se publica UnrealIRCd.";
" Sintaxis: LICENSE";
@@ -960,6 +984,8 @@ help Rehash {
" -";
" -dns - Reinicializa y recarga el resolver";
" -garbage - Fuerza la eliminacion de basura";
" -motd - Solo re-lee todos los archivos MOTD, BOTMOTD, OPERMOTD y RULES";
" (incluidos los bloques de tld{} )";
" -tls - Recarga los certificados SSL/TLS";
};
@@ -1292,7 +1318,7 @@ help Svsnline {
" Añade un ban global aun nombre real (realname).";
" Debe enviarse a través de un servidor con U-Lines.";
" La razón debe ser el único parámetro, por lo tanto";
" los espacios se indican con _, el UnrealIRCd lo hará internamente";
" los espacios se indican con _, el Unreal lo hará internamente";
" trasladar esto a espacios.";
" -";
" Sintaxis: SVSNLINE + <razón_del_ban> :<realname> (para añadir un ban)";
doc/conf/help/help.fr.conf
+77 -100
View File
@@ -1,9 +1,9 @@
/* UnrealIRCd 6 Help Configuration
/* UnrealIRCd 5 Help Configuration
* Basé sur l'aide originale écrite par hAtbLaDe
* Révisé par CC (07/2002)
* Ancien traducteur français : babass
* Tradution française : Alef Burzmali - http://www.burzmali.com
* Dernière mise à jour : 2025-06-05 par Le_Coyote
* Dernière mise à jour : 2010-09-11
* $Id$
*
* Ceci est une mise à jour pratique du système /HELPOP
@@ -37,16 +37,17 @@ help Usercmds {
" sur une commande spécifique.";
" -";
" ==-------------------------oOo-------------------------==";
" ADMIN LINKS PART USERHOST";
" AWAY LIST PING USERIP";
" CREDITS LUSERS PRIVMSG VERSION";
" CYCLE MAP QUIT VHOST";
" ADMIN LICENSE PART USERHOST";
" AWAY LINKS PING USERIP";
" CREDITS LIST PONG VERSION";
" CYCLE LUSERS PRIVMSG VHOST";
" DALINFO MAP QUIT WATCH";
" DCCALLOW MODE RULES WHO";
" INVITE MODULE SETIDENT WHOIS";
" JOIN MOTD SETNAME WHOWAS";
" KICK NAMES SILENCE";
" KNOCK NICK TIME";
" LICENSE NOTICE TOPIC";
" INVITE MODULE SETNAME WHOIS";
" ISON MOTD SILENCE WHOWAS";
" JOIN NAMES STATS";
" KICK NICK TIME";
" KNOCK NOTICE TOPIC";
" ==-------------------------oOo-------------------------==";
}
@@ -56,19 +57,17 @@ help Opercmds {
" sur une commande spécifique.";
" -";
" ==-------------------------oOo-------------------------==";
" ADDMOTD GZLINE SAPART";
" ADDOMOTD INVITE SDESC";
" CHGHOST KILL SETHOST";
" CHGIDENT KLINE SHUN";
" CHGNAME LAG SPAMFILTER";
" CLOSE LOCOPS STATS";
" CONNECT MKPASSWD TEMPSHUN";
" DCCDENY OPER TLINE";
" DIE OPERMOTD TRACE";
" DNS REHASH TSCTL";
" ELINE RESTART UNDCCDENY";
" GLINE SAJOIN WALLOPS";
" GLOBOPS SAMODE ZLINE";
" DNS SETIDENT";
" ADDMOTD GLINE OPER SHUN";
" ADDOMOTD GLOBOPS OPERMOTD SPAMFILTER";
" GZLINE REHASH SQUIT";
" CHGHOST RESTART TEMPSHUN";
" CHGIDENT KILL TRACE";
" CHGNAME KLINE SAJOIN TSCTL";
" CLOSE LAG SAMODE UNDCCDENY";
" CONNECT LOCOPS SAPART WALLOPS";
" DCCDENY MKPASSWD SDESC ZLINE";
" DIE MODULE SETHOST";
" ==-------------------------oOo-------------------------==";
}
@@ -104,7 +103,7 @@ help Umodes {
" t = Dit que vous utilisez un /VHOST";
" w = Peut recevoir les Wallops";
" x = Donne à l'utilisateur un hostname crypté (sécurité)";
" z = Marque le client comme utilisant une connexion sécurisée (SSL/TLS)";
" z = Marque le client comme utilisant une connexion sécurisée (SSL)";
" B = Vous marque comme étant un Bot";
" D = Ne recevoir de PRIVMSGs que de la part des IRCOps, serveurs et services";
" G = Remplace tous les 'Bad words' dans vos messages par <censored>";
@@ -114,7 +113,7 @@ help Umodes {
" S = Pour les services uniquement. (Les protège)";
" T = Vous empêche de recevoir des CTCPs";
" W = Vous permet de voir lorsqu'un utilisateur fait un /WHOIS sur vous (Opérateurs IRC uniquement)";
" Z = Envoyer/Recevoir les PRIVMSGs uniquement aux/des utilisateurs utilisant une connexion sécurisée (SSL/TLS)";
" Z = Envoyer/Recevoir les PRIVMSGs uniquement aux/des utilisateurs utilisant une connexion sécurisée (SSL)";
" ==---------------------------oOo---------------------------==";
}
@@ -128,27 +127,21 @@ help Snomasks {
"-";
" Ci-dessous, une liste des snomasks disponibles :";
" ==-------------------------oOo-----------------------==";
" b = Bans serveurs (Gline, GZline, Shun, etc)";
" B = Messages du module DNS Blacklist";
" c = Connexions/déconnexions sur le serveur local";
" C = Connexions/déconnexions sur les serveurs distants (exceptés les U-lines)";
" d = DCCs rejetés par les blocs Deny dcc";
" D = Notices de debugging / junk (NON recommandé)";
" f = Notices de flood";
" j = Join, parts et kicks";
" k = Notices de KILL";
" n = Changements de pseudo sur le serveur local";
" N = Changements de pseudo sur les serveurs distants";
" q = Pseudos rejetés par les Q:lines";
" s = Notices générales qui ne sont pas dans les autres snomasks";
" (inclut des messages très importants, donc fortement recommandé)";
" S = Correspondances aux spamfilters";
" o = IRCOp utilisant OperOverride sur un canal";
" O = IRCOp faisant un changement de propriété (/CGHNAME, /CHGIDENT, /CHGHOST, ...)";
" ou forçant une commande (/SAJOIN, /SAPART) sur un utilisateur";
" R = Utilisation de JSON-RPC";
" v = Utilisation de la commande /VHOST";
" x = Connexions rejetées (maxperip, connthrottle)";
" b = Voir les hits sur les blacklists";
" c = Voir les connexions/déconnexions sur le serveur local";
" e = Voir les messages 'Eyes' du serveur (OperOverride, utilisation de /CHG* et /SET*, ...)";
" f = Voir les alertes de flood";
" F = Voir les connexions/déconnexions sur les serveurs distants (exceptés les U-lines)";
" G = Voir les notices TKL (Gline, GZline, Shun, etc)";
" j = Voir les notices Junk (non recommendé pour un usage normal)";
" k = Voir les notices KILL";
" n = Voir les changements de pseudo sur le serveur local";
" N = Voir les changements de pseudo sur les serveurs distants";
" o = Voir les notices d'identification des opérateurs";
" q = Voir les rejets de changements de pseudo dus aux Q:lines";
" s = Voir les notices générales";
" S = Voir les correspondances au spamfilter";
" v = Voir l'usage de la commande /VHOST";
" ==-------------------------oOo------------------------==";
}
@@ -193,8 +186,8 @@ help Chmodes {
" t = Seuls les +hoaq peuvent changer le topic [h]";
" u = Mode auditorium (/names et /who #salon montrent uniquement les opérateurs du salon) [q]";
" V = /INVITE n'est pas autorisée [o]";
" z = Seuls les clients avec une connexion sécurisée (SSL/TLS) peuvent entrer [o]";
" Z = Tous les utilisateurs du salon sont sur une connexion sécurisée (SSL/TLS) [serveur]";
" z = Seuls les clients avec une connexion sécurisée (SSL) peuvent entrer [o]";
" Z = Tous les utilisateurs du salon sont sur une connexion sécurisée (SSL) [serveur]";
" (Ce mode est mis/enlevé par le serveur, seulement si le salon est déjà +z)";
" -";
" [h] requiert d'être au moins halfop, [o] requiert d'être au moins chanop";
@@ -302,13 +295,11 @@ help Chmodef {
" k Knock +K";
" m Messages +m M";
" n Nickchange +N";
" p Paste drop m, M";
" t Text kick b";
" r Répétition kick d, b";
" -";
" La différence entre les types m et t est que m compte le nombre d'entrées pour le salon entier";
" alors que le t les compte par utilisateur.";
" Le type p compte les événements de collage multiline (3+ lignes) pour le salon entier.";
" -";
" Si vous choissisez de spécifier une action pour un mode, vous pouvez également spécifier une";
" durée (en minutes) après laquelle l'action spécifiée sera annulée.";
@@ -546,6 +537,16 @@ help Ping {
" PING hAtbLaDe irc2.dynam.ac";
}
help Pong {
" Le message PONG est une réponse à la requête PING. Si un paramètre <serveur2>";
" est précisé, ce message sera transféré à la cible donnée. Le paramètre <serveur>";
" est le nom de l'entité qui a répondu à la requête PING et généré ce message.";
" -";
" Syntaxe : PONG <serveur> <serveur2>";
" Exemple : PONG irc.example.org irc2.dynam.ac";
" (PONG message de irc.example.org à irc2.dynam.ac)";
}
help Version {
" Fournit des informations sur la version de l'IRCd utilisé.";
" -";
@@ -629,6 +630,20 @@ help Away {
" Exemple : AWAY Lunch time!";
}
help Watch {
" Watch est un type de système de notification sur le serveur qui est";
" à la fois plus rapide et moins gourmand en ressources réseaux que n'importe quel";
" ancien système de notification. Le serveur vous envera un message lorsqu'un pseudo";
" présent dans votre se connectera ou se deconnectera.";
" La watch list N'EST PAS MAINTENUE ENTRE DEUX SESSIONS - Vous (ou votre";
" script ou client) doit ajouter les pseudos dans votre watch list à chaque fois que";
" vous vous connectez au serveur IRC.";
" -";
" Syntaxe : WATCH +nick1 +nick2 +nick3 (Ajoute des pseudos)";
" WATCH -nick (Enlève un pseudo)";
" WATCH (Voir quels utilisateurs sont en ligne)";
}
help List {
" Fournit une liste complète de tous les salons sur le réseau.";
" Si un critère de recherche est spécifié, il affichera uniquement ceux";
@@ -740,6 +755,13 @@ help Credits {
" CREDITS <serveur>";
}
help Dalinfo {
" Cette commande affichera les crédits historiques (d'ircu, etc..)";
" -";
" Syntaxe : DALINFO";
" DALINFO <serveur>";
}
help License {
" Cette commande affichera des informations sur la licence sous laquelle UnrealIRCd est publié.";
" Syntaxe : LICENSE";
@@ -900,53 +922,6 @@ help Gzline {
" NOTE: requiert le flag oper can_gzline";
}
help Eline {
" Ajoute une exception à un ban, pour que certains utilisateurs ne soient";
" pas affectés par des K-Lines, G-Lines et autres types de bans.";
" Syntaxe: ELINE <user@host> <bantypes> <expiration> <raison> (Ajoute une E-Line)";
" ELINE -<user@host> (Enlève une E-Line)";
" Exemple: ELINE *@unrealircd.org kGF 0 Cet utilisateur est exempté";
" Les <bantypes> valides sont :";
" ==-Type--------Nom----------------------------Explication-----------------------==";
" k | K-Line | Exception de K-Lines ";
" G | G-Line | Exception de G-Lines ";
" z | Z-Line | Exception de Z-Lines ";
" Z | GZ-Line | Exception de Z-Lines globales ";
" Q | Q-Line | Exception de Q-Lines ";
" s | shun | Exception de Shuns ";
" F | spamfilter | Exception de spamfilter ";
" b | blacklist | Exception de blacklist ";
" c | connect flood | Exception sur set::anti-flood::connect-flood ";
" d | handshake flood | Exception de test de flood sur les données handhsake ";
" | | (pas de ZLINE si flood avant enregistrement) ";
" m | maxperip | Exeptmion de restricion allow::maxperip restriction ";
" r | antirandom | Exception sur le module antirandom ";
" 8 | antimixedutf8 | Exception sur le module antimixedutf8 ";
" v | version | Exception des blocs ban version { } ";
" ==------------------------------------------------------------------------------==";
" -";
" Bans serveurs étendus :";
" Permet une correspondance sur des critères autres que user/host/ip.";
" Syntaxe: ELINE ~<nom>:<mask> <bantypes> <expiration> <raison>";
" Exemple: ELINE ~certfp:1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef kGF 0 Utilisateur de confiance avec cette empreinte";
" Voir /HELPOP EXTSERVERBANS pour les critères, ou la doc en ligne à";
" https://www.unrealircd.org/docs/Extended_server_bans";
}
help Tline {
" Indique le nombre de clients correspondant à un masque de ban serveur";
" Commande réservée aux IRC Opérateurs.";
" Syntaxe: TLINE <nick!user@host>";
" Exemple: TLINE *!*@127.0.0.0/8";
" -";
" Bans serveurs étendus :";
" Permet une correspondance sur des critères autres que user/host/ip.";
" Syntaxe: TLINE ~<nom>:<mask>";
" Exemple: TLINE ~realname:*Stupid_bot_script*";
" Voir /HELPOP EXTSERVERBANS pour les critères, ou la doc en ligne à";
" https://www.unrealircd.org/docs/Extended_server_bans";
}
help Rehash {
" Fait relire les fichiers de configuration au serveur.";
" Commande réservée aux IRC Operateurs.";
@@ -965,6 +940,8 @@ help Rehash {
" Les flags valides sont :";
" -dns - Réinitialise et recharge le résolveur";
" -garbage - Force le nettoyage de la mémoire";
" -motd - Ne recharge que les fichiers MOTD, BOTMOTD, OPERMOTD et RULES";
" (dont ceux définis dans les tld{} blocks)";
" -tls - Recharge les certificats SSL/TLS";
}
@@ -1292,8 +1269,8 @@ help Svsmotd {
help Svsnline {
" Ajoute un ban global sur un realname.";
" Doit être envoyé à travers un serveur avec U:Line.";
" La raison doit être un seul paramètre, c'est pourquoi";
" les espaces sont indiqués par des _, UnrealIRCd les traduira";
" La raison doit être un seul paramètre c'est pour quoi";
" les espaces sont indiqués par des _, Unreal les traduira";
" en interne par des espaces";
" -";
" Syntaxe : SVSNLINE + <raison_du_ban> :<realname> (pour ajouter un ban)";
doc/conf/help/help.it.conf
+57 -27
View File
@@ -1,4 +1,4 @@
/* UnrealIRCd 6 Help Configuration
/* UnrealIRCd 5 Help Configuration
* Based on the original help text written by hAtbLaDe
* Revised by CC (07/2002) and many others
*
@@ -36,16 +36,17 @@ help Usercmds {
" su un comando specifico.";
" -";
" ==-------------------------oOo-------------------------==";
" ADMIN LINKS PART USERHOST";
" AWAY LIST PING USERIP";
" CREDITS LUSERS PRIVMSG VERSION";
" CYCLE MAP QUIT VHOST";
" ADMIN LICENSE PART USERHOST";
" AWAY LINKS PING USERIP";
" CREDITS LIST PONG VERSION";
" CYCLE LUSERS PRIVMSG VHOST";
" DALINFO MAP QUIT WATCH";
" DCCALLOW MODE RULES WHO";
" INVITE MODULE SETIDENT WHOIS";
" JOIN MOTD SETNAME WHOWAS";
" KICK NAMES SILENCE";
" KNOCK NICK TIME";
" LICENSE NOTICE TOPIC";
" INVITE MODULE SETNAME WHOIS";
" ISON MOTD SILENCE WHOWAS";
" JOIN NAMES STATS";
" KICK NICK TIME";
" KNOCK NOTICE TOPIC";
" ==-------------------------oOo-------------------------==";
}
@@ -55,19 +56,17 @@ help Opercmds {
" su un comando specifico.";
" -";
" ==-------------------------oOo-------------------------==";
" ADDMOTD GZLINE SAPART";
" ADDOMOTD INVITE SDESC";
" CHGHOST KILL SETHOST";
" CHGIDENT KLINE SHUN";
" CHGNAME LAG SPAMFILTER";
" CLOSE LOCOPS STATS";
" CONNECT MKPASSWD TEMPSHUN";
" DCCDENY OPER TLINE";
" DIE OPERMOTD TRACE";
" DNS REHASH TSCTL";
" ELINE RESTART UNDCCDENY";
" GLINE SAJOIN WALLOPS";
" GLOBOPS SAMODE ZLINE";
" DNS SETIDENT";
" ADDMOTD GLINE OPER SHUN";
" ADDOMOTD GLOBOPS OPERMOTD SPAMFILTER";
" GZLINE REHASH SQUIT";
" CHGHOST HTM RESTART TEMPSHUN";
" CHGIDENT KILL TRACE";
" CHGNAME KLINE SAJOIN TSCTL";
" CLOSE LAG SAMODE UNDCCDENY";
" CONNECT LOCOPS SAPART WALLOPS";
" DCCDENY MKPASSWD SDESC ZLINE";
" DIE MODULE SETHOST";
" ==-------------------------oOo-------------------------==";
}
@@ -103,7 +102,7 @@ help Umodes {
" t = Indica che stai utilizzando un /VHOST.";
" w = Ricevi i messaggi globali inviati con /WALLOP.";
" x = Cripta il tuo hostname per maggiore sicurezza.";
" z = Indica che il client sta utilizzando SSL/TLS.";
" z = Indica che il client sta utilizzando SSL.";
" B = Rappresenta i bot.";
" G = Sostituisce tutti i termini non appropriati con <censored>.";
" H = Nasconde lo stato di Oper nei /WHOIS e /WHO (disponibile solo allo Staff).";
@@ -183,7 +182,7 @@ help Chmodes {
" t = Permette il cambio di topic solo a chi ha un grado superiore a voice [h].";
" u = Mostra solo gli op come risultato dei comandi /NAMES e /WHO [q].";
" V = Impedisce l'uso del comando /INVITE [o].";
" z = Permette l'accesso solamente ai client in connessione sicura (SSL/TLS) [o].";
" z = Permette l'accesso solamente ai client in connessione sicura (SSL) [o].";
" Z = Indica che tutti gli utenti in canale stanno utilizzando una connessione sicura";
" (Questa mode è modificabile solo dal server e solo se il canale è già +z).";
" ==------------------------------oOo----------------------------==";
@@ -265,12 +264,10 @@ help Chmodef {
" k Knock +K";
" m Messaggio +m M";
" n Cambio nick +N";
" p Paste drop m, M";
" t Testo kick b";
" -";
" La differenza tra il tipo m e il tipo t è che il tipo m è considerato globalmente";
" sul canale, mentre il tipo t è considerato per utente.";
" Il tipo p conta gli eventi di incolla multiline (3+ righe) per l'intero canale.";
" -";
" Se scegli di specificare un'azione per una mode, puoi anche specificare";
" un tempo (in minuti) dopo il quale quell'azione sarà annullata.";
@@ -465,6 +462,17 @@ help Ping {
" PING Ugo irc.example.org";
}
help Pong {
" Il PONG è una risposta ad un messaggio PING. Se il parametro <server2> è definito,";
" questo messaggio sarà inoltrato a quel dato server. Il parametro <server>";
" è il nome di colui che ha risposto al messaggio PING generando";
" questo messaggio.";
" -";
" Sintassi: PONG <server> <server2>";
" Esempio: PONG irc.example.org irc.othernet.it";
" (corrisponde a un messaggio PONG da irc.example.org a irc.othernet.it)";
}
help Version {
" Fornisce informazioni relative alla versione del software IRCd in uso.";
" -";
@@ -551,6 +559,20 @@ help Away {
" Esempio: AWAY Ora di pranzo!";
}
help Watch {
" 'Watch' è un sistema di notifica sul server più veloce e che utilizza";
" meno risorse rispetto al vecchio sistema di notifica.";
" Il server ti invierà un messaggio di avviso quando qualcuno nella tua";
" lista watch si connette o si disconnette.";
" Nota: la lista watch non viene memorizzata fra le sessioni. Tu (o il tuo";
" client) dovrai aggiungere i nick che desideri alla lista ogni volta che";
" ti connetti al server IRC.";
" -";
" Sintassi: WATCH +nick1 +nick2 +nick3 (Aggiunge i nick indicati alla lista)";
" WATCH -nick (Rimuove i nick indicati dalla lista)";
" WATCH (Controlla quali utenti sono online)";
}
help List {
" Fornisce un elenco completo di tutti i canali presenti sulla net IRC.";
" Se è specificato un parametro di ricerca, verranno mostrati solo i canali";
@@ -662,6 +684,13 @@ help Credits {
" CREDITS <server>";
}
help Dalinfo {
" Questo comando mostrerà i crediti storici (da ircu, ecc.).";
" -";
" Sintassi: DALINFO";
" Sintassi: DALINFO <server>";
}
help License {
" Questo comando mostra i dettagli relativi alla licenza con cui è rilasciato UnrealIRCd.";
" Sintassi: LICENSE";
@@ -816,6 +845,7 @@ help Rehash {
" Le flag disponibili sono:";
" -dns - Inizializza e ricarica il risolutore DNS";
" -garbage - Forza la pulizia dei file inutili";
" -motd - Ricarica i file MOTD, BOTMOTD, OPERMOTD e RULES, inclusi quelli nei blocchi tld";
" -tls - Ricarica i certificati SSL/TLS";
}
doc/conf/help/help.nl.conf
+63 -32
View File
@@ -1,4 +1,4 @@
/* UnrealIRCd 6 helpconfiguratie
/* UnrealIRCd 5 helpconfiguratie
* Gebaseerd op de originele helptekst geschreven door hAtbLaDe
* Vertaald door Stanley (irc.chattersworld.nl
* Herzien door CC (07/2002) en vele andere.
