# #
########################################################################
+#-#-#-#-#-#-#-#-#-# CONFIGURATION FORMAT #-#-#-#-#-#-#-#-#-#-#-#-#-#-
+# #
+# In order to maintain compatibility with older configuration files, #
+# you can change the configuration parser to parse as it did in #
+# previous releases. When using the "compat" format, you need to use #
+# C++ escape sequences (e.g. \n) instead of XML ones (e.g. &nl;) and #
+# can not use <define> to create macros. #
+#<config format="compat">
+
#-#-#-#-#-#-#-#-#-# INCLUDE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# This optional tag allows you to include another config file #
# #
# Variables may be redefined and may reference other variables. #
# Value expansion happens at the time the tag is read. #
-# #
-# Using variable definitions REQUIRES that the config format be #
-# changed to "xml" from the default "compat" that uses escape #
-# sequences such as "\"" and "\n", and does not support <define> #
-<config format="xml">
<define name="bindip" value="1.2.2.3">
<define name="localips" value="&bindip;/24">
#id="97K"
# network: Network name given on connect to clients.
- # Should be the same on all servers on the network and
- # not contain spaces.
+ # Should be the same on all servers on the network.
network="Omega">
# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
# #
# If you want to link servers to InspIRCd you must load the #
-# m_spanningtree.so module! Please see the modules list for #
+# spanningtree module! Please see the modules list for #
# information on how to load this module! If you do not load this #
# module, server ports will NOT work! #
# to this bind section.
type="clients"
- # ssl: If you want the port(s) in this bind tag to use SSL, set this
- # to either "gnutls" or "openssl". The appropriate SSL module must be
- # loaded for SSL to work. If you do not want the port(s) in this bind
- # tag to support SSL, just remove or comment out this option.
+ # ssl: If you want the port(s) in this bind tag to use SSL, set this to
+ # the name of a custom <sslprofile> tag that you have defined or one
+ # of "openssl", "gnutls", "mbedtls" if you have not defined any. See the
+ # wiki page for the SSL module you are using for more details.
+ #
+ # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
+ # for GnuTLS and ssl_mbedtls for mbedTLS.
ssl="gnutls"
+
+ # defer: When this is non-zero, connections will not be handed over to
+ # the daemon from the operating system before data is ready.
+ # In Linux, the value indicates the time period we'll wait for a
+ # connection to come up with data. Don't set it too low!
+ # In BSD the value is ignored; only zero and non-zero is possible.
+ # Windows ignores this parameter completely.
+ # Note: This does not take effect on rehash.
+ # To change it on a running bind, you'll have to comment it out,
+ # rehash, comment it in and rehash again.
+ defer="0"
+
+ # free: When this is enabled the listener will be created regardless of
+ # whether the interface that provides the bind address is available. This
+ # is useful for if you are starting InspIRCd on boot when the server may
+ # not have brought the network interfaces up yet.
+ free="no"
>
<bind address="" port="6660-6669" type="clients">
-# When linking servers, the OpenSSL and GnuTLS implementations are completely
-# link-compatible and can be used alongside each other
-# on each end of the link without any significant issues.
-# Supported SSL types are: "openssl" and "gnutls".
-# You must load m_ssl_openssl for OpenSSL or m_ssl_gnutls for GnuTLS.
+# Listener accepting HTML5 WebSocket connections.
+# Requires the websocket module and SHA-1 hashing support (provided by the sha1
+# module).
+#<bind address="" port="7002" type="clients" hook="websocket">
+
+# You can define a custom <sslprofile> tag which defines the SSL configuration
+# for this listener. See the wiki page for the SSL module you are using for
+# more details.
+#
+# Alternatively, you can use one of the default SSL profiles which are created
+# when you have not defined any:
+# "openssl" (requires the ssl_openssl module)
+# "gnutls" (requires the ssl_gnutls module)
+# "mbedtls" (requires the ssl_mbedtls module)
+#
+# When linking servers, the OpenSSL, GnuTLS, and mbedTLS implementations are
+# completely link-compatible and can be used alongside each other on each end
+# of the link without any significant issues.
