aboutsummaryrefslogtreecommitdiff
path: root/doc/example.conf
diff options
context:
space:
mode:
Diffstat (limited to 'doc/example.conf')
-rw-r--r--doc/example.conf531
1 files changed, 531 insertions, 0 deletions
diff --git a/doc/example.conf b/doc/example.conf
new file mode 100644
index 0000000..afcc9c2
--- /dev/null
+++ b/doc/example.conf
@@ -0,0 +1,531 @@
+# IRC - Internet Relay Chat, doc/example.conf
+# Copyright (C) 1994, Helen Rose
+#
+# $Id: example.conf,v 1.11 1999/07/14 16:17:23 kalt Exp $
+#
+# some changes for 295 and cleaning, delta, Sat Jun 13 01:09:25 MES 1998
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 1, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+# This is an example configuration file for the IRC server.
+# It's highly suggested that you also read INSTALL.* in doc/ and talk with
+# your uplinks if linking to an already existent IRC network.
+#
+# You only need an ircd.conf (IRC server configuration file) if you are
+# running an IRC server. If you are running a standalone client this file
+# is not necessary.
+#
+# This file will explain the various lines in the IRC server
+# configuration file. Not all lines are mandatory. You can check to make
+# sure that your configuration file is correct by using the program
+# "chkconf", provided in the server distribution (and when you do "make
+# install" this program will be installed in the same directory as the irc
+# server).
+#
+# The options for whether a line is needed or not are:
+# MANDATORY: you absolutely MUST have this line
+# NETWORKED: you must have this line if you are connecting this irc
+# server to any other server (servers can run standalone).
+# SUGGESTED: it is HIGHLY suggested that you use this line
+# OPTIONAL: it's completely up to you whether to define this or not
+# DISCOURAGED: you really really should not use this line if at all
+# possible.
+# NOT NECESSARY: an old or out of date line that isn't needed.
+#
+#
+# ========================================================================
+# NOTE! this entire configuration file is read UPSIDE-DOWN! So if you have
+# to put something in a specific order (for example, client-connection
+# lines), put them in reverse order!
+# ========================================================================
+#
+#
+############################
+# M: [MANDATORY]. This line sets your server's name, description and port
+# the server listens for UDP pings (used to determine the fastest link in a
+# class when autoconnecting)
+#
+# M:<Server NAME>:<YOUR Internet IP#>:<Geographic Location>:<Port>
+#
+# Note that 'server name' refers to the name of the irc-server which needs
+# not to be the same as the hostname of the machine it's running on.
+#
+# this let's ircd use the primary ip of your host to establish connections
+M:csa.bu.edu::Boston University Computer Science Department:6667
+#
+# this let's ircd use the ip 128.197.13.20 to establish connections, useful
+# if you're running virtual interfaces
+#M:csa.bu.edu:128.197.13.20:Boston University Computer Science Department:6667
+#
+#
+############################
+# A: [MANDATORY]. This line lists your administrative information
+# (contact address, etc). To view this information, /admin (server) will
+# show it to you.
+#
+# A:<Your Name/Location>:<Your Electronic Mailing Addr>:<other information>::
+#
+A:Boston University CS Department:Helen Rose <hrose@cs.bu.edu>:Client Server::
+#
+#
+############################
+# P: [MANDATORY]. This field allows the server to listen on various ports
+# for connections. Any internet domain port that is below 1024 means the
+# ircd has to be run as root, or from inetd. The server can listen to ports
+# in the UNIX domain or the internet domain. If you wish to create a port
+# in the UNIX domain you must compile with UNIXPORT defined in config.h.
+#
+# P:<YOUR Internet IP#>:<*>:<Internet IP Mask>:<Port>:
+# P:<Directory>:<*>:<*>:<Port>:
+#
+# Note that it's a good idea to open some more ports than 6667 for
+# server-server connections and local clients in case some running wild
+# client blocks the default 6667.
