diff options
Diffstat (limited to 'docs/conf')
-rw-r--r-- | docs/conf/aliases/anope.conf.example | 20 | ||||
-rw-r--r-- | docs/conf/aliases/atheme.conf.example | 25 | ||||
-rw-r--r-- | docs/conf/censor.conf.example | 2 | ||||
-rw-r--r-- | docs/conf/filter.conf.example | 27 | ||||
-rw-r--r-- | docs/conf/helpop-full.conf.example | 184 | ||||
-rw-r--r-- | docs/conf/helpop.conf.example | 30 | ||||
-rw-r--r-- | docs/conf/inspircd.conf.example | 391 | ||||
-rw-r--r-- | docs/conf/links.conf.example | 32 | ||||
-rw-r--r-- | docs/conf/modules.conf.example | 1264 | ||||
-rw-r--r-- | docs/conf/modules/charybdis.conf.example | 302 | ||||
-rw-r--r-- | docs/conf/modules/unrealircd.conf.example | 399 | ||||
-rw-r--r-- | docs/conf/opers.conf.example | 46 | ||||
-rw-r--r-- | docs/conf/rules.txt.example | 3 | ||||
-rw-r--r-- | docs/conf/services/anope.conf.example | 9 | ||||
-rw-r--r-- | docs/conf/services/atheme.conf.example | 52 | ||||
-rw-r--r-- | docs/conf/services/generic.conf.example | 47 |
16 files changed, 1268 insertions, 1565 deletions
diff --git a/docs/conf/aliases/anope.conf.example b/docs/conf/aliases/anope.conf.example deleted file mode 100644 index 4d1441473..000000000 --- a/docs/conf/aliases/anope.conf.example +++ /dev/null @@ -1,20 +0,0 @@ -# Aliases for nickserv, chanserv, operserv, memoserv, hostserv, botserv -<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> - -# Shorthand aliases for nickserv, chanserv, operserv, memoserv, hostserv, botserv -<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> - -# /id [account] <password> -# Identify for a nickname -<alias text="ID" format="*" replace="PRIVMSG NickServ :IDENTIFY $2-" requires="NickServ" uline="yes"> -<alias text="IDENTIFY" format="*" replace="PRIVMSG NickServ :IDENTIFY $2-" requires="NickServ" uline="yes"> diff --git a/docs/conf/aliases/atheme.conf.example b/docs/conf/aliases/atheme.conf.example deleted file mode 100644 index 7a0bc015a..000000000 --- a/docs/conf/aliases/atheme.conf.example +++ /dev/null @@ -1,25 +0,0 @@ -# Aliases for nickserv, chanserv, operserv, memoserv -<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -<alias text="GAMESERV" replace="PRIVMSG GameServ :$2-" requires="GameServ" uline="yes"> -<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> -<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -<alias text="ALIS" replace="PRIVMSG ALIS :$2-" requires="ALIS" uline="yes"> - -# Shorthand aliases for nickserv, chanserv, operserv, memoserv -<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -<alias text="GS" replace="PRIVMSG GameServ :$2-" requires="GameServ" uline="yes"> -<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> -<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -<alias text="LS" replace="PRIVMSG ALIS :$2-" requires="ALIS" uline="yes"> - -# /id [channel] <password> -# Identify for a channel or nickname -<alias text="ID" format="#*" replace="PRIVMSG ChanServ :IDENTIFY $2 $3" requires="ChanServ" uline="yes"> -<alias text="ID" format="*" replace="PRIVMSG NickServ :IDENTIFY $2-" requires="NickServ" uline="yes"> - diff --git a/docs/conf/censor.conf.example b/docs/conf/censor.conf.example index ea9e08147..23924d14b 100644 --- a/docs/conf/censor.conf.example +++ b/docs/conf/censor.conf.example @@ -1,4 +1,4 @@ -# Configuration file for m_censor.so +# Configuration file for the censor module # The tags for this module are formatted as follows: # diff --git a/docs/conf/filter.conf.example b/docs/conf/filter.conf.example index 45e5d2853..ea62efd1f 100644 --- a/docs/conf/filter.conf.example +++ b/docs/conf/filter.conf.example @@ -1,4 +1,4 @@ -# Configuration file for m_filter.so +# Configuration file for the filter module # The tags for this module are formatted as follows: # @@ -6,7 +6,7 @@ # reason="reason for filtering" # action="action to take" # flags="filter flags" -# duration="optional length of gline"> +# duration="optional length of gline"> # # Valid actions for 'action' are: # @@ -40,21 +40,26 @@ # c: Strip color codes from text before trying to match # *: Represents all of the above flags # -: Does nothing, a no-op for when you do not want to specify any flags -# -# IMPORTANT NOTE: Because the InspIRCd config reader places special meaning on the -# '\' character, you must use '\\' if you wish to specify a '\' character in a regular -# expression. For example, to indicate numbers, use \\d and not \d. This does not -# apply when adding a regular expression over irc with the /FILTER command. -# Example filters for m_filter: +# Example filters: # # <keyword pattern="*qwerty*" reason="You qwertied!" action="block" flags="pn"> # <keyword pattern="*killmenow*" reason="As you request." action="kill" flags="*"> # <keyword pattern="*blah*" reason="Dont blah!" action="gline" duration="1d6h" flags="-"> -# An example regexp filter for m_filter_pcre: +# An example regexp filter: # # <keyword pattern="^blah.*?$" reason="Dont blah!" action="gline" duration="1d6h" flags="pnPq"> -# An example of excluding a channel from filtering: -# <exemptfromfilter channel="#help"> +# You may specify specific channels that are exempt from being filtered: +#<exemptfromfilter target="#opers"> +#<exemptfromfilter target="#help"> + +# You can also exempt messages from being filtered if they are sent to +# specific nicks. +# Example that exempts all messages sent *to* NickServ: +#<exemptfromfilter target="NickServ"> + +# Note that messages *from* services are never subject to filtering; +# <exemptfromfilter> tags are only for exempting messages sent *to* the +# configured targets. diff --git a/docs/conf/helpop-full.conf.example b/docs/conf/helpop-full.conf.example index 959f2249d..c33b80fd7 100644 --- a/docs/conf/helpop-full.conf.example +++ b/docs/conf/helpop-full.conf.example @@ -30,20 +30,18 @@ you searched for. Please try again."> ------------- PRIVMSG NOTICE NICK JOIN PART -CYCLE KNOCK MODE DEVOICE TOPIC +CYCLE KNOCK MODE OPER TOPIC KICK FPART REMOVE TBAN INVITE UNINVITE AWAY DCCALLOW SILENCE ACCEPT MKPASSWD VHOST TITLE SETNAME WHOIS WHOWAS ISON USERHOST WATCH -LIST NAMES WHO MOTD RULES +LIST NAMES WHO MOTD ADMIN MAP LINKS LUSERS TIME STATS VERSION INFO MODULES COMMANDS SSLINFO -USER PASS PING PONG QUIT - -OPER"> +USER PASS PING PONG QUIT"> <helpop key="sslinfo" value="/SSLINFO <nick> @@ -104,22 +102,21 @@ This command accepts multiple nicks like so: Authenticate for a vhost using the specified username and password."> -<helpop key="remove" value="/REMOVE <nick> <channel> [<reason>] +<helpop key="remove" value="/REMOVE <channel> <nick> [<reason>] Removes a user from a channel you specify. You must be at least a channel halfoperator to remove a user. A removed user will part with a message stating they were removed from the channel and by whom."> -<helpop key="fpart" value="/FPART <channel> <nick> [<reason>] +<helpop key="rmode" value="/RMODE [channel] [modeletter] {[pattern]} -This behaves identically to /REMOVE, the only difference is that the -<channel> and <nick> parameters are switched around to match /KICK's -syntax. Also, /REMOVE is a built-in mIRC command which caused trouble -for some users."> +Removes listmodes from a channel. +E.g. /RMODE #Chan b m:* will remove all mute extbans."> -<helpop key="devoice" value="/DEVOICE <channel> +<helpop key="fpart" value="/FPART <channel> <nick> [<reason>] -Devoices yourself on the specified channel."> +This behaves identically to /REMOVE. /REMOVE is a built-in mIRC command +which caused trouble for some users."> <helpop key="silence" value="/SILENCE - Shows a list of silenced masks /SILENCE +<mask> [<flags>] - Add a mask @@ -150,10 +147,10 @@ everything from people with a host matching *.foo.net, you would do Sends a notice to a channel indicating you wish to join."> -<helpop key="user" value="/USER <ident> <local host> <remote host> :<GECOS> +<helpop key="user" value="/USER <ident> <local host> <remote host> :<real name> This command is used by your client to register your -IRC session, providing your ident and GECOS to the +IRC session, providing your ident and real name to the server. You should not use it during an established connection."> @@ -229,33 +226,47 @@ given in the command and either the channel is not +t, or you are at least a halfoperator, the channel topic will be changed to the new one you provide."> -<helpop key="who" value="/WHO <pattern> [afhilMmoprt] +<helpop key="who" value="/WHO <pattern> [<flags>][%[<fields>[,<querytype>]]] <pattern> -Looks up the information of users matching the range you provide. +Looks up information about users matching the provided pattern. You can specify +a flag specific pattern, a channel name, user hostname, a user server name, a +user real name, or a user nickname. Matching users will only be included in the +WHO response if: -You may only /WHO nicknames in channels or on servers where you -share a common channel with them, or ones which are not +i (unless -you are a server operator). The search pattern may be a special -sequence of characters determined by the flags given below, or -it may be one of a nickname, a channel, a hostmask, an IP address -mask or a server mask. + 1) The specified pattern is an exact channel name that does not have the + private or secret channel modes set and the user does not have the invisible + user mode set. + 2) The specified pattern is an exact nickname. + 3) You share one or more common channels with the user. + 4) The user does not have the invisible user mode set. + 5) You are a server operator with the users/auspex privilege. + +If you specify any fields the response returned will be a WHOX response rather +than a RFC 1459 WHO response. Valid WHO Flags --------------- The following flags use <pattern> to match against the specified user data: - a Show users who have an away message matching <pattern>. - i Show users who have an ident (username) matching <pattern>. - M Show users who have metadata attached to them with a key name matching - <pattern> (server operators only). + A Show users who have an away message matching <pattern>. + a Show users who have an account name matching <pattern>. + h Show users who have a hostname matching <pattern>. If the 'x' modifier + is specified then this will match against the real hostname instead of + the display hostname. + i Show users who have an IP address matching <pattern>. m Show users who have the modes listed in <pattern>. The pattern should be in the same format as a mode change e.g. +ow-i (server operators only). + n Show users who have a nickname matching <pattern>. p Show users who are connected to a port in the <pattern> range (server operators only). r Show users who have a real name matching <pattern>. + s Show users who are on a server with a name matching <pattern>. If the 'x' + modifier is specified then this will match against the real server name + instead of the masked server name. t Show users who have connected in the last <pattern> seconds. + u Show users who have an ident (username) matching <pattern>. The following flags filter users by their status: @@ -265,11 +276,34 @@ The following flags filter users by their status: The following flags modify the command output: - h Show real hostnames rather than display hostnames (server operators - only). + x Show sensitive data like real user hostnames and, when hideserver is + enabled, real server hostnames. You may combine one flag from the first group and multiple from the others in -one WHO command."> +one WHO command. + +Valid WHO Fields +---------------- + + a Include the user's account name in the response. + c Include the first common channel name in the response. + d Include the user's server distance from you in the response. + f Include the user's away status, oper status, and highest channel prefix + in the response. + h Include the user's hostname in the response. If the 'x' flag was + specified then this is the real host rather than the display host. + i Include the user's IP address in the response. + l Include the user's idle time in the response. + n Include the user's nickname in the response. + o Include the user's channel operator rank level in the response. + r Include the user's real name in the response. + s Include the user's server name in the response. If the 'x' flag was + specified then this is the real server name rather than the masked server + name. + t Include the query type in the response. + u Include the user's ident in the response. + +"> <helpop key="motd" value="/MOTD [<server>] @@ -277,11 +311,6 @@ Show the message of the day for <server>. Messages of the day often contain important server rules and notices and should be read prior to using a server."> -<helpop key="rules" value="/RULES - -Show the rules file for the local server. This is similar in effect to -except that these are not sent automatically on connect."> - <helpop key="oper" value="/OPER <login> <password> Attempts to authenticate a user as an IRC operator. @@ -392,12 +421,12 @@ SAJOIN SAPART SAMODE SATOPIC SAKICK KILL SAQUIT GLINE ZLINE QLINE KLINE RLINE ELINE CBAN SHUN -FILTER OJOIN +FILTER OJOIN CLEARCHAN CONNECT SQUIT RCONNECT RSQUIT DIE RESTART REHASH -CLEARCACHE LOADMODULE UNLOADMODULE + LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE CLOSE JUMPSERVER LOCKSERV UNLOCKSERV"> @@ -413,7 +442,7 @@ and the percentage of clients matched, plus how they were matched (by IP address or by hostname). Mask should be given as either a nick!user@host or user@IP (wildcards acceptable)."> -<helpop key="lockserv" value="/LOCKSERV +<helpop key="lockserv" value="/LOCKSERV :[<message>] Locks out all new connections notifying connecting users that the service is temporarily closed and to try again later."> @@ -443,11 +472,11 @@ reason parameter is optional, and if not provided defaults to 'Please use this server/port instead' (the default given in various numeric lists)"> -<helpop key="filter" value="/FILTER <filter-definition> [<action> <flags> [<gline-duration>] :<reason>] +<helpop key="filter" value="/FILTER <filter-definition> [<action> <flags> [<duration>] :<reason>] This command will add a filter when more than one parameter is given, for messages of the types specified by the flags, with the given -filter definition, action, gline duration (when the action is 'gline') +filter definition, action, duration (when the action is 'gline' or 'shun'), and reason. The filter will take effect when a message of any type specified by @@ -463,6 +492,7 @@ Block Blocks message and informs +s IRCops of the blocked message Silent Blocks message, but does not notify IRCops Kill Kills the user Gline Glines the user for the specified duration +Shun Shuns the user for the specified duration (requires the shun module) Valid FILTER Flags ------------------ @@ -539,13 +569,14 @@ The duration may be specified in seconds, or in the format 1y2w3d4h5m6s - meaning one year, two weeks, three days, 4 hours, 5 minutes and 6 seconds. All fields in this format are optional."> -<helpop key="sajoin" value="/SAJOIN <nick> <channel> +<helpop key="sajoin" value="/SAJOIN [<nick>] <channel>[,<channel>] -Forces the user to join the channel."> +Forces the user to join the channel(s). +If no nick is given, it joins the oper doing the /SAJOIN."> -<helpop key="sapart" value="/SAPART <nick> <channel> +<helpop key="sapart" value="/SAPART <nick> <channel>[,<channel>] -Forces the user to part the channel."> +Forces the user to part the channel(s)."> <helpop key="samode" value="/SAMODE <target> (+|-)<modes> [<parameters for modes>] @@ -623,17 +654,15 @@ The duration may be specified in seconds, or in the format 1y2w3d4h5m6s - meaning one year, two weeks, three days, 4 hours, 5 minutes and 6 seconds. All fields in this format are optional."> -<helpop key="die" value="/DIE <password> +<helpop key="die" value="/DIE <server> This command shuts down the local server. A single parameter is -required, which must match the password in the configuration for the -command to function."> +required, which must match the name of the local server."> -<helpop key="restart" value="/RESTART <password> +<helpop key="restart" value="/RESTART <server> This command restarts the local server. A single parameter is -required, which must match the password in the configuration for the -command to function."