<server name="penguin.omega.org.za"
description="Waddle World"
- network="Omega">
+ network="Omega">
#-#-#-#-#-#-#-#-#-#-#-#- ADMIN INFORMATION -#-#-#-#-#-#-#-#-#-#-#-#
# config file inspircd.conf, unless the filename starts with a forward#
# slash (/) in which case it is treated as an absolute path. #
# #
+# You may also include an executable file, in which case if you do so #
+# the output of the executable on the standard output will be added #
+# to your config at the point of the include tag. #
+# #
# Syntax is as follows: #
#<include file="file.conf"> #
+#<include executable="/path/to/executable parameters"> #
# #
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
# Syntax is as follows: #
# #
-# <class name="name" commands="oper commands"> #
+# <class name="name" commands="oper commands" #
+# usermodes="allowed oper only usermodes" #
+# chanmodes="allowed oper only channelmodes"> #
# #
+# The name value indicates a name for this class. #
+# The commands value indicates a list of one or more commands that #
+# are allowed by this class (see also 'READ THIS BIT' below). #
+# The usermodes and chanmodes values indicate lists of usermodes and #
+# channel modes this oper can execute. This only applies to modes #
+# that are marked oper-only such as usermode +Q and channelmode +O. #
# ____ _ _____ _ _ ____ _ _ _ #
# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
# however it is provided for fast configuration (e.g. in test nets) #
# #
-<class name="Shutdown" commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOAD">
-<class name="ServerLink" commands="CONNECT SQUIT RCONNECT MKPASSWD MKSHA256">
-<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE">
-<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE SPYLIST SPYNAMES">
-<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT">
+<class name="Shutdown" commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOAD" usermodes="*" chanmodes="*">
+<class name="ServerLink" commands="CONNECT SQUIT RCONNECT MKPASSWD MKSHA256" usermodes="*" chanmodes="*">
+<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE" usermodes="*" chanmodes="*">
+<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE SPYLIST SPYNAMES" usermodes="*" chanmodes="*">
+<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*">
#-#-#-#-#-#-#-#-#-#-#-#- OPERATOR COMPOSITION -#-#-#-#-#-#-#-#-#-#-#
#-#-#-#-#-#-#-#-#-#-#-#-#- SERVER OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# Settings to define which features are usable on your server. #
+# Settings to define which features are usable on your server. #
# #
# prefixquit - A prefix to be placed on the start of a client's #
# quit message #
# only useful on networks running the m_chanprotect #
# module without services. #
# #
-# qaprefixes - If qaprefixes is true, yes, or 1, then users #
-# with +q or +a will get the ~ or & prefixes #
-# used in unreal. This is only useful on networks #
-# running the m_chanprotect module #
+# qprefix - qprefix is used by the chanprotect module to give #
+# a visible prefix to users set +q (founder) in chan #
+# It should be set to something sensible like ~ or ! #
+# If not set, no prefix is applied to users with +q #
+# #
+# aprefix - aprefix is the same as qprefix, except it is for #
+# giving users with mode +a (protected) a prefix #
# #
# deprotectself - If this value is set to yes, true, or 1, then any #
# user with +q or +a may remove the +q or +a from #
<options prefixquit="Quit: "
prefixpart="\""
suffixpart="\""
- loglevel="default"
netbuffersize="10240"
maxwho="128"
noservices="no"
- qaprefixes="no"
+ qprefix=""
+ aprefix=""
deprotectself="no"
deprotectothers="no"
somaxconn="128"
moronbanner="You're banned! Email haha@abuse.com with the ERROR line below for help."
exemptchanops="">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Logging
+# -------
+#
+# Logging is covered with the <log> tag, which you may use to change
+# the behaviour of the logging of the IRCd.
+#
+# In InspIRCd as of 1.2, logging is pluggable and very extensible.
+# Different files can log the same thing, different 'types' of log can
+# go to different places, and modules can even extend the log tag
+# to do what they want.
+#
+# An example log tag would be:
+# <log method="file" type="OPER" level="default" target="opers.log">
+# which would log all information on /oper (failed and successful) to
+# a file called opers.log.
+#
+# There are many different types which may be used, and modules may
+# generate their own. A list of useful types:
+# - USERS - information relating to user connection and disconnection
+# - CHANNELS - information relating to joining and parting of channels.
+# XXX someone doc more on this
+#
+# You may also log *everything* by using a type of *, and subtract things out
+# of that by using -TYPE - for example "* -USERINPUT -USEROUTPUT".
