diff options
| -rw-r--r-- | docs/conf/helpop-full.conf.example | 2 | ||||
| -rw-r--r-- | docs/conf/inspircd.conf.example | 41 | ||||
| -rw-r--r-- | docs/conf/links.conf.example | 14 | ||||
| -rw-r--r-- | src/listensocket.cpp | 14 |
4 files changed, 52 insertions, 19 deletions
diff --git a/docs/conf/helpop-full.conf.example b/docs/conf/helpop-full.conf.example index d8af395ad..a1e3c881a 100644 --- a/docs/conf/helpop-full.conf.example +++ b/docs/conf/helpop-full.conf.example @@ -410,7 +410,7 @@ This command returns the number of local and global clients matched, and the percentage of clients matched, plus how they were matched (by IP address or by hostname)."> -<helpop key="lockserv" value="/LOCKSERV +<helpop key="lockserv" value="/LOCKSERV :[<message>] Locks out all new connections notifying connecting users that the service is temporarily closed and to try again later."> diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example index 3f545e567..79a127d5a 100644 --- a/docs/conf/inspircd.conf.example +++ b/docs/conf/inspircd.conf.example @@ -152,10 +152,13 @@ # to this bind section. type="clients" - # ssl: If you want the port(s) in this bind tag to use SSL, set this - # to either "gnutls" or "openssl". The appropriate SSL module must be - # loaded for SSL to work. If you do not want the port(s) in this bind - # tag to support SSL, just remove or comment out this option. + # ssl: If you want the port(s) in this bind tag to use SSL, set this to + # the name of a custom <sslprofile> tag that you have defined or one + # of "openssl", "gnutls", "mbedtls" if you have not defined any. See the + # wiki page for the SSL module you are using for more details. + # + # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls + # for GnuTLS and ssl_mbedtls for mbedTLS. ssl="gnutls" # defer: When this is non-zero, connections will not be handed over to @@ -168,6 +171,12 @@ # To change it on a running bind, you'll have to comment it out, # rehash, comment it in and rehash again. defer="0" + + # free: When this is enabled the listener will be created regardless of + # whether the interface that provides the bind address is available. This + # is useful for if you are starting InspIRCd on boot when the server may + # not have brought the network interfaces up yet. + free="no" > <bind address="" port="6660-6669" type="clients"> @@ -177,11 +186,19 @@ # module). #<bind address="" port="7002" type="clients" hook="websocket"> -# When linking servers, the OpenSSL and GnuTLS implementations are completely -# link-compatible and can be used alongside each other -# on each end of the link without any significant issues. -# Supported SSL types are: "openssl" and "gnutls". -# You must load the ssl_openssl module for OpenSSL or ssl_gnutls for GnuTLS. +# You can define a custom <sslprofile> tag which defines the SSL configuration +# for this listener. See the wiki page for the SSL module you are using for +# more details. +# +# Alternatively, you can use one of the default SSL profiles which are created +# when you have not defined any: +# "openssl" (requires the ssl_openssl module) +# "gnutls" (requires the ssl_gnutls module) +# "mbedtls" (requires the ssl_mbedtls module) +# +# When linking servers, the OpenSSL, GnuTLS, and mbedTLS implementations are +# completely link-compatible and can be used alongside each other on each end +# of the link without any significant issues. <bind address="" port="7000,7001" type="servers"> <bind address="1.2.3.4" port="7005" type="servers" ssl="openssl"> @@ -301,9 +318,9 @@ # \017 or \x = Stop all color sequences allowmotdcolors="false" - # port: What port this user is allowed to connect on. (optional) - # The port MUST be set to listen in the bind blocks above. - port="6697"> + # port: What port range this user is allowed to connect on. (optional) + # The ports MUST be set to listen in the bind blocks above. + port="6697,9999"> <connect # name: Name to use for this connect block. Mainly used for diff --git a/docs/conf/links.conf.example b/docs/conf/links.conf.example index 90849ede2..f3e07f7ed 100644 --- a/docs/conf/links.conf.example +++ b/docs/conf/links.conf.example @@ -36,13 +36,15 @@ # failover (see above). timeout="300" - # ssl: If defined, this states the SSL module that will be used when - # making an outbound connection to the server. Options are: "openssl" - # and "gnutls" (they are compatible with each other). + # ssl: If defined, this states the SSL profile that will be used when + # making an outbound connection to the server. Options are the name of an + # <sslprofile> tag that you have defined or one of "openssl", "gnutls", + # "mbedtls" if you have not defined any. See the wiki page for the SSL + # module you are using for more details. # - # You will need to load the ssl_openssl module for OpenSSL, - # or ssl_gnutls for GnuTLS. The server port that you connect to - # must be capable of accepting this type of connection. + # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls + # for GnuTLS and ssl_mbedtls for mbedTLS. The server port that you + # connect to must be capable of accepting this type of connection. ssl="gnutls" # fingerprint: If defined, this option will force servers to be diff --git a/src/listensocket.cpp b/src/listensocket.cpp index 13aebf75f..d09f5e624 100644 --- a/src/listensocket.cpp +++ b/src/listensocket.cpp @@ -54,6 +54,20 @@ ListenSocket::ListenSocket(ConfigTag* tag, const irc::sockets::sockaddrs& bind_t } #endif + if (tag->getBool("free")) + { + socklen_t enable = 1; +#if defined IP_FREEBIND // Linux 2.4+ + setsockopt(fd, SOL_IP, IP_FREEBIND, &enable, sizeof(enable)); +#elif defined IP_BINDANY // FreeBSD + setsockopt(fd, IPPROTO_IP, IP_BINDANY, &enable, sizeof(enable)); +#elif defined SO_BINDANY // NetBSD/OpenBSD + setsockopt(fd, SOL_SOCKET, SO_BINDANY, &enable, sizeof(enable)); +#else + (void)enable; +#endif + } + SocketEngine::SetReuse(fd); int rv = SocketEngine::Bind(this->fd, bind_to); if (rv >= 0) |