SHARE
TWEET

Untitled

a guest Jan 25th, 2016 95 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  
  2. /* ircd-hybrid reference configuration file
  3.  * Copyright (C) 2000-2013 Hybrid Development Team
  4.  *
  5.  * Written by ejb, wcampbel, db, leeh and others
  6.  *
  7.  * $Id: reference.conf 2467 2013-08-18 18:25:12Z michael $
  8.  *
  9.  * This version has been customized for Debian.
  10.  *
  11.  */
  12.  
  13. /*
  14.  * ########################################################################
  15.  * IMPORTANT NOTE:
  16.  *
  17.  * auth {} blocks MUST be specified in order of precedence.  The first one
  18.  * that matches a user will be used.  So place spoofs first, then specials,
  19.  * then general access.
  20.  * ########################################################################
  21.  *
  22.  * Shell style (#), C++ style (//) and C style comments are supported.
  23.  *
  24.  * Files may be included by either:
  25.  *        .include "filename"
  26.  *        .include <filename>
  27.  *
  28.  * Times/durations are written as:
  29.  *        12 hours 30 minutes 1 second
  30.  *        
  31.  * Valid units of time:
  32.  *        year, month, week, day, hour, minute, second
  33.  *
  34.  * Valid units of size:
  35.  *        megabyte/mbyte/mb, kilobyte/kbyte/kb, byte
  36.  *
  37.  * Sizes and times may be singular or plural.
  38.  */
  39.  
  40.  
  41. /*
  42.  * serverinfo {}:  contains information about the server
  43.  */
  44. serverinfo {
  45.     /*
  46.      * name: the name of this server. This cannot be changed at runtime.
  47.      */
  48.     name = "hybrid8.debian.local";
  49.  
  50.     /*
  51.      * sid: a server's unique ID. This is three characters long and must
  52.      * be in the form [0-9][A-Z0-9][A-Z0-9]. The first character must be
  53.      * a digit, followed by 2 alpha-numerical letters.
  54.      *
  55.      * NOTE: The letters must be capitalized. This cannot be changed at runtime.
  56.      */
  57.     sid = "0HY";
  58.  
  59.     /*
  60.      * description: the description of the server.
  61.      */
  62.     description = "ircd-hybrid 8.1-debian";
  63.  
  64.     /*
  65.      * network info: the name and description of the network this server
  66.      * is on. Shown in the 005 reply and used with serverhiding.
  67.      */
  68.     network_name = "debian";
  69.     network_desc = "This is My Network";
  70.  
  71.     /*
  72.      * hub: allow this server to act as a hub and have multiple servers
  73.      * connected to it.
  74.      */
  75.     hub = no;
  76.  
  77.     /*
  78.      * vhost: the IP to bind to when we connect outward to ipv4 servers.
  79.      * This should be an ipv4 IP only, or "*" for INADDR_ANY.
  80.      */
  81. #   vhost = "192.169.0.1";
  82.  
  83.     /*
  84.      * vhost6: the address to bind to when we make outgoing connections
  85.      * to IPv6 servers. This should be an IPv6 address, or "*" for INADDR_ANY.
  86.      */
  87. #   vhost6 = "3ffe:80e8:546::2";
  88.  
  89.     /* max_clients: the maximum number of clients allowed to connect. */
  90.     max_clients = 512;
  91.  
  92.     /*
  93.      * max_nick_length: only applies to local clients. Must be in the
  94.      * range of 9 to 30. Default is 9 if nothing else is specified.
  95.      */
  96.     max_nick_length = 15;
  97.  
  98.     /*
  99.      * max_topic_length: only applies to topics set by local clients.
  100.      * Must be in the range of 80 to 300. Default is 80 if nothing
  101.      * else is specified.
  102.      */
  103.     max_topic_length = 300;
  104.  
  105. };
  106.  
  107. /*
  108.  * admin {}:  contains admin information about the server
  109.  */
  110. admin {
  111.     name = "Smurf target";
  112.     description = "Main Server Administrator";
  113.     email = "<root@localhost>";
  114. };
  115.  
  116. /*
  117.  * class {}:  contains information about classes for users
  118.  */
  119. class {
  120.     /* name: the name of the class. */
  121.     name = "users";
  122.  
  123.     /*
  124.      * ping_time: how often a client must reply to a PING from the
  125.      * server before they are dropped.
  126.      */
  127.     ping_time = 90 seconds;
  128.  
  129.     /*
  130.      * number_per_ip: how many local users are allowed to connect
  131.      * from a single IP address  (optional)
  132.      */
  133.     number_per_ip = 2;
  134.  
  135.     /*
  136.      * max_local: how many local users are allowed to connect
  137.      * from a single ident@host  (optional)
  138.      */
  139.     max_local = 2;
  140.  
  141.     /*
  142.      * max_global: network-wide limit of users per ident@host  (optional)
  143.      */
  144.     max_global = 10;
  145.  
  146.     /*
  147.      * max_number: the maximum number of users allowed in this class (optional)
  148.      */
  149.     max_number = 100;
  150.  
  151.     /*
  152.      * the following lines are optional and allow you to define
  153.      * how many users can connect from one /NN subnet.
  154.      */
  155.     cidr_bitlen_ipv4 = 24;
  156.     cidr_bitlen_ipv6 = 120;
  157.     number_per_cidr = 16;
  158.  
  159.     /*
  160.      * sendq: the amount of data allowed in a client's send queue before
  161.      * they are dropped.
  162.      */
  163.     sendq = 100 kbytes;
  164.  
