# # IRC - Internet Relay Chat, doc/example.conf # Copyright (C) 1994, Helen Rose # $Id$ # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 1, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. # # This is an example configuration file for the Unreal3.0-Morrican # and higher IRC servers. # # You only need an ircd.conf (IRC server configuration file) if you are # running an IRC server. If you are running a standalone client this file # is not necessary. # # This file will explain the various lines in the IRC server # configuration file. Not all lines are mandatory. You can check to make # sure that your configuration file is correct by using the program # "chkconf", provided in the server distribution (and when you do "make # install" this program will be installed in the same directory as the irc # server). # # This document modified for use by with the Unreal3.0 IRCD # # # The options for whether a line is needed or not are: # MANDATORY: you absolutely MUST have this line # NETWORKED: you must have this line if you are connecting this irc # server to any other server (servers can run standalone). # SUGGESTED: it is highly suggested that you use this line # OPTIONAL: it's completely up to you whether to define this or not # DISCOURAGED: you really really should not use this line if at all # possible. # OBSOLETE: an old or out of date line that isn't needed. # # MANDATORY lines are absolute *musts*, that is, if you do not have this # line then your server will not work properly. SUGGESTED lines are # close-to-mandatory (that is, the server will run without it, but you are # highly encouraged to use these lines). # # Note that "*" in a field indicates an "unused" field. # # # ======================================================================== # NOTE! this entire configuration file is read UPSIDE-DOWN! So if you have # to put something in a specific order (for example, client-connection # lines), put them in reverse order! # ======================================================================== # # # M: [MANDATORY]. This line sets your server's name, description, port # number, and IP address to bind to. Fields, in order, are: # # If you leave IP address field blank or # *, it defaults to binding all local IP addresses on the machine. # # M:hostname:IP:Description Of Your Server:port:NS # # NS is a new feature in Unreal3.1. It is optional but it is recommended. # Every server on the network must have a completely unique NS. This number # will be used to identify the server. # M:server.my.net:*:My IRC Server:6667:34 # # A: [MANDATORY]. This line lists your administrative information # (contact address, etc). To view this information, /admin (server) will # show it to you. # # The A: line has no set information, in fact, you can put arbitrary text # in there if you wish (it is encouraged that you put at *least* a contact # address for a person responsible for the irc server, however) # A:Generic Internet Access:Admin John Doe:jdoe@generic.com # # Y: [SUGGESTED]. These lines define connection classes. Connection # classes allow you to fine-tune your client and server connections. It is # suggested that clients and servers be placed in seperate classes, and if # you have lots of server connections (if you do have lots of servers you # shouldn't be reading this file :-) each set of servers (defined # arbitrarily by you) should have its own class. If you have clients # coming in from lots of different sites, you may want to seperate them # out into classes. For instance, you may want to put local users in one # class, with remote users in another class. # # The class numbers are not arbitrary. In auto-connecting servers -- that # is, servers that you have a port number (e.g. 6667) on the end of the C: # line (see below) the higher the number the higher the priority in # auto-connecting. # # The fields in order are: class number, ping frequency (in seconds), # connect frequency (in seconds), maximum number of links (used for # auto-connecting, and for limiting the number of clients in that class), # and sendq (this overrides any value set in include/config.h for #define # MAXSENDQLENGTH). # # Note that it is a good idea to have ping frequency the same at both ends # of the link. # # in this case, connect-frequency is 0 indicating that this is a client # class (servers never connect to clients, it is the other way around). Y:1:90:0:20:100000 # # These are the recommended server Y:lines for connecting to dalnet. # In addition to these you should have at *least* one client class, and one # oper class (see O:lines). By convention on dalnet, these are usually # numbered from 5 to 10. # # Class 50 - Hub to hub, autoconnect Y:50:90:60:1:4000000 # # Class 51 - Hub to hub, no autoconnect Y:51:90:60:0:4000000 # # Class 30 - Hub to US leaf Y:30:90:0:0:3500000 # # Class 32 - Hub to EU leaf Y:32:180:0:0:3500000 # # Class 34 - Hub to AU leaf Y:34:300:0:0:3500000 # # Class 40 - US leaf to hub, autoconnect Y:40:90:90:1:3500000 # # Class 41 - US leaf