<bind address="" port="7000,7001" type="servers">
<bind address="1.2.3.4" port="7005" type="servers" ssl="openssl">
-#-#-#-#-#-#-#-#-#-#- DIE/RESTART CONFIGURATION -#-#-#-#-#-#-#-#-#-#-
-# #
-# You can configure the passwords here which you wish to use for #
-# the /DIE and /RESTART commands. Only trusted ircops who will #
-# need this ability should know the die and restart password. #
-# #
-
-<power
- # hash: what hash these passwords are hashed with.
- # Requires the module for selected hash (m_md5.so, m_sha256.so
- # or m_ripemd160.so) be loaded and the password hashing module
- # (m_password_hash.so) loaded.
- # Options here are: "md5", "sha256" and "ripemd160", or one of
- # these prefixed with "hmac-", e.g.: "hmac-sha256".
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
-
- # diepass: Password for opers to use if they need to shutdown (die)
- # a server.
- #
- # IMPORTANT: leaving this field empty does not disable the use of
- # the DIE command. In order to prevent the use of this command you
- # should remove it from the command privileges of your opers.
- diepass=""
-
- # restartpass: Password for opers to use if they need to restart
- # a server.
- #
- # IMPORTANT: leaving this field empty does not disable the use of
- # the RESTART command. In order to prevent the use of this command
- # you should remove it from the command privileges of your opers.
- restartpass="">
-
-
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
# This is where you can configure which connections are allowed #
# allow: What IP addresses/hosts to allow for this block.
allow="203.0.113.*"
- # hash: what hash this password is hashed with. requires the module
- # for selected hash (m_md5.so, m_sha256.so or m_ripemd160.so) be
- # loaded and the password hashing module (m_password_hash.so)
- # loaded. Options here are: "md5", "sha256" and "ripemd160".
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
+ # hash: the hash function this password is hashed with. Requires the
+ # module for the selected function (bcrypt, md5, sha1, sha256, or
+ # ripemd160) and the password hashing module (password_hash) to be
+ # loaded.
+ # You may also use any of the above other than bcrypt prefixed with
+ # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module).
+ # Create hashed passwords with: /mkpasswd <hash> <password>
+ #hash="bcrypt"
# password: Password to use for this block/user(s)
password="secret"
# maxchans: Maximum number of channels a user in this class
- # be in at one time. This overrides every other maxchans setting.
- #maxchans="30"
+ # be in at one time.
+ maxchans="20"
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
+ # timeout: How long the server will wait before disconnecting
+ # a user if they do not do anything on connect.
# (Note, this is a client-side thing, if the client does not
# send /nick, /user or /pass)
timeout="10"
# maxconnwarn: Enable warnings when localmax or globalmax are reached (defaults to on)
maxconnwarn="off"
+ # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users
+ # in this class. This can save a lot of resources on very busy servers.
+ resolvehostnames="yes"
+
# usednsbl: Defines whether or not users in this class are subject to DNSBL. Default is yes.
- # This setting only has effect when m_dnsbl is loaded.
+ # This setting only has effect when the dnsbl module is loaded.
#usednsbl="yes"
# useident: Defines if users in this class MUST respond to a ident query or not.
useident="no"
+ # webirc: Restricts usage of this class to the specified WebIRC gateway.
+ # This setting only has effect when the cgiirc module is loaded.
+ #webirc="name"
+
# limit: How many users are allowed in this class
limit="5000"
# modes: Usermodes that are set on users in this block on connect.
- # Enabling this option requires that the m_conn_umodes module be loaded.
+ # Enabling this option requires that the conn_umodes module be loaded.
# This entry is highly recommended to use for/with IP Cloaking/masking.
- # For the example to work, this also requires that the m_cloaking
+ # For the example to work, this also requires that the "cloaking"
# module be loaded as well.
modes="+x"
# requireident, requiressl, requireaccount: require that users of this
# block have a valid ident response, use SSL, or have authenticated.
- # Requires m_ident, m_sslinfo, or m_services_account respectively.
+ # Requires ident, sslinfo, or the services_account module, respectively.
requiressl="on"
# NOTE: For requireaccount, you must complete the signon prior to full
# connection. Currently, this is only possible by using SASL
# \017 or \x = Stop all color sequences
allowmotdcolors="false"
- # port: What port this user is allowed to connect on. (optional)
- # The port MUST be set to listen in the bind blocks above.
- port="6697">
+ # port: What port range this user is allowed to connect on. (optional)
+ # The ports MUST be set to listen in the bind blocks above.