  165.     /*
  166.      * recvq: the amount of data allowed in a client's receive queue before
  167.      * they are dropped for flooding. Defaults to 2560 if the chosen
  168.      * value isn't within the range of 512 to 8000.
  169.      */
  170.     recvq = 2560 bytes;
  171. };
  172.  
  173. class {
  174.     name = "opers";
  175.     ping_time = 90 seconds;
  176.     number_per_ip = 10;
  177.     max_number = 100;
  178.     sendq = 100 kbytes;
  179.  
  180.     /*
  181.      * min_idle: minimum idle time that is shown in /whois.
  182.      */
  183.     min_idle = 3 hours;
  184.  
  185.     /*
  186.      * max_idle: maximum idle time that is shown in /whois.
  187.      */
  188.     max_idle = 8 hours;
  189.  
  190.     /*
  191.      * flags:
  192.      *
  193.      * random_idle          - a fake idle time is set randomly between
  194.      *                        min_idle and max_idle
  195.      * hide_idle_from_opers - the fake idle time will also be shown to operators
  196.      */
  197.     flags = random_idle, hide_idle_from_opers;
  198. };
  199.  
  200. class {
  201.     name = "server";
  202.     ping_time = 90 seconds;
  203.  
  204.     /*
  205.      * connectfreq: only used in server classes. Specifies the delay
  206.      * between autoconnecting to servers.
  207.      */
  208.     connectfreq = 5 minutes;
  209.  
  210.     /* max number: the number of servers to autoconnect to. */
  211.     max_number = 1;
  212.  
  213.     /* sendq: servers need a higher sendq as they send more data. */
  214.     sendq = 2 megabytes;
  215. };
  216.  
  217. /*
  218.  * motd {}: Allows the display of a different MOTD to a client
  219.  * depending on its origin. Applies to local users only.
  220.  */
  221. motd {
  222.     /*
  223.      * mask: multiple mask entries are permitted. Mask can either be
  224.      * a class name or a hostname.
  225.      */
  226.     mask = "*.at";
  227.     mask = "*.de";
  228.     mask = "*.ch";
  229.  
  230.     /*
  231.      * file: path to the actual motd file.
  232.      */
  233.     file = "/etc/ircd-hybrid/german.motd";
  234. };
  235.  
  236. /*
  237.  * listen {}:  contains information about the ports ircd listens on
  238.  */
  239. listen {
  240.     /*
  241.      * port: the port to listen on. If no host is specified
  242.      * earlier in the listen {} block, it will listen on all available IPs.
  243.      *
  244.      * Ports are separated by commas; a range may be specified using ".."
  245.      */
  246.  
  247.     /* port: listen on all available IP addresses, ports 6665 to 6669 */
  248.     port = 6665 .. 6669;
  249.  
  250.     /*
  251.      * host: set a specific IP address/host to listen on using the
  252.      * subsequent port definitions. This may be IPv4 or IPv6.
  253.      */
  254.     #host = "1.2.3.4";
  255.     #port = 7000, 7001;
  256.  
  257.     #host = "3ffe:1234:a:b:c::d";
  258.     #port = 7002;
  259. };
  260.  
  261. /*
  262.  * auth {}:  allow users to connect to the ircd
  263.  */
  264. auth {
  265.     /*
  266.      * user: the user@host allowed to connect. Multiple user
  267.      * lines are permitted within each auth block.
  268.      */
  269.     user = "*@127.0.0.1";
  270.     #user = "*test@123D:B567:*";
  271.  
  272.     /* password: an optional password that is required to use this block */
  273.     #password = "letmein";
  274.  
  275.     /*
  276.      * encrypted: controls whether the auth password above has been
  277.      * encrypted.
  278.      */
  279.     #encrypted = yes;
  280.  
  281.     /*
  282.      * spoof: fake the user's host to this. This is free-form, just do
  283.      * everyone a favor and don't abuse it. ('=' prefix on /stats I)
  284.      */
  285.     spoof = "i.love.debian.org";
  286.  
  287.     /* class: the class the user is placed in */
  288.     class = "opers";
  289.  
  290.     /*
  291.      * need_password - don't allow users who haven't supplied the correct
  292.      *                 password to connect using another auth{} block
  293.      *                 ('&' prefix on /stats I if disabled)
  294.      * need_ident    - require the user to have identd to connect ('+' prefix on /stats I)
  295.      * spoof_notice  - enable spoofing notification to admins
  296.      * exceed_limit  - allow a user to exceed class limits ('>' prefix on /stats I)
  297.      * kline_exempt  - exempt this user from k/glines ('^' prefix on /stats I)
  298.      * gline_exempt  - exempt this user from glines ('_' prefix on /stats I)
  299.      * resv_exempt   - exempt this user from resvs ('$' prefix on /stats I)
  300.      * no_tilde      - remove ~ from a user with no ident ('-' prefix on /stats I)
  301.      * can_flood     - allow this user to exceed flood limits ('|' prefix on /stats I)
  302.      * webirc        - enables WEBIRC authentication for web-based clients such as Mibbit
  303.      *                 ('<' prefix on /stats I)
  304.      */
  305.     flags = need_password, spoof_notice, exceed_limit, kline_exempt,
  306.         gline_exempt, resv_exempt, no_tilde, can_flood;
  307. };
  308.  
  309. #auth {
  310. #   /*
  311. #    * redirect: the server and port to redirect a user to. A user does not
  312. #    * have to obey the redirection; the ircd just suggests an alternative
  313. #    * server for them.