to hub, no autoconnect Y:41:90:90:0:3500000 # # Class 42 - EU leaf hub Y:42:180:90:1:3500000 # # Class 44 - AU leaf to hub Y:44:300:120:1:3500000 # # I: [MANDATORY]. The I: lines are client-authorization lines. Without # these lines, no clients will be able to connect to your server. # Wildcards ("*") are permitted. Passwords are also permitted (clients can # be configured to send passwords). # # Ident (for more information on this, see rfc1413) can also be used by # placing a @ in the appropriate fields. # # Fields are as follows: # I:IP-address-mask:optional password:domain-mask::connection class (opt) # # With a password..... This will allow anyone from anywhere to connect # as long as they know the password ("foobar"). Note listing this I: line # first, it will be read *last*, meaning it is the "fall-through". That # is, anyone who doesn't match the I: lines listed below must know the # password ("foobar") to connect. # I:*@*:foobar:*@*::1 # This is a standard vanilla I: line which will permit anyone with an IP # address starting with 205.133 OR with a hostname ending in # .toledolink.com to connect to the server. NOTE, the ircd matches on the # *right-most* match, so if I connect as rmiller@glass.toledolink.com # (which is rmiller@205.133.127.8) I will show up on irc as # rmiller@glass.toledolink.com since that is the first match it found. # (Even though the second match is valid). I:205.133.*::*.toledolink.com::1 # # using ident I:*@205.133.*::*@*.toledolink.com::1 # and you can even specify just certain usernames running ident (as long # as the client's site is running the ident daemon): I:NOMATCH::rmiller@glass.toledolink.com::1 # putting NOMATCH in the first field will stop the ircd from matching # automatically against the IP address and it will force the server to # match against the hostname. (the "NOMATCH" string is not mandatory, you # can use any arbitrary text in the first field). I:*@*:ONE:*@*::1 # putting the ONE in the password field makes it so that only 1 user matching # that host or IP can connect through that I:line. # # # O: [OPTIONAL]. These lines define operator access. You do not need to # have an operator to run a server. A well configured leaf site should not # need an operator online, if it's connections are well defined, the irc # administrator can use kill -HUP on the ircd to reload the configuration # file. # The fields are as follows: # O:hostname (ident "@" permitted):password:NickName:AccessFlags:class # if the person in "NickName" is not coming from the hostname defined in # the first field then the person will get the error message "No O: lines # for your host". # NOTE that since Crypted Passwords are defined by default in # include/config.h this text probably will not be plaintext. See # ircd/crypt/README for more information. # # class is the Y:Line class you want this operator to end up in after they # have successfully /oper'd. # # Access flags may be left blank, or * to give full access rights. Flags # are in the form of single characters making a string. Any combination # of the following can be used(these are cAsE sensitive characters): # # r = access to /rehash server # R = access to /restart server # D = access to /die server # h = oper can send /help ops # g = oper can send /globops # w = oper can send /wallops # l = oper can send /locops # c = access to do local /squits and /connects # L = access to do remote /squits and /connects # k = access to do local /kills # K = access to do global /kills # b = oper can /kline users from server # B = oper can /unkline users from server # n = oper can send local server notices(/notice $servername message) # G = oper can send global server notices(/notce $*.my.net message) # A = admin # u = oper can set /umode +c # f = oper can set /umode +f # ^ = oper can set /umode +I # e = oper can set /umode +e # W = oper can set /umode +W # H = oper gets auto +x on /oper # o = local oper, flags included: rhgwlckbBnuf # O = global oper, flags included: oRDCK # a = services admin, access to /samode # C = co admin # T = tech admin # A = admin # N = network admin access to remote /rehash and remote /restart and a bunch more # * = flags included: AaNCTzSHW^ # # This is a plain vanilla O:line: O:*.toledolink.com:nopassword:Russell:*:10 # # and this line forces ident: O:rmiller@glass.toledolink.com:nopassword:Russell::10 # # This line is a generic "local operator", because of the flags, the only # thing that really makes them global operators, is if they have the flags # CKN set in their access flags. # # this line permits the nickname "jhs" with the password of "ITBites" to # be a local operator only (be able to issue commands locally -- can /kill # and /squit and /connect -- but *only* locally) # O:*.something.net:ITBites:jhs:o:10 # # a crypted password line (NOTE that if you have crypted passwords, *all* # of you passwords must be crypted! In fact, if you are getting an error # "Incorrect Password" it may well be because crypted passwords are # defined and you have