+#
+# the default, an internet domain socket on port 6667 listening on all
+# ip addresses of the machine running ircd
+P::::6667:
+#
+# an internet domain socket listening on port 6668 on address 206.252.192.20
+# (again useful if you're running virtual interfaces)
+P:206.252.192.20:::6668:
+#
+# an internet domain socket listening on port 6669 for connections from
+# addresses matching 147.210.18.* :
+P:::147.210.18.*:6669:
+#
+# This line is an example of a UNIX domain socket in /tmp
+P:/tmp/.ircd:*:*:6666:
+#
+#
+############################
+# Y: [SUGGESTED]. These lines define connection classes. Connection
+# classes allow you to fine-tune your client and server connections.
+# Since the fields have different meanings for server and client classes
+# you shouldn't mix them, and if you have lots of server connections (if
+# you do have lots of servers you shouldn't be reading this file :-) each
+# set of servers (defined arbitrarily by you) should have its own class.
+# If you have clients coming in from lots of different sites, you may want
+# to seperate them out into classes. For instance, you may want to put
+# local users in one class, with remote users in another class. You may also
+# want to put limits on some client classes (one client only for indials
+# for example). In any larger network you definitely want to do this.
+#
+# For SERVER CLASSES, the fields are:
+# Y:<Class>:<Ping Frequency>:<Connect freq>:<Max Links>:<SendQ>::
+# 1 2 3 4 5 67
+# 1 class number
+# 2 ping frequency (in seconds)
+# 3 connect frequency (in seconds)
+# 4 maximum number of automatically initiated links in this class
+# 5 sendq (this overrides any MAXSENDQLENGTH set in config.h)
+# 6 unused for server classes
+# 7 unused for server classes
+#
+# The class numbers are not arbitrary. In auto-connecting servers -- that is,
+# servers that you have a port number (e.g. 6667) on the end of the C: line
+# (see below) the higher the number the higher the priority in auto-connecting.
+#
+# Note that it is a good idea to have ping frequency the same at both ends
+# of the link.
+#
+# this is a normal server connection (normal as of October, 1997)
+# Y:<Class>:<Ping Frequencys>:<Connect freq>:<Max Links>:<SendQ>::
+Y:2:90:300:1:4000000
+#
+#
+# For CLIENT CLASSES, the fields are:
+# Y:<Class>:<Ping Frequency>::<Max Links>:<SendQ>:<Local Limit>:<Global Limit>
+# 1 2 3 4 5 6 7
+# 1 class number
+# 2 ping frequency (in seconds)
+# 3 unused for client classes
+# 4 maximum number of links in this class (per I line)
+# 5 sendQ for each client
+# 6 maximum number of links from this [user@]host on the server
+# 7 maximum number of links from this [user@]host on the net
+#
+# local and global limits have the format <x>.<y> where x defines the maximum
+# number of clients from the same host (IP) whereas y defines the maximum
+# number of clients from the same user@host (IP) allowed to connect. the
+# latter uses the identd replies to identify a user, falling back to an
+# @host limit if no identd runs on the client and fails for identds generating
+# dynamical answers.
+#
+# Note that any unset values default to zero which means 'unlimited'.
+#
+# Y:<Class>:<Ping Frequency>::<Max Links>:<SendQ>:<Local Limit>:<Global Limit>
+# this is a class for multiuser systems allowing 10 local clients per host
+Y:10:90::100:512000:10:32
+#
+# this is a class for multiuser systems running a trustworthy identd
+Y:11:90::100:512000:0.1:0.2
+#
+# this is a class for single user systems (PCs, most indials, ...)
+Y:12:90::100:512000:1:3
+#
+# this is a class for remote systems you want to allow as fallback only
+# (if you run an open server in a net you might really want this)
+Y:13:90::100:512000:1:1
+#
+#
+############################
+# i/I: [MANDATORY]. The I: lines are client-authorization lines. Without
+# these lines, no clients will be able to connect to your server.
