# config file inspircd.conf, unless the filename starts with a forward#
# slash (/) in which case it is treated as an absolute path. #
# #
+# You may also include an executable file, in which case if you do so #
+# the output of the executable on the standard output will be added #
+# to your config at the point of the include tag. #
+# #
# Syntax is as follows: #
#<include file="file.conf"> #
+#<include executable="/path/to/executable parameters"> #
# #
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# parts. If specified, overrides both prefixpart #
# and suffixpart options. #
# #
-# loglevel - Specifies what detail of messages to log in the #
-# log file. You may select from debug, verbose, #
-# default, sparse and none. #
-# #
# allowhalfop - Allows the +h channel mode #
# #
# noservices - If noservices is true, yes, or 1, then the first #
# especially in the case of bots, and it is #
# recommended that this option is enabled. #
# #
-# netbuffersize - Size of the buffer used to receive data from #
-# clients. The ircd may only read() this amount #
-# of text in one go at any time. (OPTIONAL) #
-# #
-# maxwho - The maximum number of results returned by a /WHO #
-# query. This is to prevent /WHO being used as a #
-# spam vector or means of flooding an ircd. The #
-# default is 128, it is not recommended to raise it #
-# above 1024. Values up to 65535 are permitted. If #
-# this value is omitted, any size WHO is allowed by #
-# anyone. #
-# #
-# somaxconn - The maximum number of sockets that may be waiting #
-# in the accept queue. This usually allows the ircd #
-# to soak up more connections in a shorter space of #
-# time when increased but please be aware there is a #
-# system defined maximum value to this, the same way #
-# there is a system defined maximum number of file #
-# descriptors. Some systems may only allow this to #
-# be up to 5 (ugh) while others such as FreeBSD will #
-# default to a much nicer 128. #
-# #
# moduledir - This optional value indicates a runtime change of #
# the location where modules are to be found. This #
# does not add a supplementary directory. There can #
# only be one module path. #
# #
-# softlimit - This optional feature allows a defined softlimit. #
-# if defined sets a soft maxconnections value, has #
-# to be less than the ./configure maxclients #
-# #
-# userstats - The userstats field is optional and specifies #
-# which stats characters in /STATS may be requested #
-# by non-operators. Stats characters in this field #
-# are case sensitive and are allowed to users #
-# independent of if they are in a module or the core #
-# #
-# operspywhois - If this is set then when an IRC operator uses #
-# /WHOIS on a user they will see all channels, even #
-# ones if channels are secret (+s), private (+p) or #
-# if the target user is invisible +i. #
-# #
-# customversion - If you specify this configuration item, and it is #
-# not set to an empty value, then when a user does #
-# a /VERSION command on the ircd, this string will #
-# be displayed as the second portion of the output, #
-# replacing the system 'uname', compile flags and #
-# socket engine/dns engine names. You may use this #
-# to enhance security, or simply for vanity. #
-# #
-# maxtargets - The maxtargets field is optional, and if not #
-# defined, defaults to 20. It indicates the maximum #
-# number of targets which may be given to commands #
-# such as PRIVMSG, KICK etc. #
-# #
-# hidesplits - When set to 'yes', will hide split server names #
-# from non-opers. Non-opers will see '*.net *.split' #
-# instead of the server names in the quit message, #
-# identical to the way IRCu displays them. #
-# #
-# hidebans - When set to 'yes', will hide gline, kline, zline #
-# and qline quit messages from non-opers. For #
-# example, user A who is not an oper will just see #
-# (G-Lined) while user B who is an oper will see the #
-# text (G-Lined: Reason here) instead. #
-# #
-# hidewhois - When defined with a non-empty value, the given #
-# text will be used in place of the user's server #
-# in WHOIS, when a user is WHOISed by a non-oper. #
-# For example, most nets will want to set this to #
-# something like '*.netname.net' to conceal the #
-# actual server the user is on. #
-# #
-# flatlinks - When you are using m_spanningtree.so, and this #
-# value is set to yes, true or 1, /MAP and /LINKS #
-# will be flattened when shown to a non-opers. #
-# #
-# hideulines - When you are using m_spanningtree.so, and this #
-# value is set to yes, true or 1, then U-lined #
-# servers will be hidden in /LINKS and /MAP for non #
-# opers. Please be aware that this will also hide #
-# any leaf servers of a U-lined server, e.g. jupes. #
-# #
-# nouserdns - If set to yes, true or 1, no user DNS lookups #