+ port="6697,9999">
<connect
# name: Name to use for this connect block. Mainly used for
allow="*"
# maxchans: Maximum number of channels a user in this class
- # be in at one time. This overrides every other maxchans setting.
- #maxchans="30"
+ # be in at one time.
+ maxchans="20"
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
+ # timeout: How long the server will wait before disconnecting
+ # a user if they do not do anything on connect.
# (Note, this is a client-side thing, if the client does not
# send /nick, /user or /pass)
timeout="10"
- # pingfreq: How often (in seconds) the server tries to ping connecting clients.
- pingfreq="120"
+ # pingfreq: How often the server tries to ping connecting clients.
+ pingfreq="2m"
# hardsendq: maximum amount of data allowed in a client's send queue
# before they are dropped. Keep this value higher than the length of
# globalmax: Maximum global (network-wide) connections per IP.
globalmax="3"
+ # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users
+ # in this class. This can save a lot of resources on very busy servers.
+ resolvehostnames="yes"
+
# useident: Defines if users in this class must respond to a ident query or not.
useident="no"
limit="5000"
# modes: Usermodes that are set on users in this block on connect.
- # Enabling this option requires that the m_conn_umodes module be loaded.
+ # Enabling this option requires that the conn_umodes module be loaded.
# This entry is highly recommended to use for/with IP Cloaking/masking.
- # For the example to work, this also requires that the m_cloaking
+ # For the example to work, this also requires that the cloaking
# module be loaded as well.
modes="+x">
# This file has all the information about oper classes, types and o:lines.
# You *MUST* edit it.
-<include file="conf/examples/opers.conf.example">
+<include file="examples/opers.conf.example">
# This file has all the information about server links and ulined servers.
# You *MUST* edit it if you intend to link servers.
-<include file="conf/examples/links.conf.example">
+<include file="examples/links.conf.example">
#-#-#-#-#-#-#-#-#-#- MISCELLANEOUS CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
# Files block - contains files whose contents are used by the ircd
#
# motd - displayed on connect and when a user executes /MOTD
-# rules - displayed when the user executes /RULES
# Modules can also define their own files
-<files motd="conf/examples/motd.txt.example" rules="conf/examples/rules.txt.example">
+<files motd="examples/motd.txt.example">
# Example of an executable file include. Note this will be read on rehash,
# not when the command is run.
-#<execfiles rules="wget -O - http://www.example.com/rules.txt">
-
-#-#-#-#-#-#-#-#-#-#-#-# MAXIMUM CHANNELS -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-
-<channels
- # users: Maximum number of channels a user can be in at once.
- users="20"
-
- # opers: Maximum number of channels an oper can be in at once.
- opers="60">
+#<execfiles motd="wget -O - http://www.example.com/motd.txt">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# DNS SERVER -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# If these values are not defined, InspIRCd uses the default DNS resolver
#
# server="127.0.0.1"
- # timeout: seconds to wait to try to resolve DNS/hostname.
+ # timeout: time to wait to try to resolve DNS/hostname.
timeout="5">
# An example of using an IPv6 nameserver
# matches the channels name applies the banlimit to that channel. #
# It is advisable to put an entry with the channel as '*' at the #
# bottom of the list. If none are specified or no maxbans tag is #
-# matched, the banlist size defaults to 64 entries. #
+# matched, the banlist size defaults to 100 entries. #
# #
-<banlist chan="#largechan" limit="128">
-<banlist chan="*" limit="69">
+<banlist chan="#largechan" limit="200">
+<banlist chan="*" limit="100">
#-#-#-#-#-#-#-#-#-#-#- DISABLED FEATURES -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# the correct parameters are.
syntaxhints="no"
- # cyclehosts: If enabled, when a user gets a host set, it will cycle
- # them in all their channels. If not, it will simply change their host
- # without cycling them.
- cyclehosts="yes"
+ # casemapping: This sets the case mapping method to be used by the
+ # server. This MUST be the same on all servers. Possible values are:
+ # "ascii" (recommended)
+ # "rfc1459" (default, required for linking to 2.0 servers)
+ # NOTE: if you are using the nationalchars module this setting will be
+ # ignored. You should use <nationalchars:casemapping> instead.