  314. #    */
  315. #   redirserv = "this.is.not.a.real.server";
  316. #   redirport = 6667;
  317. #
  318. #   user = "*.server";
  319. #
  320. #   /* class: a class is required even though it is not used */
  321. #   class = "users";
  322. #};
  323.  
  324. auth {
  325.     user = "*@*";
  326.     class = "users";
  327.     flags = need_ident;
  328. };
  329.  
  330. /*
  331.  * operator {}:  defines ircd operators
  332.  */
  333. #operator {
  334. #   /* name: the name of the oper */
  335. #   name = "sheep";
  336. #
  337. #   /*
  338. #    * user: the user@host required for this operator. Multiple
  339. #    * user="" lines are supported.
  340. #    */
  341. #   user = "*sheep@192.168.0.0/16";
  342. #   user = "*@127.0.0.0/8";
  343. #
  344. #   /*
  345. #    * password: the password required to oper. By default this will
  346. #    * need to be encrypted by using the provided mkpasswd tool.
  347. #    * Several password hash algorithms are available depending
  348. #    * on your system's crypt() implementation. For example, a modern
  349. #    * glibc already has support for the SHA-256/512 and MD5 encryption
  350. #    * algorithms.
  351. #    */
  352. #   password = "$5$x5zof8qe.Yc7/bPp$5zIg1Le2Lsgd4CvOjaD20pr5PmcfD7ha/9b2.TaUyG4";
  353. #
  354. #   /*
  355. #    * encrypted: controls whether the oper password above has been
  356. #    * encrypted.
  357. #    */
  358. #   encrypted = yes;
  359. #
  360. #   /* class: the class the oper joins when they successfully /oper */
  361. #   class = "opers";
  362. #
  363. #   /*
  364. #    * umodes: the default usermodes opers get when they /oper. If defined,
  365. #    * it will override oper_umodes settings in general {}.
  366. #    * Available usermodes:
  367. #    *
  368. #    * +b - bots         - See bot and drone flooding notices
  369. #    * +c - cconn        - Client connection/quit notices
  370. #    * +D - deaf         - Don't receive channel messages
  371. #    * +d - debug        - See debugging notices
  372. #    * +e - external     - See remote server connection and split notices
  373. #    * +F - farconnect   - Remote client connection/quit notices
  374. #    * +f - full         - See auth{} block full notices
  375. #    * +G - softcallerid - Server Side Ignore for users not on your channels
  376. #    * +g - callerid     - Server Side Ignore (for privmsgs etc)
  377. #    * +H - hidden       - Hides operator status to other users
  378. #    * +i - invisible    - Not shown in NAMES or WHO unless you share a channel
  379. #    * +j - rej          - See rejected client notices
  380. #    * +k - skill        - See server generated KILL messages
  381. #    * +l - locops       - See LOCOPS messages
  382. #    * +n - nchange      - See client nick changes
  383. #    * +R - nononreg     - Only receive private messages from registered clients
  384. #    * +s - servnotice   - See general server notices
  385. #    * +u - unauth       - See unauthorized client notices
  386. #    * +w - wallop       - See server generated WALLOPS
  387. #    * +y - spy          - See LINKS, STATS, TRACE notices etc.
  388. #    * +z - operwall     - See oper generated WALLOPS
  389. #    */
  390. #   umodes = locops, servnotice, operwall, wallop;
  391. #
  392. #   /*
  393. #    * privileges: controls the activities and commands an oper is
  394. #    * allowed to do on the server. All options default to no.
  395. #    * Available options:
  396. #    *
  397. #    * module         - allows MODULE
  398. #    * connect        - allows local CONNECT              | ('P' flag)
  399. #    * connect:remote - allows remote CONNECT             | ('Q' flag)
  400. #    * squit          - allows local SQUIT                | ('R' flag)
  401. #    * squit:remote   - allows remote SQUIT               | ('S' flag)
  402. #    * kill           - allows to KILL local clients      | ('N' flag)
  403. #    * kill:remote    - allows remote users to be /KILL'd | ('O' flag)
  404. #    * remoteban      - allows remote KLINE/UNKLINE       | ('B' flag)
  405. #    * dline          - allows DLINE                      |
  406. #    * undline        - allows UNDLINE                    |
  407. #    * kline          - allows KLINE                      | ('K' flag)
  408. #    * unkline        - allows UNKLINE                    | ('U' flag)
  409. #    * gline          - allows GLINE                      | ('G' flag)
  410. #    * xline          - allows XLINE                      | ('X' flag)
  411. #    * locops         - allows LOCOPS                     |
  412. #    * globops        - allows GLOBOPS                    |
  413. #    * wallops        - allows WALLOPS                    |
  414. #    * operwall       - allows OPERWALL                   | ('L' flag)
  415. #    * rehash         - allows oper to REHASH config      | ('H' flag)
  416. #    * die            - allows DIE                        | ('D' flag)
  417. #    * restart        - allows RESTART                    |
  418. #    * set            - allows SET                        |
  419. #    * admin          - gives administrator privileges    | ('A' flag)
  420. #    */
  421. #   flags = kill, kill:remote, connect, connect:remote, kline, unkline,
  422. #       xline, globops, restart, die, rehash, admin, operwall, module;
  423. #};
  424.  
  425. /*
  426.  * service {}: specifies a server which may act as a network service
  427.  *
  428.  * NOTE: it is very important that every server on the network
  429.  *       has the same service{} block.
  430.  */
  431. #service {
  432. #   name = "service.someserver";
  433. #   name = "stats.someserver";
  434. #};
  435.  