> +required, which must match the name of the local server."> <helpop key="commands" value="/COMMANDS @@ -664,33 +693,29 @@ Disconnects the server matching the given server mask from this server."> Lists currently loaded modules, their memory offsets, version numbers, and flags. If you are not an operator, you will see reduced detail."> -<helpop key="loadmodule" value="/LOADMODULE <filename.so> +<helpop key="loadmodule" value="/LOADMODULE <modname> Loads the specified module into the local server."> -<helpop key="unloadmodule" value="/UNLOADMODULE <filename.so> +<helpop key="unloadmodule" value="/UNLOADMODULE <modname> -Unloads a module from the local server. The module cannot have the -static flag set (see the output of /MODULES)."> +Unloads a module from the local server."> -<helpop key="reloadmodule" value="/RELOADMODULE <filename.so> +<helpop key="reloadmodule" value="/RELOADMODULE <modname> -Unloads and reloads a module on the local server. This module cannot -have the static flag set (see the output of /MODULES)."> +Unloads and reloads a module on the local server."> -<helpop key="gloadmodule" value="/GLOADMODULE <filename.so> +<helpop key="gloadmodule" value="/GLOADMODULE <modname> Loads the specified module on all linked servers."> -<helpop key="gunloadmodule" value="/GUNLOADMODULE <filename.so> +<helpop key="gunloadmodule" value="/GUNLOADMODULE <modname> -Unloads a module from all linked servers. The module cannot have the -static flag set (see the output of /MODULES)."> +Unloads a module from all linked servers."> -<helpop key="greloadmodule" value="/GRELOADMODULE <filename.so> +<helpop key="greloadmodule" value="/GRELOADMODULE <modname> -Unloads and reloads a module on all linked servers. This module cannot -have the static flag set (see the output of /MODULES)."> +Unloads and reloads a module on all linked servers."> <helpop key="kline" value="/KLINE <user@host> [<duration> :<reason>] @@ -753,7 +778,7 @@ Sends a message to all +w users."> <helpop key="rline" value="/RLINE <regex> [<duration> :<reason>] -Sets or removes an r-line (regex line) on a n!u@h\sgecos mask. You +Sets or removes an r-line (regex line) on a n!u@h\srealname mask. You must specify all three parameters to add an rline, and one parameter to remove an rline (just the regex). @@ -761,14 +786,20 @@ The duration may be specified in seconds, or in the format 1y2w3d4h5m6s - meaning one year, two weeks, three days, 4 hours, 5 minutes and 6 seconds. All fields in this format are optional."> -<helpop key="clearcache" value="/CLEARCACHE - -This command clears the DNS cache of the local server."> - <helpop key="close" value="/CLOSE Closes all unregistered connections to the local server."> +<helpop key="clearchan" value="/CLEARCHAN <channel> [<KILL|KICK|G|Z>] [<reason>] + +Quits or kicks all non-opers from a channel, optionally G/Z-Lines them. +Useful for quickly nuking bot channels. + +The default method, KILL, simply disconnects the victims from the server, +while methods G and Z also add G/Z-Lines for all the targets. + +When used, the victims won't see each other getting kicked or quitting."> + <helpop key="modenotice" value="/MODENOTICE <modeletters> <message> Sends a notice to all users who have the given mode(s) set. @@ -809,6 +840,8 @@ using their cloak when they quit."> (requires the services account module). w Receives wallops messages. x Gives a cloaked hostname (requires the cloaking module). + z Only allow private messages from SSL users (requires the + sslmode module). B Marks as a bot (requires the botmode module). G Censors messages sent to the user based on filters configured for the network (requires the censor module). @@ -897,6 +930,9 @@ using their cloak when they quit."> noctcp module). D Delays join messages from users until they message the channel (requires the delayjoin module). + E [~*][lines]:[sec]{[:difference]}{[:backlog]} Allows blocking of similar messages. + Kicks as default, blocks with ~ and bans with * + The last two parameters are optional. F <changes>:<sec> Blocks nick changes when they equal or exceed the specified rate (requires the nickflood module). G Censors messages to the channel based on the @@ -1011,8 +1047,10 @@ Note that all /STATS use is broadcast to online IRC operators."> A Allows receipt of remote announcement messages. c Allows receipt of local connect messages. C Allows receipt of remote connect messages. - d Allows receipt of general (and sometimes random) debug messages. - f Allows receipt of flooding notices. + d Allows receipt of local DNSBL messages (requires the dnsbl module). + D Allows receipt of remote DNSBL messages (requires the dnsbl module). + f Allows receipt of local filter messages (requires the filter module). + F Allows receipt of remote filter messages (requires the filter module). g Allows receipt of globops (requires the globops module). j Allows receipt of channel creation notices (requires the chancreate module). J Allows receipt of remote channel creation notices (requires the chancreate module). @@ -1055,7 +1093,9 @@ Matching extbans: j:<channel> Matches anyone in the given channel. Does not support wildcards (requires the channelban module). - r:<realname> Matches users with a matching realname (requires the + n:<class> Matches users in a matching connect class (requires the + classban module). + r:<realname> Matches users with a matching real name (requires the gecosban module). s:<server> Matches users on a matching server (requires the serverban module). diff --git a/docs/conf/helpop.conf.example b/docs/conf/helpop.conf.example index bdd3c4605..89c2716a6 100644 --- a/docs/conf/helpop.conf.example +++ b/docs/conf/helpop.conf.example @@ -1,4 +1,4 @@ -# Sample configuration file for m_helpop.so +# Sample configuration file for the helpop module. # You can either copy this into your conf folder and set up the module to use it, # or you can customize the responses for your network and/or add more. # @@ -31,20 +31,18 @@ you searched for. Please try again."> ------------- PRIVMSG NOTICE NICK JOIN PART -CYCLE KNOCK MODE DEVOICE TOPIC +CYCLE KNOCK MODE OPER TOPIC KICK FPART REMOVE TBAN INVITE UNINVITE AWAY DCCALLOW SILENCE ACCEPT MKPASSWD VHOST TITLE SETNAME WHOIS WHOWAS ISON USERHOST WATCH -LIST NAMES WHO MOTD RULES +LIST NAMES WHO MOTD ADMIN MAP LINKS LUSERS TIME STATS VERSION INFO MODULES COMMANDS SSLINFO -USER PASS PING PONG QUIT - -OPER"> +USER PASS PING PONG QUIT"> <helpop key="coper" value="Oper Commands ------------- @@ -62,12 +60,12 @@ SAJOIN SAPART SAMODE SATOPIC SAKICK KILL SAQUIT GLINE ZLINE QLINE KLINE RLINE ELINE CBAN SHUN -FILTER +FILTER CLEARCHAN CONNECT SQUIT RCONNECT RSQUIT DIE RESTART REHASH -CLEARCACHE LOADMODULE UNLOADMODULE + LOADMODULE UNLOADMODULE RELOADMODULE GLOADMODULE GUNLOADMODULE GRELOADMODULE CLOSE JUMPSERVER LOCKSERV UNLOCKSERV"> @@ -96,6 +94,8 @@ LOCKSERV UNLOCKSERV"> (requires the services account module). w Receives wallops messages. x Gives a cloaked hostname (requires the cloaking module). + z Only allow private messages from SSL users (requires the + sslmode module). B Marks as a bot (requires the botmode module). G Censors messages sent to the user based on filters configured for the network (requires the censor module). @@ -184,6 +184,10 @@ LOCKSERV UNLOCKSERV"> noctcp module). D Delays join messages from users until they message the channel (requires the delayjoin module). + E [~*][lines]:[sec]{[:difference]}{[:backlog]} Allows blocking of similar messages. + Kicks as default, blocks with ~ and bans with * + The last two parameters are optional. + F <changes>:<sec> Blocks nick changes when they equal or exceed the specified rate (requires the nickflood module). G Censors messages to the channel based on the @@ -233,8 +237,10 @@ help channel if you have any questions."> A Allows receipt of remote announcement messages. c Allows receipt of local connect messages. C Allows receipt of remote connect messages. - d Allows receipt of general (and sometimes random) debug messages. - f Allows receipt of flooding notices. + d Allows receipt of local DNSBL messages (requires the dnsbl module). + D Allows receipt of remote DNSBL messages (requires the dnsbl module). + f Allows receipt of local filter messages (requires the filter module). + F Allows receipt of remote filter messages (requires the filter module). g Allows receipt of globops (requires the globops module). j Allows receipt of channel creation notices (requires the chancreate module). J Allows receipt of remote channel creation notices (requires the chancreate module). @@ -273,7 +279,9 @@ Matching extbans: j:<channel> Matches anyone in the given channel. Does not support wildcards (requires the channelban module). - r:<realname> Matches users with a matching realname (requires the + n:<class> Matches users in a matching connect class (requires + the classban module). + r:<realname> Matches users with a matching real name (requires the gecosban module). s:<server> Matches users on a matching server (requires the serverban module). diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example index d54cdc916..9f4581fb3 100644 --- a/docs/conf/inspircd.conf.example +++ b/docs/conf/inspircd.conf.example @@ -34,6 +34,15 @@ # # ######################################################################## +#-#-#-#-#-#-#-#-#-# CONFIGURATION FORMAT #-#-#-#-#-#-#-#-#-#-#-#-#-#- +# # +# In order to maintain compatibility with older configuration files, # +# you can change the configuration parser to parse as it did in # +# previous releases. When using the "compat" format, you need to use # +# C++ escape sequences (e.g. \n) instead of XML ones (e.g. &nl;) and # +# can not use <define> to create macros. # +#<config format="compat"> + #-#-#-#-#-#-#-#-#-# INCLUDE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#-# # # # This optional tag allows you to include another config file # @@ -65,11 +74,6 @@ # # # Variables may be redefined and may reference other variables. # # Value expansion happens at the time the tag is read. # -# # -# Using variable definitions REQUIRES that the config format be # -# changed to "xml" from the default "compat" that uses escape # -# sequences such as "\"" and "\n", and does not support <define> # -<config format="xml"> <define name="bindip" value="1.2.2.3"> <define name="localips" value="&bindip;/24"> @@ -93,8 +97,7 @@ #id="97K" # network: Network name given on connect to clients. - # Should be the same on all servers on the network and - # not contain spaces. + # Should be the same on all servers on the network. network="Omega"> @@ -128,7 +131,7 @@ # |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) # # # # If you want to link servers to InspIRCd you must load the # -# m_spanningtree.so module! Please see the modules list for # +# spanningtree module! Please see the modules list for # # information on how to load this module! If you do not load this # # module, server ports will NOT work! # @@ -148,58 +151,59 @@ # to this bind section. type="clients" - # ssl: If you want the port(s) in this bind tag to use SSL, set this - # to either "gnutls" or "openssl". The appropriate SSL module must be - # loaded for SSL to work. If you do not want the port(s) in this bind - # tag to support SSL, just remove or comment out this option. + # ssl: If you want the port(s) in this bind tag to use SSL, set this to + # the name of a custom <sslprofile> tag that you have defined or one + # of "openssl", "gnutls", "mbedtls" if you have not defined any. See the + # wiki page for the SSL module you are using for more details. + # + # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls + # for GnuTLS and ssl_mbedtls for mbedTLS. ssl="gnutls" + + # defer: When this is non-zero, connections will not be handed over to + # the daemon from the operating system before data is ready. + # In Linux, the value indicates the time period we'll wait for a + # connection to come up with data. Don't set it too low! + # In BSD the value is ignored; only zero and non-zero is possible. + # Windows ignores this parameter completely. + # Note: This does not take effect on rehash. + # To change it on a running bind, you'll have to comment it out, + # rehash, comment it in and rehash again. + defer="0" + + # free: When this is enabled the listener will be created regardless of + # whether the interface that provides the bind address is available. This + # is useful for if you are starting InspIRCd on boot when the server may + # not have brought the network interfaces up yet. + free="no" > <bind address="" port="6660-6669" type="clients"> -# When linking servers, the OpenSSL and GnuTLS implementations are completely -# link-compatible and can be used alongside each other -# on each end of the link without any significant issues. -# Supported SSL types are: "openssl" and "gnutls". -# You must load m_ssl_openssl for OpenSSL or m_ssl_gnutls for GnuTLS. - -<bind address="" port="7000,7001" type="servers"> -<bind address="1.2.3.4" port="7005" type="servers" ssl="openssl"> - - -#-#-#-#-#-#-#-#-#-#- DIE/RESTART CONFIGURATION -#-#-#-#-#-#-#-#-#-#- -# # -# You can configure the passwords here which you wish to use for # -# the /DIE and /RESTART commands. Only trusted ircops who will # -# need this ability should know the die and restart password. # -# # +# Listener accepting HTML5 WebSocket connections. +# Requires the websocket module and SHA-1 hashing support (provided by the sha1 +# module). +#<bind address="" port="7002" type="clients" hook="websocket"> -<power - # hash: what hash these passwords are hashed with. - # Requires the module for selected hash (m_md5.so, m_sha256.so - # or m_ripemd160.so) be loaded and the password hashing module - # (m_password_hash.so) loaded. - # Options here are: "md5", "sha256" and "ripemd160", or one of - # these prefixed with "hmac-", e.g.: "hmac-sha256". - # Optional, but recommended. Create hashed passwords with: - # /mkpasswd <hash> <password> - #hash="sha256" +# EXPERIMENTAL: Listener that binds on a UNIX endpoint instead of a TCP/IP endpoint: +#<bind path="/tmp/inspircd.sock" type="clients"> - # diepass: Password for opers to use if they need to shutdown (die) - # a server. - # - # IMPORTANT: leaving this field empty does not disable the use of - # the DIE command. In order to prevent the use of this command you - # should remove it from the command privileges of your opers. - diepass="" +# You can define a custom <sslprofile> tag which defines the SSL configuration +# for this listener. See the wiki page for the SSL module you are using for +# more details. +# +# Alternatively, you can use one of the default SSL profiles which are created +# when you have not defined any: +# "openssl" (requires the ssl_openssl module) +# "gnutls" (requires the ssl_gnutls module) +# "mbedtls" (requires the ssl_mbedtls module) +# +# When linking servers, the OpenSSL, GnuTLS, and mbedTLS implementations are +# completely link-compatible and can be used alongside each other on each end +# of the link without any significant issues. - # restartpass: Password for opers to use if they need to restart - # a server. - # - # IMPORTANT: leaving this field empty does not disable the use of - # the RESTART command. In order to prevent the use of this command - # you should remove it from the command privileges of your opers. - restartpass=""> +<bind address="" port="7000,7001" type="servers"> +<bind address="1.2.3.4" port="7005" type="servers" ssl="openssl"> #-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# @@ -245,23 +249,24 @@ # a CIDR range here. allow="203.0.113.