+# Wildcards ("*") are permitted. Passwords are also possible (clients can
+# be configured to send passwords) but optional. 'I' allows full access,
+# 'i' sets restricted mode which forbids nick changes and channel op status.
+#
+# I:<TARGET Host Addr>:<Password>:<TARGET Hosts NAME>:<Port>:<Class>
+# i:<TARGET Host Addr>:<Password>:<TARGET Hosts NAME>:<Port>:<Class>
+#
+# NOTE that ircd matches on the *right-most* match and doesn't stop matching
+# after the <TARGET Hosts NAME> didn't match (see also examples below).
+#
+# Not that if <TARGET Hosts NAME> is empty ircd will show clients matching
+# the <TARGET Host Addr> and do resolve as user@host. if an I:-line has both
+# NAME and Addr defined and a client matches only the Addr part it will be
+# shown as user@ip-address regardless if it does resolv or not.
+#
+# this would allow access for any client reaching this line which doesn't
+# already have at least one connection to the net. if you run an open server
+# in a net this might be the right choice, talk to your uplinks first anyway.
+# resolving clients matching this line would be shown as user@host since
+# the field <TARGET Hosts NAME> is empty.
+# Note listing this i: line first, it will be read *last*, meaning it is
+# the "fall-through".
+#i:*@*::::13
+# With the password 'foobar'
+#i:*@*:foobar:::13
+# Note that I:*::*.bu.edu:10 would also allow _all_ clients regardless
+# if they're from *.bu.edu or not since ircd doesn't stop matching after the
+# <TARGET Hosts NAME> didn't match.
+#
+# this would allow access for any client coming from *.net, *.org, *.com or
+# other 3 char TLD
+#i:::*@*.???:13
+#
+# this allows access for any client from the ip block 192.168.0.0/16
+# regardless of its domain. if it's resolvable it will be shown as
+# user@host since the field <TARGET Hosts NAME> is empty (useful to
+# allow whole provider's blocks).
+I:*@192.168.*::::12
+#
+# This is a standard vanilla I: line which will permit anyone with an IP
+# address starting with 128.197 OR with a hostname ending in .bu.edu to
+# connect to the server. NOTE, the ircd matches on the *right-most* match,
+# so if I connect as hrose@csa.bu.edu (which is hrose@128.197.10.3) I will
+# show up on irc as hrose@csa.bu.edu since that is the first match it
+# found. (Even though the second match is valid).
+I:*@128.197.*::*@*.bu.edu::10
+#
+# and you can even specify just certain usernames as long as the client's
+# site is running a trustworthy ident daemon:
+I:::hrose@csa.bu.edu::10
+#
+# this will limit access for indials to one client per host
+I:::*@ppp*.bu.edu::12
+I:::*@indial*.bu.edu::12
+#
+#
+############################
+# O: [OPTIONAL]. These lines define operator access. You do not need to
+# have an operator to run a server. A well configured leaf site should not
+# need an operator online, if it's connections are well defined, the irc
+# administrator can use 'kill -HUP' on the ircd to reload the configuration
+# file.
+#
+# O:<TARGET Host NAME>:<Password>:<Nickname>:<Port>:<Class>
+#
+# If the person in "Nickname" is not coming from the hostname defined in
+# the first field then the person will get the error message "No O: lines
+# for your host".
+#
+# Note that you don't need to use 'Nickname' to become operator, if you're
+# using some other nick at that moment '/op Nickname' will do also.
