From bbc8b64aade4ecddb3c018cc172c4bd38cd178de Mon Sep 17 00:00:00 2001 From: michael Date: Sun, 20 Jul 2014 09:35:23 +0000 Subject: - Update doc/reference.conf git-svn-id: svn://svn.ircd-hybrid.org/svnroot/ircd-hybrid/branches/8.1.x@4289 82007160-df01-0410-b94d-b575c5fd34c7 --- doc/reference.conf | 134 +++++++++++++++++++++++++++-------------------------- 1 file changed, 68 insertions(+), 66 deletions(-) diff --git a/doc/reference.conf b/doc/reference.conf index 9a8f07c..fee5b30 100644 --- a/doc/reference.conf +++ b/doc/reference.conf @@ -10,8 +10,8 @@ * ######################################################################## * IMPORTANT NOTE: * - * auth {} blocks MUST be specified in order of precedence. The first one - * that matches a user will be used. So place spoofs first, then specials, + * auth {} blocks MUST be specified in order of precedence. The first one + * that matches a user will be used. So place spoofs first, then specials, * then general access. * ######################################################################## * @@ -108,7 +108,7 @@ serverinfo { * chown . rsa.key * chmod 0600 rsa.key */ -# rsa_private_key_file = "/usr/local/ircd/etc/rsa.key"; +# rsa_private_key_file = "etc/rsa.key"; /* * ssl_certificate_file: the path to the file containing our @@ -130,7 +130,7 @@ serverinfo { * Common Name: irc.someirc.net * E-mail: you@domain.com */ -# ssl_certificate_file = "/usr/local/ircd/etc/cert.pem"; +# ssl_certificate_file = "etc/cert.pem"; /* * ssl_dh_param_file: @@ -147,7 +147,7 @@ serverinfo { * regarding specific OpenSSL dhparam command-line options * can be found in the OpenSSL manual. */ -# ssl_dh_param_file = "/usr/local/ircd/etc/dhparam.pem"; +# ssl_dh_param_file = "etc/dhparam.pem"; /* * ssl_cipher_list: @@ -203,18 +203,18 @@ class { /* * number_per_ip: how many local users are allowed to connect - * from a single IP address (optional) + * from a single IP address (optional) */ number_per_ip = 2; /* * max_local: how many local users are allowed to connect - * from a single ident@host (optional) + * from a single ident@host (optional) */ max_local = 2; /* - * max_global: network-wide limit of users per ident@host (optional) + * max_global: network-wide limit of users per ident@host (optional) */ max_global = 10; @@ -224,7 +224,7 @@ class { max_number = 100; /* - * the following lines are optional and allow you to define + * The following lines are optional and allow you to define * how many users can connect from one /NN subnet. */ cidr_bitlen_ipv4 = 24; @@ -305,7 +305,7 @@ motd { /* * file: path to the actual motd file. */ - file = "/usr/local/ircd/etc/german.motd"; + file = "etc/german.motd"; }; /* @@ -313,8 +313,8 @@ motd { */ listen { /* - * port: the port to listen on. If no host is specified - * earlier in the listen {} block, it will listen on all available IPs. + * port: the port to listen on. If no host is specified earlier + * in the listen {} block, it will listen on all available IPs. * * Ports are separated by commas; a range may be specified using ".." */ @@ -355,12 +355,12 @@ listen { auth { /* * user: the user@host allowed to connect. Multiple user - * lines are permitted within each auth block. + * lines are permitted within each auth {} block. */ user = "*@172.16.0.0/12"; user = "*test@123D:B567:*"; - /* password: an optional password that is required to use this block */ + /* password: an optional password that is required to use this block. */ password = "letmein"; /* @@ -375,12 +375,12 @@ auth { */ spoof = "I.still.hate.packets"; - /* class: the class the user is placed in */ + /* class: the class the user is placed in. */ class = "opers"; /* * need_password - don't allow users who haven't supplied the correct - * password to connect using another auth{} block + * password to connect using another auth {} block * ('&' prefix on /stats I if disabled) * need_ident - require the user to have identd to connect ('+' prefix on /stats I) * spoof_notice - enable spoofing notification to admins @@ -408,7 +408,7 @@ auth { user = "*.server"; - /* class: a class is required even though it is not used */ + /* class: a class is required even though it is not used. */ class = "users"; }; @@ -453,7 +453,7 @@ operator { * A password should not be defined when this is used; see * doc/challenge.txt for more information. */ -# rsa_public_key_file = "/usr/local/ircd/etc/oper.pub"; +# rsa_public_key_file = "etc/oper.pub"; /* * ssl_certificate_fingerprint: enhances security by additionally checking @@ -469,17 +469,17 @@ operator { /* * ssl_connection_required: client must be connected over SSL/TLS - * in order to be able to use this oper{} block. + * in