+#
+# Channel Logging
+# ---------------
+#
+# I'm aware this would probably better belong in the modules section, but this
+# is heavily interrelated to logging, and as such will be documented here.
+#
+# m_chanlog is one of the modules which can alter logging to it's own thing.
+# An example of this may be:
+#
+#<module name="m_chanlog.so">
+#<log method="channel" type="OPER USERS CHANNELS" level="default" target="#services">
+#
+# The following log tag is highly default and uncustomised. It is recommended you
+# sort out your own log tags. This is just here so you get some output.
+<log method="file" type="* -USERINPUT -USEROUTPUT -m_spanningtree" level="default" target="ircd.log">
+
#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# This tag lets you define the behaviour of the /whowas command of #
# usually for cryptographic uses and security.
#
# IMPORTANT:
-# Other modules such as m_opermd5.so may rely on this module being
-# loaded to function.
+# Other modules such as m_password_hash.so may rely on this module being
+# loaded to function. Certain modules such as m_spanningtree.so will
+# function without this module but when it is loaded their features will
+# be enhanced (for example the addition of HMAC authentication).
#
#<module name="m_sha256.so">
#<blockamsg delay="3" action="killopers">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Block CAPS module: Blocking all-CAPS messages with cmode +P
+# Block CAPS module: Blocking all-CAPS messages with cmode +B
#<module name="m_blockcaps.so">
# #
#-#-#-#-#-#-#-#-#-#-#- BLOCKCAPS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# Foobar module: does nothing - historical relic
#<module name="m_foobar.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# GeoIP module: Allows the server admin to ban users by country code.
+#<module name="m_geoip.so">
+#
+#-#-#-#-#-#-#-#-#-#-#-# GEOIP CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# <geoip banunknown="false"> #
+# #
+# Set this value to true or yes to block unknown IP ranges which are #
+# not in the database (usually LAN addresses, localhost, etc) #
+# #
+# <geoban country="TR" reason="This country not permitted"> #
+# #
+# Use one or more of these tags to ban countries by country code. #
+# The country code must be in capitals and should be an ISO country #
+# code such as TR, GB, or US. #
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Globops module: gives /GLOBOPS and usermode +g
#<module name="m_globops.so">
# Knock module: adds the /KNOCK command and +K channel mode
#<module name="m_knock.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# LDAP authentication module: Adds the ability to authenticate users #
+# via LDAP. This is an extra module which must be enabled explicitly #
+# by symlinking it from modules/extra, and requires the OpenLDAP libs #
+# #
+#<module name="m_ldapauth.so"> #
+# #
+# Configuration: #
+# #
+# <ldapauth baserdn="ou=People,dc=brainbox,dc=cc" #
+# attribute="uid" #
+# server="ldap://brainwave.brainbox.cc" #
+# allowpattern="Guest*" #
+# killreason="Access denied" #
+# searchscope="subtree" #
+# binddn="cn=Manager,dc=brainbox,dc=cc" #
+# bindauth="mysecretpass" #
+# verbose="yes"> #
+# #
+# The baserdn indicates the base DN to search in for users. Usually #
+# this is 'ou=People,dc=yourdomain,dc=yourtld'. #
+# #
+# The attribute value indicates the attribute which is used to locate #
+# a user account by name. On POSIX systems this is usually 'uid'. #
+# #
+# The server parameter indicates the LDAP server to connect to. The #
+# ldap:// style scheme before the hostname proper is MANDITORY. #
+# #
+# The allowpattern value allows you to specify a wildcard mask which #
+# will always be allowed to connect regardless of if they have an #
+# account, for example guest users. #
+# #
+# Killreason indicates the QUIT reason to give to users if they fail #
+# to authenticate. #
+# #
+# The searchscope value indicates the subtree to search under. On our #
+# test system this is 'subtree'. Your mileage may vary. #
+# #
+# Setting the verbose value causes an oper notice to be sent out for #
+# every failed authentication to the server, with an error string. #
+# #
+# The binddn and bindauth indicate the DN to bind to for searching, #
+# and the password for the distinguished name. Some LDAP servers will #
+# allow anonymous searching in which case these two values do not #
+# need defining, otherwise they should be set similar to the examples #
+# above. #
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Lock server module: Adds /LOCKSERV and /UNLOCKSERV commands that is #
# used to temporarily close/open for new connections to the server. #
# Msg flood module: Adds message/notice flood protection (+f)
#<module name="m_messageflood.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# MsSQL module: Allows other SQL modules to access MS SQL Server
+# through a unified API. You must copy the source for this module
+# from the directory src/modules/extra, plus the file m_sqlv2.h
+#<module name="m_mssql.so">
+#
+#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# m_mssql.so is more complex than described here, see wiki for more #
+# info http://www.inspircd.org/wiki/SQLServer_Service_Provider_Module #
+#
+#<database name="db" username="user" password="pass" hostname="localhost" id="db1">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# MySQL module: Allows other SQL modules to access MySQL databases
# through a unified API. You must copy the source for this module
# This is supported by mIRC, x-chat, klient, and maybe more.
#<module name="m_namesx.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Nickban: Implements extended ban n:, which stops anyone matching
+# a mask like +b n:nick!user@host from changing their nick on channel.