used plaintext. So my example of plaintext and # crypted strings in the same IRC server configuration file is an # impossibility (but it is just theoretical, which is why I explained both). # O:rmiller@*.toledolink.com:T0eiVgHrqeKTQ:Russell::10 # # U: [OPTIONAL]. This line defines the servers that IRC recognizes as being # allowed to make various changes to the IRC environment (mode changes, for # example), without complaining or otherwise obstructing them. For example, # DALnet requires the following line: U:services.my.net:*:* # # X: [ENCOURAGED]. This line defines the password that an operator must use # to restart or die the server. Note that they still myst have they R and D # flags. This is just a security precaution against accidentaly typing # /die or /restart # X:: X:diepass:restartpass # C: [NETWORKED]. These lines define what servers your server tries to # connect to. # N: [NETWORKED]. These lines define what servers your server permits # connections to be initiated from. # C/N lines MUST be used in pairs. You cannot have one without the other. # # C: lines contain the following fields: # C:remote server's hostname:passwd:remote server's name:port:conn class:options # N: lines contain the following fields: # N:remote server's hostname:passwd:remote server's name:host mask:conn class # # "host mask" is the number of parts in *your* hostname to mask to. For # instance, with my servername being "csa.bu.edu", if I wanted to present # my servername to be "*.bu.edu" I would have a host-mask portion of "1". # # it is *strongly* advised that your C/N line passwords be different for # security's sake. # # ident is allowed in the server's hostname part of the field. # The options field in a C:line is only available as of Unreal3.1.1 # Currently the only option is S which declares the link an SSL link. # If the other server is not compiled with SSL then the link will fail. # # these lines tell the server to automatically (note the port number, that # means automatic connection) connect to server2.my.net: C:foobar@server2.my.net:bigspark:server2.my.net:7000:32 N:foobar@server2.my.net:bigalpha:server2.my.net::32 # # This server's connection lines are more vanilla, masking the host to # *.toledolink.com (as described above): C:*.my.net:camelsrk00l:*.my.net::32 N:*.my.net:andsoarellamas:*.my.net:1:32 # # This this line makes use of the options field: # C:*.my.net:linkme:*.my.net:6667:32:S # N:*.my.net:linkme:*.my.net::32 # # K: [OPTIONAL]. These lines define user@host patterns to be banned from # this particular server (with an optional time field). Note that K: lines # are *not* global, and if you ban a user they can still use any other IRC # server (unless they have specifically been banned there as well). # # The time field (same as reason) is only used if you #define # TIMED_KLINES in config.h, and even then they are discouraged. # # the fields are defined as: # K:hostmask:reason:username # wildcards are permitted in any one of the fields, in other words, you can # K:*::* if you wanted (but your server wouldn't be used much ;-) # # Spaces are permitted in the reason field (you don't have to use _). # The /stats command has been modified to replace all spaces with _'s when # doing a /stats k. K:lines also allows you to specify a file to play to the # user when they are K:lined. To use this feature the reason must be in the # format of |filename. the filename must be kc.anythinghere, this is to prevent # the sending of text files such as your ircd.conf. # # This K: line bans the username "hrose" (the wildcards are used to make # sure that any ident-checking character will match) on any machine from # the University of Boston. K:*.bu.edu:Hacking #UnrealIRCD:*hrose* # # This K: line bans any users from acs*.bu.edu between the hours of 8am # and 12pm and 1pm and 5pm (the time is always the server's local time). # Time-based K-lines such as this require TIMED_KLINES in config.h to be # #defined. K:acs*.bu.edu:0800-1200,1300-1700:* # Note that 24 hour time is used (no "AM" or "PM"). # This K: line bans all *.foobar.com users and will play the file |kc.flooding # to the user as the reason. K:*.foobar.com:|kc.flooding:* # # E: [OPTIONAL]. This allows kline exceptions, even if a person matches # a K:line or /kline they are still allowed to connect. # # The fields are as follows # E:hostmask:reason:usermask # E:foo.bar.com:Oper on this server:*john21* # # # q: [DISCOURAGED]. These lines "quarantine" specified servers. Because # of the way they operates, the same q: lines MUST be installed by # everyone or the net will keep breaking. I CANNOT EMPHASIZE THIS ENOUGH. # Do NOT use q: lines lightly! # # This is NOT a nick q-line, if you wish to quarantine a NICK, see below. # # The fields are as follows: # q:*:reason why quarantine is in place:servername # q::this server is too slow and lags the net:cm5.eng.umd.edu # # Q: [OPTIONAL]. Different from the above type of q: line, these lines # prevent users on your server from picking certain nicks. This is