  436. /*
  437.  * connect {}: define a server to connect to
  438.  * IMPORTANT NOTE for Debian users: before you configure any links to
  439.  * other servers, change the sid earlier in this config file to a
  440.  * value which will be unique within the network.
  441.  */
  442. #connect {
  443. #   /* name: the name of the server */
  444. #   name = "irc.uplink.com";
  445. #
  446. #   /*
  447. #    * host: the host or IP address to connect to. If a hostname is used it
  448. #    * must match the reverse DNS of the server.
  449. #    */
  450. #   host = "192.168.0.1";
  451. #
  452. #   /*
  453. #    * vhost: the IP address to bind to when making outgoing connections to
  454. #    * servers.
  455. #    * serverinfo::vhost and serverinfo::vhost6 will be overridden
  456. #    * by this directive.
  457. #    */
  458. #   vhost = "192.168.0.2";
  459. #
  460. #   /*
  461. #    * passwords: the passwords to send (OLD C:) and accept (OLD N:).
  462. #    * The remote server will have these passwords swapped.
  463. #    */
  464. #   send_password = "password";
  465. #   accept_password = "anotherpassword";
  466. #
  467. #   /*
  468. #    * encrypted: controls whether the accept_password above has been
  469. #    * encrypted.
  470. #    */
  471. #   encrypted = no;
  472. #
  473. #   /* port: the port to connect to this server on */
  474. #   port = 6666;
  475. #
  476. #   /*
  477. #    * hub_mask: the mask of servers that this server may hub. Multiple
  478. #    * entries are permitted.
  479. #    */
  480. #   hub_mask = "*";
  481. #
  482. #   /*
  483. #    * leaf_mask: the mask of servers this server may not hub. Multiple
  484. #    * entries are permitted. Useful for forbidding EU -> US -> EU routes.
  485. #    */
  486. ##  leaf_mask = "*.uk";
  487. #
  488. #   /* class: the class this server is in */
  489. #   class = "server";
  490. #
  491. #   /*
  492. #    * autoconn   - controls whether we autoconnect to this server or not,
  493. #    *              dependent on class limits. By default, this is disabled.
  494. #    */
  495. ##  flags = autoconn;
  496. #};
  497.  
  498. #connect {
  499. #   name = "ipv6.some.server";
  500. #   host = "3ffd:dead:beef::1";
  501. #   send_password = "password";
  502. #   accept_password = "password";
  503. #   port = 6666;
  504. #
  505. #   /*
  506. #    * aftype: controls whether the connection uses "ipv4" or "ipv6".
  507. #    * Default is ipv4.
  508. #    */
  509. #   aftype = ipv6;
  510. #   class = "server";
  511. #};
  512.  
  513. /*
  514.  * cluster {}:  servers that share klines/unkline/xline/unxline/resv/unresv/locops
  515.  * automatically
  516.  */
  517. #cluster {
  518. #   /*
  519. #    * name: the server to share with; this can take wildcards
  520. #    *
  521. #    * NOTE: only local actions will be clustered, meaning that if
  522. #    *       the server receives a shared kline/unkline/etc, it
  523. #    *       will not be propagated to clustered servers.
  524. #    *
  525. #    *       Remote servers are not necessarily required to accept
  526. #    *       clustered lines, they need a shared{} for *THIS* server
  527. #    *       in order to accept them.
  528. #    */
  529. #   name = "*.arpa";
  530. #
  531. #   /*
  532. #    * type: list of what to share; options are as follows:
  533. #    *      dline   - share dlines
  534. #    *      undline - share undlines
  535. #    *      kline   - share klines
  536. #    *      unkline - share unklines
  537. #    *      xline   - share xlines
  538. #    *      unxline - share unxlines
  539. #    *      resv    - share resvs
  540. #    *      unresv  - share unresvs
  541. #    *      locops  - share locops
  542. #    *      all     - share all of the above (default)
  543. #    */
  544. #   type = kline, unkline, locops, xline, resv;
  545. #};
  546.  
  547. /*
  548.  * shared {}: users that are allowed to remote kline
  549.  *
  550.  * NOTE: This can effectively be used for remote klines.
  551.  *       Please note that there is no password authentication
  552.  *       for users setting remote klines. You must also be
  553.  *       /oper'd in order to issue a remote kline.
  554.  */
  555. shared {
  556.     /*
  557.      * name: the server the user must be connected to in order to set klines.
  558.      * If this is not specified, the user will be allowed to kline from all
  559.      * servers.
  560.      */
  561.     name = "hybrid8.debian.local";
  562.  
  563.     /*
  564.      * user: the user@host mask that is allowed to set klines. If this is
  565.      * not specified, all users on the server above will be allowed to set
  566.      * a remote kline.
  567.      */
  568.     user = "root@localhost";
  569.  
  570.     /*
  571.      * type: list of what to share, options are as follows:
  572.      *      dline   - allow oper/server to dline
  573.      *      undline - allow oper/server to undline
  574.      *      kline   - allow oper/server to kline
  575.      *      unkline - allow oper/server to unkline
  576.      *      xline   - allow oper/server to xline
  577.      *      unxline - allow oper/server to unxline
  578.      *      resv    - allow oper/server to resv
  579.      *      unresv  - allow oper/server to unresv
  580.      *      locops  - allow oper/server to locops - only used for servers that cluster
  581.      *      all     - allow oper/server to do all of the above (default)
  582.      */
  583.     type = kline, unkline, resv;
  584. };
  585.  
