Changeset 807

Timestamp:

06/04/07 21:17:16 (5 years ago)

Author:

wd

Message:

The config-files here got nuked somehow (??). Undo the damage, update them
a little, and also update dependencies for the 1459 protocol.

Location:

trunk/ithildin/modules/ircd

Files:

• etc/acl.conf (modified) (1 diff)
• etc/commands.conf (modified) (1 diff)
• etc/ircd.conf (modified) (1 diff)
• etc/motd (modified) (1 diff)
• etc/smotd (modified) (1 diff)
• protocols/rfc1459.c (modified) (1 diff)

trunk/ithildin/modules/ircd/etc/acl.conf

@@ +1 @@
+// $Id$
+
+/*
+** acl section
+** this section defines access control rules for the server.  access is
+** controlled by host masks.  Hostmasks may have several forms:  they may be
+** in CIDR form (ip/bits), standard pattern form, or 'host' pattern form
+** (see doc/hostmatch.txt).  ACLs are handled in a first matched fashion,
+** and should be added in the order of most specific to least specific in
+** the conf file.  Alternatively, you may give your ACLs rule numbers and
+** order them that way.  Some examples are provided below.
+**
+** ACLs come in three stages:
+** stage one (where former Z:lines and throttles were placed) is evaluated
+** as soon as a socket connection is made.  stage one checks are only valid
+** against IP address, and no username is available.  stage one checks occur
+** before any resources are really allocated to the connection.
+**
+** stage two (not available in previous daemons) is evaluated directly after
+** dns and ident checks have been performed on the connection, but before it
+** is known whether the connection wishes to register as a client or server.
+** these can be useful to block abusive connections from users in a variable
+** IP range trying to register as servers.  it can also be used as a
+** draconian means of forcing EVERY connection to have ident.
+**
+** stage three (I:lines, K:lines, etc) is evaluated when a client attempts
+** to register on the server.  it only effects *clients* (unlike the other
+** two stages), and has several more options.  some examples are listed
+** below.
+*/
+
+/*
+** These two specify the default rule numbers for ACLs.  The first is the
+** default for 'runtime' ACLs (that is, ACLs added from commands the server
+** handles).  The second is the default for 'configured' ACLs (the ACLs in
+** this file).  They are commented out, but have their default values below.
+** Also, when ACLs are added rule numbers *do not* automatically increment.
+** Valid rules are 0-65535.
+*/
+//default-acl-rule 1000;
+//default-acl-conf-rule 2000;
+
+// deny all connections from localhost
+acl {
+    stage 1;                // be sure to check right away
+    host "127.0.0.0/8";
+    access deny;
+    reason "please do not connect from localhost";
+};
+
+// deny connections from the '0::/16' IPv6 prefix (this tends to cause a lot
+// of protocol problems on IRC
+acl {
+    stage 1;
+    host "0::/16";
+    access deny;
+    reason "please do not connect from the 0:: prefix";
+};
+
+// and of course, all other stage one connections are allowed.
+
+// allow users of an internal network to always connect.  do this by placing
+// this ACL at a high rule position (rule 100 here).
+acl 100 {
+    // if no stage is specified, stage 3 is assumed
+    host "*@192.168.42.*";
+    access allow;                // this overrides all other types
+    class ereet;                // the class specification is optional, but
+                                // recommended.  put them in a special class
+};
+
+// deny connections from users who aren't running identd
+acl {
+    host "~*@*";
+    access deny;
+    reason "please enable the auth/ident (rfc1413) service on your computer";
+};
+
+// now make sure to allow all other connections through.  remember to keep
+// broad ACLs such as this at the bottom of the file!
+acl {
+    host "*";
+    access allow;
+    class clients;
+};
+