-# will be performed for connecting users. This can #
-# save a lot of resources on very busy IRC servers. #
-# #
# syntaxhints - If set to yes, true or 1, when a user does not #
# give enough parameters for a command, a syntax #
# hint will be given (using the RPL_TEXT numeric) #
# nick!user@host is shown for who set a TOPIC last. #
# if set to no, then only the nickname is shown. #
# #
-# announceinvites #
-# - If this option is set, then invites are announced #
-# to the channel when a user invites another user. #
-# If you consider this to be unnecessary noise, #
-# set this to 'none'. To announce to all ops, set #
-# this to 'ops' and to announce to all users set the #
-# value to 'all'. #
-# #
-# The value 'dynamic' varies between 'ops' and 'all' #
-# settings depending on if the channel is +i or not. #
-# When the channel is +i, messages go only to ops, #
-# and when the channel is not +i, messages go to #
-# everyone. In short, the messages will go to every #
-# user who has power of INVITE on the channel. This #
-# is the recommended setting. #
-# #
-# disablehmac - If you are linking your InspIRCd to older versions #
-# then you can specify this option and set it to #
-# yes. 1.1.6 and above support HMAC and challenge- #
-# response for password authentication. These can #
-# greatly enhance security of your server to server #
-# connections when you are not using SSL (as is the #
-# case with a lot of larger networks). Linking to #
-# older versions of InspIRCd should not *usually* be #
-# a problem, but if you have problems with HMAC #
-# authentication, this option can be used to turn it #
-# off. #
-# #
-# hidemodes - If this option is enabled, then the listmodes #
-# given (e.g. +eI), will be hidden from users below #
-# halfop. This is not recommended to be set on mode #
-# +b, as it may break some features in popular #
-# clients such as mIRC. #
-# #
# quietbursts - When synching or splitting from the network, a #
# server can generate a lot of connect and quit #
# snotices to the +C and +Q snomasks. Setting this #
# #
<options prefixquit="Quit: "
+ suffixquit=""
prefixpart="\""
suffixpart="\""
- loglevel="default"
- netbuffersize="10240"
- maxwho="128"
noservices="no"
- qprefix=""
- aprefix=""
+ qprefix="~"
+ aprefix="&"
deprotectself="no"
deprotectothers="no"
- somaxconn="128"
- softlimit="12800"
- userstats="Pu"
- operspywhois="no"
- customversion=""
- maxtargets="20"
- hidesplits="no"
- hidebans="no"
- hidewhois=""
- flatlinks="no"
- hideulines="no"
- nouserdns="no"
syntaxhints="no"
cyclehosts="yes"
ircumsgprefix="no"
announcets="yes"
- disablehmac="no"
hostintopic="yes"
- hidemodes="eI"
- quietbursts="yes"
pingwarning="15"
- serverpingfreq="60"
+ serverpingfreq="60"
allowhalfop="yes"
- defaultmodes="nt"
- announceinvites="dynamic"
- moronbanner="You're banned! Email haha@abuse.com with the ERROR line below for help."
- exemptchanops="">
+ defaultmodes="nt"
+ moronbanner="You're banned! Email haha@abuse.com with the ERROR line below for help."
+ exemptchanops="">
+
+
+#-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#
+# #
+# maxwho - The maximum number of results returned by a /WHO #
+# query. This is to prevent /WHO being used as a #
+# spam vector or means of flooding an ircd. The #
+# default is 128, it is not recommended to raise it #
+# above 1024. Values up to 65535 are permitted. If #
+# this value is omitted, any size WHO is allowed by #
+# anyone. #
+# #
+# somaxconn - The maximum number of sockets that may be waiting #
+# in the accept queue. This usually allows the ircd #
+# to soak up more connections in a shorter space of #
+# time when increased but please be aware there is a #
+# system defined maximum value to this, the same way #
+# there is a system defined maximum number of file #
+# descriptors. Some systems may only allow this to #
+# be up to 5 (ugh) while others such as FreeBSD will #
+# default to a much nicer 128. #
+# #
+# moduledir - This optional value indicates a runtime change of #
+# the location where modules are to be found. This #
+# does not add a supplementary directory. There can #
+# only be one module path. #
+# #
+# softlimit - This optional feature allows a defined softlimit. #
+# if defined sets a soft maxconnections value, has #
+# to be less than the ./configure maxclients #
+# #
+# nouserdns - If set to yes, true or 1, no user DNS lookups #
+# will be performed for connecting users. This can #
+# save a lot of resources on very busy IRC servers. #
+# #
+# netbuffersize - Size of the buffer used to receive data from #
+# clients. The ircd may only read() this amount #
+# of text in one go at any time. (OPTIONAL) #
+# #
+
+<performance netbuffersize="10240"
+ maxwho="128"
+ somaxconn="128"
+ softlimit="12800"