+#
+O:*.bu.edu:Zaphod:Trillian::10
+#
+# and this line forces ident match:
+O:hrose@csa.bu.edu:Zaphod:Trillian::10
+#
+# This line is a "local operator", it is specified with a lower-case "o"
+#
+# this line permits the nickname "jhs" with the password of "ITBites" to
+# be a local operator only (be able to issue commands locally -- can /kill
+# and /squit and /connect -- but *only* locally)
+#
+o:*.bu.edu:ITBites:jhs::10
+#
+# a crypted password line (NOTE that if you have crypted passwords, *all*
+# of you passwords must be crypted! In fact, if you are getting an error
+# "Incorrect Password" it may well be because crypted passwords are
+# defined and you have used plaintext. So my example of plaintext and
+# crypted strings in the same IRC server configuration file is an
+# impossibility (but it is just theoretical, which is why I explained both).
+#
+O:rocker@csa.bu.edu:T0eiVgHrqeKTQ:Rocker::10
+#
+#
+############################
+# c/C: [NETWORKED]. These lines define what servers your server tries to
+# connect to. 'c' means your server will support compression for this link
+# if you've compiled with zlib, 'C' will enforce an uncompressed link.
+# N: [NETWORKED]. These lines define what servers your server permits
+# to connect.
+#
+# c/N lines MUST be used in pairs. You cannot have one without the other.
+#
+# C:<TARGET Host Addr>:<Password>:<TARGET Server NAME>:<TARGET PORT>:<Class>
+# c:<TARGET Host Addr>:<Password>:<TARGET Server NAME>:<TARGET PORT>:<Class>
+#
+# if the target server listens on different ports you can use for <TARGET PORT>
+# <port_to_connect_to>.<port_target_server_listens_for_udp_pings>.
+# <TARGET Host Addr> can be also an ip address or CNAME.
+#
+# N:<TARGET Host Addr>:<Password>:<TARGET Server NAME>:<Domain Mask>:<Class>
+#
+# "domain mask" is the number of parts in *your* hostname to mask to. For
+# instance, with my servername being "csa.bu.edu", if I wanted to present
+# my servername to be "*.bu.edu" I would have a host-mask portion of "1".
+#
+# it is *strongly* advised that your c/N line passwords be different for
+# security's sake.
+#
+# ident is allowed in the server's hostname part of the field.
+# these lines tell the server to automatically (note the port number, that
+# means automatic connection) connect to cs-ftp.bu.edu:
+C:hrose@cs-ftp.bu.edu:bigspark:cs-ftp.bu.edu:6667:2
+N:hrose@cs-ftp.bu.edu:bigalpha:cs-ftp.bu.edu::2
+#
+# This server's connection lines are more vanilla, masking the host to
+# *.bu.edu (as described above):
+C:irc-2.mit.edu:camelsrk00l:irc-2.mit.edu::2
+N:irc-2.mit.edu:andsoarellamas:irc-2.mit.edu:1:2
+#
+# If you have defined ZIP_LINKS and wish the connection to irc-2.mit.edu to
+# be compressed, you need to use a lowercase c. If the other server refuses
+# or doesn't support compression it will fall back to an uncompressed link.
+c:irc-2.mit.edu:camelsrk00l:irc-2.mit.edu::2
+N:irc-2.mit.edu:andsoarellamas:irc-2.mit.edu:1:2
+#
+#
+############################
+# K: [OPTIONAL]. These lines define user@host patterns to be banned from
+# this particular server (with an optional time field). Note that K: lines
+# are *not* global, and if you ban a user they can still use any other IRC
+# server (unless they have specifically been banned there as well).
+# 'K' uses the the type unix reply from the client's identd if available or
+# the USER information supplied by the client if not. 'k' uses the reply from
+# the client's identd also if it's type other (it's prefixed with '-' then).
+#
+# K:<Host Name or IP>:<time interval(s)|comment>:<User>:<port>:
+# k:<Host Name or IP>:<time interval(s)|comment>:<Auth>:<port>:
+#
+# wildcards are permitted in any one of the fields, in other words, you can
+# K:*::* if you wanted (but your server wouldn't be used much ;-)
+#
+# Note that if you specify an IP address, or IP mask, it will match clients
+# connecting from the matching addresses, no matter if they resolve or not.