order to be able to use this operator {} block. * Default is 'no' if nothing else is specified. */ ssl_connection_required = no; - /* class: the class the oper joins when they successfully /oper */ + /* class: the class the oper joins when they successfully /oper or /challenge. */ class = "opers"; /* - * umodes: the default usermodes opers get when they /oper. If defined, - * it will override oper_umodes settings in general {}. + * umodes: the default usermodes opers get when they /oper or /challenge. + * If defined, it will override oper_umodes settings in general {}. * Available usermodes: * * +b - bots - See bot and drone flooding notices @@ -488,7 +488,7 @@ operator { * +d - debug - See debugging notices * +e - external - See remote server connection and split notices * +F - farconnect - Remote client connection/quit notices - * +f - full - See auth{} block full notices + * +f - full - See auth {} block full notices * +G - softcallerid - Server Side Ignore for users not on your channels * +g - callerid - Server Side Ignore (for privmsgs etc) * +H - hidden - Hides operator status to other users @@ -508,7 +508,7 @@ operator { /* * privileges: controls the activities and commands an oper is - * allowed to do on the server. All options default to no. + * allowed to do on the server. All options default to 'no'. * Available options: * * module - allows MODULE @@ -544,7 +544,7 @@ operator { * service {}: specifies a server which may act as a network service * * NOTE: it is very important that every server on the network - * has the same service{} block. + * has the same service {} block. */ service { name = "service.someserver"; @@ -555,7 +555,7 @@ service { * connect {}: define a server to connect to */ connect { - /* name: the name of the server */ + /* name: the name of the server. */ name = "irc.uplink.com"; /* @@ -585,7 +585,7 @@ connect { */ encrypted = no; - /* port: the port to connect to this server on */ + /* port: the port to connect to this server on. */ port = 6666; /* @@ -600,7 +600,7 @@ connect { */ # leaf_mask = "*.uk"; - /* class: the class this server is in */ + /* class: the class this server is in. */ class = "server"; /* @@ -660,8 +660,8 @@ cluster { * will not be propagated to clustered servers. * * Remote servers are not necessarily required to accept - * clustered lines, they need a shared{} for *THIS* server - * in order to accept them. + * clustered lines, they need a shared {} block for *THIS* + * server in order to accept them. */ name = "*.arpa"; @@ -750,6 +750,7 @@ exempt { * resv {}: nicks and channels users may not use/join */ resv { mask = "clone*"; reason = "Clone bots"; }; +resv { mask = "Global"; reason = "Reserved for services"; }; resv { mask = "ChanServ"; reason = "Reserved for services"; }; resv { mask = "NickServ"; reason = "Reserved for services"; }; resv { mask = "OperServ"; reason = "Reserved for services"; }; @@ -874,7 +875,8 @@ channel { /* * serverhide {}: The serverhide block contains the options regarding - * to server hiding + * to server hiding. For more information regarding server hiding, + * please see doc/serverhide.txt */ serverhide { /* @@ -909,7 +911,7 @@ serverhide { /* * hide_services: define this if you want to hide the location of - * services servers that are specified in the service{} block. + * services servers that are specified in the service {} block. */ hide_services = no; @@ -944,11 +946,14 @@ general { */ cycle_on_host_change = yes; - /* services_name: servername of nick/channel services */ + /* services_name: servername of nick/channel services. */ services_name = "service.someserver"; /* max_watch: maximum WATCH entries a client can have. */ - max_watch = 60; + max_watch = 30; + + /* max_accept: maximum allowed /accept's for +g usermode. */ + max_accept = 30; /* gline_enable: enable glines (network-wide temporary klines). */ gline_enable = yes; @@ -979,7 +984,7 @@ general { /* * invisible_on_connect: whether to automatically set mode +i on - * connecting users. + * connecting users. */ invisible_on_connect = yes; @@ -989,7 +994,7 @@ general { * automatically to the new nick. kill_chase_time_limit is the maximum * time following a nickname change that this chasing will apply. */ - kill_chase_time_limit = 90 seconds; + kill_chase_time_limit = 30 seconds; /* * hide_spoof_ips: if disabled, opers will be allowed to see the real @@ -1041,23 +1046,20 @@ general { * min_nonwildcard: the minimum number of non-wildcard characters in * k/d/g lines placed via the server. K-lines hand-placed are exempt from * this limit. - * Wildcard chars: '.', ':', '*', '?', '@', '!' + * Wildcard characters: '.', ':', '*', '?', '@', '!' */ min_nonwildcard = 4; /* * min_nonwildcard_simple: the minimum number of non-wildcard characters - * in gecos bans. Wildcard chars: '*', '?' + * in gecos bans. Wildcard characters: '*', '?' */ min_nonwildcard_simple = 3; - /* max_accept: maximum allowed /accept's for +g usermode. */ - max_accept = 20; - /* anti_nick_flood: enable the nickflood control code. */ anti_nick_flood = yes; - /* nick flood: the number of nick changes allowed in the specified period */ + /* nick flood: the number of nick changes allowed in the specified period. */ max_nick_time = 20 seconds; max_nick_changes = 5; @@ -1085,33 +1087,33 @@ general { /* * stats_e_disabled: set this to 'yes' to disable "STATS e" for both * operators and administrators. Doing so is a good idea in case - * there are any exempted (exempt{}) server IPs you don't want to + * there are any exempted (exempt {}) server IPs you don't want to * see leaked. */ stats_e_disabled = no; - /* stats_o_oper_only: make stats o (opers) oper only */ + /* stats_o_oper_only: make stats o (opers) oper only. */ stats_o_oper_only = yes; - /* stats_P_oper_only: make stats P (ports) oper only */ + /* stats_P_oper_only: make stats P (ports) oper only. */ stats_P_oper_only = yes; - /* stats_u_oper_only: make stats u (uptime) oper only */ + /* stats_u_oper_only: make stats u (uptime) oper only. */ stats_u_oper_only = no; /* * stats_i_oper_only: make stats i (auth {}) oper only. Set to: - * yes - show users no auth blocks, made oper only. - * masked - show users the first matching auth block - * no - show users all auth blocks. + * yes - show users no auth {} blocks, made oper only + * masked - show users the first matching auth {} block + * no - show users all auth {} blocks */ stats_i_oper_only = yes; /* * stats_k_oper_only: make stats k/K (klines) oper only. Set to: - * yes - show users no auth blocks, made oper only - * masked - show users the first matching auth block - * no - show users all auth blocks. + * yes - show users no auth {} blocks, made oper only + * masked - show users the first matching auth {} block + * no - show users all auth {} blocks */ stats_k_oper_only = yes; @@ -1147,7 +1149,7 @@ general { short_motd = no; /* - * ping_cookie: require clients to respond exactly to a ping command, + * ping_cookie: require clients to respond exactly to a PING command, * can help block certain types of drones and FTP PASV mode spoofing. */ ping_cookie = no; @@ -1157,7 +1159,7 @@ general { /* * true_no_oper_flood: completely eliminate flood limits for opers - * and for clients with can_flood = yes in their auth {} blocks. + * and for clients with 'can_flood' in their auth {} blocks. */ true_no_oper_flood = yes; @@ -1182,7 +1184,7 @@ general { * +d - debug - See debugging notices * +e - external - See remote server connection and split notices * +F - farconnect - Remote client connection/quit notices - * +f - full - See auth{} block full notices + * +f - full - See auth {} block full notices * +G - softcallerid - Server Side Ignore for users not on your channels * +g - callerid - Server Side Ignore (for privmsgs etc) * +H - hidden - Hides operator status to other users @@ -1222,8 +1224,8 @@ modules { * path: other paths to search for modules specified below * and in "/module load". */ - path = "/usr/local/ircd/lib/ircd-hybrid/modules"; - path = "/usr/local/ircd/lib/ircd-hybrid/modules/autoload"; + path = "lib/ircd-hybrid/modules"; + path = "lib/ircd-hybrid/modules/autoload"; /* module: the name of a module to load on startup/rehash. */ # module = "some_module.la"; @@ -1238,55 +1240,55 @@ log { file { type = oper; - name = "/usr/local/ircd/var/log/oper.log"; + name = "var/log/oper.log"; size = unlimited; }; file { type = user; - name = "/usr/local/ircd/var/log/user.log"; + name = "var/log/user.log"; size = 50 megabytes; }; file { type = kill; - name = "/usr/local/ircd/var/log/kill.log"; + name = "var/log/kill.log"; size = 50 megabytes; }; file { type = kline; - name = "/usr/local/ircd/var/log/kline.log"; + name = "var/log/kline.log"; size = 50 megabytes; }; file { type = dline; - name = "/usr/local/ircd/var/log/dline.log"; + name = "var/log/dline.log"; size = 50 megabytes; }; file { type = gline; - name = "/usr/local/ircd/var/log/gline.log"; + name = "var/log/gline.log"; size = 50 megabytes; }; file { type = xline; - name = "/usr/local/ircd/var/log/xline.log"; + name = "var/log/xline.log"; size = 50 megabytes; }; file { type = resv; - name = "/usr/local/ircd/var/log/resv.log"; + name = "var/log/resv.log"; size = 50 megabytes; }; file { type = debug; - name = "/usr/local/ircd/var/log/debug.log"; + name = "var/log/debug.log"; size = 50 megabytes; }; }; -- cgit