+ quietbursts="yes"
+ nouserdns="no">
+
+#-#-#-#-#-#-#-#-#-#-#-# SECURITY CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
+# #
+# announceinvites #
+# - If this option is set, then invites are announced #
+# to the channel when a user invites another user. #
+# If you consider this to be unnecessary noise, #
+# set this to 'none'. To announce to all ops, set #
+# this to 'ops' and to announce to all users set the #
+# value to 'all'. #
+# #
+# The value 'dynamic' varies between 'ops' and 'all' #
+# settings depending on if the channel is +i or not. #
+# When the channel is +i, messages go only to ops, #
+# and when the channel is not +i, messages go to #
+# everyone. In short, the messages will go to every #
+# user who has power of INVITE on the channel. This #
+# is the recommended setting. #
+# #
+# disablehmac - If you are linking your InspIRCd to older versions #
+# then you can specify this option and set it to #
+# yes. 1.1.6 and above support HMAC and challenge- #
+# response for password authentication. These can #
+# greatly enhance security of your server to server #
+# connections when you are not using SSL (as is the #
+# case with a lot of larger networks). Linking to #
+# older versions of InspIRCd should not *usually* be #
+# a problem, but if you have problems with HMAC #
+# authentication, this option can be used to turn it #
+# off. #
+# #
+# hidemodes - If this option is enabled, then the listmodes #
+# given (e.g. +eI), will be hidden from users below #
+# halfop. This is not recommended to be set on mode #
+# +b, as it may break some features in popular #
+# clients such as mIRC. #
+# #
+# hidesplits - When set to 'yes', will hide split server names #
+# from non-opers. Non-opers will see '*.net *.split' #
+# instead of the server names in the quit message, #
+# identical to the way IRCu displays them. #
+# #
+# hidebans - When set to 'yes', will hide gline, kline, zline #
+# and qline quit messages from non-opers. For #
+# example, user A who is not an oper will just see #
+# (G-Lined) while user B who is an oper will see the #
+# text (G-Lined: Reason here) instead. #
+# #
+# hidewhois - When defined with a non-empty value, the given #
+# text will be used in place of the user's server #
+# in WHOIS, when a user is WHOISed by a non-oper. #
+# For example, most nets will want to set this to #
+# something like '*.netname.net' to conceal the #
+# actual server the user is on. #
+# #
+# flatlinks - When you are using m_spanningtree.so, and this #
+# value is set to yes, true or 1, /MAP and /LINKS #
+# will be flattened when shown to a non-opers. #
+# #
+# hideulines - When you are using m_spanningtree.so, and this #
+# value is set to yes, true or 1, then U-lined #
+# servers will be hidden in /LINKS and /MAP for non #
+# opers. Please be aware that this will also hide #
+# any leaf servers of a U-lined server, e.g. jupes. #
+# #
+# userstats - The userstats field is optional and specifies #
+# which stats characters in /STATS may be requested #
+# by non-operators. Stats characters in this field #
+# are case sensitive and are allowed to users #
+# independent of if they are in a module or the core #
+# #
+# operspywhois - If this is set then when an IRC operator uses #
+# /WHOIS on a user they will see all channels, even #
+# ones if channels are secret (+s), private (+p) or #
+# if the target user is invisible +i. #
+# #
+# customversion - If you specify this configuration item, and it is #
+# not set to an empty value, then when a user does #
+# a /VERSION command on the ircd, this string will #
+# be displayed as the second portion of the output, #
+# replacing the system 'uname', compile flags and #
+# socket engine/dns engine names. You may use this #
+# to enhance security, or simply for vanity. #
+# #
+# maxtargets - The maxtargets field is optional, and if not #
+# defined, defaults to 20. It indicates the maximum #
+# number of targets which may be given to commands #
+# such as PRIVMSG, KICK etc. #
+# #
+
+<security announceinvites="dynamic"
+ hidemodes="eI"
+ disablehmac="no"
+ hideulines="no"
+ flatlinks="no"
+ hidewhois=""
+ hidebans="no"
+ hidekills=""
+ hidesplits="no"
+ maxtargets="20"
+ customversion=""
+ operspywhois="no"
+ userstats="Pu">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Logging
+# -------
+#
# Logging is covered with the <log> tag, which you may use to change
# the behaviour of the logging of the IRCd.
#
# You may also log *everything* by using a type of *, and subtract things out
# of that by using -TYPE - for example "* -USERINPUT -USEROUTPUT".
#
-
# Channel Logging
-# I'm aware this would probably better belong in the modules section, but this is heavily interrelated
-# to logging, and as such will be documented here.