trunk/ithildin/modules/ircd/etc/commands.conf

@@ +1 @@
+// $Id$
+
+/* The 'commands' section.  This section determines which commands will be
+ * loaded by the server at startup, or when rehashed.  Some commands may be
+ * loaded automatically by other modules (such as protocol modules or
+ * addons).  All the available commands are listed here.  Those which are
+ * depend-loaded elsewhere are commented out.  In addition, any extra
+ * settings provided by command modules are listed with the module. */
+commands {
+    command acl;        // allows operators to view and modify Access
+                        // Control List entries in the server.  Also serves
+                        // as a replacement for old [un][kz]line commands.
+                        // (requires addons/acl)
+
+    command admin;      // provides information about server administrators.
+
+    //command akill;    // provides server commands to set/unset
+                        // network-wide bans of various types.  (requires
+                        // addons/acl, required by protocols/bahamut14)
+
+    command away;       // allows clients to set away messages.
+                        // creates the 'away-length' privilege which
+                        // specifies the maximum length of away messages.
+
+    //command capab;    // the CAPAB command, (required by
+                        // various protocols)
+
+    command chatops;    // allows operators to use the rather silly
+                        // 'chatops' command to gab with each other.  feel
+                        // free to disable this. ;)
+
+    command connect;    // allows operators to request that servers connect
+                        // to each other.
+                        // creates the 'connect' privilege which may be set
+                        // to either 'local' (default) or 'remote'.  this
+                        // controls whether the operator can request remote
+                        // connects.
+                
+    command die /* {    // allows operators to kill the server
+        password "some-md5-pass";   // if you want a password, uncomment this
+                                    // section
+    } */;
+
+    //command dns;      // a command which uses the dns module and behaves much
+                        // like the 'dig' command distributed with ISC bind
+
+    //command error;    // allows servers to pass error messages back and
+                        // forth (required by ircd)
+
+    command flags;      // allows users to set various levels of messages
+                        // they wish to receive.
+
+    command globops;    // allows operators to communicate globally with
+                        // other operators in a relatively secure fashion
+
+    //command gnotice;  // used by servers to pass messages to opers on
+                        // other servers (required by
+                        // various protocols)
+
+    //command helper;   // used to give 'helper' status to other users.
+                        // operator-only (requires usermodes/helper)
+
+    //command helpops;  // used to send 'helpops' messages to other helpers.
+                        // (requires usermodes/helper)
+
+    command info;       // sends information about the server to a user
+
+    command invite;     // allows users to invite others into channels
+                        // creates the +i channel mode to mark a channel
+                        // 'invite only'
+
+    command ison;       // allows users to see who is on (used for notify)
+    
+    //command join;     // allows users to join channels (required by
+                        // ircd)
+
+    //command kick;     // allows channel operators to kick other users
+                        // (requited by ircd)
+
+    //command kill;     // allows operators to remove users from the network
+                        // (required by ircd).
+                        // creates the 'kill' privilege which may be either
+                        // 'local' or 'global' and controls whether local
+                        // server operators can kill users on other servers
+                        // (global) or only on this server (local)
+
+    command links;      // allows users to see what servers are on the
+                        // network
+
+    command list;       // allows users to retrieve a list of channels
+
+    command locops;     // allows operators to communicate with other
+                        // operators on their server.
+
+    command lusers;     // displays statistics about the current server.
+    
+    //command mode;     // allows users to change either usermodes or
+                        // channel modes (required by ircd)
+
+    command module;     // allows operators to examine and manipulate
+                        // modules loaded by the server
+
+    command motd;       // allows users to see the Message of the Day.  The
+                        // default MOTD files are in <confpath>/ircd/motd
+                        // and <confpath>/ircd/smotd (for the regular and
+                        // short versions, respectively)
+
+    command names;      // allows users to retrieve a channel names list
+