*" - # hash: what hash this password is hashed with. requires the module - # for selected hash (m_md5.so, m_sha256.so or m_ripemd160.so) be - # loaded and the password hashing module (m_password_hash.so) - # loaded. Options here are: "md5", "sha256" and "ripemd160". - # Optional, but recommended. Create hashed passwords with: - # /mkpasswd <hash> <password> - #hash="sha256" + # hash: the hash function this password is hashed with. Requires the + # module for the selected function (bcrypt, md5, sha1, or sha256) and + # the password hashing module (password_hash) to be loaded. + # + # You may also use any of the above other than bcrypt prefixed with + # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module). + # Create hashed passwords with: /mkpasswd <hash> <password> + #hash="bcrypt" # password: Password to use for this block/user(s) password="secret" # maxchans: Maximum number of channels a user in this class - # be in at one time. This overrides every other maxchans setting. - #maxchans="30" + # be in at one time. + maxchans="20" - # timeout: How long (in seconds) the server will wait before - # disconnecting a user if they do not do anything on connect. + # timeout: How long the server will wait before disconnecting + # a user if they do not do anything on connect. # (Note, this is a client-side thing, if the client does not # send /nick, /user or /pass) timeout="10" @@ -275,26 +280,34 @@ # maxconnwarn: Enable warnings when localmax or globalmax are reached (defaults to on) maxconnwarn="off" + # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users + # in this class. This can save a lot of resources on very busy servers. + resolvehostnames="yes" + # usednsbl: Defines whether or not users in this class are subject to DNSBL. Default is yes. - # This setting only has effect when m_dnsbl is loaded. + # This setting only has effect when the dnsbl module is loaded. #usednsbl="yes" # useident: Defines if users in this class MUST respond to a ident query or not. useident="no" + # webirc: Restricts usage of this class to the specified WebIRC gateway. + # This setting only has effect when the cgiirc module is loaded. + #webirc="name" + # limit: How many users are allowed in this class limit="5000" # modes: Usermodes that are set on users in this block on connect. - # Enabling this option requires that the m_conn_umodes module be loaded. + # Enabling this option requires that the conn_umodes module be loaded. # This entry is highly recommended to use for/with IP Cloaking/masking. - # For the example to work, this also requires that the m_cloaking + # For the example to work, this also requires that the "cloaking" # module be loaded as well. modes="+x" # requireident, requiressl, requireaccount: require that users of this # block have a valid ident response, use SSL, or have authenticated. - # Requires m_ident, m_sslinfo, or m_services_account respectively. + # Requires ident, sslinfo, or the services_account module, respectively. requiressl="on" # NOTE: For requireaccount, you must complete the signon prior to full # connection. Currently, this is only possible by using SASL @@ -303,19 +316,23 @@ # Alternate MOTD file for this connect class. The contents of this file are # specified using <files secretmotd="filename"> or <execfiles ...> + # + # NOTE: the following escape sequences for IRC formatting characters can be + # used in your MOTD: + # Bold: \b + # Color: \c<fg>[,<bg>] + # Italic: \i + # Monospace: \m (not widely supported) + # Reset: \x + # Strikethrough: \s (not widely supported) + # Underline: \u + # See https://defs.ircdocs.horse/info/formatting.html for more information + # on client support for formatting characters. motd="secretmotd" - # Allow color codes to be processed in the message of the day file. - # the following characters are valid color code escapes: - # \002 or \b = Bold - # \037 or \u = Underline - # \003 or \c = Color (with a code postfixed to this char) - # \017 or \x = Stop all color sequences - allowmotdcolors="false" - - # port: What port this user is allowed to connect on. (optional) - # The port MUST be set to listen in the bind blocks above. - port="6697"> + # port: What port range this user is allowed to connect on. (optional) + # The ports MUST be set to listen in the bind blocks above. + port="6697,9999"> <connect # name: Name to use for this connect block. Mainly used for @@ -328,17 +345,17 @@ allow="*" # maxchans: Maximum number of channels a user in this class - # be in at one time. This overrides every other maxchans setting. - #maxchans="30" + # be in at one time. + maxchans="20" - # timeout: How long (in seconds) the server will wait before - # disconnecting a user if they do not do anything on connect. + # timeout: How long the server will wait before disconnecting + # a user if they do not do anything on connect. # (Note, this is a client-side thing, if the client does not # send /nick, /user or /pass) timeout="10" - # pingfreq: How often (in seconds) the server tries to ping connecting clients. - pingfreq="120" + # pingfreq: How often the server tries to ping connecting clients. + pingfreq="2m" # hardsendq: maximum amount of data allowed in a client's send queue # before they are dropped. Keep this value higher than the length of @@ -384,6 +401,10 @@ # globalmax: Maximum global (network-wide) connections per IP. globalmax="3" + # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users + # in this class. This can save a lot of resources on very busy servers. + resolvehostnames="yes" + # useident: Defines if users in this class must respond to a ident query or not. useident="no" @@ -391,9 +412,9 @@ limit="5000" # modes: Usermodes that are set on users in this block on connect. - # Enabling this option requires that the m_conn_umodes module be loaded. + # Enabling this option requires that the conn_umodes module be loaded. # This entry is highly recommended to use for/with IP Cloaking/masking. - # For the example to work, this also requires that the m_cloaking + # For the example to work, this also requires that the cloaking # module be loaded as well. modes="+x"> @@ -425,11 +446,11 @@ # This file has all the information about oper classes, types and o:lines. # You *MUST* edit it. -<include file="conf/examples/opers.conf.example"> +<include file="examples/opers.conf.example"> # This file has all the information about server links and ulined servers. # You *MUST* edit it if you intend to link servers. -<include file="conf/examples/links.conf.example"> +<include file="examples/links.conf.example"> #-#-#-#-#-#-#-#-#-#- MISCELLANEOUS CONFIGURATION -#-#-#-#-#-#-#-#-#-# # # @@ -437,23 +458,12 @@ # Files block - contains files whose contents are used by the ircd # # motd - displayed on connect and when a user executes /MOTD -# rules - displayed when the user executes /RULES # Modules can also define their own files -<files motd="conf/examples/motd.txt.example" rules="conf/examples/rules.txt.example"> +<files motd="examples/motd.txt.example"> # Example of an executable file include. Note this will be read on rehash, # not when the command is run. -#<execfiles rules="wget -O - https://www.example.com/rules.txt"> - -#-#-#-#-#-#-#-#-#-#-#-# MAXIMUM CHANNELS -#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# # - -<channels - # users: Maximum number of channels a user can be in at once. - users="20" - - # opers: Maximum number of channels an oper can be in at once. - opers="60"> +#<execfiles motd="wget -O - https://www.example.com/motd.txt"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-# DNS SERVER -#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # If these values are not defined, InspIRCd uses the default DNS resolver @@ -469,7 +479,7 @@ # # server="127.0.0.1" - # timeout: seconds to wait to try to resolve DNS/hostname. + # timeout: time to wait to try to resolve DNS/hostname. timeout="5"> # An example of using an IPv6 nameserver @@ -494,11 +504,11 @@ # matches the channels name applies the banlimit to that channel. # # It is advisable to put an entry with the channel as '*' at the # # bottom of the list. If none are specified or no maxbans tag is # -# matched, the banlist size defaults to 64 entries. # +# matched, the banlist size defaults to 100 entries. # # # -<banlist chan="#largechan" limit="128"> -<banlist chan="*" limit="69"> +<banlist chan="#largechan" limit="200"> +<banlist chan="*" limit="100"> #-#-#-#-#-#-#-#-#-#-#- DISABLED FEATURES -#-#-#-#-#-#-#-#-#-#-#-#-#-# # # @@ -564,21 +574,19 @@ # the correct parameters are. syntaxhints="no" - # cyclehosts: If enabled, when a user gets a host set, it will cycle - # them in all their channels. If not, it will simply change their host - # without cycling them. - cyclehosts="yes" + # casemapping: This sets the case mapping method to be used by the + # server. This MUST be the same on all servers. Possible values are: + # "ascii" (recommended) + # "rfc1459" (default, required for linking to 2.0 servers) + # NOTE: if you are using the nationalchars module this setting will be + # ignored. You should use <nationalchars:casemapping> instead. + casemapping="ascii" # cyclehostsfromuser: If enabled, the source of the mode change for # cyclehosts will be the user who cycled. This can look nicer, but # triggers anti-takeover mechanisms of some obsolete bots. cyclehostsfromuser="no" - # ircumsgprefix: Use undernet-style message prefixing for NOTICE and - # PRIVMSG. If enabled, it will add users' prefix to the line, if not, - # it will just message the user normally. - ircumsgprefix="no" - # announcets: If set to yes, when the timestamp on a channel changes, all users # in the channel will be sent a NOTICE about it. announcets="yes" @@ -597,21 +605,33 @@ # in the topic. If set to no, it will only show the nick of the topic setter. hostintopic="yes" - # pingwarning: If a server does not respond to a ping within x seconds, + # pingwarning: If a server does not respond to a ping within this period, # it will send a notice to opers with snomask +l informing that the server # is about to ping timeout. pingwarning="15" - # serverpingfreq: How often pings are sent between servers (in seconds). - serverpingfreq="60" + # serverpingfreq: How often pings are sent between servers. + serverpingfreq="1m" + + # splitwhois: Whether to split private/secret channels from normal channels + # in WHOIS responses. Possible values for this are: + # 'no' - list all channels together in the WHOIS response regardless of type. + # 'split' - split private/secret channels to a separate WHOIS response numeric. + # 'splitmsg' - the same as split but also send a message explaining the split. + splitwhois="no" # defaultmodes: What modes are set on a empty channel when a user # joins it and it is unregistered. - defaultmodes="nt" + defaultmodes="not" - # moronbanner: This is the text that is sent to a user when they are + # xlinemessage: This is the text that is sent to a user when they are # banned from the server. - moronbanner="You're banned! Email abuse@example.com with the ERROR line below for help." + xlinemessage="You're banned! Email irc@example.com with the ERROR line below for help." + + # allowzerolimit: If enabled then allow a limit of 0 to be set on channels. + # This is non-standard behaviour and should only be enabled if you need to + # link with servers running 2.0. Defaults to yes. + allowzerolimit="no" # exemptchanops: Allows users with with a status mode to be exempt # from various channel restrictions. Possible restrictions are: @@ -652,12 +672,7 @@ # nosnoticestack: This prevents snotices from 'stacking' and giving you # the message saying '(last message repeated X times)'. Defaults to no. - nosnoticestack="no" - - # welcomenotice: When turned on, this sends a NOTICE to connecting users - # with the text Welcome to <networkname>! after successful registration. - # Defaults to yes. - welcomenotice="yes"> + nosnoticestack="no"> #-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-# @@ -672,33 +687,37 @@ # in the accept queue. This is *NOT* the total maximum number of # connections per server. Some systems may only allow this to be up # to 5, while others (such as Linux and *BSD) default to 128. + # Setting this above the limit imposed by your OS can have undesired + # effects. somaxconn="128" - # limitsomaxconn: By default, somaxconn (see above) is limited to a - # safe maximum value in the 2.0 branch for compatibility reasons. - # This setting can be used to disable this limit, forcing InspIRCd - # to use the value specified above. - limitsomaxconn="true" - # softlimit: This optional feature allows a defined softlimit for # connections. If defined, it sets a soft max connections value. softlimit="12800" + # clonesonconnect: If this is set to false, we won't check for clones + # on initial connection, but only after the DNS check is done. + # This can be useful where your main class is more restrictive + # than some other class a user can be assigned after DNS lookup is complete. + # Turning this option off will make the server spend more time on users we may + # potentially not want. Normally this should be neglible, though. + # Default value is true + clonesonconnect="true" + # quietbursts: When syncing or splitting from a network, a server # can generate a lot of connect and quit messages to opers with # +C and +Q snomasks. Setting this to yes squelches those messages, # which makes it easier for opers, but degrades the functionality of # bots like BOPM during netsplits. - quietbursts="yes" - - # nouserdns: If enabled, no DNS lookups will be performed on - # connecting users. This can save a lot of resources on very busy servers. - nouserdns="no"> + quietbursts="yes"> #-#-#-#-#-#-#-#-#-#-#-# SECURITY CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-# # # <security + # allowcoreunload: If this value is set to yes, Opers will be able to + # unload core modules (e.g. core_privmsg). + allowcoreunload="no" # announceinvites: This option controls which members of the channel # receive an announcement when someone is INVITEd. Available values: @@ -709,11 +728,6 @@ # higher ranked users. This is the recommended setting. announceinvites="dynamic" - # hidemodes: If enabled, then the listmodes given will be hidden - # from users below halfop. This is not recommended to be set on +b - # as it may break some functionality in popular clients such as mIRC. - hidemodes="eI" - # hideulines: If this value is set to yes, U-lined servers will # be hidden from non-opers in /links and /map. hideulines="no" @@ -722,13 +736,13 @@ # be flattened when shown to non-opers. flatlinks="no" - # hidewhois: When defined, the given text will be used in place - # of the server a user is on when whoised by a non-oper. Most - # networks will want to set this to something like "*.netname.net" - # to conceal the actual server a user is on. - # Note that enabling this will cause users' idle times to only be - # shown when the format /WHOIS <nick> <nick> is used. - hidewhois="" + # hideserver: When defined, the given text will be used in place + # of the server name in public messages. As with <server:name> this + # does not need to resolve but does need to be a valid hostname. + # + # NOTE: enabling this will cause users' idle times to only be shown + # when a remote whois (/WHOIS <nick> <nick>) is used. + #hideserver="*.example.com" # hidebans: If this value is set to yes, when a user is banned ([gkz]lined) # only opers will see the ban message when the user is removed @@ -750,16 +764,10 @@ # (Commands like /notice, /privmsg, /kick, etc) maxtargets="20" - # customversion: Displays a custom string when a user /version's - # the ircd. This may be set for security reasons or vanity reasons. + # customversion: A custom message to be displayed in the comments field + # of the VERSION command response. This does not hide the InspIRCd version. customversion="" - # operspywhois: show opers (users/auspex) the +s and +p channels a user is in. Values: - # splitmsg Split secret/private from public channels with an explanatory message - # yes Show secret/private channels - # no Do not show secret/private channels - operspywhois="no" - # runasuser: If this is set, InspIRCd will attempt to switch # to run as this user, which allows binding of ports under 1024. # You should NOT set this unless you are starting as root. @@ -774,7 +782,8 @@ # restrictbannedusers: If this is set to yes, InspIRCd will not allow users # banned on a channel to change nickname or message channels they are - # banned on. + # banned on. This can also be set to silent to restrict the user but not + # notify them. restrictbannedusers="yes" # genericoper: Setting this value to yes makes all opers on this server @@ -804,7 +813,7 @@ <limits # maxnick: Maximum length of a nickname. - maxnick="31" + maxnick="30" # maxchan: Maximum length of a channel name. maxchan="64" @@ -813,7 +822,10 @@ maxmodes="20" # maxident: Maximum length of a ident/username. - maxident="11" + maxident="10" + + # maxhost: Maximum length of a hostname. + maxhost="64" # maxquit: Maximum length of a quit message. maxquit="255" @@ -824,12 +836,20 @@ # maxkick: Maximum length of a kick message. maxkick="255" - # maxgecos: Maximum length of a GECOS (realname). - maxgecos="128" + # maxreal: Maximum length of a real name. + maxreal="128" # maxaway: Maximum length of an away message. maxaway="200"> +#-#-#-#-#-#-#-#-#-#-#-#-# PATHS CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-# +# # +# This configuration tag defines the location that InspIRCd stores # +# various types of files such as configuration files, log files and # +# modules. You will probably not need to change these from the values # +# set when InspIRCd was built unless you are using a binary package # +# where you do not have the ability to set build time configuration. # +#<path configdir="conf" datadir="data" logdir="logs" moduledir="modules"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Logging @@ -839,7 +859,7 @@ # the behaviour of the logging of the IRCd. # # An example log tag would be: -# <log method="file" type="OPER" level="default" target="logs/opers.log"> +# <log method="file" type="OPER" level="default" target="opers.log"> # which would log all information on /oper (failed and successful) to # a file called opers.log. # @@ -848,8 +868,7 @@ # - USERS - information relating to user connection and disconnection # - OPER - succesful and failed oper attempts # - KILL - kill related messages -# - snomask - server notices (*all* snomasks will be logged) -# - FILTER - messages related to filter matches (m_filter) +# - FILTER - messages related to filter matches (filter module) # - CONFIG - configuration related messages # - COMMAND - die and restart messages, and messages related to unknown user types # - SOCKET - socket engine informational/error messages @@ -873,10 +892,15 @@ # - USERINPUT # - USEROUTPUT # +# If your server is producing a high levels of log messages you can also set the +# flush="[positive number]" attribute to specify how many log messages should be +# buffered before flushing to disk. You should probably not specify this unless +# you are having problems. +# # The following log tag is highly default and uncustomised. It is recommended you # sort out your own log tags. This is just here so you get some output. -<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="logs/ircd.log"> +<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="ircd.log"> #-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-# # # @@ -919,11 +943,7 @@ nick="ChanServ" # reason: Reason to display on /nick. - reason="Reserved For Services"> - -<badnick nick="NickServ" reason="Reserved For Services"> -<badnick nick="OperServ" reason="Reserved For Services"> -<badnick nick="MemoServ" reason="Reserved For Services"> + reason="Reserved for a network service"> <badhost # host: ident@hostname to ban. @@ -994,23 +1014,22 @@ # provide almost all the features of InspIRCd. :) # # # # The default does nothing -- we include it for simplicity for you. # -<include file="conf/examples/modules.conf.example"> +<include file="examples/modules.conf.example"> -# Here are some pre-built modules.conf files that closely match the -# default configurations of some popular IRCd's. You still may want to -# look over them and make sure if everything is correct for you and setup -# the proper SSL information. +#-#-#-#-#-#-#-#-#-#-#-# SERVICES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-# +# # +# If you use services you will probably want to include one of the # +# following files which set up aliases, nick reservations and filter # +# exemptions for services pseudoclients: # # -# *NOTE*: These files have no comments for what the modules do. If you -# are interested in that, please read the modules.conf.example. It is also -# recommended that you make your own modules file based on modules.conf.example. - -# Settings similar to UnrealIRCd defaults. -#<include file="conf/examples/modules/unrealircd.conf.example"> - -# Settings similar to Charybdis IRCd defaults. -#<include file="conf/examples/modules/charybdis.conf.example"> - +# Anope users should uncomment this: +#<include file="examples/services/anope.conf.example"> +# +# Atheme users should uncomment this: +#<include file="examples/services/atheme.conf.example"> +# +# Users of other services should uncomment this: +#<include file="examples/services/generic.conf.example"> ######################################################################### # # diff --git a/docs/conf/links.conf.example b/docs/conf/links.conf.example index ba18c5325..e11c4fe32 100644 --- a/docs/conf/links.conf.example +++ b/docs/conf/links.conf.example @@ -10,7 +10,7 @@ # |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) # # # # If you want to link servers to InspIRCd you must load the # -# m_spanningtree.so module! # +# spanningtree module! # # # # # @@ -29,26 +29,28 @@ # allowmask: Range of IP addresses to allow for this link. # Can be a CIDR (see example). - allowmask="203.0.113.0/24" + allowmask="203.0.113.0/24 127.0.0.0/8 2001:db8::/32" # timeout: If defined, this option defines how long the server # will wait to consider the connect attempt failed and try the # failover (see above). - timeout="300" + timeout="5m" - # ssl: If defined, this states the SSL module that will be used when - # making an outbound connection to the server. Options are: "openssl" - # and "gnutls" (they are compatible with each other). + # ssl: If defined, this states the SSL profile that will be used when + # making an outbound connection to the server. Options are the name of an + # <sslprofile> tag that you have defined or one of "openssl", "gnutls", + # "mbedtls" if you have not defined any. See the wiki page for the SSL + # module you are using for more details. # - # You will need to load the m_ssl_openssl.so module for OpenSSL, - # m_ssl_gnutls.so for GnuTLS. The server port that you connect to - # must be capable of accepting this type of connection. + # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls + # for GnuTLS and ssl_mbedtls for mbedTLS. The server port that you + # connect to must be capable of accepting this type of connection. ssl="gnutls" # fingerprint: If defined, this option will force servers to be - # authenticated using SSL Fingerprints. See https://wiki.inspircd.org/SSL - # for more information. This will require an SSL link for both inbound - # and outbound connections. + # authenticated using SSL certificate fingerprints. See + # https://wiki.inspircd.org/SSL for more information. This will + # require an SSL link for both inbound and outbound connections. #fingerprint="" # bind: Local IP address to bind to. @@ -75,7 +77,7 @@ ipaddr="penguin.example.org" port="7000" allowmask="203.0.113.0/24" - timeout="300" + timeout="5m" ssl="gnutls" bind="1.2.3.4" statshidden="no" @@ -95,14 +97,14 @@ # Simple autoconnect block. This enables automatic connection of a server # Recommended setup is to have leaves connect to the hub, and have no # automatic connections started by the hub. -<autoconnect period="300" server="hub.example.org"> +<autoconnect period="10m" server="hub.example.org"> # Failover autoconnect block. If you have multiple hubs, or want your network # to automatically link even if the hub is down, you can specify multiple # space separated servers to autoconnect; they will be tried in a round # robin fashion until one succeeds. Period defines the time for restarting # a single loop. -<autoconnect period="120" +<autoconnect period="2m" server="hub.us.example.org hub.eu.example.org leaf.eu.example.org"> diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example index a538ea879..7823e2d30 100644 --- a/docs/conf/modules.conf.example +++ b/docs/conf/modules.conf.example @@ -10,7 +10,7 @@ # # # By default, ALL modules are commented out. You must uncomment them # # or add lines to your config to load modules. Please refer to # -# https://wiki.inspircd.org/2.0/Modules for a list of modules and # +# https://wiki.inspircd.org/3.0/Modules for a list of modules and # # each modules link for any additional conf tags they require. # # # # ____ _ _____ _ _ ____ _ _ _ # @@ -19,8 +19,8 @@ # | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| # # |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) # # # -# To link servers to InspIRCd, you MUST load the m_spanningtree # -# module. If you don't do this, server links will NOT work at all. # +# To link servers to InspIRCd, you MUST load the spanningtree module. # +# If you don't do this, server links will NOT work at all. # # This is by design, to allow for the implementation of other linking # # protocols in modules in the future. This module is at the bottom of # # this file. # @@ -31,38 +31,31 @@ # cryptographic uses and security. # # IMPORTANT: -# Other modules such as m_cloaking.so and m_password_hash.so may rely on +# Other modules such as cloaking and password_hash may rely on # this module being loaded to function. # -#<module name="m_md5.so"> -# +#<module name="md5"> + #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SHA256 module: Allows other modules to generate SHA256 hashes, # usually for cryptographic uses and security. # # IMPORTANT: -# Other modules such as m_password_hash.so may rely on this module being -# loaded to function. Certain modules such as m_spanningtree.so will +# Other modules such as password_hash may rely on this module being +# loaded to function. Certain modules such as spanningtree will # function without this module but when it is loaded their features will # be enhanced (for example the addition of HMAC authentication). # -#<module name="m_sha256.so"> -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# RIPEMD160 module: Allows other modules to generate RIPEMD160 hashes, -# usually for cryptographic uses and security. -# -# IMPORTANT: -# Other modules may rely on this module being loaded to function. -#<module name="m_ripemd160.so"> +#<module name="sha256"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Abbreviation module: Provides the ability to abbreviate commands a-la # BBC BASIC keywords. -#<module name="m_abbreviation.so"> +#<module name="abbreviation"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Alias module: Allows you to define server-side command aliases. -#<module name="m_alias.so"> +#<module name="alias"> # # Set the 'prefix' for in-channel aliases (fantasy commands) to the # specified character. If not set, the default is "!". @@ -72,9 +65,9 @@ # #-#-#-#-#-#-#-#-#-#-#- ALIAS DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-# # # -# If you have the m_alias.so module loaded, you may also define # -# aliases as shown below. They are commonly used to provide shortcut # -# commands to services, however they are not limited to just this use.# +# If you have the alias module loaded, you may also define aliases as # +# shown below. They are commonly used to provide shortcut commands to # +# services, however they are not limited to just this use. # # An alias tag requires the following values to be defined in it: # # # # text - The text to detect as the actual command line. # @@ -135,18 +128,6 @@ # If a non-oper attempts to use the alias, it will # # appear to not exist. # # # -#<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -#<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -#<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -#<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> -#<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -#<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -#<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -#<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -#<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -#<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> -#<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -#<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> # # An example of using the format value to create an alias with two # different behaviours depending on the format of the parameters. @@ -159,8 +140,7 @@ # # This alias fixes a glitch in xchat 2.6.x and above and the way it # assumes IDENTIFY must be prefixed by a colon (:) character. It should -# be placed ABOVE the default NICKSERV alias (the first example) listed -# above. +# be placed ABOVE the default NICKSERV alias. # #<alias text="NICKSERV" format=":IDENTIFY *" replace="PRIVMSG NickServ :IDENTIFY $3-" # requires="NickServ" uline="yes"> @@ -180,18 +160,32 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Allowinvite module: Gives channel mode +A to allow all users to use # /INVITE, and extban A to deny invite from specific masks. -#<module name="m_allowinvite.so"> +#<module name="allowinvite"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Alltime module: Shows time on all connected servers at once. # This module is oper-only and provides /ALLTIME. # To use, ALLTIME must be in one of your oper class blocks. -#<module name="m_alltime.so"> +#<module name="alltime"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Anticaps module: Adds channel mode +B which allows you to punish +# users that send overly capitalised messages to channels. Unlike the +# blockcaps module this module is more flexible as it has more options +# for punishment and allows channels to configure their own punishment +#Â policies. +#<module name="anticaps"> +# +# You may also configure the characters which anticaps considers to be +# lower case and upper case. Any characters not listed here are assumed +# to be punctuation and will be ignored when counting: +# <anticaps lowercase="abcdefghijklmnopqrstuvwxyz" +# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Auditorium module: Adds channel mode +u which makes everyone else # except you in the channel invisible, used for large meetings etc. -#<module name="m_auditorium.so"> +#<module name="auditorium"> # # Auditorium settings: # @@ -215,28 +209,37 @@ # Another useful combination is with SSL client certificate # fingerprints: +w h:z:72db600734bb9546c1bdd02377bc21d2a9690d48 will # give halfop to the user(s) having the given certificate. -#<module name="m_autoop.so"> +#<module name="autoop"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ban except module: Adds support for channel ban exceptions (+e). -#<module name="m_banexception.so"> +#<module name="banexception"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ban redirection module: Allows bans which redirect to a specified # channel. e.g. +b nick!ident@host#channelbanneduserissentto -#<module name="m_banredirect.so"> +#<module name="banredirect"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# bcrypt module: Allows other modules to generate bcrypt hashes, +# usually for cryptographic uses and security. +#<module name="bcrypt"> +# +# rounds: Defines how many rounds the bcrypt function will run when +# generating new hashes. +#<bcrypt rounds="10"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block amsg module: Attempt to block all usage of /amsg and /ame. -#<module name="m_blockamsg.so"> +#<module name="blockamsg"> # #-#-#-#-#-#-#-#-#-#-#- BLOCKAMSG CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you have the m_blockamsg.so module loaded, you can configure it # -# with the <blockamsg> tag: # +# If you have the blockamsg module loaded, you can configure it with # +# the <blockamsg> tag: # # # -# delay - How many seconds between two messages to force # -# them to be recognised as unrelated. # +# delay - How much time between two messages to force them # +# to be recognised as unrelated. # # action - Any of 'notice', 'noticeopers', 'silent', 'kill' # # or 'killopers'. Define how to take action when # # a user uses /amsg or /ame. # @@ -245,114 +248,140 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block CAPS module: Adds channel mode +B, blocks all-CAPS messages. -#<module name="m_blockcaps.so"> +# +# NOTE: This module