@@ -33,16 +33,17 @@ help Usercmds {
"een specifiek commando.";
" -";
" ==-------------------------oOo-------------------------==";
" ADMIN LINKS PART USERHOST";
" AWAY LIST PING USERIP";
" CREDITS LUSERS PRIVMSG VERSION";
" CYCLE MAP QUIT VHOST";
" ADMIN LICENSE PART USERHOST";
" AWAY LINKS PING USERIP";
" CREDITS LIST PONG VERSION";
" CYCLE LUSERS PRIVMSG VHOST";
" DALINFO MAP QUIT WATCH";
" DCCALLOW MODE RULES WHO";
" INVITE MODULE SETIDENT WHOIS";
" JOIN MOTD SETNAME WHOWAS";
" KICK NAMES SILENCE";
" KNOCK NICK TIME";
" LICENSE NOTICE TOPIC";
" INVITE MODULE SETNAME WHOIS";
" ISON MOTD SILENCE WHOWAS";
" JOIN NAMES STATS";
" KICK NICK TIME";
" KNOCK NOTICE TOPIC";
" ==-------------------------oOo-------------------------==";
}
@@ -54,19 +55,17 @@ help Opercmds {
" Zie ook https://www.unrealircd.org/docs/IRCOp_guide";
" -";
" ==-------------------------oOo-------------------------==";
" ADDMOTD GZLINE SAPART";
" ADDOMOTD INVITE SDESC";
" CHGHOST KILL SETHOST";
" CHGIDENT KLINE SHUN";
" CHGNAME LAG SPAMFILTER";
" CLOSE LOCOPS STATS";
" CONNECT MKPASSWD TEMPSHUN";
" DCCDENY OPER TLINE";
" DIE OPERMOTD TRACE";
" DNS REHASH TSCTL";
" ELINE RESTART UNDCCDENY";
" GLINE SAJOIN WALLOPS";
" GLOBOPS SAMODE ZLINE";
" DNS SETIDENT";
" ADDMOTD ELINE OPER SHUN";
" ADDOMOTD GLINE OPERMOTD SPAMFILTER";
" GLOBOPS REHASH SQUIT";
" CHGHOST GZLINE RESTART TEMPSHUN";
" CHGIDENT KILL TRACE";
" CHGNAME KLINE SAJOIN TSCTL";
" CLOSE LAG SAMODE UNDCCDENY";
" CONNECT LOCOPS SAPART WALLOPS";
" DCCDENY MKPASSWD SDESC ZLINE";
" DIE MODULE SETHOST";
" ==-------------------------oOo-------------------------==";
}
@@ -102,7 +101,7 @@ help Umodes {
"t = Zegt dat je een /VHOST gebruikt";
"w = Kan naar Wallop-berichten luisteren";
"x = Geeft de gebruiker een verborgen hostnaam (beveiliging)";
"z = Markeert de client als zijnde op een beveiligde verbinding (SSL/TLS)";
"z = Markeert de client als zijnde op een beveiligde verbinding (SSL)";
" B = Markeert u als een Bot";
" D = Alleen PRIVMSG's ontvangen van IRCOps, servers en diensten (privdeaf)";
" G = Filtert alle slechte woorden in uw berichten uit met <gecensureerde>";
@@ -112,7 +111,7 @@ help Umodes {
" S = Alleen voor diensten. (Beschermt ze)";
" T = Voorkomt dat u CTCP's ontvangt";
" W = Laat je zien wanneer mensen een /WHOIS op je doen (alleen IRC Operators)";
" Z = Alleen PRIVMSG's ontvangen/verzenden van/naar gebruikers met behulp van een Secure Connection (SSL/TLS)";
" Z = Alleen PRIVMSG's ontvangen/verzenden van/naar gebruikers met behulp van een Secure Connection (SSL)";
" ==---------------------------oOo---------------------------==";
}
@@ -184,8 +183,8 @@ help Chmodes {
" T = Geen meldingen toegestaan in het kanaal [o]";
"t = Alleen +hoaq mag het onderwerp wijzigen [h]";
" V = /INVITE is niet toegestaan [o]";
"z = Alleen klanten op een beveiligde verbinding (SSL/TLS) kunnen zich aansluiten [o]";
" Z = Alle gebruikers op het kanaal bevinden zich op een beveiligde verbinding (SSL/TLS) [server]";
"z = Alleen klanten op een beveiligde verbinding (SSL) kunnen zich aansluiten [o]";
" Z = Alle gebruikers op het kanaal bevinden zich op een beveiligde verbinding (SSL) [server]";
" (Deze modus wordt door de server in-/uitgeschakeld. Alleen als het kanaal ook +z is)";
" -";
" [h] vereist minstens halfop, [o] vereist minstens chanop";
@@ -261,7 +260,7 @@ help ExtBans {
" | overeenkomen met 'Stupid bot script v1.4'. ";
"-----------------------------------------------------------------------------------";
" | | Wanneer een gebruiker SSL/TLS gebruikt met een clientcertificaat ";
" | | dan kunt u de gebruiker met zijn/haar cert-vingerafdruk matchen ";
" | | dan kunt u de gebruiker met zijn/haar SSL-vingerafdruk matchen ";
"~S | certfp | (degene die u ziet in /WHOIS). Meestal nuttig voor veilig ";
" | Verbied uitzonderingen en nodig uitzonderingen uit. ";
" | Voorbeeld: +iI ~S:00112233445566778899aabbccddeeff..etc.. ";
@@ -291,15 +290,13 @@ help Chmodef {
" c CTCP +C m, M";
"Join +i R";
"k Klop + K";
" m Berichten +m M";
" m Berichten +m M, d";
" n Nickchange +N";
" p Paste drop m, M";
" t Tekstschop b, d";
" r Herhaal kick d, b";
" -";
" Het verschil tussen type m en t is dat m voor het geheel wordt geteld";
"...kanaal, terwijl t per gebruiker wordt getallied.";
" Type p telt multiline plak-gebeurtenissen (3+ regels) voor het gehele kanaal.";
" -";
" Als u ervoor kiest om een actie voor een modus te specificeren, kunt u ook een specificeren ";
" tijd (in minuten) waarna de specifieke actie wordt teruggedraaid.";
@@ -536,6 +533,17 @@ help Ping {
" PING hAtbLaDe irc2.dynam.ac";
}
help Pong {
" PONG-bericht is een antwoord op PING-bericht. Indien parameter <server2> is";
"gegeven, zal dit bericht worden doorgestuurd naar het gegeven doel. De <server>";
"parameter is de naam van de entiteit die op het PING-bericht heeft gereageerd";
"en dit bericht heeft gegenereerd.";
" -";
" Syntaxis: PONG <server> <server2>";
" Voorbeeld: PONG irc.example.org irc2.dynam.ac";
" (PONG-bericht van irc.example.org naar irc2.dynam.ac)";
}
help Version {
" Geeft versie-informatie van de IRCd software in gebruik.";
" -";
@@ -620,6 +628,20 @@ help Away {
" Voorbeeld: AWAY Lunch time!";
}
help Watch {
" Watch is een notief-type systeem op de server die zowel sneller is";
"en minder netwerkbronnen gebruikt dan eender welke oude stijl van melden";
" systeem. De server zal u een bericht sturen wanneer een nickname";
" in je wachtlijst aan of uitlogt.";
" De watchlist HERINNERT NIET TWEEDE SESSIES - U (of uw";
" script of klant) moet elke keer de bijnamen aan uw volglijst toevoegen";
"tijd dat je verbinding maakt met een IRC-server.";
" -";
" Syntaxis: WATCH +nick1 +nick2 +nick3 (Bijnamen toevoegen)";
" WATCH -nick (Bijnamen verwijderen)";
" WATCH (Bekijk welke gebruikers online zijn)";
}
help List {
" Biedt een volledige lijst van alle kanalen op het netwerk.";
" Als er een zoekreeks wordt opgegeven, zal deze alleen deze tonen";
@@ -731,6 +753,13 @@ help Credits {
" CREDITS <server>";
}
help Dalinfo {
" Dit commando zal historische credits tonen (van ircu, etc...)";
" -";
" Syntaxis: DALINFO";
" Syntaxis: DALINFO <server>";
}
help License {
" Dit commando geeft informatie weer over de licentie waaronder UnrealIRCd is vrijgegeven.";
" Syntaxis: LICENSE";
@@ -969,6 +998,8 @@ help Rehash {
" De vlaggen worden gebruikt om andere configuratiebestanden te herhashen, geldige vlaggen zijn:";
" -dns - Reinitialiseert en herlaadt de resolver";
" -garbage - Forceer afvalverzameling";
" -motd - Alleen alle MOTD-, BOTMOTD, OPERMOTD en RULES-bestanden opnieuw lezen";
" (inclusief die in tld-blokken)";
" -tls - Reloads SSL/TLS-certificaten";
}
@@ -1286,7 +1317,7 @@ help Svsnline {
" Voegt een wereldwijd verbod op echte namen toe.";
" Moet via een U-Lined server worden verstuurd.";
" De reden moet dus één enkele parameter zijn";
" spaties worden aangegeven met _, UnrealIRCd will intern";
" spaties worden aangegeven met _, Unreal will intern";
"vertaal deze naar spaties.";
" -";
" Syntaxis: SVSNLINE + <reason_for_ban> :<realname> (Om een ban toe te voegen)";
doc/conf/help/help.pl.conf
+150 -155
View File
@@ -1,4 +1,4 @@
/* UnrealIRCd 6 Help Configuration
/* UnrealIRCd 5 Help Configuration
* Based on the original help text written by hAtbLaDe
* Revised by CC (07/2002) and many others
*/
@@ -35,16 +35,17 @@ help Usercmds {
" na temat konkretnego polecenia.";
" -";
" ==-------------------------oOo-------------------------==";
" ADMIN LINKS PART USERHOST";
" AWAY LIST PING USERIP";
" CREDITS LUSERS PRIVMSG VERSION";
" CYCLE MAP QUIT VHOST";
" ADMIN LICENSE PART USERHOST";
" AWAY LINKS PING USERIP";
" CREDITS LIST PONG VERSION";
" CYCLE LUSERS PRIVMSG VHOST";
" DALINFO MAP QUIT WATCH";
" DCCALLOW MODE RULES WHO";
" INVITE MODULE SETIDENT WHOIS";
" JOIN MOTD SETNAME WHOWAS";
" KICK NAMES SILENCE";
" KNOCK NICK TIME";
" LICENSE NOTICE TOPIC";
" INVITE MODULE SETNAME WHOIS";
" ISON MOTD SILENCE WHOWAS";
" JOIN NAMES STATS";
" KICK NICK TIME";
" KNOCK NOTICE TOPIC";
" ==-------------------------oOo-------------------------==";
}
@@ -56,19 +57,17 @@ help Opercmds {
" Dodatkowa pomoc (język ang.): https://www.unrealircd.org/docs/IRCOp_guide";
" -";
" ==-------------------------oOo-------------------------==";
" ADDMOTD GZLINE SAPART";
" ADDOMOTD INVITE SDESC";
" CHGHOST KILL SETHOST";
" CHGIDENT KLINE SHUN";
" CHGNAME LAG SPAMFILTER";
" CLOSE LOCOPS STATS";
" CONNECT MKPASSWD TEMPSHUN";
" DCCDENY OPER TLINE";
" DIE OPERMOTD TRACE";
" DNS REHASH TSCTL";
" ELINE RESTART UNDCCDENY";
" GLINE SAJOIN WALLOPS";
" GLOBOPS SAMODE ZLINE";
" DNS SETIDENT";
" ADDMOTD ELINE OPER SHUN";
" ADDOMOTD GLINE OPERMOTD SPAMFILTER";
" GLOBOPS REHASH SQUIT";
" CHGHOST GZLINE RESTART TEMPSHUN";
" CHGIDENT KILL TRACE";
" CHGNAME KLINE SAJOIN TSCTL";
" CLOSE LAG SAMODE UNDCCDENY";
" CONNECT LOCOPS SAPART WALLOPS";
" DCCDENY MKPASSWD SDESC ZLINE";
" DIE MODULE SETHOST";
" ==-------------------------oOo-------------------------==";
}
@@ -103,7 +102,7 @@ help Umodes {
" p = Ukrywa wszystkie kanały w wynikach /WHOIS i /WHO";
" q = Tylko U-line mogą wyrzucić z kanału (tylko dla operatorów)";
" r = Informacja, że nick jest zarejestrowany (tylko serwisy mogą to ustawić)";
" s = Pozwala na otrzymywanie komunikatów od serwera (sprawdź /HELPOP SNOMASKS)";
" s = Pozwala na otrzymywanie komunikatów od serwera";
" t = Informacja, że jest używany /VHOST";
" w = Pozwala na otrzymywanie wiadomości /WALLOP";
" x = Ukrywa nazwę hosta/IP użytkownika (dla bezpieczeństwa)";
@@ -129,32 +128,26 @@ help Snomasks {
" Snomask oznacza 'Service NOtice MASK', i służy do wyboru, które";
" z komunikatów serwera będą trafiały do operatora.";
" Sposób użycia: /MODE nick +s <snomask>";
" Przykład: /MODE blah +s +cC-j";
" Przykład: /MODE blah +s +cF-j";
" Parametr wskazuje, które maski mają być włączone (lub wyłączone).";
" Można też wyłączyć wszystkie, używając /MODE nick -s.";
"-";
" Lista wszystkich dostępnych typów 'snomask':";
" ==-------------------------oOo-----------------------==";
" b = Bany serwera (KLINE, GLINE, SHUN i podobne)";
" B = Komunikaty od modułu DNSBL (DNS Blacklist)";
" b = Informacje o trafieniach w czarne listy (blacklist)";
" c = Informacje o połączeniach i rozłączeniach na lokalnym serwerze";
" C = Informacje o połączeniach i rozłączeniach na zdalnych serwerach, z wyłączeniem";
" serwisów/U-line";
" d = Odrzucone komendy DCC (z powodu ustawień 'deny dcc')";
" D = Informacje dodatkowe i debugowe (niezalecane do normalnego użycia)";
" f = Ostrzeżenia o floodzie (zalecane)";
" j = Wejścia, wyjścia i wyrzucenia (KICK) z kanałów";
" e = Informacje 'Eyes' (OperOverride, użycie /CHG* i /SET*, ..)";
" f = Ostrzeżenia o floodzie";
" F = Informacje o połączeniach i rozłączeniach na zdalnych serwerach";
" G = Informacje TKL (Gline, GZline, Shun itp)";
" j = Informacje dodatkowe \"Junk\" notices (niezalecane do normalnego użycia)";
" k = Informacje o KILL";
" n = Informacje o zmianach nicków na lokalnym serwerze";
" N = Informacje o zmianach nicków na zdalnych serwerach";
" o = Informacje o uzyskaniu statusu operatora";
" q = Nicki odrzucone z powodu Q-Line";
" o = Ominięcia ograniczeń przez IRCopów (Oper Override)";
" O = IRCopi zmieniający dane użytkowników (/CHGNAME, /CHGIDENT, /CHGHOST, ..)";
" lub zmuszający ich do akcji (/SAJOIN, /SAPART)";
" s = Ogólne komunikaty (nie pasujące do innych kategorii); zalecane, ponieważ zawiera";
" wiadomości mogące być bardzo istotne";
" s = Ogólne komunikaty";
" S = Informacje o zadziałaniach filtrów spamowych (SPAMFILTER)";
" R = JSON-RPC";
" v = Informacje o użyciu komendy /VHOST";
" ==-------------------------oOo------------------------==";
}
@@ -210,121 +203,93 @@ help Chmodes {
help ExtBans {
" Te bany pozwalają na ustawienie warunku innego niż tradycyjna maska nick!user@host.";
" Na przykład 'MODE #chan +e ~account:JakasNazwaKonta' pozwala dodać wyjątek od bana";
" dla kogoś, kto zalogował się do serwisów pod nazwą konta JakasNazwaKonta.";
" Rozszerzone bany zaczynają się od nazwy lub litery oznaczającej typ bana, poprzedzonej";
" znakiem tyldy '~'.";
" UnrealIRCd 6 domyślnie używa banów rozszerzonych z nazwami: '+e ~account:JakasNazwaKonta',";
" podczas, gdy wersje wcześniejsze korzystają z pojedynczych liter w miejsce nazw:";
" +e ~a:SomeAccount";
" Dokumentacja: https://www.unrealircd.org/docs/Extended_Bans";
" -";
" ==[ Grupa 1: ograniczenie czasowe ]==";
" Ban zaczyna się od znaku ~ a następnie litery oznaczającej typ rozszerzonego bana.";
" Na przykład +b ~q:nick!user@host oznacza bana typu q (quiet).";
" -";
" Następujące typy mogą być użyte w kombinacji z dowolnym innym banem (rozszerzonym";
" lub standardowym):";
" ==-Litera--------Nazwa--------------------------Wyjaśnienie-----------------------==";
" | | Bany czasowe są samoczynnie zdejmowane przez serwer ";
" ~t | ~time | po upłynięciu ustawionej liczby minut. Na przykład: ";
" | | +b ~time:3:*!*@hostname ";
" ==--------------------------------------------------------------------------------==";
" ==-Typ---------Nazwa--------------------------Wyjaśnienie-----------------------==";
" | | Bany czasowe są samoczynnie zdejmowane przez serwer ";
" ~t | timedban | po upłynięciu ustawionej liczby minut. Na przykład: ";
" | | +b ~t:3:*!*@hostname ";
" ==------------------------------------------------------------------------------==";
" -";
" ==[ Grupa 2: działania ]==";
" Te typy banów definiują, na jakie działanie użytkownika wpłynie ban:";
" ==-Litera--------Nazwa--------------------------Wyjaśnienie-----------------------==";
" | | Wyciszenie. Użytkownicy pasujący do tych banów mogą ";
" | | wejść na kanał, ale nie mogą pisać, chyba, że otrzymają ";
" ~q | ~quiet | uprawnienie +v lub wyższe. ";
" | | Przykład: ";
" | | +bb ~quiet:*!*@blah.blah.com ~quiet:nick*!*@* ";
"-------------------------------------------------------------------------------------";
" | | Zakaz zmiany nicka. Użytkownicy pasujący do tych banów ";
" | | nie mogą zmienić nicka na inny, chyba, że otrzymają ";
" ~n | ~nickchange | uprawnienie +v lub wyższe. ";
" | | Example: ";
" | | +bb ~nickchange:*!*@*.aol.com ~nickchange:nick*!*@* ";
"-------------------------------------------------------------------------------------";
" | | Blokada wejścia. Użytkownik pasujący do takiego bana ";
" ~j | ~join | nie wejdzie na kanał, ale gdy już na nim będzie, wówczas";
" | | może wykonywać wszystkie czynności, jak pisanie czy ";
" | | zmiany nicka. ";
"-------------------------------------------------------------------------------------";
" | | Omijanie restrykcji wiadomości. Ustawienia ~m można użyć";
" | | tylko w połączeniu z wyjątkiem (+e) a nie banem (+b). ";
" | | Składnia: +e ~m:typ:maska. ";
" | | Obsługiwane typy: 'external' (omija +n), 'censor' ";
" | | (omija +G), 'moderated' (omija +mM), 'color (omija +Sc) ";
" ~m | ~msgbypass | i 'notice' (omija +T). Przykłady: ";
" | | Pozwala na omijanie +m lub +n z IP: ";
" | | +e ~msgbypass:moderated:*!*@192.168.* ";
" | | Pozwala zalogowanemu jako nazwa konta 'ColorBot' ";
" | | ominięcie +Sc: ";
" | | +e ~msgbypass:external:*!*@192.168.* ";
" | | +e ~msgbypass:color:~a:ColorBot ";
"-------------------------------------------------------------------------------------";
" | | Przekieorwanie na inny kanał. Użytkownik pasujący do bana";
" ~f | ~forward | będzie przekierowany na kanał o podanej nazwie. Przykład:";
" | | +b ~forward:#badisp:*!*@*.isp.xx ";
" ==--------------------------------------------------------------------------------==";
" ==-Typ---------Nazwa--------------------------Wyjaśnienie-----------------------==";
" | | Wyciszenie. Użytkownicy pasujący do tych banów mogą ";
" | | wejść na kanał, ale nie mogą pisać, chyba, że otrzymają ";
" ~q | quiet | uprawnienie +v lub wyższe. ";
" | | Przykład: ";
" | | +bb ~q:*!*@blah.blah.com ~q:nick*!*@* ";
"-----------------------------------------------------------------------------------";
" | | Zakaz zmiany nicka. Użytkownicy pasujący do tych banów ";
" | | nie mogą zmienić nicka na inny, chyba, że otrzymają ";
" ~n | nickchange | uprawnienie +v lub wyższe. ";
" | | Example: ";
" | | +bb ~n:*!*@*.aol.com ~n:nick*!*@* ";
"-----------------------------------------------------------------------------------";
" | | Blokada wejścia. Użytkownik pasujący do takiego bana ";
" ~j | join | nie wejdzie na kanał, ale gdy już na nim będzie, wówczas";
" | | może wykonywać wszystkie czynności, jak pisanie czy ";
" | | zmiany nicka. ";
"-----------------------------------------------------------------------------------";
" | | Omijanie restrykcji wiadomości. Ustawienia ~m można użyć";
" | | tylko w połączeniu z wyjątkiem (+e) a nie banem (+b). ";
" | | Składnia: +e ~m:typ:maska. ";
" | | Obsługiwane typy: 'external' (omija +n), 'censor' ";
" | | (omija +G), 'moderated' (omija +mM), 'color (omija +Sc) ";
" ~m | msgbypass | i 'notice' (omija +T). Przykłady: ";
" | | +e ~m:moderated:*!*@192.168.* Pozwala na omijanie +m z IP";
" | | +e ~m:external:*!*@192.168.* Pozwala na omijanie +n z IP";
" | | +e ~m:color:~a:ColorBot Pozwala zalogowanemu jako ";
" | | nazwa konta 'ColorBot' ominięcie +Sc";
"-----------------------------------------------------------------------------------";
" | | Przekieorwanie na inny kanał. Użytkownik pasujący do bana";
" ~f | forward | będzie przekierowany na kanał o podanej nazwie. Przykład:";
" | | +b ~f:#badisp:*!*@*.isp.xx ";
" ==------------------------------------------------------------------------------==";
" -";
" ==[ Grupa 3: selektory ]==";
" Te typy banów definiują nowe kryteria decyzji:";
" ==-Litera-------Nazwa--------------------------Wyjaśnienie------------------------==";
" | | Ban zadziała na użytkowników zalogowanych do konta ";
" ~a | ~account | o podanej nazwie. ";
" | | Przykład: +e ~account:Name ";
"-------------------------------------------------------------------------------------";
" | | Użytkownik obecny na podanym kanale nie będzie mógł ";
" | | wejść. Można także podać prefiks (+/%/@/&/~) oznaczający,";
" ~c | ~channel | że ban zadziała tylko wtedy, gdy użytkownik ma na kanale";
" | | uprawnienia równe lub wyższe podanemu.nel. ";
" | | Przykład: +b ~channel:#głupcy, +e ~channel:@#zaufani ";
"-------------------------------------------------------------------------------------";
" | | Moduł GEOIP próbuje przypisać do każdego z użytkowników ";
" | | odpowiadający mu kod kraju, jak NL czy US. Możesz ustawić";
" ~C | ~country | bana lub wyjątek bazujący na owym dwuliterowym kodzie. ";
" | | Przykład: +b ~country:NL +e ~country:NL ";
"-------------------------------------------------------------------------------------";
" | | Zadziała na IRCopów, którzy są zalogowani z użyciem ";
" | | klasy oper::operclass o podanej nazwie. Dzięki temu ";
" ~O | ~operclass | można stworzyć kanały tylko dla wybranych grup ";
" | | operatorów. Ustaw +i i używaj +I. ";
" | | Przykład: +iI ~operclass:*admin* ";
"-------------------------------------------------------------------------------------";
" | | Jeśli wpisana nazwa \"realname\"/\"GECOS\" użytkownika ";
" | | będzie pasowała, użytkownik ten nie będzie mógł wejść. ";
" ~r | ~realname | Przykład: +b ~realname:*Głupi_skrypt_2000* ";
" | | Uwaga: symbol podkreślenia ('_') pasuje zarówno ";
" | | do spacji (' ') jak i podkreślenia ('_'), więc ten ban ";
" | | zadziała na 'Głupi skrypt 2000 v5.2'. ";
"-------------------------------------------------------------------------------------";
" | | Użyteczny dla bezpiecznych wyjątków +e lub zaproszeń +I.";
" | | Można podać tutaj 'odcisk palca' certyfikatu klienta, ";
" ~S | ~certfp | jeśli użytkownik takiego używa dla połączenia SSL/TLS ";
" | | (można to zobaczyć we /WHOIS). ";
" | | Przykład: +iI ~certfp:00112233445566778899aabbccddeeff..";
"-------------------------------------------------------------------------------------";
" ==-Type--------Name---------------------------Explanation-----------------------==";
" | | Ban zadziała na użytkowników zalogowanych do konta ";
" ~a | account | o podanej nazwie. ";
" | | Przykład: +e ~a:Name ";
"-----------------------------------------------------------------------------------";
" | | Użytkownik obecny na podanym kanale nie będzie mógł ";
" | | wejść. Można także podać prefiks (+/%/@/&/~) oznaczający,";
" ~c | channel | że ban zadziała tylko wtedy, gdy użytkownik ma na kanale";
" | | uprawnienia równe lub wyższe podanemu.nel. ";
" | | Przykład: +b ~c:#głupcy, +e ~c:@#zaufani ";
"-----------------------------------------------------------------------------------";
" | | Zadziała na IRCopów, którzy są zalogowani z użyciem ";
" | | klasy oper::operclass o podanej nazwie. Dzięki temu ";
" ~O | operclass | można stworzyć kanały tylko dla wybranych grup ";
" | | operatorów. Ustaw +i i używaj +I. ";
" | | Przykład: +iI ~O:*admin* ";
"-----------------------------------------------------------------------------------";
" | | Jeśli wpisana nazwa \"realname\"/\"GECOS\" użytkownika ";
" | | będzie pasowała, użytkownik ten nie będzie mógł wejść. ";
" ~r | realname | Przykład: +b ~r:*Głupi_skrypt_2000* ";
" | | Uwaga: symbol podkreślenia ('_') pasuje zarówno ";
" | | do spacji (' ') jak i podkreślenia ('_'), więc ten ban ";
" | | zadziała na 'Głupi skrypt 2000 v5.2'. ";
"-----------------------------------------------------------------------------------";
" | | Użyteczny dla bezpiecznych wyjątków +e lub zaproszeń +I.";
" | | Można podać tutaj 'odcisk palca' certyfikatu klienta, ";
" ~S | certfp | jeśli użytkownik takiego używa dla połączenia SSL/TLS ";
" | | (można to zobaczyć we /WHOIS). ";
" | | Przykład: +iI ~S:00112233445566778899aabbccddeeff..itd..";
"-----------------------------------------------------------------------------------";
" | | Filtrowanie tekstu ustawiane indywidualnie dla kanału. ";
" ~T | textban | Obsługuje dwa działania, 'censor' i 'block'. Przykłady: ";
" | | +b ~T:censor:*brzydkiesłowo* i +b ~T:block:*cos* ";
" ==------------------------------------------------------------------------------==";
" -";
" ==[ Grupa 4: specjalne ]==";
" Te typy banów są nietypowe i nie pasują do żadnej z powyższych grup:";
" ==-Litera-------Nazwa--------------------------Wyjaśnienie------------------------==";
" | | Filtrowanie tekstu ustawiane indywidualnie dla kanału. ";
" ~T | ~text | Obsługuje dwa działania, 'censor' i 'block'. Przykłady: ";
" | | +b ~text:censor:*brzydkiesłowo* i +b ~text:block:*cos* ";
"-------------------------------------------------------------------------------------";
" | | Ukrywa wiadomości wyjścia z kanałów lub sieci (part/quit)";
" ~p | ~partmsg | dla pasujących użytkowników. ";
" | | Przykład: +b ~partmsg:*!*@*.isp.com ";
" ==--------------------------------------------------------------------------------==";
" -";
"* Bany z grupy drugiej mogą być łączone z tymi z grupy trzeciej.";
" Na przykład +b ~quiet:~channel:#głupcy wyciszy wszystkich użytkowników,";
" którzy są też na #głupcy.";
"* Bany z grupy trzeciej mogą być też używane dla zaproszeń (+I),";
" na przykład +I ~channel:@#zaufani czy +I ~account:nazwakonta.";
"* Ban ograniczonoy czasowo (grupa pierwsza) może być dodany przed dowolnym innym banem.";
" Nic nie stoi na przeszkodzie połączeniu wszystkich trzech grup 1 + 2 + 3:";
" +b ~time:60:~join:~country:BD";
"Bany z grupy drugiej mogą być łączone z tymi z grupy trzeciej.";
"Na przykład +b ~q:~c:#głupcy wyciszy wszystkich użytkowników,";
"którzy są też na #głupcy.";
"Bany z grupy trzeciej mogą być też używane dla zaproszeń (+I),";
"na przykład +I ~c:@#zaufani and +I ~a:nazwakonta.";
}
help Chmodef {
@@ -342,9 +307,8 @@ help Chmodef {
" c CTCP +C m, M";
" j Wejście na kanał (JOIN) +i R";
" k Pukanie (KNOCK) +K";
" m Wiadomości +m M";
" m Wiadomości +m M, d";
" n Zmiany nicków +N";
" p Paste drop m, M";
" t Tekst kick b, d";
" r Powtórzenia kick d, b";
" -";
@@ -352,7 +316,6 @@ help Chmodef {
" automatyczne ustawienie na kanale podanej flagi.";
" Różnica między typami 'm' i 't' polega na tym, że 'm' dotyczy";
" całego kanału, a 't' jest zliczane osobno dla każdego użytkownika.";
" Typ p zlicza zdarzenia wklejania multiline (3+ linii) dla całego kanału.";
" -";
" Jeśli wybierzesz jakąś akcję powodującą ustawienie trybu, możesz również podać";
" (po przecinku) czas w minutach, po którego upłynięciu tryb zostanie";
@@ -597,6 +560,16 @@ help Ping {
" PING hAtbLaDe irc2.dynam.ac";
}
help Pong {
" Komunikat PONG jest odpowiedzią na PING. Jeśli podano parametr <serwer2>,";
" wiadomość zostanie przekazana wskazanemu celowi. Parametr <tekst>";
" jest taki sam, jaki otrzymano wraz z komendą PING."; // this was unclear - changed but needs verification //k4be
" -";
" Składnia: PONG <tekst> <server2>";
" Przykład: PONG irc.example.org irc2.dynam.ac";
" (wiadomość PONG od irc.example.org do irc2.dynam.ac)";
}
help Version {
" Informuje o wersji używanego oprogramowania serwera IRC.";
" -";
@@ -679,6 +652,19 @@ help Away {
" Przykład: AWAY Pora na obiad!";
}
help Watch {
" WATCH jest systemem powiadomień, działającym szybciej i zużywającym";
" mniej zasobów od wszelkich starszych rozwiązań. Serwer wyśle wiadomość,";
" gdy dowolny nick z Twojej listy WATCH połączy lub rozłączy się z siecią.";
" Lista WATCH nie jest pamiętana po zakończeniu sesji - musisz";
" (najlepiej z pomocą swojego skryptu lub klienta) dodać nicki do listy";
" od nowa przy każdym połączeniem z serwerem IRC.";
" -";
" Składnia: WATCH +nick1 +nick2 +nick3 (dodawanie nicków)";
" WATCH -nick (kasowanie nicków)";
" WATCH (Sprawdzenie, kto jest teraz połączony)";
}
help List {
" Umożliwia uzyskanie kompletnej listy wszystkich kanałów w sieci.";
" Jeśli podano wzór wyszukiwania, wskazane zostaną tylko te, które doń pasują.";
@@ -797,6 +783,13 @@ help Credits {
" CREDITS <serwer>";
}
help Dalinfo {
" Ta komenda wyświetli historyczne informacje o zasługach (z ircu itp...)";
" -";
" Składnia: DALINFO";
" DALINFO <serwer>";
}
help License {
" Ta komenda wyświetli licencję, pod którą wydano UnrealIRCd.";
" Składnia: LICENSE";
@@ -880,8 +873,8 @@ help Kline {
" KLINE -%*@*.aol.com";
" -";
" Rozszerzone bany serwerowe (więcej informacji na https://www.unrealircd.org/docs/Extended_server_bans)";
" Składnia: KLINE ~<ban>:<maska> [czas] <powód>";
" Przykład: KLINE ~realname:*Stupid_bot_script*";
" Składnia: KLINE ~<flaga>:<maska> [czas] <powód>";
" Przykład: KLINE ~r:*Stupid_bot_script*";
}
help Zline {
@@ -898,8 +891,8 @@ help Zline {
" ZLINE -*@127.0.0.1";
" -";
" Rozszerzone bany serwerowe (więcej informacji na https://www.unrealircd.org/docs/Extended_server_bans)";
" Składnia: ZLINE ~<ban>:<maska> [czas] <powód>";
" Przykład: ZLINE ~realname:*Stupid_bot_script*";
" Składnia: ZLINE ~<flaga>:<maska> [czas] <powód>";
" Przykład: ZLINE ~r:*Stupid_bot_script*";
" -";
" Uwaga: użycie wymaga flagi operatora can_zline";
}
@@ -958,8 +951,8 @@ help Shun {
" SHUN +foobar@aol.com 1d6h :Spam (dodaje SHUNa na 30 godzin)";
" -";
" Rozszerzone bany serwerowe (więcej informacji na https://www.unrealircd.org/docs/Extended_server_bans)";
" Składnia: SHUN ~<ban>:<maska> [czas] :<powód>";
" Przykład: SHUN ~account:someaccount 10m :Nadużycia";
" Składnia: SHUN ~<flaga>:<maska> [czas] :<powód>";
" Przykład: SHUN ~a:someaccount 10m :Nadużycia";
" -";
" Uwaga: użycie wymaga flagi operatora can_gkline";
}
@@ -1035,6 +1028,8 @@ help Rehash {
" flagi to:";
" -dns - Ponownie inicjalizuje i przeładowuje narzędzie rozpoznawania nazw DNS?";
" -garbage - Wymusza zadziałanie mechanizmu oczyszczania (garbage collection)";
" -motd - Odświeża tylko wszystkie pliki MOTD, BOTMOTD, OPERMOTD i RULES";
" (włącznie z tymi podanymi w blokach tld {})";
" -tls - Ponownie ładuje certyfikaty SSL/TLS";
}
doc/conf/help/help.ru.conf
+379 -440
View File
File diff suppressed because it is too large Load Diff
doc/conf/help/help.tr.conf
+344 -566
View File
File diff suppressed because it is too large Load Diff
doc/conf/modules.default.conf
+33 -135
View File
@@ -1,5 +1,4 @@
/* [6.2.6-rc1]
* This file will load (nearly) all modules available on UnrealIRCd.