+    //command nick;     // allows users to register themselves with the
+                        // server, and change their nicknames (required by
+                        // ircd)
+
+    command notice;     // allows users to send notices to other users or
+                        // channels (also adds privmsg)
+
+    command oper;       // allows users to grant themselves operator status
+                        // on the server.
+
+    //command part;     // allows users to depart a channel (required by
+                        // ircd)
+
+    //command pass;     // allows users to specify a pre-registration
+                        // password (required by protocol.rfc1459)
+
+    //command ping;     // allows users and servers to ensure links are up
+    //command pong;     // (required by ircd)
+
+    //command quit;     // allows users to sign off the server (required by
+                        // ircd)
+
+    command rehash;     // allows operators to reload the server's
+                        // configuration files.
+                        // creates the 'rehash' privilege which may be
+                        // either 'local' or 'remote' and works in the same
+                        // manner as the 'connect' privilege.
+
+    //command samode;   // allows 'services admins' to change channel modes
+                        // (requires usermodes/servicesadmin)
+
+    //command server;   // allows servers to register on the network
+                        // (requied by ircd)
+
+    command services;   // adds various services related commands (CHANSERV,
+                        // NICKSERV, et al).
+
+    command silence;    // implements a limited server-side ignore for users
+
+    //command sjoin;    // used by other servers to distribute information
+                        // about users joining channels. (required by
+                        // various protocols, requires commands/mode)
+
+    //command sqline;   // allows servers to set quarantines on
+                        // nicknames/channels (requires addons/quarantine,
+                        // required by protocols/bahamut14)
+
+    //command squit;    // allows operators to remove servers from the
+                        // network (required by addons/core)
+                        // creates the 'squit' privilege which may be either
+                        // 'local' or 'remote' and works in the same manner
+                        // as the 'connect' privilege.
+
+    command stats;      // A wrapper for the STATS command.  Converts common
+                        // requests into their approximate XINFO versions
+                        // (requires commands/xinfo)
+
+    //command svinfo;   // TS server negotiation command.  provides TS of
+                        // linking servers.  (required by various server
+                        // protocols)
+
+    //command svskill;  // special 'services' commands which are required
+    //command svsmode;  // by protocol.bahamut14
+    //command svsnick;
+
+    command time;       // allows users to get the current local time from
+                        // servers on the network.
+
+    command topic;      // creates channel topics and allows users to modify
+                        // them and distribute them over the network.
+                        // creates the +t channel mode which specifies
+                        // whether all users or only chanops can set topics
+
+    command trace;      // allows users to 'trace' server data paths.
+
+    //command user;     // allows users to register on the server (required
+                        // by protocol.rfc1459)
+
+    command userhost;   // allows users to request short-form information
+                        // about the status of other clients
+
+    command version;    // allows users to request information about the
+                        // version of servers on the network.
+
+    command wallops;    // allows operators to send messages to users who
+                        // wish to receive them.
+
+    command watch;      // adds 'server-side notify' support.
+
+    command who;        // allows users to get short-form information
+                        // about several clients at once using a system
+                        // of queries.
+                        // creates the 'who-reply-limit' privilege which
+                        // specifies the maximum number of replies a user
+                        // may receive from the command before no more
+                        // will be sent.
+                        // creates the 'who-see-invisible' privilege which
+                        // specifies whether or not the user can see
+                        // invisible users who are not in channels with them
+
+    command whois;      // allows users to request long-form information
+                        // about other users.
+
+    command whowas;     // allows users to see information about other users
+                        // who have signed off recently.
+
+    command xinfo;      // allows users to request extended information
+                        // about various aspects of the server and their
+                        // client status.
+};
+