is deprecated and will be removed in a future version +# of InspIRCd. You should use the anticaps module shown above instead. +#<module name="blockcaps"> # #-#-#-#-#-#-#-#-#-#-#- BLOCKCAPS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# percent - How many percent of text must be caps before text # +# percent - The percentage of a message which must be upper # +# case before it will be blocked. # +# # +# minlen - The minimum length a message must be before it # # will be blocked. # # # -# minlen - The minimum length a line must be for the block # -# percent to have any effect. # +# lowercase - The characters which will be considered lower # +# case. # # # -# capsmap - A list of chars to be considered CAPS. Can be used # -# to add CAPS characters for your language. Also you # -# can add things like ! and space to further lock # -# down on caps usage. # +# uppercase - The characters which will be considered upper # +# case. # +# #<blockcaps percent="50" # minlen="5" -# capsmap="ABCDEFGHIJKLMNOPQRSTUVWXYZ! "> +# lowercase="abcdefghijklmnopqrstuvwxyz" +# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Block color module: Blocking color-coded messages with chan mode +c. -#<module name="m_blockcolor.so"> +#<module name="blockcolor"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Botmode module: Adds the user mode +B. If set on a user, it will # show that the user is a bot in /WHOIS. -#<module name="m_botmode.so"> +#<module name="botmode"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CallerID module: Adds usermode +g which activates hybrid-style # callerid: block all private messages unless you /ACCEPT first. -#<module name="m_callerid.so"> +#<module name="callerid"> # #-#-#-#-#-#-#-#-#-#-#- CALLERID CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # maxaccepts - Maximum number of entries a user can add to his # # /ACCEPT list. Default is 16 entries. # -# operoverride - Can opers (note: ALL opers) override callerid? # -# Default is no. # # tracknick - Preserve /accept entries when a user changes nick? # # If no (the default), the user is removed from # # everyone's accept list if he changes nickname. # -# cooldown - Amount of time (in seconds) that must pass since # -# the last notification sent to a user before he can # -# be sent another. Default is 60 (1 minute). # +# cooldown - Amount of time that must pass since the last # +# notification sent to a user before he can be sent # +# another. Default is 1 minute. # #<callerid maxaccepts="16" -# operoverride="no" # tracknick="no" -# cooldown="60"> +# cooldown="1m"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CAP module: Provides the CAP negotiation mechanism required by the -# m_sasl, m_namesx, m_uhnames, and m_ircv3 modules. -# It is also recommended for the STARTTLS support in m_ssl_gnutls. -#<module name="m_cap.so"> +# sasl, namesx, uhnames, and ircv3 modules. +# It is also recommended for STARTTLS support in the starttls module. +#<module name="cap"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CBAN module: Lets you disallow channels from being used at runtime. # This module is oper-only and provides /CBAN. # To use, CBAN must be in one of your oper class blocks. -#<module name="m_cban.so"> +#<module name="cban"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Censor module: Adds channel and user mode +G. -#<module name="m_censor.so"> +#<module name="censor"> # #-#-#-#-#-#-#-#-#-#-#- CENSOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# Optional - If you specify to use the m_censor module, then you must # +# Optional - If you specify to use the censor module, then you must # # specify some censor tags. See also: # -# https://wiki.inspircd.org/Modules/2.0/censor # +# https://wiki.inspircd.org/Modules/3.0/censor # # -#<include file="conf/examples/censor.conf.example"> +#<include file="examples/censor.conf.example"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# CGI:IRC module: Adds support for automatic host changing in CGI:IRC -# (http://cgiirc.sourceforge.net). -#<module name="m_cgiirc.so"> +# CGI:IRC module: Enables forwarding the real IP address of a user from +# a gateway to the IRC server. +#<module name="cgiirc"> # #-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-# # -# Optional - If you specify to use m_cgiirc, then you must specify one -# or more cgihost tags which indicate authorised CGI:IRC servers which -# will be connecting to your network, and an optional cgiirc tag. -# For more information see: https://wiki.inspircd.org/Modules/2.0/cgiirc -# -# Set to yes if you want to notice opers when CGI:IRC clients connect. +# If you use the cgiirc module then you must specify the gateways which +# are authorised to forward IP/host information to your server. There +# are currently two ways to do this: +# +# The webirc method is the recommended way to allow gateways to forward +# IP/host information. When using this method the gateway sends a WEBIRC +# message to the server on connection. For more details please read the +# IRCv3 WebIRC specification at http://ircv3.net/specs/extensions/webirc.html. +# +# When using this method you must specify a wildcard mask or CIDR range +# to allow gateway connections from and at least one of either a SSL +# client certificate fingerprint for the gateway or a password to be +# sent in the WEBIRC command. +# +# <cgihost type="webirc" +# fingerprint="bd90547b59c1942b85f382bc059318f4c6ca54c5" +# mask="192.0.2.0/24"> +# <cgihost type="webirc" +# password="$2a$10$WEUpX9GweJiEF1WxBDSkeODBstIBMlVPweQTG9cKM8/Vd58BeM5cW" +# hash="bcrypt" +# mask="*.webirc.gateway.example.com"> +# +# Alternatively if your gateway does not support sending the WEBIRC +# message then you can configure InspIRCd to look for the client IP +# address in the ident sent by the user. This is not recommended as it +# only works with IPv4 connections. +# +# When using this method you must specify a wildcard mask or CIDR range to allow +# gateway connections from. You can also optionally configure the static value +# that replaces the IP in the ident to avoid leaking the real IP address of +# gateway clients (defaults to "gateway" if not set). +# +# <cgihost type="ident" +# mask="198.51.100.0/24" +# newident="wibble"> +# <cgihost type="ident" +# mask="*.ident.gateway.example.com" +# newident="wobble"> +# +# By default gateway connections are logged to the +w snomask. If you +# do not want this to happen then you can uncomment this to disable it. # <cgiirc opernotice="no"> -# -# The type field indicates where the module should get the real -# client's IP address from, for further information, please see the -# CGI:IRC documentation. -# -# Old style: -# <cgihost type="pass" mask="www.example.com"> # Get IP from PASS -# <cgihost type="ident" mask="otherbox.example.com"> # Get IP from ident -# <cgihost type="passfirst" mask="www.example.com"> # See the docs -# New style: -# <cgihost type="webirc" password="foobar" -# mask="somebox.example.com"> # Get IP from WEBIRC -# + # IMPORTANT NOTE: # --------------- # -# When you connect CGI:IRC clients, there are two connect classes which +# When you connect gateway clients, there are two connect classes which # apply to these clients. When the client initially connects, the connect -# class which matches the CGI:IRC site's host is checked. Therefore you -# must raise the maximum local/global clients for this ip as high as you -# want to allow cgi clients. After the client has connected and is -# determined to be a cgi:irc client, the class which matches the client's +# class which matches the gateway site's host is checked. Therefore you +# must raise the maximum local/global clients for this IP as high as you +# want to allow gateway clients. After the client has connected and is +# determined to be a gateway client, the class which matches the client's # real IP is then checked. You may set this class to a lower value, so that # the real IP of the client can still be restricted to, for example, 3 # sessions maximum. @@ -361,30 +390,35 @@ # Channel create module: Adds snomask +j, which will notify opers of # any new channels that are created. # This module is oper-only. -#<module name="m_chancreate.so"> +#<module name="chancreate"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel filter module: Allows channel-op defined message filtering # using simple string matches (channel mode +g). -#<module name="m_chanfilter.so"> +#<module name="chanfilter"> # # If hidemask is set to yes, the user will not be shown the mask when # his/her message is blocked. -#<chanfilter hidemask="yes"> +# +# If maxlen is set then it defines the maximum length of a filter entry. +# +# If notifyuser is set to no, the user will not be notified when +# his/her message is blocked. +#<chanfilter hidemask="yes" maxlen="50" notifyuser="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel history module: Displays the last 'X' lines of chat to a user # joining a channel with +H 'X:T' set; 'T' is the maximum time to keep # lines in the history buffer. Designed so that the new user knows what # the current topic of conversation is when joining the channel. -#<module name="m_chanhistory.so"> +#<module name="chanhistory"> # # Set the maximum number of lines allowed to be stored per channel below. # This is the hard limit for 'X'. # If notice is set to yes, joining users will get a NOTICE before playback # telling them about the following lines being the pre-join history. # If bots is set to yes, it will also send to users marked with +B -#<chanhistory maxlines="20" notice="yes" bots="yes"> +#<chanhistory maxlines="50" notice="yes" bots="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel logging module: Used to send snotice output to channels, to @@ -393,7 +427,7 @@ # The "channel" field is where you want the messages to go, "snomasks" # is what snomasks you want to be sent to that channel. Multiple tags # are allowed. -#<module name="m_chanlog.so"> +#<module name="chanlog"> #<chanlog snomasks="AOcC" channel="#opers"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# @@ -401,7 +435,7 @@ # characters in the channel name such as bold, colorcodes, etc. which # can be quite annoying and allow users to on occasion have a channel # that looks like the name of another channel on the network. -#<module name="m_channames.so"> +#<module name="channames"> #<channames # denyrange: characters or range of characters to deny in channel @@ -418,36 +452,7 @@ # Note that by default wildcard characters * and ? are allowed in # channel names. To disallow them, load m_channames and add characters # 42 and 63 to denyrange (see above). -#<module name="m_channelban.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Chanprotect module: Gives +q and +a channel modes. -# -# IMPORTANT: This module has been removed in the next major version of -# InspIRCd. You should use m_customprefix instead. -#<module name="m_chanprotect.so"> - -#<chanprotect - # noservices: With this set to yes, when a user joins an empty channel, - # the server will set +q on them. If set to no, it will only set +o - # on them until they register the channel. - #noservices="no" - - # qprefix: Prefix (symbol) to use for +q users. - #qprefix="~" - - # aprefix: Prefix (symbol) to use for +a users. - #aprefix="&" - - # deprotectself: If this value is set (true, yes or 1), it will allow - # +a and +q users to remove the +a and +q from themselves, otherwise, - # the status will have to be removed by services. - #deprotectself="yes" - - # deprotectothers: If this value is set to yes, true, or 1, then any - # user with +q or +a may remove the +q or +a from other users. - #deprotectothers="yes"> - +#<module name="channelban"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Check module: Adds the /CHECK command. @@ -455,7 +460,7 @@ # IP addresses and hosts. # This module is oper-only. # To use, CHECK must be in one of your oper class blocks. -#<module name="m_check.so"> +#<module name="check"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CHGHOST module: Adds the /CHGHOST command. @@ -464,7 +469,7 @@ # NOTE: Services will not be able to set vhosts on users if this module # isn't loaded. If you're planning on running services, you probably # want to load this. -#<module name="m_chghost.so"> +#<module name="chghost"> # #-#-#-#-#-#-#-#-# /CHGHOST - /SETHOST CONFIGURATION #-#-#-#-#-#-#-#-# # Optional - If you want to use special chars for hostnames you can # @@ -479,64 +484,66 @@ # CHGIDENT module: Adds the /CHGIDENT command. # This module is oper-only. # To use, CHGIDENT must be in one of your oper class blocks. -#<module name="m_chgident.so"> +#<module name="chgident"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # CHGNAME module: Adds the /CHGNAME command. # This module is oper-only. # To use, CHGNAME must be in one of your oper class blocks. -#<module name="m_chgname.so"> +#<module name="chgname"> +# +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Connection class ban module: Adds support for extban 'n' which +# matches against the class name of the user's connection. +# This module assumes that connection classes are named in a uniform +# way on all servers of the network. +#<module name="classban"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Clear chan module: Allows opers to masskick, masskill or mass-G/ZLine +# all users on a channel using /CLEARCHAN. +#<module name="clearchan"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Cloaking module: Adds usermode +x and cloaking support. -# Relies on the module m_md5.so being loaded. -# To cloak users when they connect, load m_conn_umodes and set +# Relies on the md5 module being loaded. +# To cloak users when they connect, load the conn_umodes module and set # <connect:modes> to include the +x mode. The example <connect> tag -# shows this. See the m_conn_umodes module for more information. -#<module name="m_cloaking.so"> +# shows this. See the conn_umodes module for more information. +#<module name="cloaking"> # #-#-#-#-#-#-#-#-#-#-#- CLOAKING CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# To use m_cloaking, you must define a cloak key, and optionally a # +# To use cloaking, you must define a cloak key, and optionally a # # cloak prefix as shown below. The cloak key must be shared across # # the network for correct cloaking. # # # -# There are four methods of cloaking: # +# There are two methods of cloaking: # # # -# half Cloak only the "unique" portion of a host; show # -# the last 2 parts of the domain, /16 subnet of IPv4 # -# or /48 subnet of the IPv6 address. # +# half Cloak only the "unique" portion of a host; by # +# default show the last 2 parts of the domain, # +# /16 subnet of IPv4 or /48 subnet of the IPv6 # +# address. # +# To change the number of shown parts, modify the # +# domainparts option. # # # # full Cloak the users completely, using three slices for # # common CIDR bans (IPv4: /16, /24; IPv6: /48, /64). # # # -# These methods use a single key that can be any length of text. # +# The methods use a single key that can be any length of text. # # An optional prefix may be specified to mark cloaked hosts. # -# # -# The following methods are maintained for backwards compatibility; # -# they are slightly less secure, and always hide unresolved IPs. # -# # -# compat-host InspIRCd 1.2-compatible host-based cloaking. # -# compat-ip InspIRCd 1.2-compatible ip-always cloaking. # -# # -# If you use a compat cloaking mode then you must specify key1, key2, # -# key3, key4; the values must be less than 0x80000000 and should be # -# picked at random. Prefix is mandatory, will default to network name # -# if not specified, and will always have a "-" appended. # -# # -# IMPORTANT: The compat-host and compat-ip modes have been removed in # -# the next major version of InspIRCd. You should ONLY use them if you # -# need backwards compatibility with InspIRCd 1.2. # +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # #<cloak mode="half" # key="secret" +# domainparts="3" # prefix="net-"> #-#-#-#-#-#-#-#-#-#-#-#- CLOSE MODULE #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Close module: Allows an oper to close all unregistered connections. # This module