/* This file will load (nearly) all modules available on UnrealIRCd.
* So all commands, channel modes, user modes, etc..
*
* If you want to have all UnrealIRCd functionality, then include this
@@ -11,26 +10,20 @@
* 1) Keep the include for modules.default.conf as usual and make use
* of blacklist-module "xyz"; to selectively disable modules.
* See https://www.unrealircd.org/docs/Blacklist-module_directive
* This is the highly recommended approach of doing customizations!
* 2) OR, make a copy of this file (eg: name it modules.custom.conf)
* and edit it. Then include that file from your unrealircd.conf
* instead of this one.
* The problem with this option #2 is that you need to track ALL
* changes in UnrealIRCd, that means: every loadmodule line that
* we add or remove in each and every release. If you don't do this
* or forget one little loadmodule line then you will end up with:
* * Missing functionality (that could have been useful)
* * Breaking of existing functionality, like the (in)famous example
* of when the existing svslogin command got split off in a separate
* new svslogin module and people who didn't load that new module
* would have services who would not set users as 'logged in'.
* Or the existing anti connect-flood feature being split off into
* the 'connect-flood' module, so your server suddenly being
* vulnerable to connect flooding because you failed to load it.
* So please do know what you are doing if you choose option #2.
* Again, best is to go for option #1 and opt-out.
* The downside of option #2 is that you will need to track changes
* in the original modules.default.conf with each new UnrealIRCd
* release to make sure you don't miss any new functionality (as new
* important modules may be added you need to add them to your conf).
* You don't have this problem with option #1.
*/
/*** Cloaking (for user mode +x) ***/
loadmodule "cloak";
/*** Commands ***/
// User commands (MINIMAL)
@@ -100,7 +93,6 @@ loadmodule "kill"; /* also server-to-server */
loadmodule "locops";
loadmodule "mkpasswd";
loadmodule "oper";
loadmodule "operinfo"; /* not really a command but for whois */
loadmodule "opermotd";
loadmodule "sajoin";
loadmodule "samode";
@@ -110,10 +102,10 @@ loadmodule "sethost";
loadmodule "setident";
loadmodule "stats";
loadmodule "tkl"; /* also server-to-server */
loadmodule "tline";
loadmodule "trace";
loadmodule "tsctl";
loadmodule "unsqline";
loadmodule "wallops";
loadmodule "jumpserver";
// Server-to-server commands
@@ -128,10 +120,6 @@ loadmodule "swhois";
loadmodule "umode2";
loadmodule "sinfo";
loadmodule "require-module";
loadmodule "slog";
loadmodule "creationtime";
loadmodule "sreply";
loadmodule "unreal_server_compat";
// Services commands
// You could disable these if you don't use Services
@@ -151,29 +139,13 @@ loadmodule "svspart";
loadmodule "svssilence";
loadmodule "svssno";
loadmodule "svswatch";
loadmodule "svso";
loadmodule "svslogin";
/*** Channel modes ***/
loadmodule "chanmodes/chanowner"; /* +q */
loadmodule "chanmodes/chanadmin"; /* +a */
loadmodule "chanmodes/chanop"; /* +o */
loadmodule "chanmodes/halfop"; /* +h */
loadmodule "chanmodes/voice"; /* +v */
loadmodule "chanmodes/key"; /* +k */
loadmodule "chanmodes/limit"; /* +l */
loadmodule "chanmodes/inviteonly"; /* +i */
loadmodule "chanmodes/secret"; /* +s */
loadmodule "chanmodes/private"; /* +p */
loadmodule "chanmodes/moderated"; /* +m */
loadmodule "chanmodes/noexternalmsgs"; /* +n */
loadmodule "chanmodes/topiclimit"; /* +t */
loadmodule "chanmodes/floodprot"; /* +f */
loadmodule "chanmodes/nocolor"; /* +c */
loadmodule "chanmodes/noctcp"; /* +C */
loadmodule "chanmodes/stripcolor"; /* +S */
loadmodule "chanmodes/isregistered"; /* +r */
loadmodule "chanmodes/issecure"; /* +Z */
loadmodule "chanmodes/permanent"; /* +P */
loadmodule "chanmodes/link"; /* +L */
@@ -192,7 +164,6 @@ loadmodule "chanmodes/history"; /* +H */
/*** User modes ***/
loadmodule "usermodes/wallops"; /* +w (listen to /WALLOPS messages) */
loadmodule "usermodes/bot"; /* +B (mark yourself as a bot) */
loadmodule "usermodes/servicebot"; /* +S (service bot) */
loadmodule "usermodes/noctcp"; /* +T (block CTCP's) */
@@ -201,31 +172,31 @@ loadmodule "usermodes/showwhois"; /* +W (show if someone does /WHOIS) */
loadmodule "usermodes/privacy"; /* +p (privacy, hide channels in /WHOIS) */
loadmodule "usermodes/nokick"; /* +q (unkickable oper) */
loadmodule "usermodes/regonlymsg"; /* +R (only registered users may private message you) */
loadmodule "usermodes/secureonlymsg"; /* +Z (only TLS users may private message you) */
loadmodule "usermodes/secureonlymsg"; /* +Z (only SSL/TLS users may private message you) */
loadmodule "usermodes/privdeaf"; /* +D (don't let other user PM you) */
/*** Server notice masks */
loadmodule "snomasks/dccreject"; /* +D (rejected DCC's) */
/*** Extended Bans ***/
loadmodule "extbans/join"; /* +b ~join (old ~j mode, prevent only joins) */
loadmodule "extbans/quiet"; /* +b ~quiet (old ~q mode, prevent only messaging) */
loadmodule "extbans/nickchange"; /* +b ~nickchange (old ~n mode, prevent only nick changes) */
loadmodule "extbans/realname"; /* +b ~realname (old ~r mode, ban by real name) */
loadmodule "extbans/account"; /* +b ~account (old ~a mode, ban/exempt if logged in with services account) */
loadmodule "extbans/inchannel"; /* +b ~channel (old, ~c mode, ban/exempt if in channel) */
loadmodule "extbans/operclass"; /* +b ~operclass (old ~O mode, ban/exempt by operclass) */
loadmodule "extbans/certfp"; /* +b ~certfp (old ~S mode, ban/exempt by certfp) */
loadmodule "extbans/textban"; /* +b ~text (old ~T mode, censor or block text) */
loadmodule "extbans/timedban"; /* +b ~time (old ~t mode, timed bans / temporary bans) */
loadmodule "extbans/partmsg"; /* +b ~partmsg (old ~p mode, hide part/quit message) */
loadmodule "extbans/securitygroup"; /* +b ~security-group (old ~G mode, security group) */
loadmodule "extbans/country"; /* +b ~country (country via geoip) */
loadmodule "extbans/msgbypass"; /* +e ~msgbypass (old ~m mode, bypass message restrictions) */
loadmodule "extbans/flood"; /* +e ~flood (flood exemption for chanmode +f/+F) */
loadmodule "extbans/asn"; /* +b ~asn (ASN via geoip) */
loadmodule "extbans/inherit"; /* +b ~inherit (inherit bans from another channel) */
loadmodule "extbans/join"; /* +b ~j (prevent only joins) */
loadmodule "extbans/quiet"; /* +b ~q (prevent only messaging) */
loadmodule "extbans/nickchange"; /* +b ~n (prevent only nick changes) */
loadmodule "extbans/realname"; /* +b ~r (ban by real name) */
loadmodule "extbans/account"; /* +b ~a (ban/exempt if logged in with services account) */
loadmodule "extbans/inchannel"; /* +b ~c (ban/exempt if in channel) */
loadmodule "extbans/operclass"; /* +b ~O (ban/exempt by operclass) */
loadmodule "extbans/certfp"; /* +b ~S (ban/exempt by certfp) */
loadmodule "extbans/textban"; /* +b ~T (censor or block text) */
loadmodule "extbans/msgbypass"; /* +e ~m (bypass message restrictions) */
loadmodule "extbans/timedban"; /* +b ~t (timed bans / temporary bans) */
loadmodule "extbans/partmsg"; /* +b ~p (hide part/quit message) */
loadmodule "extbans/securitygroup"; /* +b ~G (security group) */
/*** IRCv3 extensions ***/
/** IRCv3 extensions */
loadmodule "account-notify"; /* send ACCOUNT message upon services account login */
loadmodule "message-tags"; /* add tags to messages, required for various IRCv3 features */
loadmodule "batch"; /* also required for several IRCv3 features */
@@ -236,54 +207,19 @@ loadmodule "echo-message"; /* shows clients if their messages are altered/filter
loadmodule "labeled-response"; /* correlate requests and responses easily */
loadmodule "bot-tag"; /* indicate the message comes from a bot (draft/bot) */
loadmodule "typing-indicator"; /* typing indicator in PM and channels (+typing) */
loadmodule "channel-context";
loadmodule "reply-tag"; /* indicate to which message you are responding (+draft/reply) */
loadmodule "clienttagdeny"; /* informs clients about supported client-only message tags */
loadmodule "sts"; /* strict transport policy (set::tls::sts-policy) */
loadmodule "link-security"; /* link-security announce */
loadmodule "plaintext-policy"; /* plaintext-policy announce */
loadmodule "chathistory"; /* CHATHISTORY client command, 005 and a CAP (draft) */
loadmodule "monitor"; /* MONITOR command with functionality similar to WATCH */
loadmodule "extended-monitor"; /* add away status, gecos and userhost changes to MONITOR (draft) */
loadmodule "standard-replies"; /* Standard Replies */
loadmodule "no-implicit-names"; /* Opt out of receiving implicit NAMES when joining a channel */
loadmodule "extended-isupport"; /* draft/extended-isupport */
loadmodule "multiline"; /* draft/multiline */
/*** RPC modules ***/
// There's a JSON-RPC interface that can be used to communicate with UnrealIRCd
// outside of IRC. See https://www.unrealircd.org/docs/JSON-RPC for more info.
// Or, more technical, for a list of all JSON-RPC Methods, have a look at
// https://www.unrealircd.org/docs/JSON-RPC:Technical_documentation
// (Don't just look at the list of rpc/* modules below, occasionaly some rpc
// functionality is together in a regular module which has no rpc/* prefix)
//
// By loading the following modules, we enable RRPC for intra-server JSON-RPC,
// so calls like modules.list work properly accross the network. It DOES NOT
// enable the webserver, nor does it listen on any RPC socket. For that, you
// need to include "conf/rpc.modules.default.conf";
loadmodule "rpc/rpc";
loadmodule "rpc/stats";
loadmodule "rpc/user";
loadmodule "rpc/server";
loadmodule "rpc/channel";
loadmodule "rpc/server_ban";
loadmodule "rpc/server_ban_exception";
loadmodule "rpc/name_ban";
loadmodule "rpc/spamfilter";
loadmodule "rpc/log";
loadmodule "rpc/whowas";
loadmodule "rpc/message";
loadmodule "rpc/security_group";
/*** Other ***/
// These are modules that don't fit in any of the previous sections
loadmodule "ident_lookup"; /* Ident lookups if set::options::identd-check is set*/
loadmodule "certfp"; /* TLS certificate fingerprint in /WHOIS (& more) */
loadmodule "tls_cipher"; /* Store and retrieve TLS cipher of local and remote clients */
loadmodule "certfp"; /* SSL/TLS certificate fingerprint in /WHOIS (& more) */
loadmodule "tls_antidos"; /* prevent TLS DoS (renegotiate floods) */
loadmodule "connect-flood"; /* throttling against connection flooding */
loadmodule "max-unknown-connections-per-ip"; /* limit number of connections in 'unknown state' */
loadmodule "webirc"; /* WEBIRC command. See webirc block. */
loadmodule "blacklist"; /* Blacklist support (DNSBL). See blacklist block. */
loadmodule "jointhrottle"; /* set::anti-flood::join-flood (previously chanmode +j) */
@@ -296,44 +232,6 @@ loadmodule "rmtkl"; /* Easily remove *-Lines in bulk with /RMTKL */
loadmodule "restrict-commands"; /* Provides set::restrict-commands settings */
loadmodule "reputation"; /* used by Connthrottle and others, see next */
loadmodule "connthrottle"; /* see https://www.unrealircd.org/docs/Connthrottle */
loadmodule "userip-tag"; /* unrealircd.org/userip tag for ircops (IP address) */
loadmodule "userhost-tag"; /* unrealircd.org/userhost tag for ircops (real host) */
loadmodule "geoip-tag"; /* unrealircd.org/geoip tag for ircops (country) */
loadmodule "json-log-tag"; /* unrealircd.org/json-log tag and CAP for ircops */
loadmodule "issued-by-tag"; /* unrealircd.org/issued-by tag for servers and ircops */
loadmodule "real-quit-reason"; /* unrealircd.org/real-quit-reason for servers only */
loadmodule "userip-tag"; /* unrealircd.org/userip tag for ircops */
loadmodule "userhost-tag"; /* unrealircd.org/userhost tag for ircops */
loadmodule "targetfloodprot"; /* set::anti-flood::target-flood protection */
loadmodule "watch-backend"; /* used by watch and other modules */
loadmodule "geoip_base"; /* needed for ALL geoip functions */
loadmodule "websocket_common"; /* helper functions for websocket (internal) */
loadmodule "spamreport"; /* Spam reporting to a blacklist */
loadmodule "crule"; /* Rules in spamfilter::rule and deny link::rule */
loadmodule "maxperip"; /* allow::maxperip restrictions */
loadmodule "utf8functions"; /* Various UTF8 helper functions */
loadmodule "utf8only"; /* UTF8ONLY via set::utf8-only */
loadmodule "portinfo"; /* storing local_port and server_port of users */
loadmodule "isupport"; /* ISUPPORT / numeric 005 handling */
@if !defined(NO_DEFAULT_GEOIP)
@if $GEOIP_ENGINE != "none"
loadmodule "$GEOIP_ENGINE";
@endif
@if module-loaded("geoip_classic")
set {
geoip-classic {
ipv4-database "https://geoip.unrealircd.org/classic/GeoIP.dat" { url-refresh 14d; url-fail warn; }
ipv6-database "https://geoip.unrealircd.org/classic/GeoIPv6.dat" { url-refresh 14d; url-fail warn; }
asn-ipv4-database "https://geoip.unrealircd.org/classic/GeoIPASNum.dat" { url-refresh 14d; url-fail warn; }
asn-ipv6-database "https://geoip.unrealircd.org/classic/GeoIPASNumv6.dat" { url-refresh 14d; url-fail warn; }
}
}
@endif
@if module-loaded("geoip_mmdb")
set {
geoip-mmdb {
database "https://geoip.unrealircd.org/mmdb/GeoIP.mmdb" { url-refresh 14d; url-fail warn; }
asn-database "https://geoip.unrealircd.org/mmdb/GeoIP-ASN.mmdb" { url-refresh 14d; url-fail warn; }
}
}
@endif
@endif
doc/conf/modules.optional.conf
+50 -116
View File
@@ -20,9 +20,7 @@ loadmodule "ircops";
// This adds the /STAFF command: This command simply displays
// a text file that you can configure here:
loadmodule "staff";
@if module-loaded("staff")
set { staff-file "network.staff"; }
@endif
/*** Channel modes ***/
@@ -49,29 +47,28 @@ loadmodule "nocodes";
// the module may consider a sequence of characters "random" even though
// it is a perfectly pronounceable word in your language.
loadmodule "antirandom";
@if module-loaded("antirandom")
set {
antirandom {
/* THRESHOLD:
* This is the most important setting of all.
* For every randomly looking item the user gets a certain amount of
* 'points'. If the points reach the 'threshold' then the appropriate
* This is pretty much the most important setting of all.
* For every randomly looking ident the user gets a certain amount of
* 'points', if this value reaches 'threshold' then the appropriate
* action is taken (killed, *lined, see later on).
* lower = more randomly looking users will be caught
* (but also more innocent users).
* higher = less chance of innocent users getting killed
* (but also less chance on bots getting caught).
* lower = more randomly looking users will be catched (but also more
* innocent users)
* higher = less chance of innocent users getting killed, but also less
* chance on bots getting catched.
* <2: DON'T!!
* 4: Works good, probably a few more innocent kills, but if you have a
* big problem with drone attacks then this might be a good setting.
* 4: Works good, probably a few more innocent kills but if you got
* quite a bot problem then this might be a useful setting.
* 5: Works well with few innocent kills, probably good to begin with.
* 6: If you want to be a tad more careful
* >6: For the paranoid. Module can still be quite effective, though :)
*/
threshold 6;
threshold 7;
/* BAN-ACTION:
* Action to take whenever the user is caught as random, options:
* Action to take whenever the user is catched as random, options:
* warn, kill, gline, gzline, kline, zline, shun, tempshun
*/
ban-action kill;
@@ -86,73 +83,79 @@ set {
ban-time 4h;
/* BAN-REASON:
* The ban or kill reason to use.
* Tip: you might want to put in an entry to a FAQ or an email address where
* users can mail if they have been caught and don't know what to do.
* NOTE: One of the various reasons that "innocent users" are blocked is when
* they randomly type in info for their nick, ident, or realname.
* The ban (or kill) reason to use.
* You might want to put in an entry to a FAQ or an email address
* where users can mail if they have been catched and don't know what to do.
* NOTE: One of the various reasons that ""innocent users"" are catched is
* if they just randomly type in info for their nick, ident, or realname.
*/
ban-reason "You look like a bot. Be sure to fill in your nick/ident/realname properly.";
/* CONVERT-TO-LOWERCASE:
* Convert nicks, idents, and realnames to lowercase before doing random checks?
* Useful to catch GnStA5FYhiTH51TUkf style random nicks as random.
* This has not been tested extensively for false positives, but might be (very)
* helpful to catch GnStA5FYhiTH51TUkf style random nicks as random.
* Enabled by default.
*/
convert-to-lowercase yes;
/* FULLSTATUS-ON-LOAD:
* If enabled, then upon loading it will check all users that are currently
* connected and give a status report about who it would have killed.
* Note that it doesn't actually kill any currently connected users, it is for
* informative purposes only.
* This can be (very) useful if you use the module for the first time.
* But you probably want to disable it after a while, since once the module
* is actively dealing with randomly looking persons, it shouldn't report any
* users anymore on load and then this check only eats useless CPU on /REHASH.
* Enabled by default.
*/
fullstatus-on-load yes;
/* SHOW-FAILEDCONNECTS:
* This will send out a notice whenever a randomly looking user has been caught
* during connecting. This can be pretty noisy.
* This will send out a notice whenever a randomly looking user has been catched
* during connecting. Obviously this can be pretty noisy.
* Especially recommended to enable during the first few days you use this module.
*/
show-failedconnects yes;
/* EXCEPT:
* Don't do antirandom checks for these users.
/* EXCEPT-HOSTS:
* Hostmasks on this list are matched against the IP and hostname of the connecting
* user. If it matches then we do not check if the nick/ident/realname is random.
* NOTE: Use the REAL host or IP here, not any cloaked hosts!
*/
except {
/* Exempt WEBIRC gateways because these frequently
* cause false positives. So the default is yes.
*/
webirc yes;
/* Exempt LAN users */
ip { 192.168.*; 127.*; }
// Or by hostname:
//mask { *.example.net; }
/* You can also exempt security groups: */
// security-group known-users;
/* For all options, see https://www.unrealircd.org/docs/Mask_item */
except-hosts {
mask 192.168.0.0/16;
mask 127.0.0.0/8;
}
/* EXCEPT-WEBIRC:
* This will make antirandom not check connections from WEBIRC gateways.
* ( see https://www.unrealircd.org/docs/WebIRC_block )
* It seems WEBIRC connections frequently cause false positives so the
* default is 'yes'.
*/
except-webirc yes;
}
}
@endif
// This module will send a HTTP 301 redirect to any client which sends
// a HTTP request to us. This is commented out by default:
//loadmodule "webredir";
//set {
// webredir {
// url 'https://...';
// url "https://...";
// }
//}
// Load the webserver module, needed for websocket (see next)
loadmodule "webserver";
// This adds websocket support. For more information, see:
// https://www.unrealircd.org/docs/WebSocket_support
loadmodule "websocket";
// This module will detect and stop spam containing characters of
// This module will detect and stop spam containing of characters of
// mixed "scripts", where (for example) some characters are in
// Latin script and other characters are in Cyrillic script.
loadmodule "antimixedutf8";
@if module-loaded("antimixedutf8")
set {
antimixedutf8 {
/* Take action at this 'score' (lower = more sensitive)
@@ -176,74 +179,5 @@ set {
/* Duration of ban (does not apply to block/kill) */
ban-time 4h; // For other types
/* Except these users - see
* https://www.unrealircd.org/docs/Mask_item for options.
*/
//commented out by default:
//except {
// security-group known-users;
// webirc yes;
//}
}
}
@endif
// This module will add support for /EXTJWT command,
// used for generating authorization tokens for external services.
// The feature is based on a specification described here:
// https://github.com/ircv3/ircv3-specifications/pull/341
// Please create your configuration block based on the example below.
// Do not uncomment the example.
//
// Supported JWT methods: NONE (not recommended), HS256, HS384, HS512,
// ES256, ES384, ES512, RS256, RS384, RS512
// Method NONE does not use any cryptography to sign the token. This
// is only useful for checking whether the service works when initially
// setting it up. HS* methods use a password that must be shared with
// the verification service. ES* and RS* methods use public-private key
// pairs, so the verification service, knowing your public key, can't
// generate own valid tokens.
//
// For methods requiring a key, place it in your "conf" directory.
//
// Use following shell commands to create keys if needed:
// To generate RS256, RS384 or RS512 private key (for UnrealIRCd):
// openssl genrsa -out privkey.pem 4096
// To generate matching public key (for the external service to verify
// the token):
// openssl rsa -in privkey.pem -pubout > pubkey.pem
//
// To generate ES256, ES384 or ES512 private key (for UnrealIRCd):
// openssl ecparam -genkey -name secp521r1 -noout -out privkey.pem
// To generate matching public key (for the external service to verify
// the token):
// openssl ec -in privkey.pem -pubout -out pubkey.pem
//
// In all cases, substitute your preferred file names for "pubkey.pem"
// and "privkey.pem".
//loadmodule "extjwt";
//extjwt {
// /* The configuration below is used when no service name is
// * provided by the user command.
// */
// method "HS256"; /* described above */
// expire-after 30; /* seconds */
// secret "somepassword"; /* required for HS* methods */
// /* Optional service blocks for generating different tokens.
// * Add as many of these as you need.
// */
// service "service1" {
// method "ES512";
// //secret "anotherpassword"; /* required for HS* method */
// key "es512.pem"; /* required for ES* and RS* methods */
// //verify-url 'https://example.com/verify/?t=%s'; /* URL for your validation service - optional; use single quotes here! */
// expire-after 60; /* seconds, will be inherited from main if not given */
// };
// /* Another service block. */
// service "service2" {
// method "RS256";
// key "RS256.pem";
// };
//};
doc/conf/modules.sources.list
+1 -1
View File
@@ -9,7 +9,7 @@
#
# This is the unrealircd-contrib repository which is added by default in
# UnrealIRCd to make it easy for users to install 3rd party modules.
# UnrealIRCd 5 to make it easy for users to install 3rd party modules.
# If you are a module coder and want to add your module to this repository
# as well, then read the rules and procedure at:
# https://www.unrealircd.org/docs/Rules_for_3rd_party_modules_in_unrealircd-contrib
doc/conf/operclass.default.conf
+2 -2
View File
@@ -13,7 +13,7 @@
* Instead, if you want to change the permissions in an operclass block,
* you should copy the definition, or this entire file, to either your
* unrealircd.conf or some other file (eg: operclass.conf) that you
* will include from your unrealircd.conf.
* you will include from your unrealircd.conf.
* Then edit it, and while doing so don't forget to change the name
* of your custom operclass block(s), so operclass <name>.
*/
@@ -26,7 +26,7 @@ operclass locop {
client { see; }
immune;
self { getbaddcc; opermodes; set; }
server { opermotd; info; close; module; dns; rehash { local; } }
server { opermotd; info; close; module; dns; rehash; }
route { local; }
kill { local; }
server-ban {
doc/conf/rpc-class.default.conf
-39
View File
@@ -1,39 +0,0 @@
/* This file defines a number of default rpc-class blocks which you can
* use in your rpc-user blocks (via rpc-user::rpc-class).
*
* This file is normally included via rpc.modules.default.conf, or you
* can do so from your unrealircd.conf through:
* include "rpc-class.default.conf";
*
* The rpc-class block is documented at:
* https://www.unrealircd.org/docs/Rpc-class_block
*
* DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
* DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
* DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
* If you want to tweak rpc-class { } blocks, simply define your own
* and optionally use 'parent read-only' or the like if you want to inherit.
* Do not edit the build-in rpc-classes from below ('full' and 'read-only').
*/
rpc-class full {
permissions {
all;
}
}
rpc-class read-only {
permissions {
rpc;
stats;
log;
user { list; get; }
whowas { get; }
server { list; get; }
channel { list; get; }
server_ban { list; get; }
server_ban_exception { list; get; }
spamfilter { list; get; }
name_ban { list; get; }
}
}
doc/conf/rpc.modules.default.conf
-65
View File
@@ -1,65 +0,0 @@
/* This file will load all UnrealIRCd modules needed for JSON-RPC,
* this allows remote (web) endpoints to query and control UnrealIRCd.
* To actually use it, you would also need one or more rpc-user blocks
* and one or more special listen blocks, see the documentation at
* https://www.unrealircd.org/docs/JSON-RPC.
*
* You can include this file from your unrealircd.conf, using:
* include "rpc.modules.default.conf";
*
* DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
* If you want to customize the modules to load you have two options:
* 1) Keep the include for rpc.modules.default.conf as usual and make use
* of blacklist-module "xyz"; to selectively disable modules.
* See https://www.unrealircd.org/docs/Blacklist-module_directive
* 2) OR, make a copy of this file (eg: name it rpc.modules.custom.conf)
* and edit it. Then include that file from your unrealircd.conf
* instead of this one.
* The downside of option #2 is that you will need to track changes
* in the original rpc.modules.default.conf with each new UnrealIRCd
* release to make sure you don't miss any new functionality (as new
* important modules may be added you need to add them to your conf).
* You don't have this problem with option #1.
*/
/* The RPC modules are loaded in modules.default.conf nowadays,
* so we only need to load the web server and add the default
* local RPC UNIX socket socket.
*/
/* These are required for RPC to work */
loadmodule "webserver";
loadmodule "websocket_common";
/* And a RPC listen socket */
@if !defined($NO_DEFAULT_RPC_SOCKET)
listen {
file "rpc.socket";
options { rpc; }
}
@endif
/* And a memory log block */
@if !defined($NO_DEFAULT_LOG_MEMORY_BLOCK)
log {
source {
all;
!debug;
!join.LOCAL_CLIENT_JOIN;
!join.REMOTE_CLIENT_JOIN;
!part.LOCAL_CLIENT_PART;
!part.REMOTE_CLIENT_PART;
!kick.LOCAL_CLIENT_KICK;
!kick.REMOTE_CLIENT_KICK;
}
destination {
memory {
max-lines 1000;
max-time 7d;
}
}
}
@endif
/* Also load the default rpc-class { } blocks */
include "rpc-class.default.conf";
doc/conf/snomasks.default.conf
-270
View File
@@ -1,270 +0,0 @@
/* Default snomask configuration.
*
* DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
* If you want to customize it, make a copy of this file
* (eg: name it snomasks.custom.conf) and edit it.
* Then include that file from your unrealircd.conf instead of this one.