+# You can prefix an IP address or IP mask by '=' in which case only non
+# resolving matching hosts will be banned.
+#
+# This k: line bans the username "FSSPR" (the wildcard is used to make
+# sure that any ident-checking character will match) on any machine from
+# the University of Alaska.
+k:*.alaska.edu::*FSSPR:0
+#
+# This K: line bans any users from acs*.bu.edu between the hours of 8am
+# and 12pm and 1pm and 5pm (the time is always the server's local time):
+# Note that 24 hour time is used (no "AM" or "PM").
+K:acs*.bu.edu:0800-1200,1300-1700:*:0
+#
+# This K: line bans any users from *foo.edu sending them the notice
+# "Use server irc.bar" instead of the default notice
+# "You are not welcome to this server"
+K:*foo.edu:Use server irc.bar:*:0
+#
+# This K: line bans any users from *toto.fr from using the port 6667,
+# and tells them to use port 6666 instead.
+K:*toto.fr:Use port 6666:*:6667:
+#
+# This K: line bans any user from 129.69.0.0/16 as long the host doesn't run
+# identd (no matter if it replies type unix or other) from all ports.
+k:129.69.*:identd (rfc1413) required:unknown::
+#
+# This does the same but only for unresolvable clients
+k:=129.69.*:identd (rfc1413) required:unknown::
+#
+#
+############################
+# L: [OPTIONAL]. These lines "Leaf" specified servers. They are only
+# useful if you are a non-leaf site yourself. There are two ways you can
+# use L: lines. The first will limit one particular site to a particular
+# tree depth (including 0, which would mean the server has to connect with
+# no servers linked behind it otherwise the connection will fail). The
+# second will allow you to be selective about which other servers you wish
+# the connecting server to behave as a leaf towards.
+#
+# The fields are as follows:
+# L:disallow connections to this hostmask::server name:depth
+# For example, this will force kaja.gi.alaska.edu to connect only as a
+# leaf (if it is not a leaf, the link will be dropped):
+L:::kaja.gi.alaska.edu::
+# This line will force cm5.eng.umd.edu to have a depth of only 1 below it
+# (that is, it is allowed to have only leaves connected to it):
+L:::cm5.eng.umd.edu:1:
+#
+# This line will prohibit anything matching *.edu to be connected behind
+# any server matching *.au:
+L:*.edu::*.au::
+#
+#
+############################
+# H: [OPTIONAL]. These lines define who you permit to act as a "hub" to
+# you (that is, who you permit to connect non-leafed servers to you).
+#
+# the first field may use wildcards, the third field *must* be an exact
+# match for a server's name (NOT a server's hostname, if they differ, the
+# server's name must be used). If the servername is a wildcard (e.g. *.au)
+# that is an acceptable name for the third field.
+#
+# The fields are as follows:
+# H:servers which are permitted entry::hub server
+#
+# Example, permit cs-ftp.bu.edu to allow any servers behind it to connect:
+H:*::cs-ftp.bu.edu::
+#
+# Example, permit irc-2.mit.edu to allow any MIT servers behind it to
+# connect:
+H:*.mit.edu::irc-2.mit.edu::
+#
+#
+############################
+# D: [OPTIONAL]. Control how auto connections are done. This will be mostly
+# useful for networks with complex configurations.
+#
+# D:<Denied Server Mask>:<Denied Class>:<Server Mask>:<Server Class>:
+# 1 2 3 4
+#
+# If a server matching <Denied Server Mask> or a server in <Denied Class>
+# is present ircd won't auto connect to any server matching <Server Mask>
+# or being in <Server Class> although auto connect for those is active.
+#
+# Example, don't auto connect to *.fi if some server of *.edu is already
+# linked
+D:*.edu::*.fi::
+#
+# Example, don't auto connect to *.fi or any server in class '3' if a
+# server from our class '2' is already present
+D::2:*.fi:3:
+#
+#
+############################
+# V: [OPTIONAL]. These lines define restrictions on servers connecting to
+# you.