  586. /*
  587.  * kill {}:  users that are not allowed to connect
  588.  * Oper issued klines will be added to the specified kline config
  589.  */
  590. #kill {
  591. #   user = "bad@*.hacked.edu";
  592. #   reason = "Obviously hacked account";
  593. #};
  594.  
  595. /*
  596.  * deny {}:  IP addresses that are not allowed to connect
  597.  * (before DNS/ident lookup)
  598.  * Oper issued dlines will be added to the specified dline config
  599.  */
  600. #deny {
  601. #   ip = "10.0.1.0/24";
  602. #   reason = "Reconnecting vhosted bots";
  603. #};
  604.  
  605. /*
  606.  * exempt {}:  IP addresses that are exempt from deny {} and Dlines
  607.  */
  608. #exempt {
  609. #   ip = "192.168.0.0/16";
  610. #};
  611.  
  612. /*
  613.  * resv {}:  nicks and channels users may not use/join
  614.  */
  615. resv { mask = "clone*"; reason = "Clone bots"; };
  616. resv { mask = "ChanServ"; reason = "Reserved for services"; };
  617. resv { mask = "NickServ"; reason = "Reserved for services"; };
  618. resv { mask = "OperServ"; reason = "Reserved for services"; };
  619. resv { mask = "MemoServ"; reason = "Reserved for services"; };
  620. resv { mask = "BotServ"; reason = "Reserved for services"; };
  621. resv { mask = "HelpServ"; reason = "Reserved for services"; };
  622. resv { mask = "HostServ"; reason = "Reserved for services"; };
  623. resv { mask = "StatServ"; reason = "Reserved for services"; };
  624. resv { mask = "#*services*"; reason = "Reserved for services"; };
  625.  
  626. #resv {
  627. #   /*
  628. #    * mask: masks starting with a '#' are automatically considered
  629. #    * as channel name masks.
  630. #    */
  631. #   mask = "#helsinki";
  632. #   reason = "Channel is reserved for finnish inhabitants";
  633. #
  634. #   /*
  635. #    * exempt: can be either a ISO 3166 alpha-2 two letter country
  636. #    * code, or a nick!user@host mask. CIDR is supported. Exempt
  637. #    * entries can be stacked.
  638. #    */
  639. #   exempt = "FI";
  640. #};
  641.  
  642. /*
  643.  * gecos {}:  Used for banning users based on their "realname".
  644.  */
  645. #gecos {
  646. #   name = "*sex*";
  647. #   reason = "Possible spambot";
  648. #};
  649.  
  650. #gecos {
  651. #   name = "sub7server";
  652. #   reason = "Trojan drone";
  653. #};
  654.  
  655. /*
  656.  * channel {}:  The channel block contains options pertaining to channels
  657.  */
  658. channel {
  659.     /*
  660.      * disable_fake_channels: this option, if set to 'yes', will
  661.      * disallow clients from creating or joining channels that have one
  662.      * of the following ASCII characters in their name:
  663.      *
  664.      *   2 | bold
  665.      *   3 | mirc color
  666.      *  15 | plain text
  667.      *  22 | reverse
  668.      *  29 | italic
  669.      *  31 | underline
  670.      * 160 | non-breaking space
  671.      */
  672.     disable_fake_channels = yes;
  673.  
  674.     /*
  675.      * knock_delay: The amount of time a user must wait between issuing
  676.      * the knock command.
  677.      */
  678.     knock_delay = 5 minutes;
  679.  
  680.     /*
  681.      * knock_delay_channel: How often a knock to any specific channel
  682.      * is permitted, regardless of the user sending the knock.
  683.      */
  684.     knock_delay_channel = 1 minute;
  685.  
  686.     /*
  687.      * max_chans_per_user: The maximum number of channels a user can
  688.      * join/be on.
  689.      */
  690.     max_chans_per_user = 25;
  691.  
  692.     /*
  693.      * max_chans_per_oper: The maximum number of channels an oper can
  694.      * join/be on.
  695.      */
  696.     max_chans_per_oper = 50;
  697.  
  698.     /* max_bans: maximum number of +b/e/I modes in a channel */
  699.     max_bans = 100;
  700.  
  701.     /*
  702.      * how many joins in how many seconds constitute a flood. Use 0 to
  703.      * disable. +b opers will be notified (changeable via /set)
  704.      */
  705.     join_flood_count = 16;
  706.     join_flood_time = 8 seconds;
  707.  
  708.     /*
  709.      * The ircd will now check splitmode (whether a server is split from
  710.      * the network) every few seconds; this functionality is known as
  711.      * splitcode and is influenced by the options below.
  712.      *
  713.      * Either split users or split servers can activate splitmode, but
  714.      * both conditions must be met for the ircd to deactivate splitmode.
  715.      *
  716.      * You may force splitmode to be permanent by /quote set splitmode on
  717.      */
  718.  
  719.     /*
  720.      * default_split_user_count: when the usercount is lower than this level,
  721.      * consider ourselves split. This must be set for automatic splitmode.
  722.      */
  723.     default_split_user_count = 0;
  724.  
  725.     /*
  726.      * default_split_server_count: when the servercount is lower than this,
  727.      * consider ourselves split. This must be set for automatic splitmode.
  728.      */
  729.     default_split_server_count = 0;
  730.  
  731.     /* no_create_on_split: do not allow users to create channels on split. */
  732.     no_create_on_split = yes;
  733.  
  734.     /* no_join_on_split: do not allow users to join channels on a split. */
  735.     no_join_on_split = no;
  736. };
  737.  