*/
/* Server bans snomask - 'b' */
log {
source {
tkl.BAN_REALNAME;
tkl.TKL_ADD;
tkl.TKL_DEL;
tkl.TKL_ADD_TEMPSHUN;
tkl.TKL_DEL_TEMPSHUN;
tkl.TKL_EXPIRE;
tkl.RMTKL_COMMAND;
}
destination {
snomask b;
}
}
/* Blacklist snomask: 'B' */
log {
source {
blacklist;
}
destination {
snomask B;
}
}
/* Local client connects snomask - 'c' */
log {
source {
connect.LOCAL_CLIENT_CONNECT;
connect.LOCAL_CLIENT_DISCONNECT;
}
destination {
snomask c;
}
}
/* Remote client connects snomask - 'C' */
log {
source {
connect.REMOTE_CLIENT_CONNECT;
connect.REMOTE_CLIENT_DISCONNECT;
}
destination {
snomask C;
}
}
/* DCC rejections snomask - 'd' */
log {
source {
dcc;
}
destination {
snomask d;
}
}
/* Debug snomask (not recommended) - 'D' */
log {
source {
debug;
}
destination {
snomask D;
}
}
/* Floods snomask - 'f' */
log {
source {
flood;
}
destination {
snomask f;
}
}
/* Join, parts, kicks - 'j' */
log {
source {
join.LOCAL_CLIENT_JOIN;
join.REMOTE_CLIENT_JOIN;
part.LOCAL_CLIENT_PART;
part.REMOTE_CLIENT_PART;
kick.LOCAL_CLIENT_KICK;
kick.REMOTE_CLIENT_KICK;
}
destination {
snomask j;
}
}
/* Kill snomask */
log {
source {
kill;
}
destination {
snomask k;
}
}
/* Local nick changes snomask - 'n' */
log {
source {
nick.LOCAL_NICK_CHANGE;
}
destination {
snomask n;
}
}
/* Remote nick changes snomask - 'N' */
log {
source {
nick.REMOTE_NICK_CHANGE;
}
destination {
snomask N;
}
}
/* Deny nick (QLINE) rejections snomask - 'q' */
log {
source {
nick.QLINE_NICK_LOCAL_ATTEMPT;
nick.QLINE_NICK_REMOTE;
}
destination {
snomask q;
}
}
/* Spamfilter hits snomask - 'S' */
log {
source {
tkl.SPAMFILTER_MATCH;
}
destination {
snomask S;
}
}
/* IRCOp overriding in channels (OperOverride) - 'o' */
log {
source {
operoverride;
}
destination {
snomask o;
}
}
/* IRCOp changing user properties or forcing users to do things - 'O' */
log {
source {
chgcmds;
sacmds;
}
destination {
snomask O;
}
}
/* VHOST usage - 'v' */
log {
source {
vhost;
}
destination {
snomask v;
}
}
/* JSON-RPC usage - 'R' */
log {
source {
rpc;
}
destination {
snomask R;
}
}
/* Spam reports - 'r' */
log {
source {
spamreport;
}
destination {
snomask r;
}
}
/* Connection-limit rejections (maxperip / connthrottle) - 'x' */
log {
source {
connthrottle.CONNTHROTTLE_IPV6_LIMIT;
maxperip.MAXPERIP_LIMIT;
}
destination {
snomask x;
}
}
/* Snomask s (server notices) - the "catch all" snomask for all other things */
log {
source {
link;
oper;
!debug;
nomatch;
}
destination {
snomask s;
}
}
/* These log sources are sent to all servers (globally).
* These are generally two categories:
* 1) Things that affect the network as a whole, eg linking
* 2) Things that otherwise cannot be logged by a remote server
* that may interest ircops. Eg: a spamfilter match,
* since that would otherwise not be propagated.
*/
log {
source {
/* All link messages affect the network so
* these should be global. Except for the
* link connecting... and timeout while
* connecting.. messages, which can be noisy.
*/
link;
!link.LINK_CONNECTING;
!link.LINK_CONNECT_TIMEOUT;
!link.SERVER_LINKED_REMOTE;
!link.SERVER_LINKED;
/* All oper up/downs */
oper;
/* Flood messages, important to keep an eye on, network-wide */
flood;
/* TEMPSHUN: these are otherwise missing for snomask 'b' */
tkl.TKL_ADD_TEMPSHUN;
tkl.TKL_DEL_TEMPSHUN;
/* Spamfilter matches: needed for snomask 'S' */
tkl.SPAMFILTER_MATCH;
/* Critical issue: */
tls.TLS_CERT_EXPIRING;
/* SAMODE: needed for snomask 'o' */
samode.SAMODE_COMMAND;
/* Blacklist hits */
blacklist;
/* Central blocklist hits and errors */
central-blocklist;
/* Never any debug messages */
!debug;
}
destination {
remote;
}
}
doc/conf/spamfilter.conf
+17 -17
View File
@@ -10,13 +10,13 @@
* https://www.unrealircd.org/docs/Spamfilter
*/
/* General notes:
* 1) We use match 'xyz' instead of match "xyz". When using single quotes
* you don't risk it being interpreted as an URL for remote includes.
* 2) If you want to use a \ in a spamfilter, or in fact anywhere in the
* configuration file, then you need to escape this to \\ instead.
/* General note:
* If you want to use a \ in a spamfilter, or in fact
* anywhere in the configuration file, then you need
* to escape this to \\ instead.
*/
/* First some spamfilters with match-type 'simple'.
* The only matchers available are * and ?
* PRO's: very fast, easy matching: everyone can do this.
@@ -25,7 +25,7 @@
spamfilter {
match-type simple;
match 'Come watch me on my webcam and chat /w me :-) http://*:*/me.mpg';
match "Come watch me on my webcam and chat /w me :-) http://*:*/me.mpg";
target private;
action gline;
reason "Infected by fyle trojan: see http://www.sophos.com/virusinfo/analyses/trojfylexa.html";
@@ -34,7 +34,7 @@ spamfilter {
/* This signature uses a \ which has to escaped to \\ in the configuration file */
spamfilter {
match-type simple;
match 'C:\\WINNT\\system32\\*.zip';
match "C:\\WINNT\\system32\\*.zip";
target dcc;
action block;
reason "Infected by Gaggle worm?";
@@ -42,7 +42,7 @@ spamfilter {
spamfilter {
match-type simple;
match 'Speed up your mIRC DCC Transfer by up to 75%*www.freewebs.com/mircupdate/mircspeedup.exe';
match "Speed up your mIRC DCC Transfer by up to 75%*www.freewebs.com/mircupdate/mircspeedup.exe";
target private;
action gline;
reason "Infected by mirseed trojan: see http://www.sophos.com/virusinfo/analyses/trojmirseeda.html";
@@ -50,7 +50,7 @@ spamfilter {
spamfilter {
match-type simple;
match 'STOP SPAM, USE THIS COMMAND: //write nospam $decode(*) | .load -rs nospam | //mode $me +R';
match "STOP SPAM, USE THIS COMMAND: //write nospam $decode(*) | .load -rs nospam | //mode $me +R";
target private;
action gline;
reason "Infected by nkie worm: see http://www.trojaninfo.com/nkie/nkie.htm";
@@ -68,7 +68,7 @@ spamfilter {
*/
spamfilter {
match-type regex;
match '\x01DCC (SEND|RESUME)[ ]+\"(.+ ){20}';
match "\x01DCC (SEND|RESUME)[ ]+\"(.+ ){20}";
target { private; channel; }
action kill;
reason "mIRC 6.0-6.11 exploit attempt";
@@ -79,7 +79,7 @@ spamfilter {
*/
spamfilter {
match-type regex;
match '\x01DCC (SEND|RESUME).{225}';
match "\x01DCC (SEND|RESUME).{225}";
target { private; channel; }
action kill;
reason "Possible mIRC 6.12 exploit attempt";
@@ -96,7 +96,7 @@ spamfilter {
*/
spamfilter {
match-type regex;
match '^Want To Be An IRCOp\? Try This New Bug Type: //write \$decode\(.+=.?,m\) \| \.load -rs \$decode\(.+=.?,m\)$';
match "^Want To Be An IRCOp\? Try This New Bug Type: //write \$decode\(.+=.?,m\) \| \.load -rs \$decode\(.+=.?,m\)$";
target private;
action block;
reason "Spamming users with an mIRC trojan. Type '/unload -rs newb' to remove the trojan.";
@@ -104,7 +104,7 @@ spamfilter {
spamfilter {
match-type regex;
match '^http://www\.angelfire\.com/[a-z0-9]+/[a-z0-9]+/[a-z_]+\.jpg <- .*!';
match "^http://www\.angelfire\.com/[a-z0-9]+/[a-z0-9]+/[a-z_]+\.jpg <- .*!";
target private;
action block;
reason "Infected by fagot worm: see http://www.f-secure.com/v-descs/fagot.shtml";
@@ -115,7 +115,7 @@ spamfilter {
*/
spamfilter {
match-type regex;
match '^!login Wasszup!$';
match "^!login Wasszup!$";
target channel;
action gline;
reason "Attempting to login to a GTBot";
@@ -124,7 +124,7 @@ spamfilter {
/* An example of how to match against an IP address in text (IPv4 only) */
spamfilter {
match-type regex;
match '^!packet ([0-9]{1,3}\.){3}[0-9]{1,3} [0-9]{1,15}';
match "^!packet ([0-9]{1,3}\.){3}[0-9]{1,3} [0-9]{1,15}";
target channel;
action gline;
reason "Attempting to use a GTBot";
@@ -133,7 +133,7 @@ spamfilter {
/* A slightly more complex example with a partial OR matcher (|) */
spamfilter {
match-type regex;
match '(^wait a minute plz\. i am updating my site|.*my erotic video).*http://.+/erotic(a)?/myvideo\.exe$';
match "(^wait a minute plz\. i am updating my site|.*my erotic video).*http://.+/erotic(a)?/myvideo\.exe$";
target private;
action gline;
reason "Infected by some trojan (erotica?)";
@@ -147,7 +147,7 @@ spamfilter {
*/
spamfilter {
match-type regex;
match 'C:\\\\WINNT\\\\system32\\\\(notes|videos|xxx|ManualSeduccion|postal|hechizos|images|sex|avril)\.zip';
match "C:\\\\WINNT\\\\system32\\\\(notes|videos|xxx|ManualSeduccion|postal|hechizos|images|sex|avril)\.zip";
target dcc;
action dccblock;
reason "Infected by Gaggle worm";
doc/conf/tls/curl-ca-bundle.crt
+696 -1053
View File
File diff suppressed because it is too large Load Diff
doc/technical/005.txt
+4 -4
View File
@@ -18,14 +18,14 @@ by this server"
Currently UnrealIRCd supports several tokens that are included in numeric 005. A list of
all tokens, their respective value and a brief description are listed below.
UnrealIRCd attempts to follow the proposed ISupport standard as much as possible. UnrealIRCd
only ignores the standard in one regard, the TARGMAX token. This token is believed to be
Unreal attempts to follow the proposed ISupport standard as much as possible. Unreal only
ignores the standard in one regard, the TARGMAX token. This token is believed to be
impractical and technically impossible to correctly implement due to existing limitations
in the standard. Therefore, this token is not currently supported.
UnrealIRCd does additionally provide a few tokens which are not specified in the standard, these
Unreal does additionally provide a few tokens which are not specified in the standard, these
include: HCN, AWAYLEN, WATCH, SILENCE, EXTBAN, ELIST, CMDS, NAMESX, UHNAMES, and WATCHOPTS.
UnrealIRCd also maintains a few legacy tokens such as MAXCHANNELS and WALLCHOPS to ensure
Unreal also maintains a few legacy tokens such as MAXCHANNELS and WALLCHOPS to ensure
compatibility until the ISupport standard is more widely accepted by clients.
Token Value Default Value Description
doc/translations.txt
+1 -1
View File
@@ -1,6 +1,6 @@
==[ Translations ]===========================================================
In UnrealIRCd we support the following translations:
In UnrealIRCd 5 we support the following translations:
* on-line documentation at https://www.unrealircd.org/docs/ (wiki!)
* help.conf
* example.conf
doc/unrealircd_wiki.zim
BIN
View File
Binary file not shown.
extras/argon2-20181209.tar.gz
BIN
View File
Binary file not shown.
extras/argon2.tar.gz
BIN
View File
Binary file not shown.
extras/build-tests/nix/build
+32 -10
View File
@@ -16,15 +16,20 @@ else
export MAKE="make -j4"
fi
# -DRAWCMDLOGGING was dropped, but can be useful for debugging
export CPPFLAGS="$CPPFLAGS -DFAKELAG_CONFIGURABLE -DNOREMOVETMP -DTESTSUITE"
export CPPFLAGS="-DFAKELAG_CONFIGURABLE -DNOREMOVETMP"
# !! skipped for now: extras/build-tests/nix/select-config $BUILDCONFIG !!
# !! temporary use this:
cp extras/build-tests/nix/configs/default ./config.settings
if [ "$USE_SHIPPED_LIBS" = "1" ]; then
echo 'EXTRAPARA="--enable-werror --without-system-pcre2 --without-system-argon2 --without-system-sodium --without-system-cares --without-system-jansson"' >>config.settings
# Debian 8 workaround:
if lsb_release -av 2>&1|egrep 'Debian.*jessie'; then
echo "Disabling ASan due to false positives on deb8"
echo 'EXTRAPARA="--enable-werror --disable-asan"' >>config.settings
fi
if uname -s|grep -i freebsd; then
echo "Disabling ASan on FreeBSD due to 100% CPU loop in OpenSSL initialization routine"
echo 'EXTRAPARA="--enable-werror --disable-asan"' >>config.settings
fi
# If SSLDIR is set the environment, this overrides config.settings
@@ -41,10 +46,10 @@ if [ "$SSLDIR" != "" ]; then
fi
./Config -quick || (tail -n 5000 config.log; exit 1)
$MAKE
(echo 'Y'; yes '')|./unrealircd mkcert
$MAKE || exit 1
$MAKE install || exit 1
./unrealircd module install third/dumpcmds || exit 1
yes ''|make pem
make
./unrealircd module install third/dumpcmds
make install
set +x
echo ""
@@ -58,5 +63,22 @@ else
ldd ~/unrealircd/bin/unrealircd
fi
# This was only the 'building' part, so give a hint...
echo "You can now run extras/build-tests/nix/run-tests"
if [ "$BUILDCONFIG" = "local-curl" ]; then
# We broke the system significantly earlier that build tests
# won't work (eg: 'git' is uninstallable). Don't bother
# running the tests. I don't expect a 'local-curl' specific
# bug anyway.
exit 0
fi
if [[ "$OSTYPE" == "darwin"* ]]; then
# 'rake' doesn't work. have to figure that one out..
echo "Not running test on OS X for now"
exit 0
fi
echo ""
echo ""
#echo "Now running UnrealIRCd test framework..."
#set -x
#extras/build-tests/nix/run-tests
extras/build-tests/nix/configs/default
+4 -10
View File
@@ -1,9 +1,3 @@
# These are the settings saved from running './Config'.
# Note that it is not recommended to edit config.settings by hand!
# Chances are you misunderstand what a variable does or what the
# supported values are. You better just re-run the ./Config script
# and answer appropriately there, to get a correct config.settings
# file.
#
BASEPATH=$HOME/unrealircd
BINDIR=$HOME/unrealircd/bin
@@ -15,16 +9,16 @@ CACHEDIR=$HOME/unrealircd/cache
DOCDIR=$HOME/unrealircd/doc
TMPDIR=$HOME/unrealircd/tmp
PRIVATELIBDIR=$HOME/unrealircd/lib
MAXCONNECTIONS_REQUEST="auto"
PREFIXAQ="1"
MAXCONNECTIONS="1024"
NICKNAMEHISTORYLENGTH="2000"
GEOIP="classic"
DEFPERM="0600"
SSLDIR=""
REMOTEINC=""
CURLDIR=""
SHOWLISTMODES="1"
NOOPEROVERRIDE=""
OPEROVERRIDEVERIFY=""
GENCERTIFICATE="0"
SANITIZER="asan"
EXTRAPARA="--enable-werror"
EXTRAPARA="--enable-werror --enable-asan"
ADVANCED=""
extras/build-tests/nix/hardening-check.sh
-100
View File
@@ -1,100 +0,0 @@
#!/bin/bash
# hardening-check.sh <ircd_dir>
# Example: ./hardening-check.sh ~/unrealircd
# Exit codes: 0 = pass, 1 = fail
#
# This is used by BuildBot to make sure we use RELRO and CFI and such.
# Requirements: 'checksec' and 'readelf'
# It is AI-generated code (Claude Opus 4.6) but seems to work well,
# also verified to fail with a deliberately "bad" library.
# We only check libraries that we control, not system libs that are
# out of our control. Similarly, FreeBSD doesn't support CFI (CET)
# at the moment so we ignore it there, again.. out of our control.
if [ -z "$1" ]; then
echo "Usage: $0 <unrealircd-directory>"
exit 1
fi
IRCD_DIR="$1"
FAIL=0
# Collect all binaries to check
files=("$IRCD_DIR/bin/unrealircd")
while IFS= read -r f; do
files+=("$f")
done < <(find "$IRCD_DIR/lib" -name '*.so*' -type f)
# --- checksec: Full RELRO, Canary, NX, FORTIFY ---
for f in "${files[@]}"; do
out=$(checksec --format=csv --file="$f" 2>/dev/null)
name=$(basename "$f")
if ! echo "$out" | grep -qi "Full RELRO"; then
echo "FAIL: $name — missing Full RELRO"
FAIL=1
fi
if ! echo "$out" | grep -qi "Canary found"; then
echo "FAIL: $name — missing stack canary"
FAIL=1
fi
if ! echo "$out" | grep -qi "NX enabled"; then
echo "FAIL: $name — missing NX"
FAIL=1
fi
# FORTIFY column: check for "Yes" but not in other fields
fortify=$(echo "$out" | awk -F',' '{print $8}')
if [ "$fortify" != "Yes" ]; then
echo "WARN: $name — no FORTIFY (may be OK for small libs)"
fi
done
# --- CFI: CET on x86_64, BTI/PAC on aarch64 (Linux only) ---
if [ "$(uname -s)" = "Linux" ]; then
ARCH=$(uname -m)
if [ "$ARCH" = "x86_64" ]; then
for f in "${files[@]}"; do
name=$(basename "$f")
props=$(readelf -n "$f" 2>/dev/null | grep "x86 feature:")
if [ -z "$props" ]; then
echo "FAIL: $name — no CET property note"
FAIL=1
else
if ! echo "$props" | grep -q "IBT"; then
echo "FAIL: $name — missing IBT"
FAIL=1
fi
if ! echo "$props" | grep -q "SHSTK"; then
echo "FAIL: $name — missing SHSTK"
FAIL=1
fi
fi
done
elif [ "$ARCH" = "aarch64" ]; then
for f in "${files[@]}"; do
name=$(basename "$f")
props=$(readelf -n "$f" 2>/dev/null | grep "aarch64 feature:")
if [ -z "$props" ]; then
echo "FAIL: $name — no BTI/PAC property note"
FAIL=1
else
if ! echo "$props" | grep -q "BTI"; then
echo "FAIL: $name — missing BTI"
FAIL=1
fi
if ! echo "$props" | grep -q "PAC"; then
echo "FAIL: $name — missing PAC"
FAIL=1
fi
fi
done
fi
fi
if [ "$FAIL" -eq 1 ]; then
echo "HARDENING CHECK FAILED"
exit 1
else
echo "All hardening checks passed."
exit 0
fi
extras/build-tests/nix/run-tests
+25 -8
View File
@@ -11,25 +11,33 @@ set -x
# Kill old instances
killall -9 unrealircd || true
# Remove old junk
rm -rf cipherscan/ unrealircd-tests/
if [ ! -d ~/cipherscan ]; then
# Install 'cipherscan'
git clone -q https://github.com/mozilla/cipherscan
fi
# Install 'unrealircd-tests'
rm -rf unrealircd-tests/
git clone -q --branch unreal60 https://github.com/unrealircd/unrealircd-tests.git unrealircd-tests
git clone -q https://github.com/unrealircd/unrealircd-tests.git
cd unrealircd-tests
# FreeBSD has various issues with the tests from us and others,
# better set a flag to keep it simple:
FREEBSD=0
if uname -a|grep -q FreeBSD; then
NOSERVICES=1
FREEBSD=1
fi
# Run the test framework, testing both services:
if [ "$NOSERVICES" = 1 ]; then
./run -services none $RUNTESTFLAGS || exit 1
if [ "$FREEBSD" = 1 ]; then
# FreeBSD runs without services since they fail mysteriously:
./run -services none || exit 1
else
# Linux tests both with anope and atheme services:
./run -services anope $RUNTESTFLAGS || exit 1
./run -services atheme $RUNTESTFLAGS || exit 1
./run -services anope || exit 1
./run -services atheme || exit 1
fi
# Database writing/reading tests
@@ -40,4 +48,13 @@ fi
./run -services none -include db_crypted.conf -boot tests/db/writing/* || exit 1
./run -services none -include db_crypted.conf -keepdbs -boot tests/db/reading/* || exit 1
echo "If you also want to run the SSL/TLS tests, see extras/tests/tls/tls-tests"
# Do cipherscan test at the end
# Has problems on non-Linux-64-bit, so we skip there:
if [ "$FREEBSD" = 0 -a "$HOSTNAME" != "ub18-ia32" ]; then
sleep 2
cd ../extras/tests/tls
./tls-tests
cd -
fi
killall -15 unrealircd atheme-services services anope || true
extras/build-tests/nix/run-tests.bbwrapper
+2 -4
View File
@@ -8,9 +8,7 @@
# in case it misbehaves
#
set +ex
timeout --kill-after=5 900 bash -c '
extras/build-tests/nix/run-tests
timeout --kill-after=5 600 extras/build-tests/nix/run-tests
EX="$?"
killall -9 valgrind valgrind.bin memcheck memcheck-amd64-linux memcheck-x86-linux ircd unrealircd val 1>/dev/null 2>&1
exit $EX'
exit $?
exit $EX
extras/build-tests/windows/build.bat
+26 -33
View File
@@ -16,47 +16,35 @@ rem cinst innosetup -y
rem Installing UnrealIRCd dependencies
cd \projects
mkdir unrealircd-6-libs
cd unrealircd-6-libs
curl -fsS -o unrealircd-libraries-6-devel.zip https://www.unrealircd.org/files/dev/win/libs/unrealircd-libraries-6-devel.zip
unzip unrealircd-libraries-6-devel.zip
copy dlltool.exe \users\user\worker\unreal6-w10\build /y
mkdir unrealircd-5-libs
cd unrealircd-5-libs
curl -fsS -o unrealircd-libraries-5-devel.zip https://www.unrealircd.org/files/dev/win/libs/unrealircd-libraries-5-devel.zip
unzip unrealircd-libraries-5-devel.zip
copy dlltool.exe \users\user\worker\unreal5-w10\build /y
rem for appveyor, use: cd \projects\unrealircd
cd \users\user\worker\unreal6-w10\build
rem Install 'unrealircd-tests'
cd ..
rd /q/s unrealircd-tests
git clone -q --branch unreal60 https://github.com/unrealircd/unrealircd-tests.git unrealircd-tests
if %ERRORLEVEL% NEQ 0 EXIT /B 1
cd build
rem for appveyor: cd \projects\unrealircd
cd \users\user\worker\unreal5-w10\build
rem Now the actual build
rem - First this, otherwise JOM will fail
IF NOT EXIST src\version.c nmake -f Makefile.windows CONF
rem - Then build most of UnrealIRCd.exe etc
call extras\build-tests\windows\compilecmd\%SHORTNAME%.bat UNREALSVC.EXE UnrealIRCd.exe unrealircdctl.exe
rem - It will fail due to missing symbolfile, which we create here..
rem it needs to run with SLOW=1 because JOM doesn't understand things otherwise..
SET SLOW=1
call extras\build-tests\windows\compilecmd\%SHORTNAME%.bat SYMBOLFILE
SET SLOW=0
rem - Then we finalize building UnrealIRCd.exe: should be no error
call extras\build-tests\windows\compilecmd\%SHORTNAME%.bat UNREALSVC.EXE UnrealIRCd.exe unrealircdctl.exe
if %ERRORLEVEL% NEQ 0 EXIT /B 1
rem - Build all the modules (DLL files): should be no error
call extras\build-tests\windows\compilecmd\%SHORTNAME%.bat MODULES
call extras\build-tests\windows\compilecmd\%SHORTNAME%.bat
rem The above command will fail, due to missing symbol file
rem However the symbol file can only be generated after the above command
rem So... we create the symbolfile...
nmake -f makefile.windows SYMBOLFILE
rem And we re-run the exact same command:
call extras\build-tests\windows\compilecmd\%SHORTNAME%.bat
if %ERRORLEVEL% NEQ 0 EXIT /B 1
rem Compile dependencies for unrealircd-tests -- this doesn't belong here though..
copy ..\unrealircd-tests\serverconfig\unrealircd\modules\fakereputation.c src\modules\third /Y
curl -fsS -o src\modules\third\fakereputation.c https://raw.githubusercontent.com/unrealircd/unrealircd-tests/master/serverconfig/unrealircd/modules/fakereputation.c
call extras\build-tests\windows\compilecmd\%SHORTNAME%.bat CUSTOMMODULE MODULEFILE=fakereputation
if %ERRORLEVEL% NEQ 0 EXIT /B 1
rem Convert c:\dev to c:\projects\unrealircd-6-libs
rem Convert c:\dev to c:\projects\unrealircd-5-libs
rem TODO: should use environment variable in innosetup script?
sed -i "s/c:\\dev\\unrealircd-6-libs/c:\\projects\\unrealircd-6-libs/gi" src\windows\unrealinst.iss
sed -i "s/c:\\dev\\unrealircd-5-libs/c:\\projects\\unrealircd-5-libs/gi" src\windows\unrealinst.iss
rem Build installer file
"c:\Program Files (x86)\Inno Setup 5\iscc.exe" /Q- src\windows\unrealinst.iss
@@ -72,7 +60,7 @@ taskkill -im unrealircd.exe -f
sleep 2
rem Just a safety measure so we don't end up testing
rem some old version...
del "C:\Program Files\UnrealIRCd 6\bin\unrealircd.exe"
del "C:\Program Files\UnrealIRCd 5\bin\unrealircd.exe"
echo Running installer...
start /WAIT unrealircd-dev-build.exe /VERYSILENT /LOG=setup.log
@@ -82,7 +70,12 @@ rem Upload artifact
rem appveyor PushArtifact unrealircd-dev-build.exe
rem if %ERRORLEVEL% NEQ 0 EXIT /B 1
cd ..\unrealircd-tests
rem Install 'unrealircd-tests'
cd ..
rd /q/s unrealircd-tests
git clone https://github.com/unrealircd/unrealircd-tests.git
if %ERRORLEVEL% NEQ 0 EXIT /B 1
cd unrealircd-tests
dir
rem All tests except db:
extras/build-tests/windows/compilecmd/vs2019.bat
+15 -34
View File
@@ -1,40 +1,21 @@
rem Build command for Visual Studio 2019
rem Default to quick parallel builds
SET BUILDCOMMAND="jom"
SET BUILDARGS="/j32"
IF NOT %SLOW%. == 1. goto cont
rem In case of SET SLOW=1 we use slow nmake
SET BUILDCOMMAND="nmake"
SET BUILDARGS=""
:cont
echo BUILDCOMMAND IS: %BUILDCOMMAND%
echo BUILDARGS IS: %BUILDARGS%
%BUILDCOMMAND% %BUILDARGS% -f makefile.windows ^
SSL_INC_DIR="c:\projects\unrealircd-6-libs\openssl\include" ^
SSL_LIB_DIR="c:\projects\unrealircd-6-libs\openssl\lib" ^
SSLLIB="libcrypto.lib libssl.lib" ^
nmake -f makefile.windows ^
LIBRESSL_INC_DIR="c:\projects\unrealircd-5-libs\libressl\include" ^
LIBRESSL_LIB_DIR="c:\projects\unrealircd-5-libs\libressl\lib" ^
SSLLIB="crypto-46.lib ssl-48.lib" ^
USE_REMOTEINC=1 ^
LIBCURL_INC_DIR="c:\projects\unrealircd-6-libs\curl\include" ^
LIBCURL_LIB_DIR="c:\projects\unrealircd-6-libs\curl\lib" ^
CARES_LIB_DIR="c:\projects\unrealircd-6-libs\c-ares\msvc\cares\dll-release" ^
CARES_INC_DIR="c:\projects\unrealircd-6-libs\c-ares\include" ^
LIBCURL_INC_DIR="c:\projects\unrealircd-5-libs\curl\include" ^
LIBCURL_LIB_DIR="c:\projects\unrealircd-5-libs\curl\builds\libcurl-vc-x64-release-dll-ssl-dll-cares-dll-ipv6-obj-lib" ^
CARES_LIB_DIR="c:\projects\unrealircd-5-libs\c-ares\msvc\cares\dll-release" ^
CARES_INC_DIR="c:\projects\unrealircd-5-libs\c-ares\include" ^
CARESLIB="cares.lib" ^
PCRE2_INC_DIR="c:\projects\unrealircd-6-libs\pcre2\include" ^
PCRE2_LIB_DIR="c:\projects\unrealircd-6-libs\pcre2\lib" ^
PCRE2_INC_DIR="c:\projects\unrealircd-5-libs\pcre2\include" ^
PCRE2_LIB_DIR="c:\projects\unrealircd-5-libs\pcre2\lib" ^
PCRE2LIB="pcre2-8.lib" ^
ARGON2_LIB_DIR="c:\projects\unrealircd-6-libs\argon2\vs2015\build" ^
ARGON2_INC_DIR="c:\projects\unrealircd-6-libs\argon2\include" ^
ARGON2_LIB_DIR="c:\projects\unrealircd-5-libs\argon2\vs2015\build" ^
ARGON2_INC_DIR="c:\projects\unrealircd-5-libs\argon2\include" ^
ARGON2LIB="Argon2RefDll.lib" ^
SODIUM_LIB_DIR="c:\projects\unrealircd-6-libs\libsodium\bin\x64\Release\v142\dynamic" ^
SODIUM_INC_DIR="c:\projects\unrealircd-6-libs\libsodium\src\libsodium\include" ^
SODIUMLIB="libsodium.lib" ^
JANSSON_LIB_DIR="c:\projects\unrealircd-6-libs\jansson\lib" ^
JANSSON_INC_DIR="c:\projects\unrealircd-6-libs\jansson\include" ^
JANSSONLIB="jansson.lib" ^
GEOIPCLASSIC_LIB_DIR="c:\projects\unrealircd-6-libs\GeoIP\libGeoIP" ^
GEOIPCLASSIC_INC_DIR="c:\projects\unrealircd-6-libs\GeoIP\libGeoIP" ^
GEOIPCLASSICLIB="GeoIP.lib" %*
SODIUM_LIB_DIR="c:\projects\unrealircd-5-libs\libsodium\bin\x64\Release\v142\dynamic" ^
SODIUM_INC_DIR="c:\projects\unrealircd-5-libs\libsodium\src\libsodium\include" ^
SODIUMLIB="libsodium.lib" %*
extras/c-ares.tar.gz
BIN
View File
Binary file not shown.