+ casemapping="ascii"
# cyclehostsfromuser: If enabled, the source of the mode change for
# cyclehosts will be the user who cycled. This can look nicer, but
# triggers anti-takeover mechanisms of some obsolete bots.
cyclehostsfromuser="no"
- # ircumsgprefix: Use undernet-style message prefixing for NOTICE and
- # PRIVMSG. If enabled, it will add users' prefix to the line, if not,
- # it will just message the user normally.
- ircumsgprefix="no"
-
# announcets: If set to yes, when the timestamp on a channel changes, all users
# in the channel will be sent a NOTICE about it.
announcets="yes"
# in the topic. If set to no, it will only show the nick of the topic setter.
hostintopic="yes"
- # pingwarning: If a server does not respond to a ping within x seconds,
+ # pingwarning: If a server does not respond to a ping within this period,
# it will send a notice to opers with snomask +l informing that the server
# is about to ping timeout.
pingwarning="15"
- # serverpingfreq: How often pings are sent between servers (in seconds).
- serverpingfreq="60"
+ # serverpingfreq: How often pings are sent between servers.
+ serverpingfreq="1m"
# defaultmodes: What modes are set on a empty channel when a user
# joins it and it is unregistered.
- defaultmodes="nt"
+ defaultmodes="not"
- # moronbanner: This is the text that is sent to a user when they are
+ # xlinemessage: This is the text that is sent to a user when they are
# banned from the server.
- moronbanner="You're banned! Email abuse@example.com with the ERROR line below for help."
+ xlinemessage="You're banned! Email irc@example.com with the ERROR line below for help."
# exemptchanops: exemptions for channel access restrictions based on prefix.
exemptchanops="nonick:v flood:o"
# nosnoticestack: This prevents snotices from 'stacking' and giving you
# the message saying '(last message repeated X times)'. Defaults to no.
- nosnoticestack="no"
-
- # welcomenotice: When turned on, this sends a NOTICE to connecting users
- # with the text Welcome to <networkname>! after successful registration.
- # Defaults to yes.
- welcomenotice="yes">
+ nosnoticestack="no">
#-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#
# in the accept queue. This is *NOT* the total maximum number of
# connections per server. Some systems may only allow this to be up
# to 5, while others (such as Linux and *BSD) default to 128.
+ # Setting this above the limit imposed by your OS can have undesired
+ # effects.
somaxconn="128"
- # limitsomaxconn: By default, somaxconn (see above) is limited to a
- # safe maximum value in the 2.0 branch for compatibility reasons.
- # This setting can be used to disable this limit, forcing InspIRCd
- # to use the value specified above.
- limitsomaxconn="true"
-
# softlimit: This optional feature allows a defined softlimit for
# connections. If defined, it sets a soft max connections value.
softlimit="12800"
+ # clonesonconnect: If this is set to false, we won't check for clones
+ # on initial connection, but only after the DNS check is done.
+ # This can be useful where your main class is more restrictive
+ # than some other class a user can be assigned after DNS lookup is complete.
+ # Turning this option off will make the server spend more time on users we may
+ # potentially not want. Normally this should be neglible, though.
+ # Default value is true
+ clonesonconnect="true"
+
# quietbursts: When syncing or splitting from a network, a server
# can generate a lot of connect and quit messages to opers with
# +C and +Q snomasks. Setting this to yes squelches those messages,
# which makes it easier for opers, but degrades the functionality of
# bots like BOPM during netsplits.
- quietbursts="yes"
-
- # nouserdns: If enabled, no DNS lookups will be performed on
- # connecting users. This can save a lot of resources on very busy servers.
- nouserdns="no">
+ quietbursts="yes">
#-#-#-#-#-#-#-#-#-#-#-# SECURITY CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
# #
<security
+ # allowcoreunload: If this value is set to yes, Opers will be able to
+ # unload core modules (e.g. core_privmsg).
+ allowcoreunload="no"
# announceinvites: This option controls which members of the channel
# receive an announcement when someone is INVITEd. Available values:
# higher ranked users. This is the recommended setting.
announceinvites="dynamic"
- # hidemodes: If enabled, then the listmodes given will be hidden
- # from users below halfop. This is not recommended to be set on +b
- # as it may break some functionality in popular clients such as mIRC.