  738. /*
  739.  * serverhide {}:  The serverhide block contains the options regarding
  740.  * to server hiding
  741.  */
  742. serverhide {
  743.     /*
  744.      * disable_remote_commands: disable users issuing commands
  745.      * on remote servers.
  746.      */
  747.     disable_remote_commands = no;
  748.  
  749.     /*
  750.      * flatten_links: this option will show all servers in /links appear
  751.      * as though they are linked to this current server.
  752.      */
  753.     flatten_links = no;
  754.  
  755.     /*
  756.      * links_delay: how often to update the links file when it is
  757.      * flattened.
  758.      */
  759.     links_delay = 5 minutes;
  760.  
  761.     /*
  762.      * hidden: hide this server from a /links output on servers that
  763.      * support it. This allows hub servers to be hidden etc.
  764.      */
  765.     hidden = no;
  766.  
  767.     /*
  768.      * hide_servers: hide remote servernames everywhere and instead use
  769.      * hidden_name and network_desc.
  770.      */
  771.     hide_servers = no;
  772.  
  773.     /*
  774.      * hide_services: define this if you want to hide the location of
  775.      * services servers that are specified in the service{} block.
  776.      */
  777.     hide_services = no;
  778.  
  779.     /*
  780.      * Use this as the servername users see if hide_servers = yes.
  781.      */
  782.     hidden_name = "*.hidden.example.net";
  783.  
  784.     /*
  785.      * hide_server_ips: If this is disabled, opers will be unable to see
  786.      * servers' IP addresses and will be shown a masked IP address; admins
  787.      * will be shown the real IP address.
  788.      *
  789.      * If this is enabled, nobody can see a server's IP address.
  790.      * *This is a kludge*: it has the side effect of hiding the IP addresses
  791.      * everywhere, including logfiles.
  792.      *
  793.      * We recommend you leave this disabled, and just take care with who you
  794.      * give administrator privileges to.
  795.      */
  796.     hide_server_ips = no;
  797. };
  798.  
  799. /*
  800.  * general {}:  The general block contains many of the options that were once
  801.  * compiled in options in config.h
  802.  */
  803. general {
  804.     /*
  805.      * cycle_on_host_change: sends a fake QUIT/JOIN combination
  806.      * when services change the hostname of a specific client.
  807.      */
  808.     cycle_on_host_change = yes;
  809.  
  810.     /* services_name: servername of nick/channel services */
  811.     #services_name = "service.someserver";
  812.  
  813.     /* max_watch: maximum WATCH entries a client can have. */
  814.     max_watch = 60;
  815.  
  816.     /* gline_enable: enable glines (network-wide temporary klines). */
  817.     gline_enable = yes;
  818.  
  819.     /*
  820.      * gline_duration: the amount of time a gline will remain on your
  821.      * server before expiring.
  822.      */
  823.     gline_duration = 1 day;
  824.  
  825.     /*
  826.      * gline_request_duration: how long a pending G-line can be around.
  827.      * 10 minutes should be plenty.
  828.      */
  829.     gline_request_duration = 10 minutes;
  830.  
  831.     /*
  832.      * gline_min_cidr: the minimum required length of a CIDR bitmask
  833.      * for IPv4 based glines.
  834.      */
  835.     gline_min_cidr = 16;
  836.  
  837.     /*
  838.      * gline_min_cidr6: the minimum required length of a CIDR bitmask
  839.      * for IPv6 based glines.
  840.      */
  841.     gline_min_cidr6 = 48;
  842.  
  843.     /*
  844.      * Whether to automatically set mode +i on connecting users.
  845.      */
  846.     invisible_on_connect = yes;
  847.  
  848.     /*
  849.      * kill_chase_time_limit: KILL chasing is a feature whereby a KILL
  850.      * issued for a user who has recently changed nickname will be applied
  851.      * automatically to the new nick. kill_chase_time_limit is the maximum
  852.      * time following a nickname change that this chasing will apply.
  853.      */
  854.     kill_chase_time_limit = 90 seconds;
  855.  
  856.     /*
  857.      * hide_spoof_ips: if disabled, opers will be allowed to see the real
  858.      * IP address of spoofed users in /trace etc. If this is defined they
  859.      * will be shown a masked IP.
  860.      */
  861.     hide_spoof_ips = yes;
  862.  
  863.     /*
  864.      * Ignore bogus timestamps from other servers. Yes, this will desync the
  865.      * network, but it will allow chanops to resync with a valid non TS 0
  866.      *
  867.      * This should be enabled network wide, or not at all.
  868.      */
  869.     ignore_bogus_ts = no;
  870.  
  871.     /*
  872.      * disable_auth: completely disable ident lookups; if you enable this,
  873.      * be careful of what you set need_ident to in your auth {} blocks
  874.      */
  875.     disable_auth = no;
  876.  
  877.     /*
  878.      * tkline_expire_notices: enables or disables temporary kline/xline
  879.      * expire notices.
  880.      */
  881.     tkline_expire_notices = no;
  882.  
  883.     /*
  884.      * default_floodcount: the default value of floodcount that is configurable
  885.      * via /quote set floodcount. This is the number of lines a user
  886.      * may send to any other user/channel in one second.
  887.      */
  888.     default_floodcount = 10;
  889.  
  890.     /*
  891.      * failed_oper_notice: send a notice to all opers on the server when
  892.      * someone tries to OPER and uses the wrong password, host or ident.
  893.      */
  894.     failed_oper_notice = yes;
  895.  