extras/curlinstall
Executable
+98
View File
@@ -0,0 +1,98 @@
#!/bin/sh
URL="https://www.unrealircd.org/files/curl-latest.tar.gz"
OUTF="curl-latest.tar.gz"
OUTD="curl-latest"
ARESPATH="`pwd`/extras/c-ares"
UNREALDIR="`pwd`"
CARESVERSION="1.17.2"
LIBDIR="$1"
if [ "x$1" = "x" ]; then
echo "You should (no longer) run this program directly."
echo "It will be invoked by ./Config"
exit 1
fi
if [ ! -f src/parse.c ]; then
if [ -f ../src/parse.c ]; then
cd ..
else
echo "Please run this program from your UnrealIRCd directory"
echo "(usually $HOME/unrealircd-5.0.X or something like that)"
exit 1
fi
fi
wget --version 1>/dev/null 2>&1
if [ "$?" = 0 ]; then
FETCHER="wget"
else
fetch --version 1>/dev/null 2>&1
if [ "$?" = 0 ]; then
FETCHER="fetch"
else
lynx --version 1>/dev/null 2>&1
if [ "$?" = 0 ]; then
FETCHER="lynx"
else
echo "ERROR: unable to find wget/fetch/lynx, please install at least one of these programs"
exit 1
fi
fi
fi
if [ ! -d tmp ]; then
mkdir tmp || exit 1
fi
cd tmp || exit 1
rm -f "$OUTF"
if [ "$FETCHER" = "wget" ]; then
wget -O "$OUTF" "$URL"
elif [ "$FETCHER" = "lynx" ]; then
lynx -dump "$URL" >"$OUTF"
elif [ "$FETCHER" = "fetch" ]; then
cd tmp #todo: find out the cmd line parameter ;)
fetch "$URL"
fi
if [ "$?" != 0 ]; then
echo "ERROR: Something went wrong while trying to download $URL"
exit 1
fi
rm -rf "$OUTD" # remove old directory prior to extracting
tar xzf "$OUTF" || exit 1
if [ "`eval echo -n 'a'`" = "-n a" ] ; then
c="\c"
else
n="-n"
fi
if [ ! -d "$ARESPATH/lib" ]; then
echo "c-ares has not been build yet, let's do that now..."
cd ../extras/
tar xzf c-ares.tar.gz || exit 1
cd c-ares-$CARESVERSION || exit 1
./configure --prefix=$ARESPATH || exit 1
(make && make install) || exit 1
cd ../../tmp/
echo "c-ares built."
echo ""
fi
# We assume curl has been packaged in a way it will extract to "$OUTD"/
cd "$OUTD" || exit 1
echo "Building and installing libcurl"
CPPFLAGS="-I$ARESPATH/include" ./configure --prefix=$UNREALDIR/extras/curl --libdir=$LIBDIR --enable-shared \
--enable-ares=$ARESPATH --with-openssl
cp -R $ARESPATH/lib ares
make && make install
#cp $ARESPATH/lib/libcares.a $HOME/curl/lib
# that isn't needed anymore as the lib is already in unreal...
extras/doxygen/Developers.md
+5 -6
View File
@@ -1,11 +1,10 @@
Welcome to the doxygen-generated documentation for the UnrealIRCd 6.x API.
Welcome to the doxygen-generated documentation for the UnrealIRCd 5.x API.
This is intended **for developers only!**
If you are creating a 3rd party module for UnrealIRCd or are interested
in contributing to UnrealIRCd then this is the right place.
Here you should be able to find a lot of information on the data structures
and functions available to you when coding for UnrealIRCd.
Note that UnrealIRCd 5 is the **old stable**, it is no longer receiving new
features and is bug fix only. If you are developing a new 3rd party module
then you are suggested to develop for UnrealIRCd 6 and go to the
[UnrealIRCd 6 module api](https://www.unrealircd.org/api/6/) page instead.
## Wiki documentation ##
* Be sure to check the [Module API](https://www.unrealircd.org/docs/Dev:Module_API) article on the wiki
extras/doxygen/Doxyfile
+1 -1
View File
@@ -38,7 +38,7 @@ PROJECT_NAME = "UnrealIRCd"
# could be handy for archiving the generated documentation or if some version
# control system is used.
PROJECT_NUMBER = 6.2.6-rc1
PROJECT_NUMBER = 5.2.4
# Using the PROJECT_BRIEF tag one can provide an optional one line description
# for a project that appears at the top of each page and should give viewer a
extras/geoip-classic.tar.gz
BIN
View File
Binary file not shown.
extras/jansson.tar.gz
BIN
View File
Binary file not shown.
extras/libsodium.tar.gz
BIN
View File
Binary file not shown.
extras/pcre2.tar.gz
BIN
View File
Binary file not shown.
extras/security/apparmor/unrealircd
+2 -2
View File
@@ -1,9 +1,9 @@
# AppArmor profile for UnrealIRCd 6
# AppArmor profile for UnrealIRCd 5
#
# Note that you may still see some DENIED warnings in logs with
# operation="chmod". These are harmless and can be safely ignored.
#
# Tested on Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS
# Tested on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS
#
# IMPORTANT: you will have to modify the path to executable below
# if it's not /home/ircd/unrealircd/bin/unrealircd !
extras/startup/unrealircd.service
-41
View File
@@ -1,41 +0,0 @@
# Systemd service for UnrealIRCd
# To use this:
# 1) Adjust user/group/paths under [Service] if needed.
# 2) Then run the following commands as root:
# cp -av unrealircd.service /etc/systemd/system/
# systemctl daemon-reload
# systemctl enable unrealircd.service
# systemctl start unrealircd.service
[Unit]
Description=UnrealIRCd
Documentation=https://www.unrealircd.org/
Description=UnrealIRCd IRC Server
After=network-online.target
Wants=network-online.target
[Service]
# If needed, change 'ircd' to your unrealircd user and adjust paths:
User=ircd
Group=ircd
ExecStart=/home/ircd/unrealircd/bin/unrealircd -F
# These settings should be fine for everyone
Type=simple
Restart=on-failure
RestartSec=5s
LimitNOFILE=65536
ExecReload=/bin/kill -HUP $MAINPID
ExecStop=/bin/kill -TERM $MAINPID
NoNewPrivileges=true
PrivateTmp=true
ProtectKernelTunables=true
ProtectKernelModules=true
ProtectControlGroups=true
LockPersonality=true
MemoryDenyWriteExecute=true
RestrictRealtime=true
ProtectSystem=strict
[Install]
WantedBy=default.target
extras/startup/unrealircd_user.service
-37
View File
@@ -1,37 +0,0 @@
# Systemd service for UnrealIRCd (user service)
#
# This is the USER service. You can use this if you don't have root
# on the machine (otherwise, people usually use the other
# unrealircd.service system unit instead).
#
# To install:
# 1) Adjust the ExecStart= line below, if your unrealircd isn't
# installed in ~/unrealircd/
# 2) Then run the following commands (as a regular user):
# loginctl enable-linger
# mkdir -p ~/.config/systemd/user
# cp unrealircd_user.service ~/.config/systemd/user/unrealircd.service
# systemctl --user daemon-reload
# systemctl --user enable unrealircd.service
# systemctl --user start unrealircd.service
[Unit]
Description=UnrealIRCd
Documentation=https://www.unrealircd.org/
Description=UnrealIRCd IRC Server (user service)
After=network-online.target
Wants=network-online.target
[Service]
# Adjust this if unrealircd is installed somewhere else:
ExecStart=%h/unrealircd/bin/unrealircd -F
Type=simple
Restart=on-failure
RestartSec=5s
LimitNOFILE=65536
ExecReload=/bin/kill -HUP $MAINPID
ExecStop=/bin/kill -TERM $MAINPID
[Install]
WantedBy=default.target
extras/tests/tls/cipherscan_profiles/baseline.txt
+27
View File
@@ -0,0 +1,27 @@
Target: 127.0.0.1:5901
prio ciphersuite protocols pfs curves
1 ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
2 ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
3 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
4 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
5 ECDHE-ECDSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
6 ECDHE-ECDSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
Certificate: untrusted, 384 bits, ecdsa-with-SHA256 signature
TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: server
Curves ordering: server - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes
Intolerance to:
SSL 3.254 : absent
TLS 1.0 : absent
TLS 1.1 : absent
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent
extras/tests/tls/cipherscan_profiles/openssl-101.txt
+27
View File
@@ -0,0 +1,27 @@
Target: 127.0.0.1:5901
prio ciphersuite protocols pfs curves
1 ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1
2 ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1
3 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v1
4 ECDHE-ECDSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1
5 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v1
6 ECDHE-ECDSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v1
Certificate: untrusted, 384 bits, ecdsa-with-SHA256 signature
TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: server
Curves ordering: server - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes
Intolerance to:
SSL 3.254 : absent
TLS 1.0 : absent
TLS 1.1 : absent
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent
extras/tests/tls/cipherscan_profiles/openssl-102-ubuntu16.txt
+27
View File
@@ -0,0 +1,27 @@
Target: 127.0.0.1:5901
prio ciphersuite protocols pfs curves
1 ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
2 ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
3 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
4 ECDHE-ECDSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
5 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
6 ECDHE-ECDSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
Certificate: untrusted, 384 bits, ecdsa-with-SHA256 signature
TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: server
Curves ordering: server - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes
Intolerance to:
SSL 3.254 : absent
TLS 1.0 : absent
TLS 1.1 : absent
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent
extras/tests/tls/cipherscan_profiles/openssl-300.txt
+27
View File
@@ -0,0 +1,27 @@
Target: 127.0.0.1:5901
prio ciphersuite protocols pfs curves
1 ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
2 ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
3 ECDHE-ECDSA-AES256-SHA384 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
4 ECDHE-ECDSA-AES128-SHA256 TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
5 ECDHE-ECDSA-AES256-SHA TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
6 ECDHE-ECDSA-AES128-SHA TLSv1.2 ECDH,P-521,521bits secp521r1,secp384r1
Certificate: untrusted, 384 bits, ecdsa-with-SHA256 signature
TLS ticket lifetime hint: None
NPN protocols: None
OCSP stapling: not supported
Cipher ordering: server
Curves ordering: server - fallback: no
Server supports secure renegotiation
Server supported compression methods: NONE
TLS Tolerance: yes
Intolerance to:
SSL 3.254 : absent
TLS 1.0 : PRESENT
TLS 1.1 : PRESENT
TLS 1.2 : absent
TLS 1.3 : absent
TLS 1.4 : absent
extras/tests/tls/testssl_profiles/alternate_sig_algs.txt
-24
View File
@@ -1,24 +0,0 @@
"id","fqdn/ip","port","severity","finding","cve","cwe"
"service","127.0.0.1/127.0.0.1","5901","DEBUG","Couldn't determine service, skipping all HTTP checks","",""
"pre_128cipher","127.0.0.1/127.0.0.1","5901","INFO","No 128 cipher limit bug","",""
"cipherlist_NULL","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_aNULL","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_EXPORT","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_LOW","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_3DES_IDEA","127.0.0.1/127.0.0.1","5901","INFO","not offered","","CWE-310"
"cipherlist_OBSOLETED","127.0.0.1/127.0.0.1","5901","INFO","not offered","","CWE-310"
"cipherlist_STRONG_NOFS","127.0.0.1/127.0.0.1","5901","INFO","not offered","",""
"cipherlist_STRONG_FS","127.0.0.1/127.0.0.1","5901","OK","offered","",""
"FS","127.0.0.1/127.0.0.1","5901","OK","offered","",""
"FS_ciphers","127.0.0.1/127.0.0.1","5901","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"FS_ECDHE_curves","127.0.0.1/127.0.0.1","5901","OK","prime256v1 secp384r1 secp521r1 X25519","",""
"FS_TLS12_sig_algs","127.0.0.1/127.0.0.1","5901","LOW","ECDSA+SHA256 ECDSA+SHA384 ECDSA+SHA512 ECDSA+SHA224 ECDSA+SHA1","",""
"FS_TLS13_sig_algs","127.0.0.1/127.0.0.1","5901","INFO","ECDSA+SHA384","",""
"cipher-tls1_2_xc02c","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","",""
"cipher-tls1_2_xcca9","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","",""
"cipher-tls1_2_xc02b","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","",""
"supportedciphers_TLSv1_2","127.0.0.1/127.0.0.1","5901","INFO","ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"cipher-tls1_3_x1302","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256 TLS_AES_256_GCM_SHA384","",""
"cipher-tls1_3_x1303","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 253 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256","",""
"cipher-tls1_3_x1301","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256","",""
"supportedciphers_TLSv1_3","127.0.0.1/127.0.0.1","5901","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256","",""
extras/tests/tls/testssl_profiles/baseline.txt
-25
View File
@@ -1,25 +0,0 @@
"id","fqdn/ip","port","severity","finding","cve","cwe"
"service","127.0.0.1/127.0.0.1","5901","DEBUG","Couldn't determine service, skipping all HTTP checks","",""
"pre_128cipher","127.0.0.1/127.0.0.1","5901","INFO","No 128 cipher limit bug","",""
"cipherlist_NULL","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_aNULL","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_EXPORT","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_LOW","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_3DES_IDEA","127.0.0.1/127.0.0.1","5901","INFO","not offered","","CWE-310"
"cipherlist_OBSOLETED","127.0.0.1/127.0.0.1","5901","INFO","not offered","","CWE-310"
"cipherlist_STRONG_NOFS","127.0.0.1/127.0.0.1","5901","INFO","not offered","",""
"cipherlist_STRONG_FS","127.0.0.1/127.0.0.1","5901","OK","offered","",""
"FS","127.0.0.1/127.0.0.1","5901","OK","offered","",""
"FS_ciphers","127.0.0.1/127.0.0.1","5901","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"FS_KEMs","127.0.0.1/127.0.0.1","5901","LOW","No KEMs offered","",""
"FS_ECDHE_curves","127.0.0.1/127.0.0.1","5901","OK","prime256v1 secp384r1 secp521r1 X25519","",""
"FS_TLS12_sig_algs","127.0.0.1/127.0.0.1","5901","INFO","ECDSA+SHA256 ECDSA+SHA384 ECDSA+SHA512 ECDSA+SHA224","",""
"FS_TLS13_sig_algs","127.0.0.1/127.0.0.1","5901","INFO","ECDSA+SHA384","",""
"cipher-tls1_2_xc02c","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","",""
"cipher-tls1_2_xcca9","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","",""
"cipher-tls1_2_xc02b","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","",""
"supportedciphers_TLSv1_2","127.0.0.1/127.0.0.1","5901","INFO","ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"cipher-tls1_3_x1302","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256 TLS_AES_256_GCM_SHA384","",""
"cipher-tls1_3_x1303","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 253 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256","",""
"cipher-tls1_3_x1301","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256","",""
"supportedciphers_TLSv1_3","127.0.0.1/127.0.0.1","5901","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256","",""
extras/tests/tls/testssl_profiles/pqc.txt
-25
View File
@@ -1,25 +0,0 @@
"id","fqdn/ip","port","severity","finding","cve","cwe"
"service","127.0.0.1/127.0.0.1","5901","DEBUG","Couldn't determine service, skipping all HTTP checks","",""
"pre_128cipher","127.0.0.1/127.0.0.1","5901","INFO","No 128 cipher limit bug","",""
"cipherlist_NULL","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_aNULL","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_EXPORT","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_LOW","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_3DES_IDEA","127.0.0.1/127.0.0.1","5901","INFO","not offered","","CWE-310"
"cipherlist_OBSOLETED","127.0.0.1/127.0.0.1","5901","INFO","not offered","","CWE-310"
"cipherlist_STRONG_NOFS","127.0.0.1/127.0.0.1","5901","INFO","not offered","",""
"cipherlist_STRONG_FS","127.0.0.1/127.0.0.1","5901","OK","offered","",""
"FS","127.0.0.1/127.0.0.1","5901","OK","offered","",""
"FS_ciphers","127.0.0.1/127.0.0.1","5901","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"FS_KEMs","127.0.0.1/127.0.0.1","5901","OK","X25519MLKEM768","",""
"FS_ECDHE_curves","127.0.0.1/127.0.0.1","5901","OK","prime256v1 secp384r1 secp521r1 X25519","",""
"FS_TLS12_sig_algs","127.0.0.1/127.0.0.1","5901","INFO","ECDSA+SHA256 ECDSA+SHA384 ECDSA+SHA512 ECDSA+SHA224","",""
"FS_TLS13_sig_algs","127.0.0.1/127.0.0.1","5901","INFO","ECDSA+SHA384","",""
"cipher-tls1_2_xc02c","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 521 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","",""
"cipher-tls1_2_xcca9","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","",""
"cipher-tls1_2_xc02b","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 521 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","",""
"supportedciphers_TLSv1_2","127.0.0.1/127.0.0.1","5901","INFO","ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"cipher-tls1_3_x1302","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1302 TLS_AES_256_GCM_SHA384 ECDH/MLKEM AESGCM 256 TLS_AES_256_GCM_SHA384","",""
"cipher-tls1_3_x1303","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH/MLKEM ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256","",""
"cipher-tls1_3_x1301","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1301 TLS_AES_128_GCM_SHA256 ECDH/MLKEM AESGCM 128 TLS_AES_128_GCM_SHA256","",""
"supportedciphers_TLSv1_3","127.0.0.1/127.0.0.1","5901","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256","",""
extras/tests/tls/testssl_profiles/pqc_arm.txt
-25
View File
@@ -1,25 +0,0 @@
"id","fqdn/ip","port","severity","finding","cve","cwe"
"service","127.0.0.1/127.0.0.1","5901","DEBUG","Couldn't determine service, skipping all HTTP checks","",""
"pre_128cipher","127.0.0.1/127.0.0.1","5901","INFO","No 128 cipher limit bug","",""
"cipherlist_NULL","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_aNULL","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_EXPORT","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_LOW","127.0.0.1/127.0.0.1","5901","OK","not offered","","CWE-327"
"cipherlist_3DES_IDEA","127.0.0.1/127.0.0.1","5901","INFO","not offered","","CWE-310"
"cipherlist_OBSOLETED","127.0.0.1/127.0.0.1","5901","INFO","not offered","","CWE-310"
"cipherlist_STRONG_NOFS","127.0.0.1/127.0.0.1","5901","INFO","not offered","",""
"cipherlist_STRONG_FS","127.0.0.1/127.0.0.1","5901","OK","offered","",""
"FS","127.0.0.1/127.0.0.1","5901","OK","offered","",""
"FS_ciphers","127.0.0.1/127.0.0.1","5901","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"FS_KEMs","127.0.0.1/127.0.0.1","5901","OK","X25519MLKEM768","",""
"FS_ECDHE_curves","127.0.0.1/127.0.0.1","5901","OK","prime256v1 secp384r1 secp521r1 X25519","",""
"FS_TLS12_sig_algs","127.0.0.1/127.0.0.1","5901","INFO","ECDSA+SHA256 ECDSA+SHA384 ECDSA+SHA512 ECDSA+SHA224","",""
"FS_TLS13_sig_algs","127.0.0.1/127.0.0.1","5901","INFO","ECDSA+SHA384","",""
"cipher-tls1_2_xc02c","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 253 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","",""
"cipher-tls1_2_xcca9","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256","",""
"cipher-tls1_2_xc02b","127.0.0.1/127.0.0.1","5901","OK","TLSv1.2 xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 253 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","",""
"supportedciphers_TLSv1_2","127.0.0.1/127.0.0.1","5901","INFO","ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"cipher-tls1_3_x1302","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1302 TLS_AES_256_GCM_SHA384 ECDH/MLKEM AESGCM 256 TLS_AES_256_GCM_SHA384","",""
"cipher-tls1_3_x1303","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH/MLKEM ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256","",""
"cipher-tls1_3_x1301","127.0.0.1/127.0.0.1","5901","OK","TLSv1.3 x1301 TLS_AES_128_GCM_SHA256 ECDH/MLKEM AESGCM 128 TLS_AES_128_GCM_SHA256","",""
"supportedciphers_TLSv1_3","127.0.0.1/127.0.0.1","5901","INFO","TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256","",""
extras/tests/tls/tls-tests
+50 -33
View File
@@ -7,67 +7,84 @@ function fail()
exit 1
}
TESTSSL_HASH="87ecc1c9f2dac83a6be29f4461a47c2ac6afb906"
rm -rf testssl.sh
git clone -q https://github.com/testssl/testssl.sh || exit 1
cd testssl.sh
git checkout --detach $TESTSSL_HASH
if [ "$(git rev-parse HEAD)" != "$TESTSSL_HASH" ]; then
echo "testssl cloning failed with pinned hash, that's suspicious!"
echo "Pinned hash = $TESTSSL_HASH"
exit 1
fi
cd ..
TESTSSL="$PWD/testssl.sh/testssl.sh"
CIPHERSCAN="cipherscan"
OPENSSL="openssl"
if [ -x ~/cipherscan ]; then
CIPHERSCAN="$HOME/cipherscan/cipherscan"
OPENSSL="$HOME/cipherscan/openssl"
elif [ -x /home/travis/build/unrealircd/unrealircd/cipherscan/cipherscan ]; then
CIPHERSCAN="/home/travis/build/unrealircd/unrealircd/cipherscan/cipherscan"
OPENSSL="/home/travis/build/unrealircd/unrealircd/cipherscan/openssl"
elif [ -x ../../../cipherscan/ ]; then
CIPHERSCAN="`readlink -f ../../../cipherscan/cipherscan`"
OPENSSL="`readlink -f ../../../cipherscan/openssl`"
fi
cd "$(dirname "$0")"
$TESTSSL --help >/dev/null || exit 1
$CIPHERSCAN --help >/dev/null || exit 1
# This is the actual scan, later on we use the 'testssl.csv' result
$TESTSSL --nodns none --color 0 --cipher-per-proto --std --fs --csvfile testssl.pre.csv --logfile testssl.log 127.0.0.1:5901
# Filter this useless stuff out
cat testssl.pre.csv|grep -vF "No engine or GOST support" >testssl.csv
# This is the basic cipherscan test.
# It compares the output against a reference .txt file and alarms us if there
# are any changes. These changes may not always be harmful, but at least we
# will get warned on any possible changes.
$CIPHERSCAN --no-colors 127.0.0.1:5901|grep -vF '.....' >cipherscan.test.txt
# Now check if profile matches, if so.. everything is ok.
# We have 1 or more baseline profiles
# And you can optionally add profile-specific, eg openssl-102.txt
# Yeah that was a great idea but maintaining that is a bit of a hassle.
# TODO: reintroduce it though, see below.
##for f in cipherscan_profiles/baseline*txt cipherscan_profiles/$BUILDCONFIG.txt
FAILED=1
for f in testssl_profiles/*.txt
for f in cipherscan_profiles/*.txt
do
diff -uab $f testssl.csv 1>/dev/null 2>&1
diff -uab $f cipherscan.test.txt 1>/dev/null 2>&1
if [ "$?" -eq 0 ]; then
FAILED=0
echo "Testssl profile $f matched."
echo "Cipherscan profile $f matched."
break
fi
done
if [ "$FAILED" -eq 1 ]; then
echo "*** Differences found between testssl scan and expected output ***"
if [ -f testssl_profiles/$BUILDCONFIG.txt ]; then
COMPARE_PROFILE="testssl_profiles/$BUILDCONFIG.txt"
echo "*** Differences found between cipherscan scan and expected output ***"
if [ -f cipherscan_profiles/$BUILDCONFIG.txt ]; then
COMPARE_PROFILE="cipherscan_profiles/$BUILDCONFIG.txt"
else
COMPARE_PROFILE="testssl_profiles/baseline.txt"
COMPARE_PROFILE="cipherscan_profiles/baseline.txt"
fi
echo "== EXPECTED OUTPUT ($COMPARE_PROFILE) =="
cat $COMPARE_PROFILE
echo
echo "== ACTUAL TEST OUTPUT =="
cat testssl.csv
cat cipherscan.test.txt
echo
echo "== DIFF =="
diff -uab $COMPARE_PROFILE testssl.csv
diff -uab $COMPARE_PROFILE cipherscan.test.txt
echo
echo "Testssl failed."
echo "cipherscan test failed."
exit 1
else
echo "*** Testssl output was good ***"
cat testssl.csv
echo "*** Cipherscan output was good ***"
cat cipherscan.test.txt
fi
# This checks for a couple of old ciphers that should never work:
for cipher in 3DES RC4
do
echo "Testing cipher $cipher (MUST FAIL!).."
(echo QUIT|$OPENSSL s_client -connect 127.0.0.1:5901 -cipher $cipher) &&
fail "UnrealIRCd allowed us to connect with cipher $cipher, BAD!"
done
# This checks older SSL/TLS versions that should not work:
for protocol in ssl2 ssl3
do
echo "Testing protocol $protocol (MUST FAIL!).."
(echo QUIT|$OPENSSL s_client -connect 127.0.0.1:5901 -$protocol) &&
fail "UnrealIRCd allowed us to connect with protocol $protocol, BAD!"
done
echo
echo "TLS tests ended (no issues)."
exit 0
extras/tests/tls/tls-tests.bbwrapper
-15
View File
@@ -1,15 +0,0 @@
#!/bin/bash
#
# This is a simple wrapper script that will boot the ircd
# and run the tests. When finished, either due to succes
# or failure, it will kill the ircd
#
# Also, it makes sure the job times out (is killed)
# in case it misbehaves
#
~/unrealircd/bin/unrealircd -f irc1.conf
set +ex
timeout --kill-after=5 300 extras/tests/tls/tls-tests
EX="$?"
killall -9 valgrind valgrind.bin memcheck memcheck-amd64-linux memcheck-x86-linux ircd unrealircd val 1>/dev/null 2>&1
exit $EX
doc/conf/tls/tls.cnf → extras/tls.cnf
+4
View File
@@ -4,6 +4,7 @@
# Note: RSA bits is ignored, as we use ECC now
default_bits = 2048
distinguished_name = req_dn
x509_extensions = cert_type
[ req_dn ]
countryName = Country Name
@@ -25,3 +26,6 @@ organizationalUnitName_default = IRCd
0.commonName = Common Name (Full domain of your server)
1.commonName_value = localhost
[ cert_type ]
nsCertType = server
extras/unrealircd-upgrade-script.in
+1 -1
View File
@@ -119,5 +119,5 @@ fi
chmod +x unrealircd-upgrade-script.stage2
./unrealircd-upgrade-script.stage2 $*
SAVERET="$?"
rm -f unrealircd-upgrade-script.stage2 unrealircd-upgrade-script.stage2.asc
rm -f unrealircd-upgrade-script.stage2 unrealircd-upgrade-script.stage2
exit $SAVERET
include/channel.h
+4 -3
View File
@@ -25,15 +25,16 @@
created or just tested for existance */
#define MODEBUFLEN 200
#define MAXBANLEN 200 /* Maximum length of a complete ban */
#define ChannelExists(n) (find_channel(n))
#define ChannelExists(n) (find_channel(n, NULL))
/* NOTE: Timestamps will be added to MODE-commands, so never make
* RESYNCMODES and MODEPARAMS higher than MAXPARA-3. DALnet servers
* before Dreamforge aren't safe with more than six. -Donwulff
*/
#include "msg.h"
#define MAXMODEPARAMS (MAXPARA_USER-3) /* Maximum modes processed */
#define MAXMODEPARAMS (MAXPARA-3) /* Maximum modes processed */
#define RESYNCMODES 12 /* Max modes per MODE in resync */
#define MODEPARAMS 6 /* Max modes from user */
#endif
include/common.h
+17 -3
View File
@@ -96,9 +96,9 @@ extern int myncmp(const char *, const char *, int);
#endif
extern char *strtoken(char **, char *, char *);
extern char *strtoken_noskip(char **, char *, char *);
extern MODVAR int global_count, max_global_count;
extern char *myctime(time_t);
#ifdef _WIN32
extern int gettimeofday(struct timeval *tp, void *tzp);
#endif
@@ -168,13 +168,24 @@ extern MODVAR unsigned char char_atribs[];
* you are doing.
