/* doc/example.conf.quick - ircd-hybrid-8 Example configuration file * Copyright (C) 2000-2012 Hybrid Development Team * * Written by ejb, wcampbel, db, leeh and others * * $Id$ */ /* IMPORTANT NOTES: * * auth {} blocks MUST be specified in order of precedence. The first one * that matches a user will be used. So place spoofs first, then specials, * then general access, then restricted. * * Both shell style (#) and C style comments are supported. * * Files may be included by either: * .include "filename" * .include * * Times/durations are written as: * 12 hours 30 minutes 1 second * * Valid units of time: * month, week, day, hour, minute, second * * Valid units of size: * megabyte/mbyte/mb, kilobyte/kbyte/kb, byte * * Sizes and times may be singular or plural. */ /* EFNET NOTE: * * This config file is NOT suitable for EFNet. EFNet admins should use * example.efnet.conf */ serverinfo { name = "hades.arpa"; sid = "_CHANGE_ME_"; description = "ircd-hybrid test server"; network_name = "MyNet"; network_desc = "This is My Network"; hub = no; #vhost = "192.169.0.1"; #vhost6 = "3ffe:80e8:546::2"; max_clients = 512; #rsa_private_key_file = "/usr/local/ircd/etc/rsa.key"; #ssl_certificate_file = "/usr/local/ircd/etc/cert.pem"; #ssl_server_method = tlsv1, sslv3; #ssl_client_method = tlsv1; }; /* admin {}: contains admin information about the server. (OLD A:) */ admin { name = "Smurf target"; description = "Main Server Administrator"; email = ""; }; /* class {}: contain information about classes for users (OLD Y:) */ class { name = "users"; ping_time = 2 minutes; number_per_ip = 2; max_number = 100; sendq = 100 kbytes; recvq = 2560 bytes; }; class { name = "restricted"; ping_time = 1 minute 30 seconds; number_per_ip = 1; max_number = 100; sendq = 60kb; recvq = 2560 bytes; }; class { name = "opers"; ping_time = 5 minutes; number_per_ip = 10; max_number = 100; sendq = 100kbytes; }; class { name = "server"; ping_time = 5 minutes; connectfreq = 5 minutes; max_number = 1; sendq=2 megabytes; }; /* listen {}: contain information about the ports ircd listens on (OLD P:) */ listen { port = 6665 .. 6669; flags = ssl; port = 6697; host = "1.2.3.4"; port = 7000, 7001; host = "3ffe:1234:a:b:c::d"; port = 7002; }; /* auth {}: allow users to connect to the ircd (OLD I:) */ auth { user = "*@172.16.0.0/12"; user = "*test@123D:B567:*"; password = "letmein"; flags = need_password, spoof_notice, exceed_limit, kline_exempt, gline_exempt, no_tilde; spoof = "I.still.hate.packets"; class = "opers"; }; auth { redirserv = "irc.fi"; redirport = 6667; user = "*.fi"; class = "users"; }; auth { user = "*@*"; class = "users"; flags = need_ident; }; /* operator {}: defines ircd operators. (OLD O:) * ircd-hybrid no longer supports local operators, privileges are * controlled via flags. */ operator { name = "sheep"; user = "*sheep@*"; user = "*@127.0.0.1"; password = "etcnjl8juSU1E"; encrypted = yes; #rsa_public_key_file = "/usr/local/ircd/etc/oper.pub"; class = "opers"; flags = global_kill, remote, kline, unkline, gline, module, xline, die, rehash, nick_changes, admin, set; }; /* connect {}: controls servers we connect to (OLD C:, N:, H:, L:) */ connect { name = "irc.uplink.com"; host = "192.168.0.1"; send_password = "password"; accept_password = "anotherpassword"; encrypted = no; port = 6666; hub_mask = "*"; #leaf_mask = "*.uk"; class = "server"; flags = autoconn; }; connect { name = "ipv6.some.server"; host = "3ffd:dead:beef::1"; send_password = "password"; accept_password = "password"; port = 6666; aftype = ipv6; class = "server"; }; /* cluster{}: servers that share klines/unkline/xline/unxline/resv/unresv/locops * automatically (OLD hyb6 SLAVE_SERVERS) */ cluster { name = "*.arpa"; type = kline, unkline, locops, xline, resv; }; /* shared {}: users that are allowed to remote kline (OLD U:) */ shared { name = "irc2.some.server"; user = "oper@my.host.is.spoofed"; type = all; }; /* kill {}: users that are not allowed to connect (OLD K:) * Oper issued klines will be added to the specified kline config */ kill { user = "bad@*.hacked.edu"; reason = "Obviously hacked account"; }; /* deny {}: IPs that are not allowed to connect (before DNS/ident lookup) * Oper issued dlines will be added to the specified dline config */ deny { ip = "10.0.1.0/24"; reason = "Reconnecting vhosted bots"; }; /* exempt {}: IPs that are exempt from deny {} and Dlines. (OLD d:) */ exempt { ip = "192.168.0.0/16"; }; /* resv {}: nicks and channels users may not use/join (OLD Q:) */ resv { nick = "nickserv"; nick = "chanserv"; channel = "#services"; reason = "Clone bots"; nick = "clone*"; }; gecos { name = "*sex*"; reason = "Possible spambot"; }; gecos { name = "sub7server"; reason = "Trojan drone"; }; gecos { name = "*http*"; reason = "Spambot"; }; channel { restrict_channels = no; knock_delay = 5 minutes; knock_delay_channel = 1 minute; max_chans_per_user = 25; max_chans_per_oper = 50; quiet_on_ban = yes; max_bans = 25; join_flood_count = 16; join_flood_time = 8 seconds; default_split_user_count = 0; default_split_server_count = 0; no_create_on_split = yes; no_join_on_split = no; }; serverhide { flatten_links = no; links_delay = 5 minutes; hidden = no; hide_servers = no; hidden_name = "*.hidden.com"; hide_server_ips = no; }; general { kill_chase_time_limit = 90 seconds; hide_spoof_ips = yes; ignore_bogus_ts = no; disable_auth = no; disable_remote_commands = no; default_floodcount = 10; failed_oper_notice = yes; dots_in_ident=2; min_nonwildcard = 4; min_nonwildcard_simple = 3; max_accept = 20; anti_nick_flood = yes; max_nick_time = 20 seconds; max_nick_changes = 5; anti_spam_exit_message_time = 5 minutes; ts_warn_delta = 30 seconds; ts_max_delta = 5 minutes; invisible_on_connect = yes; warn_no_nline = yes; stats_o_oper_only=yes; stats_P_oper_only=no; stats_i_oper_only=masked; stats_k_oper_only=masked; caller_id_wait = 1 minute; pace_wait_simple = 1 second; pace_wait = 10 seconds; short_motd = no; ping_cookie = no; no_oper_flood = yes; true_no_oper_flood = yes; oper_pass_resv = yes; /* REMOVE ME. The following line checks you've been reading. */ havent_read_conf = 1; max_targets = 4; message_locale = "standard"; oper_only_umodes = bots, cconn, debug, full, skill, nchange, rej, spy, external, operwall, locops, unauth; oper_umodes = bots, locops, servnotice, operwall, wallop; #use_egd = yes; #egdpool_path = "/var/run/egd-pool"; throttle_time = 10; }; modules { path = "/usr/local/ircd/lib/ircd-hybrid/modules"; path = "/usr/local/ircd/lib/ircd-hybrid/modules/autoload"; #module = "some_module.so"; }; /* * log {}: contains information about logfiles. */ log { /* Do you want to enable logging to ircd.log? */ use_logging = yes; file { type = oper; name = "/home/ircd/var/log/oper.log"; size = unlimited; }; file { type = user; name = "/home/ircd/var/log/user.log"; size = 50 megabytes; }; file { type = kill; name = "/home/ircd/var/log/kill.log"; size = 50 megabytes; }; file { type = kline; name = "/home/ircd/var/log/kline.log"; size = 50 megabytes; }; file { type = dline; name = "/home/ircd/var/log/dline.log"; size = 50 megabytes; }; file { type = gline; name = "/home/ircd/var/log/gline.log"; size = 50 megabytes; }; file { type = debug; name = "/home/ircd/var/log/debug.log"; size = 50 megabytes; }; };