  896.     /*
  897.      * dots_in_ident: the number of '.' characters permitted in an ident
  898.      * reply before the user is rejected.
  899.      */
  900.     dots_in_ident = 2;
  901.  
  902.     /*
  903.      * min_nonwildcard: the minimum number of non-wildcard characters in
  904.      * k/d/g lines placed via the server. K-lines hand-placed are exempt from
  905.      * this limit.
  906.      * Wildcard chars: '.', ':', '*', '?', '@', '!'
  907.      */
  908.     min_nonwildcard = 4;
  909.  
  910.     /*
  911.      * min_nonwildcard_simple: the minimum number of non-wildcard characters
  912.      * in gecos bans. Wildcard chars: '*', '?'
  913.      */
  914.     min_nonwildcard_simple = 3;
  915.  
  916.     /* max_accept: maximum allowed /accept's for +g usermode. */
  917.     max_accept = 20;
  918.  
  919.     /* anti_nick_flood: enable the nickflood control code. */
  920.     anti_nick_flood = yes;
  921.  
  922.     /* nick flood: the number of nick changes allowed in the specified period */
  923.     max_nick_time = 20 seconds;
  924.     max_nick_changes = 5;
  925.  
  926.     /*
  927.      * anti_spam_exit_message_time: the minimum time a user must be connected
  928.      * before custom quit messages are allowed.
  929.      */
  930.     anti_spam_exit_message_time = 5 minutes;
  931.  
  932.     /*
  933.      * ts delta: the time delta allowed between server clocks before
  934.      * a warning is given, or before the link is dropped. All servers
  935.      * should run ntpdate/rdate to keep clocks in sync
  936.      */
  937.     ts_warn_delta = 30 seconds;
  938.     ts_max_delta = 5 minutes;
  939.  
  940.     /*
  941.      * warn_no_nline: warn opers about servers that try to connect but
  942.      * for which we don't have a connect {} block. Twits with misconfigured
  943.      * servers can become really annoying with this enabled.
  944.      */
  945.     warn_no_nline = yes;
  946.  
  947.     /*
  948.      * stats_e_disabled: set this to 'yes' to disable "STATS e" for both
  949.      * operators and administrators. Doing so is a good idea in case
  950.      * there are any exempted (exempt{}) server IPs you don't want to
  951.      * see leaked.
  952.      */
  953.     stats_e_disabled = no;
  954.  
  955.     /* stats_o_oper only: make stats o (opers) oper only */
  956.     stats_o_oper_only = yes;
  957.  
  958.     /* stats_P_oper_only: make stats P (ports) oper only */
  959.     stats_P_oper_only = yes;
  960.  
  961.     /* stats_u_oper_only: make stats u (uptime) oper only */
  962.     stats_u_oper_only = no;
  963.  
  964.     /*
  965.      * stats i oper only: make stats i (auth {}) oper only. Set to:
  966.      *     yes    - show users no auth blocks, made oper only.
  967.      *     masked - show users the first matching auth block
  968.      *     no     - show users all auth blocks.
  969.      */
  970.     stats_i_oper_only = yes;
  971.  
  972.     /*
  973.      * stats_k_oper_only: make stats k/K (klines) oper only. Set to:
  974.      *     yes    - show users no auth blocks, made oper only
  975.      *     masked - show users the first matching auth block
  976.      *     no     - show users all auth blocks.
  977.      */
  978.     stats_k_oper_only = yes;
  979.  
  980.     /*
  981.      * caller_id_wait: time between notifying a +g user that somebody
  982.      * is messaging them.
  983.      */
  984.     caller_id_wait = 1 minute;
  985.  
  986.     /*
  987.      * opers_bypass_callerid: allows operators to bypass +g and message
  988.      * anyone who has it set (useful if you use services).
  989.      */
  990.     opers_bypass_callerid = no;
  991.  
  992.     /*
  993.      * pace_wait_simple: minimum time required between use of less
  994.      * intensive commands
  995.      * (ADMIN, HELP, (L)USERS, VERSION, remote WHOIS)
  996.      */
  997.     pace_wait_simple = 1 second;
  998.  
  999.     /*
  1000.      * pace_wait: minimum time required between use of more intensive commands
  1001.      * (AWAY, INFO, LINKS, MAP, MOTD, STATS, WHO, wildcard WHOIS, WHOWAS)
  1002.      */
  1003.     pace_wait = 10 seconds;
  1004.  
  1005.     /*
  1006.      * short_motd: send clients a notice telling them to read the MOTD
  1007.      * instead of forcing an MOTD to clients who may simply ignore it.
  1008.      */
  1009.     short_motd = no;
  1010.  
  1011.     /*
  1012.      * ping_cookie: require clients to respond exactly to a ping command,
  1013.      * can help block certain types of drones and FTP PASV mode spoofing.
  1014.      */
  1015.     ping_cookie = no;
  1016.  
  1017.     /* no_oper_flood: increase flood limits for opers. */
  1018.     no_oper_flood = yes;
  1019.  
  1020.     /*
  1021.      * true_no_oper_flood: completely eliminate flood limits for opers
  1022.      * and for clients with can_flood = yes in their auth {} blocks.
  1023.      */
  1024.     true_no_oper_flood = yes;
  1025.  
  1026.     /* oper_pass_resv: allow opers to over-ride RESVs on nicks/channels. */
  1027.     oper_pass_resv = yes;
  1028.  
  1029.     /* REMOVE ME. The following line checks that you have been reading. */
  1030.     #havent_read_conf = 1;
  1031.  