*/
/* IRCu/Hybrid/unrealircd way now :) -Stskeeps */
/* IRCu/Hybrid/Unreal way now :) -Stskeeps */
#define EXPAR1 extchmstr[0]
#define EXPAR2 extchmstr[1]
#define EXPAR3 extchmstr[2]
#define EXPAR4 extchmstr[3]
#define CHPAR1 "beI"
#ifdef PREFIX_AQ
#define CHPFIX "(qaohv)~&@%+"
#define CHPAR1 "beI"
#else
#define CHPFIX "(ohv)@%+"
#define CHPAR1 "beIqa"
#endif /* PREFIX_AQ */
#define CHPAR2 "k"
#define CHPAR3 "l"
#define CHPAR4 "psmntir"
#ifdef _WIN32
/*
@@ -223,4 +234,7 @@ extern MODVAR time_t now;
#else
#define inline __inline
#endif
#define READBUF_SIZE 8192
#endif /* __common_include__ */
include/config.h
+41 -76
View File
@@ -98,6 +98,9 @@
*/
/* #undef DEBUGMODE */
/* Similarly, DEBUG_IOENGINE can be used to debug the I/O engine. */
/* #undef DEBUG_IOENGINE */
/*
* Full pathnames and defaults of irc system's support files.
*/
@@ -130,6 +133,14 @@
/* The default value for class::recvq */
#define DEFAULT_RECVQ 8000
/* You can define the nickname of NickServ here (usually "NickServ").
* This is ONLY used for the ""infamous IDENTIFY feature"", which is:
* whenever a user connects with a server password but there isn't
* a server password set, the password is sent to NickServ in an
* 'IDENTIFY <pass>' message.
*/
#define NickServ "NickServ"
/* STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP */
/* You shouldn't change anything below this line, unless absolutely needed. */
@@ -165,6 +176,16 @@
#endif
#endif
/* Number of file descriptors reserved for non-incoming-clients.
* One of which may be used by auth, the rest are really reserved.
* They can be used for outgoing server links, listeners, logging, etc.
*/
#if MAXCONNECTIONS > 1024
#define CLIENTS_RESERVE 8
#else
#define CLIENTS_RESERVE 4
#endif
/*
* this defines the length of the nickname history. each time a user changes
* nickname or signs off, their old nickname is added to the top of the list.
@@ -191,37 +212,10 @@
* when there is no socket data waiting for us (no clients sending anything).
* Was 2000ms in 3.2.x, 1000ms for versions below 3.4-alpha4.
* 500ms in UnrealIRCd 4 (?)
* 250ms in UnrealIRCd 5 and UnrealIRCd 6.
* 250ms in UnrealIRCd 5.
*/
#define SOCKETLOOP_MAX_DELAY 250
/* After how much time should we timeout downloads:
* DOWNLOAD_CONNECT_TIMEOUT: for the DNS and connect() / TLS_connect() call
* DOWNLOAD_TRANSFER_TIMEOUT: for the complete transfer (including connect)
* This can't be in the configuration file, as we need it while
* fetching the configuration file.. ;)
*/
#define DOWNLOAD_CONNECT_TIMEOUT 15
#define DOWNLOAD_TRANSFER_TIMEOUT 45
/* Maximum number of HTTP redirects to follow.
* Keep this reasonably low, as this may delay booting up to
* DOWNLOAD_TRANSFER_TIMEOUT * DOWNLOAD_MAX_REDIRECTS
*/
#define DOWNLOAD_MAX_REDIRECTS 2
/* Default maximum size (in bytes) for memory-backed HTTP responses
* (store_in_file being 0). Responses exceeding this are rejected.
* API callers override this by setting .max_size before url_start_async().
*/
#define DOWNLOAD_MAX_SIZE_MEMORY_BACKED 1048576
/* Default maximum size (in bytes) for file-backed HTTP responses
* (store_in_file being 1). Responses exceeding this are rejected.
* API callers override this by setting .max_size before url_start_async().
*/
#define DOWNLOAD_MAX_SIZE_FILE_BACKED 52428800
/*
* Max time from the nickname change that still causes KILL
* automaticly to switch for the current nick of that user. (seconds)
@@ -238,76 +232,45 @@
#define SPAMFILTER_DETECTSLOW
#endif
/* Limits for PCRE2 regex matching (eg. spamfilter, badwords). A regex that
* exceeds these is aborted and treated as no match, instead of running
* unbounded. The match limit is honoured by JIT. The depth limit only applies
* to the non-JIT interpreter, since PCRE2 ignores it under JIT.
* We use the same defaults that PHP has been using for a long time (which is
* actually 10 times lower than PCRE2 defaults, as of 2026).
*/
#define UNREAL_PCRE2_MATCH_LIMIT 1000000
#define UNREAL_PCRE2_DEPTH_LIMIT 100000
/* Maximum number of ModData objects that may be attached to an object */
/* UnrealIRCd 4.0.0: 8, 8, 4, 4
* UnrealIRCd 4.0.14: 12, 8, 4, 4
* UnrealIRCd 5.0.0: 12, 8, 8, 4, 4, 500, 500
* UnrealIRCd 6.0.0: 24, 12, 8, 4, 4, 500, 500
* UnrealIRCd 6.1.2: 24, 24, 8, 4, 4, 500, 500
/* UnrealIRCd 4.0.0 - 4.0.13: 8, 8, 4, 4
* UnrealIRCd 4.0.14+ : 12, 8, 4, 4
* UnrealIRCd 5.0.0 : 12, 8, 8, 4, 4, 500, 500
*/
#define MODDATA_MAX_CLIENT 24
#define MODDATA_MAX_LOCAL_CLIENT 24
#define MODDATA_MAX_CLIENT 12
#define MODDATA_MAX_LOCAL_CLIENT 8
#define MODDATA_MAX_CHANNEL 8
#define MODDATA_MAX_MEMBER 4
#define MODDATA_MAX_MEMBERSHIP 4
#define MODDATA_MAX_LOCAL_VARIABLE 500
#define MODDATA_MAX_GLOBAL_VARIABLE 500
/** Size of the member modes buffer, so can be max this-1 modes
* assigned to an individual user (and thus max prefixes as well).
* The default is 8, so 7 max modes, and is a bit tight.
* It allows for vhoaq (5) and then 2 additional ones from 3rd
* party modules.
*/
#define MEMBERMODESLEN 8
/* If EXPERIMENTAL is #define'd then all users will receive a notice about
* this when they connect, along with a pointer to bugs.unrealircd.org where
* they can report any problems. This is mainly to help UnrealIRCd development.
*/
#undef EXPERIMENTAL
/* Default TLS cipherlist (except for TLS1.3, see further down).
/* Default SSL/TLS cipherlist (except for TLS1.3, see further down).
* This can be changed via set::ssl::options::ciphers in the config file.
*/
#define UNREALIRCD_DEFAULT_CIPHERS "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256"
#define UNREALIRCD_DEFAULT_CIPHERS "TLS13-CHACHA20-POLY1305-SHA256 TLS13-AES-256-GCM-SHA384 TLS13-AES-128-GCM-SHA256 EECDH+CHACHA20 EECDH+AESGCM EECDH+AES AES256-GCM-SHA384 AES128-GCM-SHA256 AES256-SHA256 AES128-SHA256 AES256-SHA AES128-SHA"
/* Default TLS 1.3 ciphersuites.
* This can be changed via set::ssl::options::ciphersuites in the config file.
*/
#define UNREALIRCD_DEFAULT_CIPHERSUITES "TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256"
#define UNREALIRCD_DEFAULT_CIPHERSUITES "TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256"
/* Default TLS groups (previously only curves)
* This can be changed via set::ssl::options::groups (previously ::ecdh-curves)
* in the config file. By default we try these (in this order):
* UNREALIRCD_DEFAULT_TLS_GROUPS_PRIMARY requires OpenSSL 3.5.0
* UNREALIRCD_DEFAULT_TLS_GROUPS_SECONDARY requires OpenSSL 1.1.0
* UNREALIRCD_DEFAULT_TLS_GROUPS_TERTIARY is the last fallback option
/* Default SSL/TLS curves for ECDH(E)
* This can be changed via set::ssl::options::ecdh-curve in the config file.
* NOTE: This requires openssl 1.0.2 or newer, otherwise these defaults
* are not applied, due to the missing openssl API call.
*/
#define UNREALIRCD_DEFAULT_TLS_GROUPS_PRIMARY "X25519MLKEM768/X25519:secp521r1:secp384r1:prime256v1"
#define UNREALIRCD_DEFAULT_TLS_GROUPS_SECONDARY "X25519:secp521r1:secp384r1:prime256v1"
#define UNREALIRCD_DEFAULT_TLS_GROUPS_TERTIARY "secp521r1:secp384r1:prime256v1"
/* These can be changed via set::central-spamfilter::url and ::feed */
#define DEFAULT_CENTRAL_SPAMFILTER_URL_OPEN_ACCESS "https://spamfilter.unrealircd.org/spamfilter/v6/$feed/central_spamfilter.conf"
#define DEFAULT_CENTRAL_SPAMFILTER_URL_RESTRICTED_ACCESS "https://spamfilter.unrealircd-api.org/spamfilter/v6/$feed/central_spamfilter.conf"
#define DEFAULT_CENTRAL_SPAMFILTER_FEED "standard"
/* These are just defaults, which you can override via set::dns */
#define DNS_DEFAULT_CLIENT_TIMEOUT 1500
#define DNS_DEFAULT_CLIENT_RETRIES 2
#define DNS_DEFAULT_DNSBL_TIMEOUT 3000
#define DNS_DEFAULT_DNSBL_RETRIES 2
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
#define UNREALIRCD_DEFAULT_ECDH_CURVES "X25519:secp521r1:secp384r1:prime256v1"
#else
#define UNREALIRCD_DEFAULT_ECDH_CURVES "secp521r1:secp384r1:prime256v1"
#endif
/* ------------------------- END CONFIGURATION SECTION -------------------- */
#define MOTD MPATH
@@ -317,8 +280,10 @@
#define IRCD_PIDFILE PIDFILE
#ifdef DEBUGMODE
#define Debug(x) debug x
#define LOGFILE LPATH
#else
#define Debug(x) ;
#define LOGFILE "/dev/null"
#endif
include/dbuf.h
+7 -20
View File
@@ -25,22 +25,8 @@
#include "list.h"
/** Size of a dbuf block.
* This used to be 512 bytes, since that was max line per RFC1459.
* 2023-05-06: Bumped to 4k because lines tend to be bigger nowadays,
* now that we have message tags and all. And some other IRCd code
* uses dbuf for non-IRC data also, which also prefers larger buffers.
* 2025-10-03: Bumped to 8k to have less write syscalls, this improves
* performance by roughly 5% during simple testing with 1000 clients.
* Alignment details:
* We don't set it to 8192 bytes exactly because we want the
* struct 'dbufdbuf' (see further down) to be exactly 8192 bytes.
* Since it includes some other struct members, 4072 seems to align
* to 1 page on 64 bit archs, and then we add another 4096 for the
* 2nd page. Note that there is no need to provide room for malloc
* overhead as we use mempools.
*/
#define DBUF_BLOCK_SIZE (4072+4096)
/* 512 bytes -- 510 character bytes + \r\n, per rfc1459 */
#define DBUF_BLOCK_SIZE (512)
/*
** dbuf is a collection of functions which can be used to
@@ -67,8 +53,10 @@ typedef struct dbuf {
** And this 'dbufbuf' should never be referenced outside the
** implementation of 'dbuf'--would be "hidden" if C had such
** keyword...
** This is exactly a page in total, see comment at
** DBUF_BLOCK_SIZE definition further up.
** If it was possible, this would compile to be exactly 1 memory
** page in size. 2048 bytes seems to be the most common size, so
** as long as a pointer is 4 bytes, we get 2032 bytes for buffer
** data after we take away a bit for malloc to play with. -avalon
*/
typedef struct dbufbuf {
struct list_head dbuf_node;
@@ -82,7 +70,7 @@ typedef struct dbufbuf {
** memory as needed. Bytes are copied into internal buffers
** from users buffer.
*/
void dbuf_put(dbuf *, const char *, size_t);
void dbuf_put(dbuf *, char *, size_t);
/* Dynamic buffer header */
/* Pointer to data to be stored */
/* Number of bytes to store */
@@ -107,7 +95,6 @@ void dbuf_delete(dbuf *, size_t);
#define DBufClear(dyn) dbuf_delete((dyn),DBufLength(dyn))
extern int dbuf_getmsg(dbuf *, char *);
extern int dbuf_get(dbuf *dyn, char **buf);
extern void dbuf_queue_init(dbuf *dyn);
extern void dbuf_init(void);
include/dns.h
+27 -27
View File
@@ -1,3 +1,7 @@
/* OMG... OMG! WHAT AN INCLUDE HORROR !!! */
#include <ares.h>
#include <ares_version.h>
typedef enum {
DNSREQ_CLIENT = 1,
DNSREQ_LINKCONF = 2,
@@ -6,30 +10,28 @@ typedef enum {
typedef struct DNSReq DNSReq;
/** DNS Request that is ongoing - used in src/dns.c.
* Depending on the request type, some fields are filled in:
* .client: DNSREQ_CLIENT, DNSREQ_CONNECT
* .link: DNSREQ_LINKCONF, DNSREQ_CONNECT
/* Depending on the request type, some fields are filled in:
* cptr: DNSREQ_CLIENT, DNSREQ_CONNECT
* link: DNSREQ_LINKCONF, DNSREQ_CONNECT
*/
struct DNSReq {
DNSReq *prev, *next;
char *name; /**< Name being resolved (only for DNSREQ_LINKCONF and DNSREQ_CONNECT) */
char ipv6; /**< Resolving for ipv6 or ipv4? */
DNSReqType type; /**< DNS Request type (DNSREQ_*) */
Client *client; /**< Client the request is for, NULL if client died OR unavailable */
ConfigItem_link *linkblock; /**< Linkblock */
char *name; /**< Name being resolved (only for DNSREQ_LINKCONF and DNSREQ_CONNECT) */
char ipv6; /**< Resolving for ipv6 or ipv4? */
DNSReqType type; /**< DNS Request type (DNSREQ_*) */
Client *client; /**< Client the request is for, NULL if client died OR unavailable */
ConfigItem_link *linkblock; /**< Linkblock */
};
typedef struct DNSCache DNSCache;
/** DNS Cache entry - used in src/dns.c */
struct DNSCache {
DNSCache *prev, *next; /**< Previous and next in linked list */
DNSCache *hprev, *hnext; /**< Previous and next in hash list */
char *name; /**< The hostname */
char *ip; /**< The IP address */
time_t expires; /**< When record expires */
char *name; /**< The hostname */
char *ip; /**< The IP address */
time_t expires; /**< When record expires */
};
typedef struct DNSStats DNSStats;
@@ -41,32 +43,30 @@ struct DNSStats {
};
/** Time to keep cache records. */
#define DNS_CACHE_TTL 600
#define DNS_NEGCACHE_TTL 60
#define DNSCACHE_TTL 600
/** Size of the DNS cache hash table. */
#define DNS_HASH_SIZE 4096
/** Size of the hash table (prime!).
* Consumes <this>*4 on ia32 and <this>*4 on 64 bit
* 241 seems a good bet.. which ~1k on ia32 and ~2k on ia64.
*/
#define DNS_HASH_SIZE 241
/** Max # of entries we want in our cache.
* This:
* a) prevents us from using too much memory, and
* b) prevents us from keeping useless cache records
*
* A dnscache item is roughly ~120 bytes in size,
* so 4096*120=480kb, which seems reasonable ;).
*
* Note that in most situations there will be far
* fewer items, as the TTL is rather short.
* A dnscache item is roughly ~80 bytes in size (slightly more on x86),
* so 241*80=~20k, which seems reasonable ;).
*/
#define DNS_MAX_ENTRIES DNS_HASH_SIZE
extern ares_channel resolver_channel_client;
extern ares_channel resolver_channel_https;
extern ares_channel resolver_channel_dnsbl;
extern ares_channel resolver_channel;
extern void init_resolver(int);
struct hostent *unrealdns_doclient(Client *cptr);
extern void unreal_gethostbyname_api(const char *name, int family, const char *callbackname, void *arg);
extern void unreal_gethostbyname(const char *name, int family, ares_host_callback callback, void *arg);
include/dynconf.h
+71 -103
View File
@@ -32,21 +32,26 @@ struct FloodSettings {
long period[MAXFLOODOPTIONS];
};
typedef struct LogThrottleConfig LogThrottleConfig;
struct LogThrottleConfig {
LogThrottleConfig *prev, *next;
char *event_id; /**< the event_id this policy applies to */
int threshold; /**< per-window cap */
int period; /**< window length in seconds */
int unlimited; /**< if set, never throttle */
typedef struct NetworkConfiguration NetworkConfiguration;
struct NetworkConfiguration {
unsigned x_inah:1;
char *x_ircnetwork;
char *x_ircnet005;
char *x_defserv;
char *x_services_name;
char *x_hidden_host;
char *x_prefix_quit;
char *x_helpchan;
char *x_stats_server;
char *x_sasl_server;
};
enum UHAllowed { UHALLOW_ALWAYS, UHALLOW_NOCHANS, UHALLOW_REJOIN, UHALLOW_NEVER };
struct ChMode {
long mode;
long mode;
long extmodes;
char *extparams[256];
char *extparams[EXTCMODETABLESZ];
};
typedef struct OperStat {
@@ -62,16 +67,13 @@ typedef enum BanTarget { BAN_TARGET_IP=1, BAN_TARGET_USERIP=2, BAN_TARGET_HOST=3
typedef enum HideIdleTimePolicy { HIDE_IDLE_TIME_NEVER=1, HIDE_IDLE_TIME_ALWAYS=2, HIDE_IDLE_TIME_USERMODE=3, HIDE_IDLE_TIME_OPER_USERMODE=4 } HideIdleTimePolicy;
typedef enum LimitSVSCMDS { LIMIT_SVSCMDS_SERVERS=0, LIMIT_SVSCMDS_ULINES=1 } LimitSVSCMDS;
typedef enum HideBanReasonOption { HIDE_BAN_REASON_NO=0, HIDE_BAN_REASON_YES=1, HIDE_BAN_REASON_AUTO=2 } HideBanReasonOption;
/** The set { } block configuration */
typedef struct Configuration Configuration;
struct Configuration {
unsigned show_opermotd:1;
unsigned som:1;
unsigned hide_ulines:1;
unsigned flat_map:1;
unsigned allow_chatops:1;
unsigned ident_check:1;
unsigned fail_oper_warn:1;
unsigned show_connect_info:1;
@@ -79,30 +81,33 @@ struct Configuration {
unsigned dont_resolve:1;
unsigned use_ban_version:1;
unsigned mkpasswd_for_everyone:1;
unsigned hide_ban_reason;
unsigned allow_insane_bans;
unsigned allow_part_if_shunned:1;
unsigned disable_cap:1;
unsigned check_target_nick_bans:1;
HideBanReasonOption hide_ban_reason;
int hide_killed_by;
unsigned use_egd : 1;
char *dns_bindip;
char *link_bindip;
long throttle_period;
char throttle_count;
char *kline_address;
char *gline_address;
long conn_modes;
long oper_modes;
char *oper_snomask;
char *auto_join_chans;
char *oper_auto_join_chans;
char *oper_vhost;
char *allow_user_stats;
OperStat *allow_user_stats_ext;
int ping_warning;
int maxdccallow;
int anti_spam_quit_message_time;
int ping_warning;
int maxchannelsperuser;
int maxdccallow;
int anti_spam_quit_message_time;
char *egd_path;
char *static_quit;
char *static_part;
TLSOptions *tls_options;
TLSOptions *server_linking_tls_options; /**< set::server-linking::tls-options, NULL if not configured */
int server_linking_mixed_certificates; /**< set::server-linking::mixed-certificates: suppress the s2s cert mismatch warning */
int server_linking_allow_ca_certificate; /**< set::server-linking::allow-ca-certificate: suppress the "CA cert used for linking" advice */
Policy plaintext_policy_user;
MultiLine *plaintext_policy_user_message;
Policy plaintext_policy_oper;
@@ -114,19 +119,16 @@ struct Configuration {
char *outdated_tls_policy_oper_message;
Policy outdated_tls_policy_server;
enum UHAllowed userhost_allowed;
int allow_setident;
int allow_setname;
char *restrict_usermodes;
char *restrict_channelmodes;
int named_extended_bans;
char *restrict_extendedbans;
char *channel_command_prefix;
long handshake_data_flood_amount;
long handshake_data_flood_ban_time;
BanAction *handshake_data_flood_ban_action;
int handshake_data_flood_ban_action;
struct ChMode modes_on_join;
int modes_on_join_set;
char *level_on_join;
int level_on_join;
FloodSettings *floodsettings;
LogThrottleConfig *log_throttle;
int ident_connect_timeout;
int ident_read_timeout;
long default_bantime;
@@ -137,24 +139,16 @@ struct Configuration {
char *spamfilter_ban_reason;
char *spamfilter_virus_help_channel;
char spamfilter_vchan_deny;
SecurityGroup *spamfilter_except;
SpamExcept *spamexcept;
char *spamexcept_line;
long spamfilter_detectslow_warn;
long spamfilter_detectslow_fatal;
int spamfilter_stop_on_first_match;
int spamfilter_utf8;
SpamfilterShowMessageContentOnHit spamfilter_show_message_content_on_hit;
char *central_spamfilter_url;
char *central_spamfilter_feed;
long central_spamfilter_refresh_time;
int central_spamfilter_verbose;
int central_spamfilter_enabled;
SecurityGroup *central_spamfilter_except;
BanActionValue central_spamfilter_limit_ban_action;
long central_spamfilter_limit_ban_time;
int maxbans;
int maxbanlength;
int watch_away_notification;
int uhnames;
NetworkConfiguration network;
unsigned short default_ipv6_clone_mask;
int ping_cookie;
int min_nick_length;
@@ -168,12 +162,9 @@ struct Configuration {
long handshake_timeout;
long sasl_timeout;
long handshake_delay;
long handshake_boot_delay;
BanTarget automatic_ban_target;
BanTarget manual_ban_target;
char *reject_message_too_many_connections;
char *reject_message_too_many_connections_ipv6_range;
char *reject_message_too_many_new_connections_ipv6_range;
char *reject_message_server_full;
char *reject_message_unauthorized;
char *reject_message_kline;
@@ -185,63 +176,28 @@ struct Configuration {
BroadcastChannelMessagesOption broadcast_channel_messages;
AllowedChannelChars allowed_channelchars;
HideIdleTimePolicy hide_idle_time;
unsigned inah:1;
char *network_name;
char *network_name_005;
char *default_server;
char *services_name;
char *cloak_prefix;
char *prefix_quit;
char *helpchan;
char *stats_server;
char *sasl_server;
int server_notice_colors;
int server_notice_show_event;
LimitSVSCMDS limit_svscmds;
int high_connection_rate;
int dns_client_timeout;
int dns_client_retry;
int dns_dnsbl_timeout;
int dns_dnsbl_retry;
int send_isupport_updates;
int utf8_only;
char *network_icon;
};
extern MODVAR Configuration iConf;
extern MODVAR Configuration tempiConf;
extern MODVAR int ipv6_disabled;
/** The best practices block.
* Note that the *_hits stuff is dynamically set and used for 'checks'.
* The rest is config... oh except for listen_nontls_port.. sigh.
*/
typedef struct BestPractices BestPractices;
struct BestPractices {
int hashed_passwords; /**< Use hashed passwords */
int hashed_passwords_hits; /**< - How many times advice has been given (like 'warnings' but it is advice) */
int trusted_cert; /**< Uses a SSL cert issued by a CA */
int trusted_cert_hits; /**< - How many times advice has been given (like 'warnings' but it is advice) */
int trusted_cert_valid_hostname; /**< Uses a SSL cert issued by a CA that is valid for me::name */
int trusted_cert_valid_hostname_hits; /**< - How many times advice has been given (like 'warnings' but it is advice) */
int listen_tls_only; /**< listen { } blocks only with tls */
int listen_nontls_port; /**< first non-tls port found */
int listen_nontls_port_hits; /**< - How many times advice has been given (like 'warnings' but it is advice) */
};
extern MODVAR BestPractices bestpractices;
#define KLINE_ADDRESS iConf.kline_address
#define GLINE_ADDRESS iConf.gline_address
#define CONN_MODES iConf.conn_modes
#define OPER_MODES iConf.oper_modes
#define OPER_SNOMASK iConf.oper_snomask
#define SHOWOPERMOTD iConf.show_opermotd
#define SHOWOPERMOTD iConf.som
#define HIDE_ULINES iConf.hide_ulines
#define FLAT_MAP iConf.flat_map
#define ALLOW_CHATOPS iConf.allow_chatops
#define PINGWARNING iConf.ping_warning
#define MAXCHANNELSPERUSER iConf.maxchannelsperuser
#define MAXDCCALLOW iConf.maxdccallow
#define DONT_RESOLVE iConf.dont_resolve
#define AUTO_JOIN_CHANS iConf.auto_join_chans
#define OPER_AUTO_JOIN_CHANS iConf.oper_auto_join_chans
#define DNS_BINDIP iConf.dns_bindip
#define LINK_BINDIP iConf.link_bindip
#define IDENT_CHECK iConf.ident_check
#define FAILOPER_WARN iConf.fail_oper_warn
@@ -249,24 +205,34 @@ extern MODVAR BestPractices bestpractices;
#define NOCONNECTTLSLINFO iConf.no_connect_tls_info
#define ALLOW_USER_STATS iConf.allow_user_stats
#define ANTI_SPAM_QUIT_MSG_TIME iConf.anti_spam_quit_message_time
#ifdef HAVE_RAND_EGD
#define USE_EGD iConf.use_egd
#else
#define USE_EGD 0
#endif
#define EGD_PATH iConf.egd_path
#define NETWORK_NAME iConf.network_name
#define NETWORK_NAME_005 iConf.network_name_005
#define DEFAULT_SERVER iConf.default_server
#define SERVICES_NAME iConf.services_name
#define CLOAK_PREFIX iConf.cloak_prefix
#define HELP_CHANNEL iConf.helpchan
#define STATS_SERVER iConf.stats_server
#define SASL_SERVER iConf.sasl_server
#define iNAH iConf.inah
#define PREFIX_QUIT iConf.prefix_quit
#define ircnetwork iConf.network.x_ircnetwork
#define ircnet005 iConf.network.x_ircnet005
#define defserv iConf.network.x_defserv
#define SERVICES_NAME iConf.network.x_services_name
#define hidden_host iConf.network.x_hidden_host
#define helpchan iConf.network.x_helpchan
#define STATS_SERVER iConf.network.x_stats_server
#define SASL_SERVER iConf.network.x_sasl_server
#define iNAH iConf.network.x_inah
#define PREFIX_QUIT iConf.network.x_prefix_quit
#define STATIC_QUIT iConf.static_quit
#define STATIC_PART iConf.static_part
#define UHOST_ALLOWED iConf.userhost_allowed
#define RESTRICT_USERMODES iConf.restrict_usermodes
#define RESTRICT_CHANNELMODES iConf.restrict_channelmodes
#define RESTRICT_EXTENDEDBANS iConf.restrict_extendedbans
#define THROTTLING_PERIOD iConf.throttle_period
#define THROTTLING_COUNT iConf.throttle_count
#define USE_BAN_VERSION iConf.use_ban_version
#define MODES_ON_JOIN iConf.modes_on_join.extmodes
#define MODES_ON_JOIN iConf.modes_on_join.mode
#define LEVEL_ON_JOIN iConf.level_on_join
#define IDENT_CONNECT_TIMEOUT iConf.ident_connect_timeout
@@ -301,15 +267,12 @@ extern MODVAR BestPractices bestpractices;
#define CHECK_TARGET_NICK_BANS iConf.check_target_nick_bans
#define MAXBANS iConf.maxbans
#define MAXBANLENGTH iConf.maxbanlength
#define WATCH_AWAY_NOTIFICATION iConf.watch_away_notification
#define UHNAMES_ENABLED iConf.uhnames
#define UTF8ONLY iConf.utf8_only
#define NETWORK_ICON iConf.network_icon
/** Used for testing the set { } block configuration.