- hidemodes="eI"
-
# hideulines: If this value is set to yes, U-lined servers will
# be hidden from non-opers in /links and /map.
hideulines="no"
# (Commands like /notice, /privmsg, /kick, etc)
maxtargets="20"
- # customversion: Displays a custom string when a user /version's
- # the ircd. This may be set for security reasons or vanity reasons.
+ # customversion: A custom message to be displayed in the comments field
+ # of the VERSION command response. This does not hide the InspIRCd version.
customversion=""
# operspywhois: show opers (users/auspex) the +s channels a user is in. Values:
<limits
# maxnick: Maximum length of a nickname.
- maxnick="31"
+ maxnick="30"
# maxchan: Maximum length of a channel name.
maxchan="64"
maxmodes="20"
# maxident: Maximum length of a ident/username.
- maxident="11"
+ maxident="10"
+
+ # maxhost: Maximum length of a hostname.
+ maxhost="64"
# maxquit: Maximum length of a quit message.
maxquit="255"
# maxaway: Maximum length of an away message.
maxaway="200">
+#-#-#-#-#-#-#-#-#-#-#-#-# PATHS CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# This configuration tag defines the location that InspIRCd stores #
+# various types of files such as configuration files, log files and #
+# modules. You will probably not need to change these from the values #
+# set when InspIRCd was built unless you are using a binary package #
+# where you do not have the ability to set build time configuration. #
+#<path configdir="conf" datadir="data" logdir="logs" moduledir="modules">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Logging
# the behaviour of the logging of the IRCd.
#
# An example log tag would be:
-# <log method="file" type="OPER" level="default" target="logs/opers.log">
+# <log method="file" type="OPER" level="default" target="opers.log">
# which would log all information on /oper (failed and successful) to
# a file called opers.log.
#
# - OPER - succesful and failed oper attempts
# - KILL - kill related messages
# - snomask - server notices (*all* snomasks will be logged)
-# - FILTER - messages related to filter matches (m_filter)
+# - FILTER - messages related to filter matches (filter module)
# - CONFIG - configuration related messages
# - COMMAND - die and restart messages, and messages related to unknown user types
# - SOCKET - socket engine informational/error messages
# - USERINPUT
# - USEROUTPUT
#
+# If your server is producing a high levels of log messages you can also set the
+# flush="[positive number]" attribute to specify how many log messages should be
+# buffered before flushing to disk. You should probably not specify this unless
+# you are having problems.
+#
# The following log tag is highly default and uncustomised. It is recommended you
# sort out your own log tags. This is just here so you get some output.
-<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="logs/ircd.log">
+<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="ircd.log">
#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
nick="ChanServ"
# reason: Reason to display on /nick.
- reason="Reserved For Services">
-
-<badnick nick="NickServ" reason="Reserved For Services">
-<badnick nick="OperServ" reason="Reserved For Services">
-<badnick nick="MemoServ" reason="Reserved For Services">
+ reason="Reserved for a network service">
<badhost
# host: ident@hostname to ban.
# provide almost all the features of InspIRCd. :) #
# #
# The default does nothing -- we include it for simplicity for you. #
-<include file="conf/examples/modules.conf.example">
+<include file="examples/modules.conf.example">
# Here are some pre-built modules.conf files that closely match the
# default configurations of some popular IRCd's. You still may want to
# recommended that you make your own modules file based on modules.conf.example.
# Settings similar to UnrealIRCd defaults.
-#<include file="conf/examples/modules/unrealircd.conf.example">
+#<include file="examples/modules/unrealircd.conf.example">
# Settings similar to Charybdis IRCd defaults.
-#<include file="conf/examples/modules/charybdis.conf.example">
+#<include file="examples/modules/charybdis.conf.example">
+#-#-#-#-#-#-#-#-#-#-#-# SERVICES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
+# #
+# If you use services you will probably want to include one of the #
+# following files which set up aliases, nick reservations and filter #
+# exemptions for services pseudoclients: #
+#
+# Anope users should uncomment this:
+#<include file="examples/services/anope.conf.example">
+#
+# Atheme users should uncomment this:
+#<include file="examples/services/atheme.conf.example">
+#
+# Users of other services should uncomment this:
+#<include file="examples/services/generic.conf.example">
#########################################################################
# #
projects / user / henk / code / inspircd.git / blobdiff