is oper-only and provides the /CLOSE command. # To use, CLOSE must be in one of your oper class blocks. -#<module name="m_close.so"> +#<module name="close"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Clones module: Adds an oper command /CLONES for detecting cloned @@ -544,42 +551,47 @@ # issued, use with care. # This module is oper-only. # To use, CLONES must be in one of your oper class blocks. -#<module name="m_clones.so"> +#<module name="clones"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Common channels module: Adds user mode +c, which, when set, requires # that users must share a common channel with you to PRIVMSG or NOTICE # you. -#<module name="m_commonchans.so"> +#<module name="commonchans"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Auto join on connect module: Allows you to force users to join one -# or more channels automatically upon connecting to the server. -#<module name="m_conn_join.so"> +# or more channels automatically upon connecting to the server, or +# join them in case they aren't on any channels after being online +# for X seconds. +#<module name="conn_join"> # #-#-#-#-#-#-#-#-#-#-#-#- CONNJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # -# If you have m_conn_join.so loaded, you can configure it using the -# following values, or set autojoin="#chat,#help" in <connect> blocks. +# If you have the conn_join module loaded, you can configure it below +# or set autojoin="#chat,#help" in <connect> blocks. # +# Join users immediately after connection to #one #two and #three. #<autojoin channel="#one,#two,#three"> +# Join users to #chat after 15 seconds if they aren't on any channels. +#<autojoin channel="#chat" delay="15"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Set modes on connect module: When this module is loaded <connect> # blocks may have an optional modes="" value, which contains modes to # add or remove from users when they connect to the server. -#<module name="m_conn_umodes.so"> +#<module name="conn_umodes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Wait for PONG on connect module: Send a PING to all connecting users # and don't let them connect until they reply with a PONG. # This is useful to stop certain kinds of bots and proxies. -#<module name="m_conn_waitpong.so"> +#<module name="conn_waitpong"> # #-#-#-#-#-#-#-#-#-#-#- WAITPONG CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you have the m_conn_waitpong.so module loaded, configure it with # -# the <waitpong> tag: # +# If you have the conn_waitpong module loaded, configure it with the # +# <waitpong> tag: # # # # sendsnotice - Whether to send a helpful notice to users on # # connect telling them how to connect, should # @@ -593,13 +605,13 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Channel cycle module: Adds the /CYCLE command which is a server-side # /HOP that bypasses restrictive modes. -#<module name="m_cycle.so"> +#<module name="cycle"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Connectban: Provides IP connection throttling. Any IP range that # connects too many times (configurable) in an hour is Z-Lined for a # (configurable) duration, and their count resets to 0. -#<module name="m_connectban.so"> +#<module name="connectban"> # # ipv4cidr and ipv6cidr allow you to turn the comparison from # individual IP addresses (32 and 128 bits) into CIDR masks, to allow @@ -608,14 +620,16 @@ # # This allows for 10 connections in an hour with a 10 minute ban if # that is exceeded. -#<connectban threshold="10" duration="10m" ipv4cidr="32" ipv6cidr="128"> +#<connectban threshold="10" duration="10m" ipv4cidr="32" ipv6cidr="128" +# A custom ban message may optionally be specified. +# banmessage="Your IP range has been attempting to connect too many times in too short a duration. Wait a while, and you will be able to connect."> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Connection throttle module. -#<module name="m_connflood.so"> +#<module name="connflood"> # #-#-#-#-#-#-#-#-#-#-#- CONNTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-# -# seconds, maxconns - Amount of connections per <seconds>. +# period, maxconns - Amount of connections per <period>. # # timeout - Time to wait after the throttle was activated # before deactivating it. Be aware that the time @@ -631,9 +645,8 @@ # quitmsg="Throttled" bootwait="10"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Custom prefixes: Allows for channel prefixes to be added. -# This replaces m_chanprotect and m_halfop. -#<module name="m_customprefix.so"> +# Custom prefixes: Allows for channel prefixes to be configured. +#<module name="customprefix"> # # name The name of the mode, must be unique from other modes. # letter The letter used for this mode. Required. @@ -641,26 +654,31 @@ # rank A numeric rank for this prefix, defining what permissions it gives. # The rank of voice, halfop and op is 10000, 20000, and 30000, # respectively. -# ranktoset The numeric rank required to set/unset this mode. Defaults to rank. +# ranktoset The numeric rank required to set this mode. Defaults to rank. +# ranktounset The numeric rank required to unset this mode. Defaults to ranktoset. # depriv Can you remove the mode from yourself? Defaults to yes. #<customprefix name="founder" letter="q" prefix="~" rank="50000" ranktoset="50000"> #<customprefix name="admin" letter="a" prefix="&" rank="40000" ranktoset="50000"> #<customprefix name="halfop" letter="h" prefix="%" rank="20000" ranktoset="30000"> -#<customprefix name="halfvoice" letter="V" prefix="-" rank="1" ranktoset="20000"> # -# Do /RELOADMODULE m_customprefix.so after changing the settings of this module. +# You can also override the configuration of prefix modes added by both the core +# and other modules by adding a customprefix tag with change="yes" specified. +# <customprefix name="op" change="yes" rank="30000" ranktoset="30000"> +# <customprefix name="voice" change="yes" rank="10000" ranktoset="10000" depriv="no"> +# +# Do /RELOADMODULE customprefix after changing the settings of this module. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Custom title module: Adds the /TITLE command which allows for trusted # users to gain a custom whois line and an optional vhost can be # specified. -#<module name="m_customtitle.so"> +#<module name="customtitle"> # #-#-#-#-#-#-#-#-#-#- CUSTOM TITLE CONFIGURATION -#-#-#-#-#-#-#-#-#-# # name - The username used to identify. # password - The password used to identify. # hash - The hash for the specific user's password (optional). -# m_password_hash.so and a hashing module must be loaded +# password_hash and a hashing module must be loaded # for this to work. # host - Allowed hostmask (optional). # title - Title shown in whois. @@ -668,11 +686,11 @@ # #<title name="foo" password="bar" title="Official Chat Helper"> #<title name="bar" password="foo" host="ident@test.org" title="Official Chat Helper" vhost="helper.test.org"> -#<title name="foo" password="fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9" hash="sha256" title="Official Chat Helper"> +#<title name="foo" password="$2a$10$UYZ4OcO8NNTCCGyCdY9SK.2GHiqGgxZfHFPOPmWuxEVWVQTtoDC7C" hash="bcrypt" title="Official Chat Helper"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # DCCALLOW module: Adds the /DCCALLOW command. -#<module name="m_dccallow.so"> +#<module name="dccallow"> # #-#-#-#-#-#-#-#-#-#-#- DCCALLOW CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # blockchat - Whether to block DCC CHAT as well as DCC SEND. @@ -694,7 +712,7 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Deaf module: Adds support for the usermode +d - deaf to channel # messages and channel notices. -#<module name="m_deaf.so"> +#<module name="deaf"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Delay join module: Adds the channel mode +D which delays all JOIN @@ -702,24 +720,24 @@ # speaking, their quit or part message will not be shown to the channel # which helps cut down noise on large channels in a more friendly way # than the auditorium mode. Only channel ops may set the +D mode. -#<module name="m_delayjoin.so"> +#<module name="delayjoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Delay message module: Adds the channel mode +d which disallows a user # from talking in the channel unless they've been joined for X seconds. # Settable using /MODE #chan +d 30 -#<module name="m_delaymsg.so"> +#<module name="delaymsg"> # Set allownotice to no to disallow NOTICEs too. Defaults to yes. #<delaymsg allownotice="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Deny channels module: Deny channels from being used by users. -#<module name="m_denychans.so"> +#<module name="denychans"> # #-#-#-#-#-#-#-#-#-#-#- DENYCHAN DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-# # # -# If you have the m_denychans.so module loaded, you need to specify # -# the channels to deny: # +# If you have the denychans module loaded, you need to specify the # +# channels to deny: # # # # name - The channel name to deny (glob masks are ok). # # allowopers - If operators are allowed to override the deny. # @@ -737,16 +755,12 @@ # Glob masks are accepted here also. # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Devoice module: Let users devoice themselves using /DEVOICE #chan. -#<module name="m_devoice.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # DNS blacklist module: Provides support for looking up IPs on one or # # more blacklists. # -#<module name="m_dnsbl.so"> # +#<module name="dnsbl"> # # # -# For configuration options please see the wiki page for m_dnsbl at # -# https://wiki.inspircd.org/Modules/2.0/dnsbl # +# For configuration options please see the wiki page for dnsbl at # +# https://wiki.inspircd.org/Modules/3.0/dnsbl # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Exempt channel operators module: Provides support for allowing # @@ -757,45 +771,56 @@ # See <options:exemptchanops> in inspircd.conf.example for a more # # detailed list of the restriction modes that can be exempted. # # These are settable using /mode #chan +X <restriction>:<status> # -#<module name="m_exemptchanops.so"> # +#<module name="exemptchanops"> # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Filter module: Provides message filtering, similar to SPAMFILTER. # -#<module name="m_filter.so"> +#<module name="filter"> # # -# This module depends upon a regex provider such as m_regex_pcre or # -# m_regex_glob to function. You must specify which of these you want # -# m_filter to use via the tag below. # +# This module depends upon a regex provider such as regex_pcre or # +# regex_glob to function. You must specify which of these you want # +# the filter module to use via the tag below. # # # # Valid engines are: # # # -# glob - Glob patterns, provided via m_regex_glob. # -# pcre - PCRE regexps, provided via m_regex_pcre, needs libpcre. # -# tre - TRE regexps, provided via m_regex_tre, requires libtre. # -# posix - POSIX regexps, provided via m_regex_posix, not available # +# glob - Glob patterns, provided via regex_glob. # +# pcre - PCRE regexps, provided via regex_pcre, needs libpcre. # +# tre - TRE regexps, provided via regex_tre, requires libtre. # +# posix - POSIX regexps, provided via regex_posix, not available # # on Windows, no dependencies on other operating systems. # -# stdlib - stdlib regexps, provided via m_regex_stdlib, see comment # +# stdlib - stdlib regexps, provided via regex_stdlib, see comment # # at the <module> tag for info on availability. # # # -#<filteropts engine="glob"> # +# If notifyuser is set to no, the user will not be notified when # +# his/her message is blocked. # +#<filteropts engine="glob" notifyuser="yes"> +# # +# Your choice of regex engine must match on all servers network-wide. # +# # +# To learn more about the configuration of this module, read # +# examples/filter.conf.example, which covers the various types of # +# filters and shows how to add exemptions. # # # -# Your choice of regex engine must match on all servers network-wide. -# -# You may specify specific channels that are exempt from being filtered: -#<exemptfromfilter channel="#blah"> -# #-#-#-#-#-#-#-#-#-#-#- FILTER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# Optional - If you specify to use the m_filter module, then # +# Optional - If you specify to use the filter module, then # # specify below the path to the filter.conf file, or define some # # <filter> tags. # # # -#<include file="conf/examples/filter.conf.example"> +#<include file="examples/filter.conf.example"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Gecos ban: Implements extended ban 'r', which stops anyone matching -# a mask like +b r:*realname?here* from joining a channel. -#<module name="m_gecosban.so"> +# Flash Policy Daemon module: Allows Flash IRC clients (e.g. LightIRC)# +# to connect. If no file is specified, it'll serve a default policy # +# allowing all IPs to connect to all plaintext IRC ports # +#<bind address="" port="8430" type="flashpolicyd"> # +#<flashpolicyd timeout="5" file=""> # +#<module name="flashpolicyd"> # + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Real name ban: Implements extended ban 'r', which stops anyone +# matching a mask like +b r:*realname?here* from joining a channel. +#<module name="gecosban"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # GeoIP module: Allows the server admin to match users by country code. @@ -805,7 +830,7 @@ # This module requires GeoIP to be installed on your system, # use your package manager to find the appropriate packages # or check the InspIRCd wiki page for this module. -#<module name="m_geoip.so"> +#<module name="geoip"> # # The actual allow/ban actions are done by connect classes, not by the # GeoIP module. An example connect class to ban people from russia or @@ -813,6 +838,10 @@ # # <connect deny="*" geoip="TR,RU"> # +# If enabled you can also ban people from channnels by country code +# using the G: extban (e.g. /mode #channel +b G:US). +# <geoip extban="yes"> +# # The country code must be in capitals and should be an ISO country # code such as TR, GB, or US. Unknown IPs (localhost, LAN IPs, etc) # will be assigned the country code "UNK". Since connect classes are @@ -823,7 +852,7 @@ # Globops module: Provides the /GLOBOPS command and snomask +g. # This module is oper-only. # To use, GLOBOPS must be in one of your oper class blocks. -#<module name="m_globops.so"> +#<module name="globops"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Global load module: Allows loading and unloading of modules network- @@ -832,29 +861,29 @@ # and /GRELOADMODULE. # To use, GLOADMODULE, GUNLOADMODULE and GRELOADMODULE # must be in one of your oper class blocks. -#<module name="m_globalload.so"> +#<module name="globalload"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Halfop module: Provides the +h (halfops) channel status mode. -# -# IMPORTANT: This module has been removed in the next major version of -# InspIRCd. You should use m_customprefix instead. -#<module name="m_halfop.so"> +# HAProxy module: Adds support for the HAProxy PROXY v2 protocol. To +# use this module specify hook="haproxy" in the <bind> tag that HAProxy +# has been configured to connect to. +#<module name="haproxy"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# HELPOP module: Provides the /HELPOP command. -#<module name="m_helpop.so"> +# HELPOP module: Provides the /HELPOP command +#<module name="helpop"> # #-#-#-#-#-#-#-#-#-#-#-#- HELPOP CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you specify to use the m_helpop.so module, then specify below # -# the path to the helpop.conf file. # -#<include file="conf/examples/helpop-full.conf.example"> +# If you specify to use the helpop module, then specify below the # +# path to the helpop.conf file. # +# # +#<include file="examples/helpop-full.conf.example"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hide chans module: Allows users to hide their channels list from non- # opers by setting user mode +I on themselves. -#<module name="m_hidechans.so"> +#<module name="hidechans"> # # This mode can optionally prevent opers from seeing channels on a +I # user, for more privacy if set to true. @@ -862,50 +891,86 @@ #<hidechans affectsopers="false"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Hide list module: Allows for hiding the list of listmodes from users +# who do not have sufficient channel rank. +#<module name="hidelist"> +# +# Each <hidelist> tag configures one listmode to hide. +# mode: Name of the listmode to hide. +# rank: Minimum rank required to view the list. If set to 0, all +# members of the channel may view the list, but non-members may not. +# The rank of the built-in op and voice mode is 30000 and 10000, +# respectively; the rank of other prefix modes is configurable. +# Defaults to 20000. +# +# Hiding the ban list is not recommended because it may break some +# clients. +# +# Hide filter (+g) list: +#<hidelist mode="filter" rank="30000"> +# Only show invite exceptions (+I) to channel members: +#<hidelist mode="invex" rank="0"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Hide mode module: Allows for hiding mode changes from users who do not +# have sufficient channel privileges. +#<module name="hidemode"> +# +# Hide bans (+b) from people who are not voiced: +#<hidemode mode="ban" rank="10000"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hide oper module: Allows opers to hide their oper status from non- # opers by setting user mode +H on themselves. # This module is oper-only. -#<module name="m_hideoper.so"> +#<module name="hideoper"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Hostchange module: Allows a different style of cloaking. -#<module name="m_hostchange.so"> +#<module name="hostchange"> # #-#-#-#-#-#-#-#-#-#-#- HOSTCHANGE CONFIGURATION -#-#-#-#-#-#-#-#-#-# # # -# See https://wiki.inspircd.org/Modules/2.0/hostchange for help. # +# See https://wiki.inspircd.org/Modules/3.0/hostchange for help. # # # -#<host suffix="invalid.org" separator="." prefix=""> -#<hostchange mask="*@42.theanswer.example.org" action="addnick"> -#<hostchange mask="*root@*" action="suffix"> +#<hostchange mask="*@42.theanswer.example.org" action="addaccount" suffix=".users.example.com"> +#<hostchange mask="*root@*" action="addnick" prefix="example/users/"> #<hostchange mask="a@example.com" action="set" value="foo.bar.baz"> -#<hostchange mask="localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo"> +#<hostchange mask="*@localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo"> + +# hostcycle: If loaded, when a user gets a host or ident set, it will +# cycle them in all their channels. If not loaded it will simply change +# their host/ident without cycling them. +# This module is compatible with the ircv3_chghost module. Clients +# supporting the chghost extension will get the chghost message instead +# of seeing a host cycle. +#<module name="hostcycle"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # httpd module: Provides HTTP server support for InspIRCd. -#<module name="m_httpd.so"> +#<module name="httpd"> # #-#-#-#-#-#-#-#-#-#-#-#- HTTPD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # -# If you choose to use the m_httpd.so module, then you will need to add +# If you choose to use the httpd module, then you will need to add # a <bind> tag with type "httpd", and load at least one of the other -# m_httpd_* modules to provide pages to display. +# httpd_* modules to provide pages to display. # <bind address="127.0.0.1" port="8067" type="httpd"> # <bind address="127.0.0.1" port="8097" type="httpd" ssl="gnutls"> # # You can adjust the timeout for HTTP connections below. All HTTP -# connections will be closed after (roughly) this many seconds. +# connections will be closed after (roughly) this time period. #<httpd timeout="20"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# HTTP ACL module: Provides access control lists for m_httpd dependent +# HTTP ACL module: Provides access control lists for httpd dependent # modules. Use this module to restrict pages by IP address and by # password. -#<module name="m_httpd_acl.so"> +#<module name="httpd_acl"> # #-#-#-#-#-#-#-#-#-#-#-#- HTTPD ACL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # -# Restrict access to the m_httpd_stats module to all but the local +# Restrict access to the httpd_stats module to all but the local # network and when the correct password is specified: # <httpdacl path="/stats*" types="password,whitelist" # username="secrets" password="mypasshere" whitelist="127.0.0.*,10.*"> @@ -915,44 +980,48 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HTTP config module: Allows the server configuration to be viewed over -# HTTP via the /config path. Requires m_httpd.so to be loaded for it to -# function. +# HTTP via the /config path. Requires the httpd module to be loaded for +# it to function. # # IMPORTANT: This module exposes extremely sensitive information about # your server and users so you *MUST* protect it using a local-only -# <bind> tag and/or the m_httpd_acl.so module. See above for details. -#<module name="m_httpd_config.so"> +# <bind> tag and/or the httpd_acl module. See above for details. +#<module name="httpd_config"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # HTTP stats module: Provides server statistics over HTTP via the /stats -# path. Requires m_httpd.so to be loaded for it to function. +# path. Requires the httpd module to be loaded for it to function. # # IMPORTANT: This module exposes extremely sensitive information about # your server and users so you *MUST* protect it using a local-only -# <bind> tag and/or the m_httpd_acl.so module. See above for details. -#<module name="m_httpd_stats.so"> +# <bind> tag and/or the httpd_acl module. See above for details. +#<module name="httpd_stats"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Ident: Provides RFC 1413 ident lookup support. # When this module is loaded <connect:allow> tags may have an optional # useident="yes|no" boolean value, determining whether or not to lookup # ident on users matching that connect tag. -#<module name="m_ident.so"> +#<module name="ident"> # #-#-#-#-#-#-#-#-#-#-#-#- IDENT CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# Optional - If you are using the m_ident.so module, then you can # -# specify the timeout for ident lookups here. If not defined, it will # -# default to 5 seconds. This is a non-blocking timeout which holds # -# the user in a 'connecting' state until the lookup is complete. # +# Optional - If you are using the ident module, then you can specify # +# the timeout for ident lookups here. If not defined, it will default # +# to 5 seconds. This is a non-blocking timeout which holds the user # +# in a 'connecting' state until the lookup is complete. # # The bind value indicates which IP to bind outbound requests to. # +# nolookupprefix: If on, the idents of users being in a connect class # +# with ident lookups disabled (i.e. <connect useident="off">) will be # +# prefixed with a "~". If off, the ident of those users will not be # +# prefixed. Default is off. # # -#<ident timeout="5"> +#<ident timeout="5" nolookupprefix="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Invite exception module: Adds support for channel invite exceptions # (+I). -#<module name="m_inviteexception.so"> +#<module name="inviteexception"> # bypasskey: If this is enabled, exceptions will bypass +k as well as +i #<inviteexception bypasskey="yes"> @@ -961,22 +1030,93 @@ # extended-join, away-notify and account-notify. These are optional # enhancements to the client-to-server protocol. An extension is only # active for a client when the client specifically requests it, so this -# module needs m_cap to work. +# module needs the cap module to work. # # Further information on these extensions can be found at the IRCv3 # working group website: # http://ircv3.net/irc/ # -#<module name="m_ircv3.so"> +#<module name="ircv3"> # The following block can be used to control which extensions are -# enabled. Note that extended-join can be incompatible with m_delayjoin +# enabled. Note that extended-join can be incompatible with delayjoin # and host cycling. #<ircv3 accountnotify="on" awaynotify="on" extendedjoin="on"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 cap-notify module: Provides the cap-notify IRCv3 extension. +# Required for IRCv3 conformance. +#<module name="ircv3_capnotify"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 account-tag module. Adds the 'account' tag which contains the +# services account name of the message sender. +#<module name="ircv3_accounttag"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 batch module: Provides the batch IRCv3 extension which allows +# the server to inform a client that a group of messages are related to +# each other. +#<module name="ircv3_batch"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 cap-notify module: Provides the cap-notify IRCv3 extension. +# Required for IRCv3 conformance. +#<module name="ircv3_capnotify"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 chghost module: Provides the chghost IRCv3 extension which +# allows capable clients to learn when the host/ident of another user +# changes without cycling the user. This module is compatible with the +# hostcycle module. If both are loaded, clients supporting the chghost +# extension will get the chghost message and won't see host cycling. +#<module name="ircv3_chghost"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 echo-message module: Provides the echo-message IRCv3 +# extension which allows capable clients to get an acknowledgement when +# their messages are delivered and learn what modifications, if any, +# were applied to them. +#<module name="ircv3_echomessage"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 invite-notify module: Provides the invite-notify IRCv3 +# extension which notifies supporting clients when a user invites +# another user into a channel. This respects <options:announceinvites>. +#<module name="ircv3_invitenotify"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 server-time module. Adds the 'time' tag which adds a timestamp +# to all messages received from the server. +#<module name="ircv3_servertime"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# IRCv3 Strict Transport Security module: Provides the sts IRCv3 +# extension which allows clients connecting insecurely to upgrade their +# connections to TLS. +#<module name="ircv3_sts"> +# +# If using the ircv3_sts module you MUST define a STS policy to send +# to clients using the <sts> tag. This tag takes the following +# attributes: +# +# host - A glob match for the SNI hostname to apply this policy to. +# duration - The amount of time that the policy lasts for. Defaults to +# approximately two months by default. +# port - The port on which TLS connections to the server are being +# accepted. You MUST have a CA-verified certificate on this +# port. Self signed certificates are not acceptable. +# preload - Whether client developers can include your certificate in +# preload lists. +# +# <sts host="*.example.com" duration="60d" port="6697" preload="yes"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Join flood module: Adds support for join flood protection +j X:Y. -# Closes the channel for 60 seconds if X users join in Y seconds. -#<module name="m_joinflood.so"> +# Closes the channel for N seconds if X users join in Y seconds. +#<module name="joinflood"> +# +# The number of seconds to close the channel for: +#<joinflood duration="1m"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Jump server module: Adds support for the RPL_REDIR numeric. @@ -984,17 +1124,15 @@ # To use, JUMPSERVER must be in one of your oper class blocks. # If your server is redirecting new clients and you get disconnected, # do a REHASH from shell to open up again. -#<module name="m_jumpserver.so"> +#<module name="jumpserver"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Anti auto rejoin: Adds support for prevention of auto-rejoin (+J). -#<module name="m_kicknorejoin.so"> -# Set the maximum time that is accepted as a parameter for +J here. -#<kicknorejoin maxtime="1m"> +#<module name="kicknorejoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Knock module: Adds the /KNOCK command and channel mode +K. -#<module name="m_knock.so"> +#<module name="knock"> # # This setting specifies what to do when someone successfully /KNOCKs. # If set to "notice", then a NOTICE will be sent to the channel. @@ -1006,24 +1144,38 @@ #<knock notify="notice"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# LDAP module: Allows other SQL modules to access a LDAP database +# through a unified API. +# This modules is in extras. Re-run configure with: +# ./configure --enable-extras=m_ldap.cpp +# and run make install, then uncomment this module to enable it. +# +#<module name="ldap"> +#<database module="ldap" id="ldapdb" server="ldap://localhost" binddn="cn=Manager,dc=inspircd,dc=org" bindauth="mysecretpass" searchscope="subtree"> +# The server parameter indicates the LDAP server to connect to. The # +# ldap:// style scheme before the hostname proper is MANDATORY. # +# # +# The binddn and bindauth indicate the DN to bind to for searching, # +# and the password for the distinguished name. Some LDAP servers will # +# allow anonymous searching in which case these two values do not # +# need defining, otherwise they should be set similar to the examples # +# above. # +# # +# The searchscope value indicates the subtree to search under. On our # +# test system this is 'subtree'. Your mileage may vary. # + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP authentication module: Adds the ability to authenticate users # -# via LDAP. This is an extra module which must be enabled explicitly # -# by symlinking it from modules/extra, and requires the OpenLDAP libs # -# This module is in extras. To enable it, Re-run configure with: # -# ./configure --enable-extras=m_ldapauth.cpp # -# and run make install, then uncomment this module. # -#<module name="m_ldapauth.so"> +# via LDAP. # +#<module name="ldapauth"> # # # Configuration: # # # -# <ldapauth baserdn="ou=People,dc=brainbox,dc=cc" # +# <ldapauth dbid="ldapdb" # +# baserdn="ou=People,dc=brainbox,dc=cc" # # attribute="uid" # -# server="ldap://brainwave.brainbox.cc" # -# allowpattern="Guest*" # +# allowpattern="Guest* Bot*" # # killreason="Access denied" # -# searchscope="subtree" # -# binddn="cn=Manager,dc=brainbox,dc=cc" # -# bindauth="mysecretpass" # # verbose="yes" # # host="$uid.