+#
+# The first and third fields accept wildcards. The fields are as follow:
+# V:<Version Mask>:<Flags>:<Server Mask>::
+#
+# Example, you believe 2.9.1 is a really old version, and you want your
+# peers to upgrade:
+V:020901*::*::
+#
+# If you are running a production network, you most likely don't want to
+# allow servers compiled in DEBUGMODE which is a threat for the net
+# as well as for the privacy of the users:
+V:*:D:*::
+#
+# Finally, you don't want *.edu servers to be version 2.9.2 *OR* to be
+# compiled with remote oper kills enabled:
+V:020902*:K:*.edu::
+#
+#
+############################
+# B: [SUGGESTED]. These lines define the alternate servers that the users
+# will be redirected to if your server is full.
+#
+# The fiels are as follow:
+# B:<Class|Host Mask>::<Server Name>:<Port>:
+#
+# For example, if you want to redirect your users to irc.stealth.net on port
+# 6667 when your server is full, use:
+B:-1::irc.stealth.net:6667:
+#
+# To redirect *.fi users when your server cannot accept any new user with
+# a hostname matching *.fi, use:
+B:*.fi::irc.funet.fi:6667:
+#
+#
+############################
+# S: [OPTIONAL]. These lines define services allowed to connect to your
+# server. Each service needs a separate line which only allows him to
+# connect once. Remember to compile the ircd with #define USE_SERVICES
+# in config.h, otherwise you can't use services.
+#
+# The fields are as follow:
+# S:<TARGET Host Mask>:<Password>:<Service Name>:<Service Type>:<Class>
+#
+# Example, you want to allow a local information service:
+S:eep.local.net:thisisapassword:EepInfo:0:1
+#
+# Another example, ircd versions since 04/10/1999 support also a hex
+# mask. This is a temporary kline service (tkserv) as you can find it in
+# contrib/tkserv :
+S:eep.local.net:thisisapassword:TkEep:0x2000000:1
+#
+#
+############################
+# U: [NOT NECESSARY]. This line defines the default server for the IRC
+# client that ships with the server -- the default client is in irc/irc
+# You should not use U: lines but instead use the UPHOST definition in
+# config.h
+U:csa.bu.edu:foobar:csa.bu.edu
+#
+#
+############################
+# R: [DISCOURAGED]. These lines restrict user access based on a more
+# stringent checking system than is available in the K: line. It looks for
+# a match (based on hostname and username) and then runs an outside
+# program (which MUST be specified using a full pathname). The output of
+# the program should be a string in the form "Y <message>" (which permits
+# access for the user) or "N <message>" (which denies access for the
+# user). If "Y <message>" is received by the server, the server ignores
+# the message and permits access for the user. If "N <message>" is
+# returned, the server tells the user that he/she is not permitted to
+# access that irc server, and gives the reason.
+#
+# Again, like K: lines, R: lines are local and thus not very effective in
+# blocking certain machines from having IRC access.
+#
+# Use of R: requires that you have defined R_LINES in config.h
+#
+# The fields are as follows:
+# R:hostmask:/full/path/to/program:username
+# you can use wildcards in either the hostmask or username portion
+#
+R:csl.bu.edu:/home/hrose/bin.sun3/sun3access:*::
+#
+#
+############################
+# Q: [DISCOURAGED]. These lines "quarantine" specified servers. Because
+# of the way they operates, the same Q: lines MUST be installed by
+# everyone or the net will keep breaking. I CANNOT EMPHASIZE THIS ENOUGH.
+# Do NOT use Q: lines lightly!
+#
+# The fields are as follows:
+# Q:*:reason why quarantine is in place:servername
+#
+Q::this server is too slow and lags the net:cm5.eng.umd.edu::
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-18 11:11:54 +0000