  1032.     /*
  1033.      * max_targets: the maximum number of targets in a single
  1034.      * PRIVMSG/NOTICE. Set to 999 NOT 0 for unlimited.
  1035.      */
  1036.     max_targets = 4;
  1037.  
  1038.     /*
  1039.      * usermodes configurable: a list of usermodes for the options below
  1040.      *
  1041.      * +b - bots         - See bot and drone flooding notices
  1042.      * +c - cconn        - Client connection/quit notices
  1043.      * +D - deaf         - Don't receive channel messages
  1044.      * +d - debug        - See debugging notices
  1045.      * +e - external     - See remote server connection and split notices
  1046.      * +F - farconnect   - Remote client connection/quit notices
  1047.      * +f - full         - See auth{} block full notices
  1048.      * +G - softcallerid - Server Side Ignore for users not on your channels
  1049.      * +g - callerid     - Server Side Ignore (for privmsgs etc)
  1050.      * +H - hidden       - Hides operator status to other users
  1051.      * +i - invisible    - Not shown in NAMES or WHO unless you share a channel
  1052.      * +j - rej          - See rejected client notices
  1053.      * +k - skill        - See server generated KILL messages
  1054.      * +l - locops       - See LOCOPS messages
  1055.      * +n - nchange      - See client nick changes
  1056.      * +R - nononreg     - Only receive private messages from registered clients
  1057.      * +s - servnotice   - See general server notices
  1058.      * +u - unauth       - See unauthorized client notices
  1059.      * +w - wallop       - See server generated WALLOPS
  1060.      * +y - spy          - See LINKS, STATS, TRACE notices etc.
  1061.      * +z - operwall     - See oper generated WALLOPS
  1062.      */
  1063.  
  1064.     /* oper_only_umodes: usermodes only opers may set */
  1065.     oper_only_umodes = bots, cconn, debug, full, hidden, skill,
  1066.                            nchange, rej, spy, external, operwall,
  1067.                            locops, unauth, farconnect;
  1068.  
  1069.     /* oper_umodes: default usermodes opers get when they /oper */
  1070.     oper_umodes = bots, locops, servnotice, operwall, wallop;
  1071.  
  1072.     /*
  1073.      * use_egd: if your system does not have *random devices yet you
  1074.      * want to use OpenSSL and encrypted links, enable this. Beware -
  1075.      * EGD is *very* CPU intensive when gathering data for its pool.
  1076.      */
  1077. #   use_egd = yes;
  1078.  
  1079.     /*
  1080.      * egdpool_path: path to EGD pool. Not necessary for OpenSSL >= 0.9.7
  1081.      * which automatically finds the path.
  1082.      */
  1083. #   egdpool_path = "/var/run/egd-pool";
  1084.  
  1085.     /*
  1086.      * throttle_time: the minimum amount of time required between
  1087.      * connections from the same IP address. exempt {} blocks are excluded
  1088.      * from this throttling.
  1089.      * Offers protection against flooders who reconnect quickly.
  1090.      * Set to 0 to disable.
  1091.      */
  1092.     throttle_time = 10;
  1093. };
  1094.  
  1095. modules {
  1096.     /*
  1097.      * path: other paths to search for modules specified below
  1098.      * and in "/module load".
  1099.      */
  1100.     path = "/usr/lib/ircd-hybrid/modules";
  1101.     path = "/usr/lib/ircd-hybrid/modules/autoload";
  1102.  
  1103.     /* module: the name of a module to load on startup/rehash. */
  1104. #   module = "some_module.la";
  1105. };
  1106.  
  1107. /*
  1108.  * log {}:  contains information about logfiles.
  1109.  */
  1110. log {
  1111.     /* Do you want to enable logging to ircd.log? */
  1112.     use_logging = yes;
  1113.  
  1114.     file {
  1115.         type = oper;
  1116.         name = "/var/log/ircd/ircd-hybrid-oper.log";
  1117.         size = 10 megabytes;
  1118.     };
  1119.  
  1120.     file {
  1121.         type = user;
  1122.         name = "/var/log/ircd/ircd-hybrid-user.log";
  1123.         size = 10 megabytes;
  1124.     };
  1125.  
  1126.     file {
  1127.         type = kill;
  1128.         name = "/var/log/ircd/ircd-hybrid-kill.log";
  1129.         size = 10 megabytes;
  1130.     };
  1131.  
  1132.     file {
  1133.         type = kline;
  1134.         name = "/var/log/ircd/ircd-hybrid-kline.log";
  1135.         size = 10 megabytes;
  1136.     };
  1137.  
  1138.     file {
  1139.         type = dline;
  1140.         name = "/var/log/ircd/ircd-hybrid-dline.log";
  1141.         size = 10 megabytes;
  1142.     };
  1143.  
  1144.     file {
  1145.         type = gline;
  1146.         name = "/var/log/ircd/ircd-hybrid-gline.log";
  1147.         size = 10 megabytes;
  1148.     };
  1149.  
  1150.     file {
  1151.         type = xline;
  1152.         name = "/var/log/ircd/ircd-hybrid-xline.log";
  1153.         size = 10 megabytes;
  1154.     };
  1155.  
  1156.     file {
  1157.         type = resv;
  1158.         name = "/var/log/ircd/ircd-hybrid-resv.log";
  1159.         size = 10 megabytes;
  1160.     };
  1161.  
  1162.     file {
  1163.         type = debug;
  1164.         name = "/var/log/ircd/ircd-hybrid-debug.log";
  1165.         size = 10 megabytes;
  1166.     };
  1167. };
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top