trunk/ithildin/modules/ircd/etc/ircd.conf

@@ +1 @@
+// $Id$
+
+/*
+** 'global' section:
+** this section defines the 'global' settings of the IRC server, each one is
+** described as it is laid out.
+*/
+
+global {
+    name "your.server.name.here";
+    network "your-network-here";
+    //address 192.168.42.1; // the ip of the server
+    ports 6660-6669,7000,7325; // the port(s) it runs on
+    info "your info here"; // the gecos information
+    /*
+    ** admin sub-section,
+    ** each line designates additional administrative information.  Only
+    ** one line is required.
+    */
+    admin {
+        "your";
+        "info";
+        "here";
+    };
+};
+
+/*
+** protocols section
+** this simply defines a list of protocols you will support, you must
+** also add modules for these protocols in your module configuration
+** file.   Note that the ircd will load rfc1459 for you.
+*/
+protocols {
+    bahamut14; // the server<->server protocol for bahamut 1.4.34+ servers
+};
+
+/*
+** supported commands to load.  you may want to chuck this section in
+** another file,  it can get pretty long.  however, a lot of commands are
+** loaded by modules that need them.
+*/
+$INCLUDE ircd/commands.conf;
+
+/*
+** addons to load.  stuff like ACLs and other friends (spamguarders and the
+** like) are addons
+*/
+addon acl;
+// acl section included from acl.conf
+$INCLUDE ircd/acl.conf;
+        
+addon core; // core support for some channel modes and commands
+
+/*
+** message sets
+** these are message groupings which allow you to reformat a lot of the text
+** sent to a client.  You can $INCLUDE another file to fill in the data,
+** and you need not add a new message for every type!  I recommend creating
+** the first (default) set from nothing (thereby using all defaults)
+*/
+message-set default {};
+
+/*
+** privilege sets
+** these are sets of privileges granted to users.  they work in a manner very
+** similar to the message set system.  Additionally, you can 'include' one
+** privilege set in another (settings are overriden from a top-down
+** perspective) by simply doing "include <name-of-privilege-set>;'.  It is 
+** recommended that you create the first (default) set using all the defaults,
+** and then create your own per-class definitions. 
+*/
+privilege-set default {};
+
+/*
+** class section
+** defines connection classes for users, required fields are
+** name, ping, max, and sendq (all of them
+*/
+
+// you should put the default class at the top of the file.
+class default {
+    ping 180;
+    max 600;
+    sendq 102400;
+};
+
+class server {
+    ping 300;
+    max 0;
+    sendq 10485760; // big send queue for servers
+};
+
+class clients {
+    ping 180; // ping timeout frequency
+    max 2000; // maximum connections belonging to this class
+    sendq 51200; // maximum sendq items for this class.
+    flood 60; // set a lowish value, if you see too many innocents flooding
+              // off try raising this to 80-100
+};
+
+class operator {
+    ping 300; // give them more time
+    max 0; // there is no soft limit on users in this class
+    sendq 1048576; // enormous sendqs.
+    flood 0; // no flooding off for them.
+
+    //hostmask "some.host.name";
+    // the 'hostmask' addon allows you to mask users' hostnames if they
+    // connect in this class.  it is not loaded by default.
+};
+
+/*
+** operator stuff below
+*/
+
+privilege-set oper {
+    maxchannels 0; // no limit
+    see-hidden-channels yes;
+    who-see-invisible yes;
+    who-reply-limit 0;
+    kill global;
+    connect remote;
+    squit remote;
+    operator yes; // this is an operator privilege set
+};
+
+operator you {
+    host "ident@some.host"; // hostnames work
+    host "127.0.0.1/8";            // so do CIDR masks
+
+    pass "md5-password";
+    class "operator";
+    privilege-set oper;
+};
+
+/*
+** server stuff below
+*/
+server your.uplink.here {
+    address "192.168.42.254";
+    port 4000;
+    interval 3m; // try and connect every three minutes
+    protocol bahamut14;
+    theirpass "their-plaintext-password";
+    ourpass "our-plaintext-password";
+    hub *; // lets them hub anything.
+    class server; // be sure to set a server class!
+};
+

trunk/ithildin/modules/ircd/etc/motd

@@ +1 @@
+This is the regular MOTD file.  It looks like this because
+its owner (maybe you) has not taken time to edit it.  How
+very unprofessional of you.  Tsk.

trunk/ithildin/modules/ircd/etc/smotd

@@ +1 @@
+This is the short MOTD.  The owner (maybe you) hasn't bothered
+to edit the default, so this is what you get.  Hah.

trunk/ithildin/modules/ircd/protocols/rfc1459.c

@@ -14 +14 @@
 MODULE_REGISTER("$Rev$");
 const char *mdepends[] = MDEPENDS;
+const char *msoftdepends[] = {
+    "ircd.command.pass", "ircd.command.user",
+    NULL
+};
 
 /* parser for packets */