+#<module name="m_nickban.so">
+#
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Nickchange flood protection module: Allows up to X nick changes in Y seconds.
# Provides channel mode +F.
#
#-#-#-#-#-#-#-#-#-#-# OPERJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# If you are using the m_operjoin.so module, specify the channel here #
+# If you are using the m_operjoin.so module, specify options here: #
# #
-#<operjoin channel="#channel">
+# channel - The channel name to join, can also be a comma #
+# seperated list eg. "#channel1,#channel2". #
+# #
+# override - Lets the oper join walking thru any modes that #
+# might be set, even bans. Use "yes" or "no". #
+# #
+#<operjoin channel="#channel" override="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper MOTD module: Provides support for seperate message of the day
# and sha256 type hashing will be available (the most secure of which
# is SHA256).
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Permanent Channels module: Channels with the permanent channels mode
+# will remain open even after everyone else has left the channel, and
+# therefore keep things like modes, ban lists and topic. Permanent
+# channels -may- need support from your Services package to function
+# properly with them.
+#<module name="m_permchannels.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# PostgreSQL module: Allows other SQL modules to access PgSQL databases
# through a unified API. You must copy the source for this module
#
#<database name="mydb" username="myuser" password="mypass" hostname="localhost" id="my_database" ssl="no">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Quietban: Implements extended ban q:, which stops anyone matching
+# a mask like +b q:nick!user@host from speaking on channel.
+#<module name="m_quietban.so">
+#
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Quitban: Provides per-IP connection throttling. Any IP that disconnects
+# too many times (configurable) in an hour is zlined for a (configurable)
+# duration, and their count resets to 0.
+#
+# NOTE: This module may change name/behaviour later in 1.2. Please make sure
+# you read release announcements!
+#
+#<quitban threshold="10" duration="10m">
+# This allows for 10 quits in an hour with a 10 minute ban if that is exceeded.
+#
+#<module name="m_quitban.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Random Quote module: provides a random quote on connect.
# NOTE: Some of these may mimic fatal errors and confuse users and
# Restrict message module: Allows users to only message opers
#<module name="m_restrictmsg.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Ban users through regular expression patterns
+#<module name="m_rline.so">
+#
+#-#-#-#-#-#-#-#-#-#-#-#- RLINE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
+# If you wish to re-check a user when they change nickname (can be
+# useful under some situations, but *can* also use CPU with more users
+# on a server) then set the following configuration value:
+#<rline matchonnickchange="yes">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Provide /LIST throttling (to prevent flooding) and /LIST safety to
# prevent excess flood when the list is large.
#
# Sets the maximum number of entries on a users silence list.
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Extended SILENCE module: Adds support for /SILENCE with additional
-# features to silence based on invites, channel messages, etc.
-#<module name="m_silence_ext.so">
-#
-# The configuration tags for this module are identical to those of
-# m_silence, shown above.
-
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SQLite3 module: Allows other SQL modules to access SQLite3 #
# databases through a unified API. You must link the source for this #
#-#-#-#-#-#-#-#-#-#-#- SQLOPER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
# dbid - Database ID to use (see m_sql) #
+# hash - Hashing provider to use for password hashing #
# #
# See also: http://www.inspircd.org/wiki/SQL_Oper_Storage_Module #
# #
-#<sqloper dbid="1">
+#<sqloper dbid="1" hash="md5">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SVSHold module: Implements SVSHOLD. Like Q:Lines, but can only be #
#
# Sets the maximum number of entries on a user's watch list.
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# XLine database: Stores all *Lines (G/Z/K/R/any added by other modules)
+# in a file "xline.db" which can be re-loaded on restart. This is useful
+# for two reasons: it keeps bans so users may not evade them, and on
+# bigger networks, server connections will take less time as there will
+# be a lot less bans to apply - as most of them will already be there.
+#<module name="m_xline_db.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# XMLSocket module: Adds support for connections using the shockwave
# flash XMLSocket. Note that this does not work if the client you are