# enable SSL support, please read the module section #
# of this configuration file. #
# #
+# ssl - When using m_ssl_gnutls.so or m_ssl_openssl.so #
+# modules, you must define this value to use ssl on #
+# that port. valid values are 'gnutls' or 'openssl' #
+# respectively. If the module is not loaded, this #
+# setting is ignored. #
+# #
+# transport - If you have m_spanningtree.so loaded, along with #
+# either of the SSL modules (m_ssl_gnutls or #
+# m_ssl_openssl) or m_ziplinks.so, then you may make #
+# use of this value. #
+# setting it to 'openssl' or 'gnutls' or 'zip' #
+# indicates that the port should accept connections #
+# using the given transport name. Transports are #
+# layers which sit on top of a socket and change the #
+# way data is sent and received, e.g. encryption, #
+# compression, and other such things. Because this #
+# may not be limited in use to just encryption, #
+# the 'ssl' value used for client ports does not #
+# exist for servers, and this value is used instead. #
# ____ _ _____ _ _ ____ _ _ _ #
# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
# | |_) / _ \/ _` |/ _` | | | | '_ \| / __| | _ \| | __| | #
# #
# Syntax is as follows: #
# #
-# <bind address="ip or host" port="port" type="clients"> #
-# <bind address="ip or host" port="port" type="servers"> #
+# <bind address="ip address" port="port" type="clients"> #
+# <bind address="ip address" port="port" type="servers"> #
# #
# If InspIRCd is built for IPV6, and you wish to accept IPV4 clients, #
# then you must specify your IPV6 clients in the following form: #
# default) then you do not need to prefix your addresses like this. #
# #
-<bind address="" port="6660-6669" type="clients">
+<bind address="" port="6000" type="clients">
+<bind address="" port="6660-6669" type="clients" ssl="gnutls">
+
+# When linking servers, the openssl and gnutls transports are largely
+# link-compatible and can be used alongside each other or either/or
+# on each end of the link without any significant issues.
+
<bind address="" port="7000,7001" type="servers">
+<bind address="1.2.3.4" port="7005" type="servers" transport="openssl">
#-#-#-#-#-#-#-#-#-#- DIE/RESTART CONFIGURATION -#-#-#-#-#-#-#-#-#-#-
# autoconnect - Sets the server to autoconnect. Where x is the num. #
# (optional) of seconds between attempts. e.g. 300 = 5 minutes. #
# #
-# encryptionkey - Encryption key to be used for AES encryption, where #
-# supported. Links using the spanning tree protocol #
-# support AES. The encryption key must be EXACTLY 8, #
-# 16 or 32 characters in length for a 64, 128 or 256 #
-# bit key, respectively. #
+# transport - If defined, this is a transport name implemented by #
+# another module. Transports are layers on top of #
+# plaintext connections, which alter them in certain #
+# ways. Currently the three supported transports are #
+# 'openssl' and 'gnutls' which are types of SSL #
+# encryption, and 'zip' which is for compression. #
+# If you define a transport, both ends of the #
+# connection must use a compatible transport for the #
+# link to succeed. OpenSSL and GnuTLS are link- #
+# compatible with each other. #
# #
# hidden - When using m_spanningtree.so for linking. you may #
# set this to 'yes', and if you do, the IP address/ #
# information on how to load this module! If you do not load this #
# module, server links will NOT work! #
# #
+# Also, if you define any transports, you must load the modules for #
+# these transports BEFORE you load m_spanningtree, e.g. place them #
+# above it in the configuration file. Currently this means the three #
+# modules m_ssl_gnutls, m_ziplinks and m_ssl_openssl, depending on #
+# which you choose to use. #
+# #
<link name="hub.penguin.org"
ipaddr="penguin.box.com"
autoconnect="300"
failover="hub.other.net"
timeout="15"
+ transport="gnutls"
sendpass="outgoing!password"
recvpass="incoming!password">
# opers. Please be aware that this will also hide #
# any leaf servers of a U-lined server, e.g. jupes. #
# #
-# tempdir - If defined, indicates a path where modules will be #
-# temporarily copied before loading. If not defined, #
-# defaults to /tmp. #
-# #
# nouserdns - If set to 'yes', 'true' or '1', no user dns #
# lookups will be performed for connecting users. #
# this can save a lot of resources on very busy irc #
notimesync="no"
allowhalfop="yes">
+#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# This tag lets you define the behaviour of the /whowas command of #
+# your server. #
+# #
+# groupsize - Controls the maximum entries per nick shown when #
+# performing a /whowas nick. Setting this to 0 dis- #
+# ables whowas completely. #
+# #
+# maxgroups - The maximum number of nickgroups that can be added #
+# to the list. If max is reached, oldest group will #
+# be deleted first like a FIFO. A groupsize of 3 and #
+# a maxgroups of 5000 will allow for 5000 nicks to #
+# be stored with a history of 3, thus giving a total #
+# of 3 * 5000 = 15000 entries. A setting of 0 dis- #
+# ables whowas completely. #
+# #
+# maxkeep - The maximum time a nick is kept in the whowas list #
+# before being pruned. Time may be specified in #
+# seconds, or in the following format: 1y2w3d4h5m6s #
+# meaning one year, two weeks, three days, 4 hours, #
+# 5 minutes and 6 seconds. All fields in this format #
+# are optional. Minimum is 1 hour, if less InspIRCd #
+# will default back to 1 hour. #
+# #
+#<whowas groupsize="10" #
+# maxgroups="100000" #
+# maxkeep="3d"> #
#-#-#-#-#-#-#-#-#-#-#-#-#- MODULE OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
#
#<module name="m_spanningtree.so">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# MD5 Module - Allows other modules to generate MD5 hashes, usually for
+# cryptographic uses and security.