* It tests if a setting is present and is also used for duplicate checking.
*/
@@ -332,21 +295,27 @@ struct SetCheck {
unsigned has_throttle_connections:1;
unsigned has_kline_address:1;
unsigned has_gline_address:1;
unsigned has_modes_on_connect:1;
unsigned has_modes_on_oper:1;
unsigned has_snomask_on_connect:1;
unsigned has_snomask_on_oper:1;
unsigned has_auto_join:1;
unsigned has_oper_auto_join:1;
unsigned has_check_target_nick_bans:1;
unsigned has_watch_away_notification:1;
unsigned has_uhnames:1;
unsigned has_allow_user_stats:1;
unsigned has_ping_warning:1;
unsigned has_maxchannelsperuser:1;
unsigned has_maxdccallow:1;
unsigned has_anti_spam_quit_message_time:1;
unsigned has_egd_path:1;
unsigned has_static_quit:1;
unsigned has_static_part:1;
unsigned has_allow_userhost_change:1;
unsigned has_allow_setident:1;
unsigned has_allow_setname:1;
unsigned has_restrict_usermodes:1;
unsigned has_restrict_channelmodes:1;
unsigned has_restrict_extendedbans:1;
unsigned has_channel_command_prefix:1;
unsigned has_modes_on_join:1;
unsigned has_level_on_join:1;
@@ -355,6 +324,7 @@ struct SetCheck {
unsigned has_default_bantime:1;
unsigned has_who_limit:1;
unsigned has_maxbans:1;
unsigned has_maxbanlength:1;
unsigned has_silence_limit:1;
unsigned has_ban_version_tkl_time:1;
unsigned has_spamfilter_ban_time:1;
@@ -363,7 +333,6 @@ struct SetCheck {
unsigned has_spamfilter_virus_help_channel_deny:1;
unsigned has_spamfilter_except:1;
unsigned has_network_name:1;
unsigned has_network_icon:1;
unsigned has_default_server:1;
unsigned has_services_server:1;
unsigned has_sasl_server:1;
@@ -389,5 +358,4 @@ struct SetCheck {
unsigned has_min_nick_length:1;
unsigned has_nick_length:1;
unsigned has_hide_ban_reason:1;
unsigned has_hide_killed_by:1;
};
include/fdlist.h
+2 -14
View File
@@ -34,20 +34,8 @@ extern int fd_fileopen(const char *path, unsigned int flags);
#define FD_SELECT_READ 0x1
#define FD_SELECT_WRITE 0x2
#define fd_setselect(fd, flags, iocb, data) do { \
if (fd < 0) \
{ \
unreal_log(ULOG_ERROR, "io", "BUG_FD_SETSELECT_NEGATIVE_FD", NULL, \
"[BUG] $file:$line: fd_setselect() call with negative fd $fd", \
log_data_string("file", __FILE__), \
log_data_integer("line", __LINE__), \
log_data_integer("fd", fd)); \
} else { \
fd_setselect_real(fd, flags, iocb, data); \
} \
} while(0)
extern void fd_setselect_real(int fd, int flags, IOCallbackFunc iocb, void *data);
extern void fd_select(int delay); /* backend-specific */
extern void fd_setselect(int fd, int flags, IOCallbackFunc iocb, void *data);
extern void fd_select(time_t delay); /* backend-specific */
extern void fd_refresh(int fd); /* backend-specific */
extern void fd_fork(); /* backend-specific */
include/h.h
+400 -940
View File
File diff suppressed because it is too large Load Diff
include/ircsprintf.h
+1 -1
View File
@@ -17,7 +17,7 @@
# define FORMAT_STRING(p) p
#endif
extern char *ircvsnprintf(char *str, size_t size, const char *format, va_list) __attribute__((format(printf,3,0)));
extern char *ircvsnprintf(char *str, size_t size, const char *format, va_list);
extern char *ircsnprintf(char *str, size_t size, FORMAT_STRING(const char *format), ...) __attribute__((format(printf,3,4)));
#endif
include/license.h
+8 -9
View File
@@ -27,10 +27,10 @@
char *gnulicense[] = {
" \2UnrealIRCd License\2",
"This program is free software; you can redistribute it and/or",
"modify it under the terms of the GNU General Public License",
"as published by the Free Software Foundation; either version 2",
"of the License, or (at your option) any later version.",
"This program is free software; you can redistribute it and/or modify",
"it under the terms of the GNU General Public License as published by",
"the Free Software Foundation; either version 1, or (at your option)",
"any later version.",
"",
"This program is distributed in the hope that it will be useful,",
"but WITHOUT ANY WARRANTY; without even the implied warranty of",
@@ -39,11 +39,10 @@ char *gnulicense[] = {
"",
"You should have received a copy of the GNU General Public License",
"along with this program; if not, write to the Free Software",
"Foundation, Inc., 51 Franklin Street, Fifth Floor,",
"Boston, MA 02110-1301, USA.",
"Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.",
"",
"To see the UnrealIRCd License, please point your browser",
"to https://www.gnu.org/licenses/old-licenses/gpl-2.0.html",
"or look at the LICENSE file in the UnrealIRCd distribution.",
NULL
"at http://www.gnu.org/copyleft/gpl.html or look in the",
"file LICENSE in the UnrealIRCd dist",
0
};
include/mmdb.h
-173
View File
@@ -1,173 +0,0 @@
/*
* mmdb.h - Minimal MMDB (MaxMind DB) reader library
*
* Written from the MaxMind DB file format specification
* (https://maxmind.github.io/MaxMind-DB/).
*
* This C implementation was written by the UnrealIRCd team,
* using the Go MMDB reader oschwald/maxminddb-golang by
* Gregory J. Oschwald as a reference during development.
*
* Copyright (c) 2015 Gregory J. Oschwald (Go implementation)
* Copyright (c) 2026 UnrealIRCd team
*
* Permission to use, copy, modify, and/or distribute this software for
* any purpose with or without fee is hereby granted, provided that
* the above copyright notice and this permission notice appear in
* all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
* WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
* AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
* CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
* LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#ifndef MMDB_H
#define MMDB_H
#include <stdint.h>
#include <stddef.h>
#ifdef _WIN32
#ifndef _WIN32_WINNT
#define _WIN32_WINNT 0x0601
#endif
#include <winsock2.h>
#include <ws2tcpip.h>
#else
#include <sys/socket.h>
#include <netinet/in.h>
#endif
/** Status/error codes returned by mmdb functions */
typedef enum {
MMDB_OK = 0, /**< Success */
MMDB_ERR_OPEN, /**< Could not open or mmap the file */
MMDB_ERR_INVALID_DB, /**< Not a valid MMDB file */
MMDB_ERR_CORRUPT, /**< Search tree or data section corruption */
MMDB_ERR_NODATA, /**< IP found but requested path doesn't exist */
MMDB_ERR_TYPE, /**< Type mismatch (asked for string, got uint, etc) */
MMDB_ERR_IPV6_IN_V4, /**< Tried to look up an IPv6 address in an IPv4-only db */
MMDB_ERR_BADARG, /**< Invalid argument (e.g. unparseable IP address) */
} MMDB_Status;
/** Database metadata */
typedef struct {
uint32_t node_count; /**< Number of nodes in the search tree */
uint16_t record_size; /**< Size of each record in bits */
uint16_t ip_version; /**< IP version the database covers (4 or 6) */
uint64_t build_epoch; /**< Unix timestamp when the database was built */
char database_type[128]; /**< Database type string (e.g. "GeoLite2-Country") */
} MMDB_Metadata;
/** Database handle */
typedef struct {
uint8_t *data; /**< mmap'd (or malloc'd) file contents */
size_t data_size; /**< Total file size */
size_t data_section_offset; /**< Offset where data section starts */
size_t data_section_size; /**< Size of data section */
MMDB_Metadata metadata; /**< Parsed database metadata */
uint32_t ipv4_start_node; /**< Cached start node for IPv4 lookups in IPv6 dbs */
int ipv4_start_bit_depth; /**< Bit depth at ipv4_start_node */
int is_mmap; /**< 1 if data was mmap'd, 0 if malloc'd */
} MMDB_DB;
/** Lookup result */
typedef struct {
MMDB_DB *db; /**< Database this result belongs to */
size_t offset; /**< Offset into data section, or 0 if not found */
int has_data; /**< 1 if IP was found and has data */
} MMDB_Result;
/** Open an MMDB database file.
* Uses mmap where available, falls back to malloc+read.
* @param db Database handle to initialize
* @param filename Path to the .mmdb file
* @returns MMDB_OK on success, or an error code
*/
MMDB_Status mmdb_open(MMDB_DB *db, const char *filename);
/** Close the database and release resources.
* Safe to call on an already-closed or zero-initialized handle.
* @param db Database handle to close
*/
void mmdb_close(MMDB_DB *db);
/** Look up an IP address given as a string (IPv4 or IPv6).
* On success, check result->has_data to see if the IP was
* actually found in the database.
* @param db Database handle
* @param ip_str IP address string (e.g. "1.2.3.4" or "2001:db8::1")
* @param result Lookup result (output)
* @returns MMDB_OK on success, or an error code
*/
MMDB_Status mmdb_lookup(MMDB_DB *db, const char *ip_str, MMDB_Result *result);
/** Look up an IP address given as a sockaddr.
* Supports sockaddr_in (IPv4) and sockaddr_in6 (IPv6).
* @param db Database handle
* @param sa Socket address to look up
* @param result Lookup result (output)
* @returns MMDB_OK on success, or an error code
*/
MMDB_Status mmdb_lookup_sockaddr(MMDB_DB *db, const struct sockaddr *sa,
MMDB_Result *result);
/** Retrieve a string value from a lookup result by path.
* Returns a malloc'd, null-terminated copy. Caller must free().
* On error, *out is set to NULL.
* @param result Lookup result from mmdb_lookup()
* @param out Receives a malloc'd null-terminated string (output)
* @param ... Path of map keys (NULL sentinel is added automatically)
* @returns MMDB_OK on success, or an error code
* @note Example: mmdb_get_str(&result, &val, "country", "iso_code");
*/
MMDB_Status mmdb_do_get_str(MMDB_Result *result, char **out, ...);
#define mmdb_get_str(result, out, ...) mmdb_do_get_str(result, out, __VA_ARGS__, NULL)
/** Retrieve a uint32 value from a lookup result by path.
* Also accepts uint16 values (promoted to uint32).
* On error, *out is set to 0.
* @param result Lookup result from mmdb_lookup()
* @param out Receives the uint32 value (output)
* @param ... Path of map keys (NULL sentinel is added automatically)
* @returns MMDB_OK on success, or an error code
* @note Example: mmdb_get_uint32(&result, &asn, "autonomous_system_number");
*/
MMDB_Status mmdb_do_get_uint32(MMDB_Result *result, uint32_t *out, ...);
#define mmdb_get_uint32(result, out, ...) mmdb_do_get_uint32(result, out, __VA_ARGS__, NULL)
/** Retrieve a boolean value from a lookup result by path.
* On error, *out is set to 0.
* @param result Lookup result from mmdb_lookup()
* @param out Receives the boolean value (0 or 1) (output)
* @param ... Path of map keys (NULL sentinel is added automatically)
* @returns MMDB_OK on success, or an error code
* @note Example: mmdb_get_bool(&result, &is_vpn, "is_anonymous_vpn");
*/
MMDB_Status mmdb_do_get_bool(MMDB_Result *result, int *out, ...);
#define mmdb_get_bool(result, out, ...) mmdb_do_get_bool(result, out, __VA_ARGS__, NULL)
/** Retrieve a double (float64) value from a lookup result by path.
* Also accepts float32 values (promoted to double).
* On error, *out is set to 0.
* @param result Lookup result from mmdb_lookup()
* @param out Receives the double value (output)
* @param ... Path of map keys (NULL sentinel is added automatically)
* @returns MMDB_OK on success, or an error code
* @note Example: mmdb_get_double(&result, &lat, "location", "latitude");
*/
MMDB_Status mmdb_do_get_double(MMDB_Result *result, double *out, ...);
#define mmdb_get_double(result, out, ...) mmdb_do_get_double(result, out, __VA_ARGS__, NULL)
/** Return a human-readable error string for a status code.
* @param err Status code to describe
* @returns Static string describing the error (never NULL)
*/
const char *mmdb_strerror(MMDB_Status err);
#endif /* MMDB_H */
include/modules.h
+377 -1130
View File
File diff suppressed because it is too large Load Diff
include/modversion.h
+40 -8
View File
@@ -21,16 +21,48 @@
#include "version.h"
/* At UnrealIRCd we don't have a stable module ABI.
* We check for version nowadays, but actually there are many more
* ways to cause binary interface screwups, like using the git
* version and then have a different include/struct.h on your
* running unrealircd compared to your modules, with members shifted
* or reordered and the like. Fun!
/* What all this is for? Well, it's simple...
* Example: When someone compiles a module with ssl support, but the
* core was not compiled with ssl support, then the module will read
* things incorrect in the struct because the module sees an extra
* field half-way the struct but in the core that field does not exist,
* hence all data is shifted 4 bytes causing all kinds of odd crashes,
* memory corruption, and weird problems.
* This is an attempt to prevent this a bit, but there are a lot more
* options that cause binary incompatability (eg: changing nicklen),
* we just take the most common ones...
*
* NOTE: On win32 we allow ssl inconsistencies because we
* explicitly use "padding" in the structs: we add a useless
* placeholder so everything is still aligned correctly.
* In the process of doing so, we waste several bytes per-user,
* but this prevents (most) binary incompatability problems
* making it easier for module coders to ship dll's.
*/
#ifndef _WIN32
#define MYTOKEN_SSL "/SSL"
#else
#define MYTOKEN_SSL ""
#endif
#define MYTOKEN_NEWCHF "/NOCHF"
#ifdef __GNUC__
#if defined(__GNUC_PATCHLEVEL__)
#define GCCVER ((__GNUC__ << 16) + (__GNUC_MINOR__ << 8) + __GNUC_PATCHLEVEL__)
#else
#define GCCVER ((__GNUC__ << 16) + (__GNUC_MINOR__ << 8))
#endif
#else
#define GCCVER 0
#endif
#ifdef UNREALCORE
char our_mod_version[] = BASE_VERSION "-" PATCH1 PATCH2 PATCH3 PATCH4 PATCH6 PATCH7 PATCH8 PATCH9;
char our_mod_version[] = BASE_VERSION "-" PATCH1 PATCH2 PATCH3 PATCH4 PATCH6 PATCH7 PATCH8 PATCH9 \
MYTOKEN_SSL MYTOKEN_NEWCHF;
unsigned int our_compiler_version = GCCVER;
#else
DLLFUNC char Mod_Version[] = BASE_VERSION "-" PATCH1 PATCH2 PATCH3 PATCH4 PATCH6 PATCH7 PATCH8 PATCH9;
DLLFUNC char Mod_Version[] = BASE_VERSION "-" PATCH1 PATCH2 PATCH3 PATCH4 PATCH6 PATCH7 PATCH8 PATCH9 \
MYTOKEN_SSL MYTOKEN_NEWCHF;
DLLFUNC unsigned int compiler_version = GCCVER;
#endif
include/msg.h
+2 -2
View File
@@ -51,6 +51,7 @@
#define MSG_PONG "PONG" /* PONG */
#define MSG_OPER "OPER" /* OPER */
#define MSG_PASS "PASS" /* PASS */
#define MSG_WALLOPS "WALLOPS" /* WALL */
#define MSG_TIME "TIME" /* TIME */
#define MSG_NAMES "NAMES" /* NAME */
#define MSG_ADMIN "ADMIN" /* ADMI */
@@ -167,7 +168,6 @@
#define MSG_MLOCK "MLOCK"
#define MAXPARA 30
#define MAXPARA_USER 15
#define MAXPARA 15
#endif
include/numeric.h
+61 -244
View File
@@ -36,8 +36,7 @@
#define RPL_ISUPPORT 005
#define RPL_REDIR 10
#define RPL_MAPUSERS 18
#define RPL_YOURID 42
#define RPL_REMOTEISUPPORT 105
@@ -52,24 +51,29 @@
#define ERR_TOOMANYCHANNELS 405
#define ERR_WASNOSUCHNICK 406
#define ERR_TOOMANYTARGETS 407
#define ERR_NOSUCHSERVICE 408
#define ERR_NOORIGIN 409
#define ERR_INVALIDCAPCMD 410
#define ERR_NORECIPIENT 411
#define ERR_NOTEXTTOSEND 412
#define ERR_NOTOPLEVEL 413
#define ERR_WILDTOPLEVEL 414
#define ERR_TOOMANYMATCHES 416
#define ERR_INPUTTOOLONG 417
#define ERR_UNKNOWNCOMMAND 421
#define ERR_NOMOTD 422
#define ERR_NOADMININFO 423
#define ERR_FILEERROR 424
#define ERR_NOOPERMOTD 425
#define ERR_TOOMANYAWAY 429
#define ERR_NONICKNAMEGIVEN 431
#define ERR_ERRONEUSNICKNAME 432
#define ERR_NICKNAMEINUSE 433
#define ERR_NORULES 434
#define ERR_SERVICECONFUSED 435
#define ERR_NICKCOLLISION 436
#define ERR_BANNICKCHANGE 437
#define ERR_NCHANGETOOFAST 438
#define ERR_TARGETTOOFAST 439
@@ -78,36 +82,53 @@
#define ERR_USERNOTINCHANNEL 441
#define ERR_NOTONCHANNEL 442
#define ERR_USERONCHANNEL 443
#define ERR_NOLOGIN 444
#define ERR_SUMMONDISABLED 445
#define ERR_USERSDISABLED 446
#define ERR_NONICKCHANGE 447
#define ERR_FORBIDDENCHANNEL 448
#define ERR_NOTREGISTERED 451
#define ERR_HOSTILENAME 455
#define ERR_NOHIDING 459
#define ERR_NOTFORHALFOPS 460
#define ERR_NEEDMOREPARAMS 461
#define ERR_ALREADYREGISTRED 462
#define ERR_NOPERMFORHOST 463
#define ERR_PASSWDMISMATCH 464
#define ERR_YOUREBANNEDCREEP 465
#define ERR_YOUWILLBEBANNED 466
#define ERR_KEYSET 467
#define ERR_ONLYSERVERSCANCHANGE 468
#define ERR_LINKSET 469
#define ERR_LINKCHANNEL 470
#define ERR_CHANNELISFULL 471
#define ERR_UNKNOWNMODE 472
#define ERR_INVITEONLYCHAN 473
#define ERR_BANNEDFROMCHAN 474
#define ERR_BADCHANNELKEY 475
#define ERR_BADCHANMASK 476
#define ERR_NEEDREGGEDNICK 477
#define ERR_BANLISTFULL 478
#define ERR_LINKFAIL 479
#define ERR_CANNOTKNOCK 480
#define ERR_NOPRIVILEGES 481
#define ERR_CHANOPRIVSNEEDED 482
#define ERR_CANTKILLSERVER 483
#define ERR_ATTACKDENY 484
#define ERR_KILLDENY 485
#define ERR_NONONREG 486
#define ERR_NOTFORUSERS 487
#define ERR_SECUREONLYCHAN 489
#define ERR_NOSWEAR 490
#define ERR_NOOPERHOST 491
#define ERR_NOCTCP 492
#define ERR_CHANOWNPRIVNEEDED 499
@@ -117,11 +138,13 @@
#define ERR_SILELISTFULL 511
#define ERR_TOOMANYWATCH 512
#define ERR_NEEDPONG 513
#define ERR_TOOMANYDCC 514
#define ERR_DISABLED 517
#define ERR_NOINVITE 518
#define ERR_ADMONLY 519
#define ERR_OPERONLY 520
#define ERR_LISTSYNTAX 521
@@ -140,6 +163,7 @@
#define RPL_WHOISREGNICK 307
#define RPL_RULESSTART 308
#define RPL_ENDOFRULES 309
#define RPL_WHOISHELPOP 310 /* -Donwulff */
#define RPL_WHOISUSER 311
#define RPL_WHOISSERVER 312
@@ -149,6 +173,7 @@
/* rpl_endofwho below (315) */
#define RPL_ENDOFWHOWAS 369
#define RPL_WHOISCHANOP 316 /* redundant and not needed but reserved */
#define RPL_WHOISIDLE 317
#define RPL_ENDOFWHOIS 318
@@ -173,7 +198,7 @@
#define RPL_WHOISBOT 335
#define RPL_USERIP 340
#define RPL_INVITING 341
#define RPL_WHOISCOUNTRY 344
#define RPL_SUMMONING 342
#define RPL_VERSION 351
@@ -186,6 +211,7 @@
#define RPL_EXLIST 348
#define RPL_ENDOFEXLIST 349
#define RPL_KILLDONE 361
#define RPL_CLOSING 362
#define RPL_CLOSEEND 363
#define RPL_LINKS 364
@@ -197,6 +223,7 @@
#define RPL_INFO 371
#define RPL_MOTD 372
#define RPL_INFOSTART 373
#define RPL_ENDOFINFO 374
#define RPL_MOTDSTART 375
#define RPL_ENDOFMOTD 376
@@ -205,6 +232,9 @@
#define RPL_WHOISMODES 379
#define RPL_YOUREOPER 381
#define RPL_REHASHING 382
#define RPL_YOURESERVICE 383
#define RPL_MYPORTIS 384
#define RPL_NOTOPERANYMORE 385
#define RPL_QLIST 386
#define RPL_ENDOFQLIST 387
#define RPL_ALIST 388
@@ -225,6 +255,7 @@
#define RPL_TRACEOPERATOR 204
#define RPL_TRACEUSER 205
#define RPL_TRACESERVER 206
#define RPL_TRACESERVICE 207
#define RPL_TRACENEWTYPE 208
#define RPL_TRACECLASS 209
@@ -232,28 +263,37 @@
#define RPL_STATSLINKINFO 211
#define RPL_STATSCOMMANDS 212
#define RPL_STATSCLINE 213
#define RPL_STATSOLDNLINE 214
#define RPL_STATSILINE 215
#define RPL_STATSKLINE 216
#define RPL_STATSQLINE 217
#define RPL_STATSYLINE 218
#define RPL_ENDOFSTATS 219
#define RPL_STATSBLINE 220
#define RPL_UMODEIS 221
#define RPL_SQLINE_NICK 222
#define RPL_STATSGLINE 223
#define RPL_STATSTLINE 224
#define RPL_STATSELINE 225
#define RPL_STATSNLINE 226
#define RPL_STATSVLINE 227
#define RPL_STATSBANVER 228
#define RPL_STATSSPAMF 229
#define RPL_STATSEXCEPTTKL 230
#define RPL_SERVICEINFO 231
#define RPL_RULES 232
#define RPL_SERVICE 233
#define RPL_SERVLIST 234
#define RPL_SERVLISTEND 235
#define RPL_STATSLLINE 241
#define RPL_STATSUPTIME 242
#define RPL_STATSOLINE 243
#define RPL_STATSHLINE 244
#define RPL_STATSSLINE 245
#define RPL_STATSXLINE 247
#define RPL_STATSULINE 248
#define RPL_STATSDEBUG 249
@@ -279,6 +319,14 @@
#define RPL_STATSDLINE 275
#define RPL_WHOISCERTFP 276
#define RPL_HELPHDR 290
#define RPL_HELPOP 291
#define RPL_HELPTLR 292
#define RPL_HELPHLP 293
#define RPL_HELPFWD 294
#define RPL_HELPIGN 295
/*
* New /MAP format.
*/
@@ -287,6 +335,7 @@
#define RPL_MAPEND 007
#define ERR_WHOSYNTAX 522
#define ERR_WHOLIMEXCEED 523
#define ERR_OPERSPVERIFY 524
@@ -297,7 +346,6 @@
* These are also in the range 600-799.
*/
#define RPL_WHOISASN 569
#define RPL_REAWAY 597
#define RPL_GONEAWAY 598
#define RPL_NOTAWAY 599
@@ -309,6 +357,7 @@
#define RPL_NOWOFF 605
#define RPL_WATCHLIST 606
#define RPL_ENDOFWATCHLIST 607
#define RPL_CLEARWATCH 608
#define RPL_NOWISAWAY 609
#define RPL_DCCSTATUS 617
@@ -316,18 +365,16 @@
#define RPL_ENDOFDCCLIST 619
#define RPL_DCCINFO 620
#define RPL_DUMPING 640
#define RPL_DUMPRPL 641
#define RPL_EODUMP 642
#define RPL_SPAMCMDFWD 659
#define RPL_STARTTLS 670
#define RPL_WHOISSECURE 671
#define RPL_MONONLINE 730
#define RPL_MONOFFLINE 731
#define RPL_MONLIST 732
#define RPL_ENDOFMONLIST 733
#define ERR_MONLISTFULL 734
#define ERR_MLOCKRESTRICTED 742
#define ERR_CANNOTDOCOMMAND 972
@@ -335,245 +382,15 @@
#define ERR_STARTTLS 691
#define ERR_INVALIDMODEPARAM 696
#define RPL_LOGGEDIN 900
#define RPL_LOGGEDOUT 901
#define ERR_NICKLOCKED 902
#define RPL_SASLSUCCESS 903
#define ERR_SASLFAIL 904
#define ERR_SASLTOOLONG 905
#define ERR_SASLABORTED 906
#define ERR_SASLALREADY 907
#define RPL_SASLMECHS 908
/* Numeric texts */
#define STR_RPL_WELCOME /* 001 */ ":Welcome to the %s IRC Network %s!%s@%s"
#define STR_RPL_YOURHOST /* 002 */ ":Your host is %s, running version %s"
#define STR_RPL_CREATED /* 003 */ ":This server was created %s"
#define STR_RPL_MYINFO /* 004 */ "%s %s %s %s"
#define STR_RPL_ISUPPORT /* 005 */ "%s :are supported by this server"
#define STR_RPL_MAP /* 006 */ ":%s%s %s | Users: %*ld (%*.2f%%)%s"
#define STR_RPL_MAPEND /* 007 */ ":End of /MAP"
#define STR_RPL_SNOMASK /* 008 */ "+%s :Server notice mask"
#define STR_RPL_REDIR /* 010 */ "%s %d :Please use this Server/Port instead"
#define STR_RPL_MAPUSERS /* 018 */ ":%d server%s and %d user%s, average %.2f users per server"
#define STR_RPL_REMOTEISUPPORT /* 105 */ "%s :are supported by this server"
#define STR_RPL_TRACELINK /* 200 */ "Link %s%s %s %s"
#define STR_RPL_TRACECONNECTING /* 201 */ "Attempt %s %s"
#define STR_RPL_TRACEHANDSHAKE /* 202 */ "Handshaking %s %s"
#define STR_RPL_TRACEUNKNOWN /* 203 */ "???? %s %s"
#define STR_RPL_TRACEOPERATOR /* 204 */ "Operator %s %s [%s] %lld"
#define STR_RPL_TRACEUSER /* 205 */ "User %s %s [%s] %lld"
#define STR_RPL_TRACESERVER /* 206 */ "Server %s %dS %dC %s %s!%s@%s %lld"
#define STR_RPL_TRACENEWTYPE /* 208 */ "%s 0 %s"
#define STR_RPL_TRACECLASS /* 209 */ "Class %s %d"
#define STR_RPL_STATSHELP /* 210 */ ":%s"
#define STR_RPL_STATSCOMMANDS /* 212 */ "%s %u %lu"
#define STR_RPL_STATSCLINE /* 213 */ "%c %s * %s %d %d %s"
#define STR_RPL_STATSILINE /* 215 */ "I %s %s %d %d %s %s %d"
#define STR_RPL_STATSQLINE /* 217 */ "%c %s %lld %lld %s %lld %lld %s :%s"
#define STR_RPL_STATSYLINE /* 218 */ "Y %s %d %d %d %d %d"
#define STR_RPL_ENDOFSTATS /* 219 */ "%c :End of /STATS report"
#define STR_RPL_UMODEIS /* 221 */ "%s"
#define STR_RPL_STATSGLINE /* 223 */ "%c %s %lld %lld %s %lld %lld %s %s :%s"
#define STR_RPL_STATSTLINE /* 224 */ "T %s %s %s"
#define STR_RPL_STATSNLINE /* 226 */ "n %s %s"
#define STR_RPL_STATSVLINE /* 227 */ "v %s %s %s"
#define STR_RPL_STATSBANVER /* 228 */ "%s %s"
#define STR_RPL_STATSSPAMF /* 229 */ "%c %s %s %s %lld %lld %lld %s %s %lld %lld %lld %lld %s :%s"
#define STR_RPL_STATSEXCEPTTKL /* 230 */ "%s %s %lld %lld %s %s :%s"
#define STR_RPL_RULES /* 232 */ ":- %s"
#define STR_RPL_STATSLLINE /* 241 */ "%c %s * %s %d %d"
#define STR_RPL_STATSUPTIME /* 242 */ ":Server Up %lld days, %lld:%02lld:%02lld"
#define STR_RPL_STATSOLINE /* 243 */ "%c %s * %s %s %s"
#define STR_RPL_STATSHLINE /* 244 */ "%c %s * %s %d %d"
#define STR_RPL_STATSXLINE /* 247 */ "X %s %d"
#define STR_RPL_STATSULINE /* 248 */ "U %s"
#define STR_RPL_STATSDEBUG /* 249 */ ":%s"
#define STR_RPL_STATSCONN /* 250 */ ":Highest connection count: %d (%d clients)"
#define STR_RPL_LUSERCLIENT /* 251 */ ":There are %d users and %d invisible on %d servers"
#define STR_RPL_LUSEROP /* 252 */ "%d :operator(s) online"
#define STR_RPL_LUSERUNKNOWN /* 253 */ "%d :unknown connection(s)"
#define STR_RPL_LUSERCHANNELS /* 254 */ "%d :channels formed"
#define STR_RPL_LUSERME /* 255 */ ":I have %d clients and %d servers"
#define STR_RPL_ADMINME /* 256 */ ":Administrative info about %s"
#define STR_RPL_ADMINLOC1 /* 257 */ ":%s"
#define STR_RPL_ADMINLOC2 /* 258 */ ":%s"
#define STR_RPL_ADMINEMAIL /* 259 */ ":%s"
#define STR_RPL_TRACELOG /* 261 */ "File %s %d"
#define STR_RPL_TRYAGAIN /* 263 */ "%s :Flooding detected. Please wait a while and try again."