+# ---------------
+#
+# I'm aware this would probably better belong in the modules section, but this
+# is heavily interrelated to logging, and as such will be documented here.
#
# m_chanlog is one of the modules which can alter logging to it's own thing.
# An example of this may be:
-# <log method="channel" type="OPER USERS CHANNELS" level="default" target="#services">
+#
#<module name="m_chanlog.so">
+#<log method="channel" type="OPER USERS CHANNELS" level="default" target="#services">
#
# The following log tag is highly default and uncustomised. It is recommended you
# sort out your own log tags. This is just here so you get some output.
# usually for cryptographic uses and security.
#
# IMPORTANT:
-# Other modules such as m_opermd5.so may rely on this module being
-# loaded to function.
+# Other modules such as m_password_hash.so may rely on this module being
+# loaded to function. Certain modules such as m_spanningtree.so will
+# function without this module but when it is loaded their features will
+# be enhanced (for example the addition of HMAC authentication).
#
#<module name="m_sha256.so">
#<blockamsg delay="3" action="killopers">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Block CAPS module: Blocking all-CAPS messages with cmode +P
+# Block CAPS module: Blocking all-CAPS messages with cmode +B
#<module name="m_blockcaps.so">
# #
#-#-#-#-#-#-#-#-#-#-#- BLOCKCAPS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# client's IP address from, for further information, please see the
# CGI:IRC documentation.
#
+# Old style:
# <cgihost type="pass" mask="www.mysite.com"> # Get IP from PASS
-# <cgihost type="webirc" mask="somebox.mysite.com"> # Get IP from WEBIRC
# <cgihost type="ident" mask="otherbox.mysite.com"> # Get IP from ident
# <cgihost type="passfirst" mask="www.mysite.com"> # See the docs
+# New style:
+# <cgihost type="webirc" pass="foobar"
+# mask="somebox.mysite.com"> # Get IP from WEBIRC
#
# IMPORTANT NOTE:
# ---------------
# the user in a 'connecting' state until the lookup is complete. #
# The bind value indicates which IP to bind outbound requests to. #
# #
-#<ident timeout="5" bind=""> #
+#<ident timeout="5" bind="">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Invite except module: Adds support for channel invite exceptions (+I)
# This is supported by mIRC, x-chat, klient, and maybe more.
#<module name="m_namesx.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Nickban: Implements extended ban n:, which stops anyone matching
+# a mask like +b n:nick!user@host from changing their nick on channel.
+#<module name="m_nickban.so">
+#
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Nickchange flood protection module: Allows up to X nick changes in Y seconds.
# Provides channel mode +F.
# and sha256 type hashing will be available (the most secure of which
# is SHA256).
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Permanent Channels module: Channels with the permanent channels mode
+# will remain open even after everyone else has left the channel, and
+# therefore keep things like modes, ban lists and topic. Permanent
+# channels -may- need support from your Services package to function
+# properly with them. This adds channel mode +P.
+#<module name="m_permchannels.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# PostgreSQL module: Allows other SQL modules to access PgSQL databases
# through a unified API. You must copy the source for this module
#<module name="m_quietban.so">
#
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Quitban: Provides per-IP connection throttling. Any IP that disconnects
+# too many times (configurable) in an hour is zlined for a (configurable)
+# duration, and their count resets to 0.
+#
+# NOTE: This module may change name/behaviour later in 1.2. Please make sure
+# you read release announcements!
+#
+#<quitban threshold="10" duration="10m">
+# This allows for 10 quits in an hour with a 10 minute ban if that is exceeded.
+#
+#<module name="m_quitban.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Random Quote module: provides a random quote on connect.
# NOTE: Some of these may mimic fatal errors and confuse users and
#
# Sets the maximum number of entries on a user's watch list.
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# XLine database: Stores all *Lines (G/Z/K/R/any added by other modules)
+# in a file "xline.db" which can be re-loaded on restart. This is useful
+# for two reasons: it keeps bans so users may not evade them, and on
+# bigger networks, server connections will take less time as there will
+# be a lot less bans to apply - as most of them will already be there.
+#<module name="m_xline_db.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# XMLSocket module: Adds support for connections using the shockwave
# flash XMLSocket. Note that this does not work if the client you are
<insane hostmasks="no" ipmasks="no" nickmasks="no" trigger="95.5">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#- YAWN -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# You should already know what to do here :) #
projects / user / henk / code / inspircd.git / blobdiff