+#
+# IMPORTANT:
+# Other modules such as m_cloaking.so and m_opermd5.so may rely on
+# this module being loaded to function.
+#
+#<module name="m_md5.so">
+#
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# SHA256 Module - Allows other modules to generate SHA256 hashes,
+# usually for cryptographic uses and security.
+#
+# IMPORTANT:
+# Other modules such as m_opermd5.so may rely on this module being
+# loaded to function.
+#
+#<module name="m_sha256.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Alias module: Allows you to define server-side command aliases
#<module name="m_alias.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Alltime module: Shows time on all connected servers at once
-# #<module name="m_alltime.so">
+#<module name="m_alltime.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Antibear security module: Prevents 'bear.txt' based trojans from
#<module name="m_chgident.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Cloaking module: Adds usermode +x and cloaking support
+# Cloaking module: Adds usermode +x and cloaking support.
+# Relies on the module m_md5.so being loaded before m_cloaking.so in
+# the configuration file.
#<module name="m_cloaking.so">
#
#-#-#-#-#-#-#-#-#-#-#- CLOAKING CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
#
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Deaf module: adds support for ircu style usermode +d - deaf to
+# channel messages and channel notices.
+#<module name="m_deaf.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Deny Channels: Deny Channels from being used by users
#<module name="m_denychans.so">
# Oper channels mode: Adds the +O channel mode
#<module name="m_operchans.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Oper hash module: Allows hashed oper passwords
+# Relies on the module m_md5.so and/or m_sha256.so being loaded before
+# m_oper_hash.so in the configuration file.
+#<module name="m_oper_hash.so">
+#
+#-#-#-#-#-#-#-#-#-#-# OPER HASH CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
+#
+# To use this module, you must define a hash type for each oper's
+# password you want to hash. For example:
+#
+# <oper name="katsklaw"
+# host="ident@dialup15.isp.com"
+# hash="sha256"
+# password="a41d730937a53b79f788c0ab13e9e1d5"
+# type="NetAdmin">
+#
+# The types of hashing available vary depending on which hashing modules
+# you load, but usually if you load m_sha256.so and m_md5.so, both md5
+# and sha256 type hashing will be available (the most secure of which
+# is SHA256).
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper Join module: Forces opers to join a channel on oper-up
#<module name="m_operjoin.so">
# #
# If you are using the m_opermotd.so module, specify the motd here #
# #
-#<opermotd file="/path/to/oper.motd">
+#<opermotd file="oper.motd">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Override module: Adds support for oper override
# Specify the level as the 'level' parameter of the <type> tag
#<module name="m_operlevels.so">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Oper MD5 module: Allows MD5 hashed oper passwords
-#<module name="m_opermd5.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Oper SHA256 module: Allows SHA256 hashed oper passwords
-# This module is in src/modules/extra
-#<module name="m_opersha256.so">
-
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper modes module: Allows you to specify modes to add/remove on oper
# Specify the modes as the 'modes' parameter of the <type> tag
# Optional - If you specify to use the m_randquote.so module, then #
# specify below the path to the randquotes.conf file. #
# #
-#<randquote file="/path/to/inspircd/randquotes.conf">
+#<randquote file="randquotes.conf">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Redirect module: Adds channel redirection (mode +L)
# #
# m_ssl_gnutls.so is too complex it describe here, see the wiki: #
# http://www.inspircd.org/wiki/GnuTLS_SSL_Module #
+# #
+# NOTE: If you want to use this module to encrypt and sign your #
+# server to server traffic, you MUST load it before m_spanningtree in #
+# your configuration file! #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SSL Info module: Allows users to retrieve information about other
# #
# m_ssl_openssl.so is too complex it describe here, see the wiki: #
# http://www.inspircd.org/wiki/OpenSSL_SSL_Module #
+# #
+# NOTE: If you want to use this module to encrypt and sign your #
+# server to server traffic, you MUST load it before m_spanningtree in #
+# your configuration file! #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SSL Cert Oper module: Allows opers to oper up using the key fingerprint
# SILENCE module: Adds support for /SILENCE
#<module name="m_silence.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Extended SILENCE module: Adds support for /SILENCE with additional
+# features to silence based on invites, channel messages, etc.
+#<module name="m_silence_ext.so">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SQLutils module: Provides some utilities to SQL client modules, such
# as mapping queries to users and channels. You must copy the source
# maintain notify lists.
#<module name="m_watch.so">
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# ZipLinks module: Adds support for zlib deflate on server to server
+# connections. Both ends of the connection must load this module.
+#
+#<module name="m_ziplink.so">
+#
+# To use this module, you must enable it as a transport type in your
+# <link> tags or <bind> tags using the transport name 'zip'.
+# See the documentation of <link> and <bind>, respectively.
+#
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#- BAN OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# The ban tags define nick masks, host masks and ip ranges which are #
projects / user / henk / code / inspircd.git / blobdiff