#define STR_RPL_LOCALUSERS /* 265 */ "%d %d :Current local users %d, max %d"
#define STR_RPL_GLOBALUSERS /* 266 */ "%d %d :Current global users %d, max %d"
#define STR_RPL_SILELIST /* 271 */ "%s"
#define STR_RPL_ENDOFSILELIST /* 272 */ ":End of Silence List"
#define STR_RPL_STATSDLINE /* 275 */ "%c %s %s"
#define STR_RPL_WHOISCERTFP /* 276 */ "%s :has client certificate fingerprint %s"
#define STR_RPL_AWAY /* 301 */ "%s :%s"
#define STR_RPL_USERHOST /* 302 */ ":%s %s %s %s %s"
#define STR_RPL_ISON /* 303 */ ":"
#define STR_RPL_UNAWAY /* 305 */ ":You are no longer marked as being away"
#define STR_RPL_NOWAWAY /* 306 */ ":You have been marked as being away"
#define STR_RPL_WHOISREGNICK /* 307 */ "%s :is identified for this nick"
#define STR_RPL_RULESSTART /* 308 */ ":- %s Server Rules - "
#define STR_RPL_ENDOFRULES /* 309 */ ":End of RULES command."
#define STR_RPL_WHOISUSER /* 311 */ "%s %s %s * :%s"
#define STR_RPL_WHOISSERVER /* 312 */ "%s %s :%s"
#define STR_RPL_WHOISOPERATOR /* 313 */ "%s :is %s"
#define STR_RPL_WHOWASUSER /* 314 */ "%s %s %s * :%s"
#define STR_RPL_ENDOFWHO /* 315 */ "%s :End of /WHO list."
#define STR_RPL_WHOISIDLE /* 317 */ "%s %lld %lld :seconds idle, signon time"
#define STR_RPL_ENDOFWHOIS /* 318 */ "%s :End of /WHOIS list."
#define STR_RPL_WHOISCHANNELS /* 319 */ "%s :%s"
#define STR_RPL_WHOISSPECIAL /* 320 */ "%s :%s"
#define STR_RPL_LISTSTART /* 321 */ "Channel :Users Name"
#define STR_RPL_LIST /* 322 */ "%s %d :%s %s"
#define STR_RPL_LISTEND /* 323 */ ":End of /LIST"
#define STR_RPL_CHANNELMODEIS /* 324 */ "%s %s %s"
#define STR_RPL_CREATIONTIME /* 329 */ "%s %lld"
#define STR_RPL_WHOISLOGGEDIN /* 330 */ "%s %s :is logged in as"
#define STR_RPL_NOTOPIC /* 331 */ "%s :No topic is set."
#define STR_RPL_TOPIC /* 332 */ "%s :%s"
#define STR_RPL_TOPICWHOTIME /* 333 */ "%s %s %lld"
#define STR_RPL_LISTSYNTAX /* 334 */ ":%s"
#define STR_RPL_WHOISBOT /* 335 */ "%s :is a \2Bot\2 on %s"
#define STR_RPL_INVITELIST /* 336 */ ":%s"
#define STR_RPL_ENDOFINVITELIST /* 337 */ ":End of /INVITE list."
#define STR_RPL_USERIP /* 340 */ ":%s %s %s %s %s"
#define STR_RPL_INVITING /* 341 */ "%s %s"
#define STR_RPL_WHOISCOUNTRY /* 344 */ "%s %s :is connecting from %s"
#define STR_RPL_INVEXLIST /* 346 */ "%s %s %s %lld"
#define STR_RPL_ENDOFINVEXLIST /* 347 */ "%s :End of Channel Invite List"
#define STR_RPL_EXLIST /* 348 */ "%s %s %s %lld"
#define STR_RPL_ENDOFEXLIST /* 349 */ "%s :End of Channel Exception List"
#define STR_RPL_VERSION /* 351 */ "%s.%s %s :%s%s%s [%s=%d]"
#define STR_RPL_WHOREPLY /* 352 */ "%s %s %s %s %s %s :%d %s"
#define STR_RPL_NAMREPLY /* 353 */ "%s"
#define STR_RPL_CLOSING /* 362 */ "%s :Closed. Status = %d"
#define STR_RPL_CLOSEEND /* 363 */ "%d: Connections Closed"
#define STR_RPL_LINKS /* 364 */ "%s %s :%d %s"
#define STR_RPL_ENDOFLINKS /* 365 */ "%s :End of /LINKS list."
#define STR_RPL_ENDOFNAMES /* 366 */ "%s :End of /NAMES list."
#define STR_RPL_BANLIST /* 367 */ "%s %s %s %lld"
#define STR_RPL_ENDOFBANLIST /* 368 */ "%s :End of Channel Ban List"
#define STR_RPL_ENDOFWHOWAS /* 369 */ "%s :End of WHOWAS"
#define STR_RPL_INFO /* 371 */ ":%s"
#define STR_RPL_MOTD /* 372 */ ":- %s"
#define STR_RPL_ENDOFINFO /* 374 */ ":End of /INFO list."
#define STR_RPL_MOTDSTART /* 375 */ ":- %s Message of the Day - "
#define STR_RPL_ENDOFMOTD /* 376 */ ":End of /MOTD command."
#define STR_RPL_WHOISHOST /* 378 */ "%s :is connecting from %s@%s %s"
#define STR_RPL_WHOISMODES /* 379 */ "%s :is using modes %s %s"
#define STR_RPL_YOUREOPER /* 381 */ ":You are now an IRC Operator"
#define STR_RPL_REHASHING /* 382 */ "%s :Rehashing"
#define STR_RPL_QLIST /* 386 */ "%s %s"
#define STR_RPL_ENDOFQLIST /* 387 */ "%s :End of Channel Owner List"
#define STR_RPL_ALIST /* 388 */ "%s %s"
#define STR_RPL_ENDOFALIST /* 389 */ "%s :End of Protected User List"
#define STR_RPL_TIME /* 391 */ "%s :%s"
#define STR_RPL_HOSTHIDDEN /* 396 */ "%s :is now your displayed host"
#define STR_ERR_NOSUCHNICK /* 401 */ "%s :No such nick/channel"
#define STR_ERR_NOSUCHSERVER /* 402 */ "%s :No such server"
#define STR_ERR_NOSUCHCHANNEL /* 403 */ "%s :No such channel"
#define STR_ERR_CANNOTSENDTOCHAN /* 404 */ "%s :%s (%s)"
#define STR_ERR_TOOMANYCHANNELS /* 405 */ "%s :You have joined too many channels"
#define STR_ERR_WASNOSUCHNICK /* 406 */ "%s :There was no such nickname"
#define STR_ERR_TOOMANYTARGETS /* 407 */ "%s :Too many targets. The maximum is %d for %s."
#define STR_ERR_NOORIGIN /* 409 */ ":No origin specified"
#define STR_ERR_INVALIDCAPCMD /* 410 */ "%s :Invalid CAP subcommand"
#define STR_ERR_NORECIPIENT /* 411 */ ":No recipient given (%s)"
#define STR_ERR_NOTEXTTOSEND /* 412 */ ":No text to send"
#define STR_ERR_TOOMANYMATCHES /* 416 */ "%s :%s"
#define STR_ERR_INPUTTOOLONG /* 417 */ ":Input line was too long"
#define STR_ERR_UNKNOWNCOMMAND /* 421 */ "%s :Unknown command"
#define STR_ERR_NOMOTD /* 422 */ ":MOTD File is missing"
#define STR_ERR_NOADMININFO /* 423 */ "%s :No administrative info available"
#define STR_ERR_NOOPERMOTD /* 425 */ ":OPERMOTD File is missing"
#define STR_ERR_TOOMANYAWAY /* 429 */ ":Too Many aways - Flood Protection activated"
#define STR_ERR_NONICKNAMEGIVEN /* 431 */ ":No nickname given"
#define STR_ERR_ERRONEUSNICKNAME /* 432 */ "%s :Nickname is unavailable: %s"
#define STR_ERR_NICKNAMEINUSE /* 433 */ "%s :Nickname is already in use."
#define STR_ERR_NORULES /* 434 */ ":RULES File is missing"
#define STR_ERR_BANNICKCHANGE /* 437 */ "%s :Cannot change nickname while banned on channel"
#define STR_ERR_NCHANGETOOFAST /* 438 */ "%s :Nick change too fast. Please try again later."
#define STR_ERR_TARGETTOOFAST /* 439 */ "%s :Message target change too fast. Please wait %lld seconds"
#define STR_ERR_SERVICESDOWN /* 440 */ "%s :Services are currently down. Please try again later."
#define STR_ERR_USERNOTINCHANNEL /* 441 */ "%s %s :They aren't on that channel"
#define STR_ERR_NOTONCHANNEL /* 442 */ "%s :You're not on that channel"
#define STR_ERR_USERONCHANNEL /* 443 */ "%s %s :is already on channel"
#define STR_ERR_NONICKCHANGE /* 447 */ ":Can not change nickname while on %s (+N)"
#define STR_ERR_FORBIDDENCHANNEL /* 448 */ "%s :Cannot join channel: %s"
#define STR_ERR_NOTREGISTERED /* 451 */ ":You have not registered"
#define STR_ERR_NOTFORHALFOPS /* 460 */ ":Halfops cannot set mode %c"
#define STR_ERR_NEEDMOREPARAMS /* 461 */ "%s :Not enough parameters"
#define STR_ERR_ALREADYREGISTRED /* 462 */ ":You may not reregister"
#define STR_ERR_PASSWDMISMATCH /* 464 */ ":Password Incorrect"
#define STR_ERR_YOUREBANNEDCREEP /* 465 */ ":%s"
#define STR_ERR_ONLYSERVERSCANCHANGE /* 468 */ "%s :Only servers can change that mode"
#define STR_ERR_LINKCHANNEL /* 470 */ "%s %s :[Link] %s has become full, so you are automatically being transferred to the linked channel %s"
#define STR_ERR_CHANNELISFULL /* 471 */ "%s :Cannot join channel (+l)"
#define STR_ERR_UNKNOWNMODE /* 472 */ "%c :is unknown mode char to me"
#define STR_ERR_INVITEONLYCHAN /* 473 */ "%s :Cannot join channel (+i)"
#define STR_ERR_BANNEDFROMCHAN /* 474 */ "%s :Cannot join channel (+b)"
#define STR_ERR_BADCHANNELKEY /* 475 */ "%s :Cannot join channel (+k)"
#define STR_ERR_NEEDREGGEDNICK /* 477 */ "%s :You need a registered nick to join that channel."
#define STR_ERR_BANLISTFULL /* 478 */ "%s %s :Channel ban/ignore list is full"
#define STR_ERR_CANNOTKNOCK /* 480 */ ":Cannot knock on %s (%s)"
#define STR_ERR_NOPRIVILEGES /* 481 */ ":Permission Denied- You do not have the correct IRC operator privileges"
#define STR_ERR_CHANOPRIVSNEEDED /* 482 */ "%s :You're not channel operator"
#define STR_ERR_KILLDENY /* 485 */ ":Cannot kill protected user %s."
#define STR_ERR_NOTFORUSERS /* 487 */ ":%s is a server only command"
#define STR_ERR_SECUREONLYCHAN /* 489 */ "%s :Cannot join channel (Secure connection is required)"
#define STR_ERR_NOOPERHOST /* 491 */ ":No O-lines for your host"
#define STR_ERR_CHANOWNPRIVNEEDED /* 499 */ "%s :You're not a channel owner"
#define STR_ERR_TOOMANYJOINS /* 500 */ "%s :Too many join requests. Please wait a while and try again."
#define STR_ERR_UMODEUNKNOWNFLAG /* 501 */ ":Unknown MODE flag"
#define STR_ERR_USERSDONTMATCH /* 502 */ ":Cant change mode for other users"
#define STR_ERR_SILELISTFULL /* 511 */ "%s :Your silence list is full"
#define STR_ERR_TOOMANYWATCH /* 512 */ "%s :Maximum size for WATCH-list is 128 entries"
#define STR_ERR_TOOMANYDCC /* 514 */ "%s :Your dcc allow list is full. Maximum size is %d entries"
#define STR_ERR_DISABLED /* 517 */ "%s :%s" /* ircu */
#define STR_ERR_NOINVITE /* 518 */ ":Cannot invite (+V) at channel %s"
#define STR_ERR_OPERONLY /* 520 */ ":Cannot join channel %s (IRCops only)"
#define STR_ERR_LISTSYNTAX /* 521 */ ":Bad list syntax, type /quote list ? or /raw list ?"
#define STR_ERR_WHOLIMEXCEED /* 523 */ ":Error, /who limit of %d exceeded. Please narrow your search down and try again"
#define STR_ERR_OPERSPVERIFY /* 524 */ "%s :Trying to join +s or +p channel as an oper. Please invite yourself first."
#define STR_ERR_CANTSENDTOUSER /* 531 */ "%s :%s"
#define STR_RPL_WHOISASN /* 569 */ "%u :%s [%s]"
#define STR_RPL_REAWAY /* 597 */ "%s %s %s %lld :%s"
#define STR_RPL_GONEAWAY /* 598 */ "%s %s %s %lld :%s"
#define STR_RPL_NOTAWAY /* 599 */ "%s %s %s %lld :is no longer away"
#define STR_RPL_LOGON /* 600 */ "%s %s %s %lld :logged online"
#define STR_RPL_LOGOFF /* 601 */ "%s %s %s %lld :logged offline"
#define STR_RPL_WATCHOFF /* 602 */ "%s %s %s %lld :stopped watching"
#define STR_RPL_WATCHSTAT /* 603 */ ":You have %d and are on %d WATCH entries"
#define STR_RPL_NOWON /* 604 */ "%s %s %s %lld :is online"
#define STR_RPL_NOWOFF /* 605 */ "%s %s %s %lld :is offline"
#define STR_RPL_WATCHLIST /* 606 */ ":%s"
#define STR_RPL_ENDOFWATCHLIST /* 607 */ ":End of WATCH %c"
#define STR_RPL_NOWISAWAY /* 609 */ "%s %s %s %lld :is away"
#define STR_RPL_MAPMORE /* 610 */ ":%s%-*s --> *more*"
#define STR_RPL_DCCSTATUS /* 617 */ ":%s has been %s your DCC allow list"
#define STR_RPL_DCCLIST /* 618 */ ":%s"
#define STR_RPL_ENDOFDCCLIST /* 619 */ ":End of DCCALLOW %s"
#define STR_RPL_DCCINFO /* 620 */ ":%s"
#define STR_RPL_SPAMCMDFWD /* 659 */ "%s :Command processed, but a copy has been sent to ircops for evaluation (anti-spam) purposes. [%s]"
#define STR_RPL_STARTTLS /* 670 */ ":STARTTLS successful, go ahead with TLS handshake" /* kineircd */
#define STR_RPL_WHOISSECURE /* 671 */ "%s :%s" /* our variation on the kineircd numeric */
#define STR_ERR_STARTTLS /* 691 */ ":%s"
#define STR_ERR_INVALIDMODEPARAM /* 696 */ "%s %c %s :%s"
#define STR_RPL_MONONLINE /* 730 */ ":%s!%s@%s"
#define STR_RPL_MONOFFLINE /* 731 */ ":%s"
#define STR_RPL_MONLIST /* 732 */ ":%s"
#define STR_RPL_ENDOFMONLIST /* 733 */ ":End of MONITOR list"
#define STR_ERR_MONLISTFULL /* 734 */ "%d %s :Monitor list is full."
#define STR_ERR_MLOCKRESTRICTED /* 742 */ "%s %c %s :MODE cannot be set due to channel having an active MLOCK restriction policy"
#define STR_RPL_LOGGEDIN /* 900 */ "%s!%s@%s %s :You are now logged in as %s."
#define STR_RPL_LOGGEDOUT /* 901 */ "%s!%s@%s :You are now logged out."
#define STR_RPL_SASLSUCCESS /* 903 */ ":SASL authentication successful"
#define STR_ERR_SASLFAIL /* 904 */ ":SASL authentication failed"
#define STR_ERR_SASLTOOLONG /* 905 */ ":SASL message too long"
#define STR_ERR_SASLABORTED /* 906 */ ":SASL authentication aborted"
#define STR_RPL_SASLMECHS /* 908 */ "%s :are available SASL mechanisms"
#define STR_ERR_CANNOTDOCOMMAND /* 972 */ "%s :%s"
#define STR_ERR_CANNOTCHANGECHANMODE /* 974 */ "%c :%s"
#define ERR_NUMERICERR 999
include/proto.h
+68
View File
@@ -0,0 +1,68 @@
/************************************************************************
* Unreal Internet Relay Chat Daemon, include/proto.h
* (C) Dominick Meglio <codemastr@unrealircd.com> 2000
*
* See file AUTHORS in IRC package for additional names of
* the programmers.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 1, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef proto_h
#define proto_h
/* lusers.c */
extern void init_irccounts(void);
/* match.c */
extern char *collapse(char *pattern);
/* scache.c */
extern void clear_scache_hash_table(void);
/* send.c */
extern void sendto_one(Client *, MessageTag *mtags, FORMAT_STRING(const char *), ...) __attribute__((format(printf,3,4)));
extern void sendto_realops(FORMAT_STRING(const char *pattern), ...) __attribute__((format(printf,1,2)));
/* ircd.c */
extern EVENT(garbage_collect);
extern EVENT(loop_event);
extern EVENT(check_pings);
extern EVENT(handshake_timeout);
extern EVENT(check_deadsockets);
extern EVENT(try_connections);
/* support.c */
extern char *my_itoa(int i);
/* s_serv.c */
extern void load_tunefile(void);
extern EVENT(save_tunefile);
extern void read_motd(const char *filename, MOTDFile *motd);
/* s_user.c */
extern int target_limit_exceeded(Client *client, void *target, const char *name);
extern void make_umodestr(void);
extern char *get_usermode_string(Client *acptr);
/* s_misc.c */
extern char *convert_time(time_t ltime);
/* whowas.c */
extern void initwhowas(void);
/* uid.c */
extern void uid_init(void);
extern const char *uid_get(void);
#endif /* proto_h */
include/setup.h.in
+23 -46
View File
@@ -12,9 +12,6 @@
/* Define the location of the configuration files */
#undef CONFDIR
/* Define the path of the control socket */
#undef CONTROLFILE
/* Define the location of permanent data files */
#undef DATADIR
@@ -25,9 +22,6 @@
/* Define the location of the documentation */
#undef DOCDIR
/* MMDB GeoIP engine */
#undef GEOIP_ENGINE
/* Define if you have getrusage */
#undef GETRUSAGE_2
@@ -40,24 +34,12 @@
/* Define if ssl library has SSL_CTX_set1_curves_list */
#undef HAS_SSL_CTX_SET1_CURVES_LIST
/* Define if ssl library has SSL_CTX_set1_groups_list */
#undef HAS_SSL_CTX_SET1_GROUPS_LIST
/* Define if ssl library has SSL_CTX_set1_sigalgs_list */
#undef HAS_SSL_CTX_SET1_SIGALGS_LIST
/* Define if ssl library has SSL_CTX_set_min_proto_version */
#undef HAS_SSL_CTX_SET_MIN_PROTO_VERSION
/* Define if ssl library has SSL_CTX_set_security_level */
#undef HAS_SSL_CTX_SET_SECURITY_LEVEL
/* Define if ssl library has SSL_get_negotiated_group */
#undef HAS_SSL_GET_NEGOTIATED_GROUP
/* Define if ssl library has X509_check_host */
#undef HAS_X509_check_host
/* Define if ssl library has X509_get0_notAfter */
#undef HAS_X509_get0_notAfter
@@ -67,31 +49,34 @@
/* Define if you have epoll */
#undef HAVE_EPOLL
/* Define to 1 if you have the 'epoll_create' function. */
/* Define to 1 if you have the `epoll_create' function. */
#undef HAVE_EPOLL_CREATE
/* Define to 1 if you have the 'epoll_ctl' function. */
/* Define to 1 if you have the `epoll_ctl' function. */
#undef HAVE_EPOLL_CTL
/* Define to 1 if you have the 'epoll_wait' function. */
/* Define to 1 if you have the `epoll_wait' function. */
#undef HAVE_EPOLL_WAIT
/* Define to 1 if you have the 'explicit_bzero' function. */
/* Define to 1 if you have the `explicit_bzero' function. */
#undef HAVE_EXPLICIT_BZERO
/* Define to 1 if you have the 'getrusage' function. */
/* Define to 1 if you have the `getrusage' function. */
#undef HAVE_GETRUSAGE
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Define to 1 if you have the 'kevent' function. */
/* Define to 1 if you have the `kevent' function. */
#undef HAVE_KEVENT
/* Define to 1 if you have the 'kqueue' function. */
/* Define to 1 if you have the `kqueue' function. */
#undef HAVE_KQUEUE
/* Define to 1 if you have the 'poll' function. */
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define to 1 if you have the `poll' function. */
#undef HAVE_POLL
/* Define if you have PS_STRINGS */
@@ -112,9 +97,6 @@
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdio.h> header file. */
#undef HAVE_STDIO_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
@@ -124,22 +106,16 @@
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
/* Define to 1 if you have the 'strlcat' function. */
/* Define to 1 if you have the `strlcat' function. */
#undef HAVE_STRLCAT
/* Define to 1 if you have the 'strlcpy' function. */
/* Define to 1 if you have the `strlcpy' function. */
#undef HAVE_STRLCPY
/* Define to 1 if you have the 'strlncat' function. */
/* Define to 1 if you have the `strlncat' function. */
#undef HAVE_STRLNCAT
/* Define to 1 if you have the 'strlncpy' function. */
#undef HAVE_STRLNCPY
/* Define to 1 if you have the 'strnlen' function. */
#undef HAVE_STRNLEN
/* Define to 1 if you have the 'syslog' function. */
/* Define to 1 if you have the `syslog' function. */
#undef HAVE_SYSLOG
/* Define to 1 if you have the <sys/stat.h> header file. */
@@ -148,15 +124,15 @@
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
/* Have getsockopt TCP_INFO */
#undef HAVE_TCP_INFO
/* Define to 1 if you have the 'times' function. */
/* Define to 1 if you have the `times' function. */
#undef HAVE_TIMES
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
/* Define if you want modes shown in /list */
#undef LIST_SHOW_MODES
/* Define the location of the log files */
#undef LOGDIR
@@ -205,6 +181,9 @@
/* Define the path of the pid file */
#undef PIDFILE
/* Define if you want +a/+q prefixes */
#undef PREFIX_AQ
/* Define the location of private libraries */
#undef PRIVATELIBDIR
@@ -222,9 +201,7 @@
tofail) */
#undef STATIC_LINKING
/* Define to 1 if all of the C89 standard headers exist (not just the ones
required in a freestanding environment). This macro is provided for
backward compatibility; new code need not use it. */
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
/* Define if you have the <sys/syslog.h> header file. */
include/struct.h
+487 -970
View File
File diff suppressed because it is too large Load Diff
include/sys.h
+3 -6
View File
@@ -55,19 +55,16 @@
#endif /* HAVE_INTTYPES_H */
#endif /* HAVE_STDINT_H */
#ifdef SSL
#include <openssl/ssl.h>
#endif
#ifndef _WIN32
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <arpa/inet.h>
#else
#include <winsock2.h>
#include <ws2tcpip.h>
#include <afunix.h>
#endif
#ifdef HAVE_TCP_INFO
#include <netinet/tcp.h>
#endif
#ifndef _WIN32
include/unrealircd.h
+2 -1
View File
@@ -10,6 +10,7 @@
#include "numeric.h"
#include "msg.h"
#include "mempool.h"
#include "proto.h"
#include "channel.h"
#include <time.h>
#include <sys/stat.h>
@@ -30,7 +31,7 @@
#include <fcntl.h>
#include <signal.h>
#include "h.h"
#include "dns.h"
#include "url.h"
#include "version.h"
#ifdef USE_LIBCURL
#include <curl/curl.h>
include/url.h
+13
View File
@@ -0,0 +1,13 @@
#ifndef URL_H
#define URL_H
#include "types.h"
int MODFUNC url_is_valid(const char *);
extern const char MODFUNC *displayurl(const char *url);
char MODFUNC *url_getfilename(const char *url);
char MODFUNC *download_file(const char *, char **);
void MODFUNC download_file_async(const char *, time_t, vFP, void *callback_data);
void MODFUNC url_do_transfers_async(void);
void MODFUNC url_init(void);
#endif
include/version.h
+2 -2
View File
@@ -54,10 +54,10 @@
* Can be useful if the above 3 versionids are insufficient for you (eg: you want to support CVS).
* This is updated automatically on the CVS server every Monday. so don't touch it.
*/
#define UNREAL_VERSION_TIME 202610
#define UNREAL_VERSION_TIME 202139
#define UNREAL_VERSION ((UNREAL_VERSION_GENERATION << 24) + (UNREAL_VERSION_MAJOR << 16) + (UNREAL_VERSION_MINOR << 8))
#define UnrealProtocol 6100
#define UnrealProtocol 5002
#define PATCH1 macro_to_str(UNREAL_VERSION_GENERATION)
#define PATCH2 "." macro_to_str(UNREAL_VERSION_MAJOR)
#define PATCH3 "." macro_to_str(UNREAL_VERSION_MINOR)

Some files were not shown because too many files have changed in this diff Show More