useful # if your network has 'reserved' nicknames that should not be taken by # normal users. Note the difference in capitalization and BE CAREFUL! # # The fields are as follows: # Q:*:reason why quarantine is in place:nickname # # For example, You might want to use the following lines: Q::Reserved for services:ChanServ Q::Reserved for services:NickServ Q::Reserved for services:MemoServ Q::Reserved for services:OperServ Q::Reserved for services:HelpServ Q::Reserved for services:StatServ Q::Reserved for operators:IRCop Q::Reserved for operators:*Oper* Q::Reserved for administrators:Admin* # # # T: [OPTIONAL]. These allow you to specify different MOTD and RULES files # based on a users host. This is made so you can have MOTDs in different # languages so all users can see the MOTD and understand it. # # The fields are as follows: # T:host:motdfile:rulesfile # # T:*.fr:french.motd:french.rules # # # e: [OPTIONAL]. These lines allow you to specify a host which will not # be scanned by the proxy scanner when they connect. This is made so you # can allow some open proxys to connect while still killing others. Make # sure you use an IP and not a host for this line or it will not work. # NOTE: These are not the same as E:lines. # # The fields are as follows: # e:IP:*:* # # e:123.123.123:*:* # # # Z: [DISCOURAGED]. These block ALL incoming connections from a certain # IP address mask. They can stop users who log on and issue the SERVER # command a couple of times just to annoy irc ops. They are more # powerful that K-lines because they can stop users before they've had a # chance to register. This works on servers, SO BE VERY CAREFUL WITH # YOUR Z-LINE MASKS. Z-lines are a LAST RESORT. They are much too # dangerous and powerful to be using them instead of K-lines and akills. # # NOTE 1: Z-lines do NOT work on host names! Only IP addresses. # NOTE 2: Z-lines are part of /stats k. # NOTE 3: The :* at the end is REQUIRED. Not using it will cause both # ircd and chkconf to segfault without saying why. # # Syntax: # Z:IP mask:reason for zapping:* Z:127.0.0.1:Please don't log on from the local machine:* # # L: [OPTIONAL]. These lines "Leaf" specified servers. They are only # useful if you are a non-leaf site yourself. There are two ways you can # use L: lines. The first will limit one particular site to a particular # tree depth (including 0, which would mean the server has to connect with # no servers linked behind it otherwise the connection will fail). The # second will allow you to be selective about which other servers you wish # the connecting server to behave as a leaf towards. # # The fields are as follows: # L:disallow connections to this hostmask::server name:depth # For example, this will force kaja.gi.alaska.edu to connect only as a # leaf (if it is not a leaf, the link will be dropped): L:::kaja.gi.alaska.edu # This line will force cm5.eng.umd.edu to have a depth of only 1 below it # (that is, it is allowed to have only leaves connected to it): L:::cm5.eng.umd.edu:1 # # This line will prohibit anything matching *.edu to be connected behind # any server matching *.au: L:*.edu::*.au # # H: [OPTIONAL]. These lines define who you permit to act as a "hub" to # you (that is, who you permit to connect non-leafed servers to you). # # the first field may use wildcards, the third field *must* be an exact # match for a server's name (NOT a server's hostname, if they differ, the # server's name must be used). If the servername is a wildcard (e.g. *.au) # that is an acceptable name for the third field. # # The fields are as follows: # H:servers which are permitted entry::hub server # # Example, permit server.my.net to allow any servers behind it to # connect: H:*::server2.my.net # # Example, permit irc-2.mit.edu to allow any MIT servers behind it to # connect: H:*.mit.edu::irc-2.mit.edu # # P: [OPTIONAL]. This field allows the server to listen on various ports # (other than 7000) for connections. # # You can now bind internet ports to specific IP interface devices. To do # this put the IP address of the interface in the host field. To bind to # all interfaces, leave empty or put * in. # # P:lines can be limited to specific connections. For example you can make # a port listen for only server connections. The currently available flags # are: # # S - Server Only # C - Client(User) Only # J - JavaChat (for CR Java Client) # s - Secure SSL # * - CS flags # # The fields are as follows:: # P:IP# or UNIX socket file:*:*:port number # for example, an internet domain socket on port 6665 for the local # computer P:127.0.0.1:*:*:6665 # # Examples using flags P:127.0.0.1:S:*:6666 P:127.0.0.1:C:*:7000 # # V: [OPTIONAL]. These lines are very complex and allow you to deny a # server from linking based on what version of Unreal they are running, # as well as what flags the IRCd was compiled with. # # The fields are as follows: # V:protocol:flags:servermask # # The format for the protocol field is as follows: # >protocol - denys any protocols higher than that specified #