$ou.inspircd.org" # # useusername="no"> # @@ -1038,32 +1190,21 @@ # The attribute value indicates the attribute which is used to locate # # a user account by name. On POSIX systems this is usually 'uid'. # # # +# The allowpattern value allows you to specify a space separated list # +# of wildcard masks which will always be allowed to connect # +# regardless of if they have an account, for example guest and bot # +# users. # +# # # The useusername setting chooses whether the user's username or # # nickname is used when locating a user account, if a username isn't # # provided in PASS. # # # -# The server parameter indicates the LDAP server to connect to. The # -# ldap:// style scheme before the hostname proper is MANDATORY. # -# # -# The allowpattern value allows you to specify a wildcard mask which # -# will always be allowed to connect regardless of if they have an # -# account, for example guest users. # -# # # Killreason indicates the QUIT reason to give to users if they fail # # to authenticate. # # # -# The searchscope value indicates the subtree to search under. On our # -# test system this is 'subtree'. Your mileage may vary. # -# # # Setting the verbose value causes an oper notice to be sent out for # # every failed authentication to the server, with an error string. # # # -# The binddn and bindauth indicate the DN to bind to for searching, # -# and the password for the distinguished name. Some LDAP servers will # -# allow anonymous searching in which case these two values do not # -# need defining, otherwise they should be set similar to the examples # -# above. # -# # # ldapwhitelist indicates that clients connecting from an IP in the # # provided CIDR do not need to authenticate against LDAP. It can be # # repeated to whitelist multiple CIDRs. # @@ -1083,25 +1224,18 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # LDAP oper configuration module: Adds the ability to authenticate # -# opers via LDAP. This is an extra module which must be enabled # -# explicitly by symlinking it from modules/extra, and requires the # -# OpenLDAP libs. Re-run configure with: # -# ./configure --enable-extras=m_ldapoper.cpp -# and run make install, then uncomment this module to enable it. # -#<module name="m_ldapoper.so"> +# opers via LDAP. # +#<module name="ldapoper"> # # # Configuration: # # # -# <ldapoper baserdn="ou=People,dc=brainbox,dc=cc" -# server="ldap://brainwave.brainbox.cc" -# searchscope="subtree" -# binddn="cn=Manager,dc=brainbox,dc=cc" -# bindauth="mysecretpass" +# <ldapoper dbid="ldapdb" +# baserdn="ou=People,dc=brainbox,dc=cc" # attribute="uid"> # # # Available configuration items are identical to the same items in # -# m_ldapauth above (except for the verbose setting, that is only # -# supported in m_ldapauth). # +# ldapauth above (except for the verbose setting, that is only # +# supported in ldapauth). # # Please always specify a password in your <oper> tags even if the # # opers are to be authenticated via LDAP, so in case this module is # # not loaded the oper accounts are still protected by a password. # @@ -1115,39 +1249,37 @@ # If your server is locked and you get disconnected, do a REHASH from # # shell to open up again. # # This module is oper-only. -#<module name="m_lockserv.so"> +#<module name="lockserv"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Map hiding module: replaces /MAP and /LINKS output to users with a # # message to see a website, set by maphide="http://test.org/map" in # # the <security> tag, instead. # -#<module name="m_maphide.so"> +#<module name="maphide"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Message flood module: Adds message/notice flood protection via # channel mode +f. -#<module name="m_messageflood.so"> +#<module name="messageflood"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # MLOCK module: Adds support for server-side enforcement of services # side MLOCKs. Basically, this module suppresses any mode change that # would likely be immediately bounced by services. -#<module name="m_mlock.so"> +#<module name="mlock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# MsSQL module: Allows other SQL modules to access MS SQL Server -# through a unified API. -# This module is in extras. Re-run configure with: -# ./configure --enable-extras=m_mssql.cpp -# and run make install, then uncomment this module to enable it. -#<module name="m_mssql.so"> -# -#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# -# # -# m_mssql.so is more complex than described here, see wiki for more # -# info https://wiki.inspircd.org/Modules/2.0/mssql # +# Modenotice module: Adds the /MODENOTICE command that allows opers to +# send notices to all users having the given user mode(s) set. +#<module name="modenotice"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Monitor module: Adds support for MONITOR which is used by clients to +# maintain notify lists. +#<module name="monitor"> # -#<database module="mssql" name="db" user="user" pass="pass" host="localhost" id="db1"> +# Set the maximum number of entries on a user's monitor list below. +#<monitor maxentries="30"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # MySQL module: Allows other SQL modules to access MySQL databases @@ -1155,12 +1287,12 @@ # This module is in extras. Re-run configure with: # ./configure --enable-extras=m_mysql.cpp # and run make install, then uncomment this module to enable it. -#<module name="m_mysql.so"> +#<module name="mysql"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # -# m_mysql.so is more complex than described here, see the wiki for # -# more: https://wiki.inspircd.org/Modules/2.0/mysql # +# mysql is more complex than described here, see the wiki for more # +# info: https://wiki.inspircd.org/Modules/3.0/mysql # # #<database module="mysql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database2"> @@ -1169,19 +1301,19 @@ # modes via long-form mode names via +Z and the /PROP command. # For example, to set a ban, do /mode #channel +Z ban=foo!bar@baz or # /PROP #channel ban=foo!bar@baz -#<module name="m_namedmodes.so"> +#<module name="namedmodes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # NAMESX module: Provides support for the NAMESX extension which allows # clients to see all the prefixes set on a user without getting confused. # This is supported by mIRC, x-chat, klient, and maybe more. -#<module name="m_namesx.so"> +#<module name="namesx"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # National characters module: # 1) Allows using national characters in nicknames. # 2) Allows using custom (national) casemapping over the network. -#<module name="m_nationalchars.so"> +#<module name="nationalchars"> # # file - Location of the file which contains casemapping rules. If this # is a relative path then it is relative to "<PWD>/../locales" @@ -1195,47 +1327,54 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Nickchange flood protection module: Provides channel mode +F X:Y # which allows up to X nick changes in Y seconds. -#<module name="m_nickflood.so"> +#<module name="nickflood"> +# +# The number of seconds to prevent nick changes for: +#<nickflood duration="1m"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Nicklock module: Let opers change a user's nick and then stop that # user from changing their nick again until unlocked. # This module is oper-only. # To use, NICKLOCK and NICKUNLOCK must be in one of your oper class blocks. -#<module name="m_nicklock.so"> +#<module name="nicklock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# No CTCP module: Adds the channel mode +C to block CTCPs and extban -# 'C' to block CTCPs sent by specific users. -#<module name="m_noctcp.so"> +# No CTCP module: Adds the channel mode +C and user mode +T to block +# CTCPs and extban 'C' to block CTCPs sent by specific users. +#<module name="noctcp"> +# +# The +T user mode is not enabled by default to enable link compatibility +# with 2.0 servers. You can enable it by uncommenting this: +#<noctcp enableumode="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No kicks module: Adds the +Q channel mode and the Q: extban to deny # certain users from kicking. -#<module name="m_nokicks.so"> +#<module name="nokicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No nicks module: Adds the +N channel mode, as well as the 'N' extban. # +N stops all users from changing their nick, the N extban stops # anyone from matching a +b N:nick!user@host mask from changing their # nick. -#<module name="m_nonicks.so"> +#<module name="nonicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No part message module: Adds extban 'p' to block part messages from # # matching users. # -#<module name="m_nopartmsg.so"> +#<module name="nopartmsg"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # No notice module: Adds the channel mode +T and the extban 'T' to # block specific users from noticing the channel. -#<module name="m_nonotice.so"> +#<module name="nonotice"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Network business join module: # Allows an oper to join a channel using /OJOIN, giving them +Y on the # channel which makes them immune to kick/deop/etc. -#<module name="m_ojoin.so"> +#<module name="ojoin"> # # Specify the prefix that +Y will grant here. # Leave 'prefix' empty if you do not wish +Y to grant a prefix. @@ -1250,16 +1389,17 @@ # /mode #channel +iI O:* is equivalent to channel mode +O, but you # may also set +iI O:AdminTypeOnly to only allow admins. # Modes +I and +e work in a similar fashion. -#<module name="m_operchans.so"> +#<module name="operchans"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper join module: Auto-joins opers to a channel upon oper-up. -# This module is oper-only. For the user equivalent, see m_conn_join. -#<module name="m_operjoin.so"> +# This module is oper-only. For the user equivalent, see the conn_join +# module. +#<module name="operjoin"> # #-#-#-#-#-#-#-#-#-#-# OPERJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you are using the m_operjoin.so module, specify options here: # +# If you are using the operjoin module, specify options here: # # # # channel - The channel name to join, can also be a comma # # separated list e.g. "#channel1,#channel2". # @@ -1279,7 +1419,7 @@ # type "m_operlog" at default loglevel), and optionally to the 'r' # snomask. # This module is oper-only. -#<module name="m_operlog.so"> +#<module name="operlog"> # # If the following option is on then all oper commands will be sent to # the snomask 'r'. The default is off. @@ -1293,7 +1433,7 @@ # # Load this module if you want all your IRC operators to have channel # operator powers. -#<module name="m_operprefix.so"> +#<module name="operprefix"> # # You may additionally customise the prefix character. #<operprefix prefix="!"> @@ -1302,51 +1442,59 @@ # Oper MOTD module: Provides support for separate message of the day # on oper-up. # This module is oper-only. -#<module name="m_opermotd.so"> +#<module name="opermotd"> # #-#-#-#-#-#-#-#-#-#-# OPERMOTD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# If you are using the m_opermotd.so module, specify the motd here. # +# If you are using the opermotd module, specify the motd here. # # # # onoper - If on, the message is sent on /OPER, otherwise it's # # only sent when /OPERMOTD is used. # # # -# processcolors - Allow color codes to be processed in the opermotd. # -# Read the comment above <connect:allowmotdcolors> in # -# inspircd.conf.example for details. # -# # -#<opermotd file="conf/examples/opermotd.txt.example" onoper="yes" processcolors="false"> +#<opermotd file="examples/opermotd.txt.example" onoper="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Override module: Adds support for oper override. # This module is oper-only. -#<module name="m_override.so"> +#<module name="override"> # #-#-#-#-#-#-#-#-#-#-# OVERRIDE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# m_override.so is too complex it describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/override # +# Much of override's configuration relates to your oper blocks. # +# For more information on how to allow opers to override, see: # +# https://wiki.inspircd.org/Modules/3.0/override # +# # +# noisy - If enabled, all oper overrides will be announced # +# via channel notice. # +# # +# requirekey - If enabled, overriding on join requires a channel # +# key of "override" to be specified # +# # +# enableumode - If enabled, usermode +O is required for override. # +# # +#<override noisy="yes" requirekey="no" enableumode="true"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper levels module: Gives each oper a level and prevents actions # being taken by lower level opers against higher level opers. # Specify the level as the 'level' parameter of the <type> tag. # This module is oper-only. -#<module name="m_operlevels.so"> +#<module name="operlevels"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Oper modes module: Allows you to specify modes to add/remove on oper. # Specify the modes as the 'modes' parameter of the <type> tag # and/or as the 'modes' parameter of the <oper> tag. -# This module is oper-only. For the user equivalent, see m_conn_umodes. -#<module name="m_opermodes.so"> +# This module is oper-only. For the user equivalent, see the +# conn_umodes module. +#<module name="opermodes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Password forwarding module: Forwards a password users can send on # connect to the specified client below. The client is usually NickServ # and this module is usually used to authenticate users with NickServ # using their connect password. -#<module name="m_passforward.so"> +#<module name="passforward"> <passforward # nick: nick to forward connect passwords to. @@ -1364,8 +1512,8 @@ #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Password hash module: Allows hashed passwords to be used. -# To be useful, a hashing module like m_sha256.so also needs to be loaded. -#<module name="m_password_hash.so"> +# To be useful, a hashing module like bcrypt also needs to be loaded. +#<module name="password_hash"> # #-#-#-#-#-#-#-#-#-# PASSWORD HASH CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-# # @@ -1374,37 +1522,52 @@ # # <oper name="Brain" # host="ident@dialup15.isp.test.com" -# hash="sha256" -# password="01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b" +# hash="bcrypt" +# password="$2a$10$Mss9AtHHslZTLBrXqM0FB.JBwD.UTSu8A48SfrY9exrpxbsRiRTbO" # type="NetAdmin"> # -# Starting from 2.0, you can use a more secure salted hash that prevents simply -# looking up the hash's value in a rainbow table built for the hash. +# If you are using a hash algorithm which does not perform salting you can use +# HMAC to salt your passwords in order to prevent them from being looked up in +# a rainbow table. +# # hash="hmac-sha256" password="lkS1Nbtp$CyLd/WPQXizsbxFUTqFRoMvaC+zhOULEeZaQkUJj+Gg" # # Generate hashes using the /MKPASSWD command on the server. # Don't run it on a server you don't trust with your password. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# PBKDF2 module: Allows other modules to generate PBKDF2 hashes, +# usually for cryptographic uses and security. +# This module relies on other hash providers (e.g. SHA256). +#<module name="pbkdf2"> +# +# iterations: Iterations the hashing function runs when generating new +# hashes. +# length: Length in bytes of the derived key. +#<pbkdf2 iterations="12288" length="32"> +# You can override these values with specific values +# for specific providers if you want to. Example given for SHA256. +#<pbkdf2prov hash="sha256" iterations="24576"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Permanent channels module: Channels with the permanent channel mode # will remain open even after everyone else has left the channel, and # therefore keep things like modes, ban lists and topic. Permanent # channels -may- need support from your Services package to function # properly with them. This adds channel mode +P. # This module is oper-only. -#<module name="m_permchannels.so"> +#<module name="permchannels"> # -# If you like, m_permchannels can write a config file of permanent channels +# If you like, this module can write a config file of permanent channels # whenever +P is set, unset, or the topic/modes on a +P channel is changed. # If you want to do this, set the filename below, and uncomment the include. # # If 'listmodes' is true then all list modes (+b, +I, +e, +g...) will be # saved. Defaults to false. -#<permchanneldb filename="data/permchannels.conf" listmodes="true"> -#<include file="data/permchannels.conf"> +#<permchanneldb filename="permchannels.conf" listmodes="true"> +#<include file="permchannels.conf"> # # You may also create channels on startup by using the <permchannels> block. -# Don't forget to set them +P in the modes, or they won't stay permanent. #<permchannels channel="#opers" modes="isP" topic="Opers only."> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# @@ -1413,68 +1576,71 @@ # This module is in extras. Re-run configure with: # ./configure --enable-extras=m_pgsql.cpp # and run make install, then uncomment this module to enable it. -#<module name="m_pgsql.so"> +#<module name="pgsql"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # -# m_pgsql.so is more complex than described here, see the wiki for # -# more: https://wiki.inspircd.org/Modules/2.0/pgsql # +# pgsql is more complex than described here, see the wiki for # +# more: https://wiki.inspircd.org/Modules/3.0/pgsql # # #<database module="pgsql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database" ssl="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Muteban: Implements extended ban 'm', which stops anyone matching # a mask like +b m:nick!user@host from speaking on channel. -#<module name="m_muteban.so"> +#<module name="muteban"> +# +# If notifyuser is set to no, the user will not be notified when +# his/her message is blocked. +#<muteban notifyuser="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Random quote module: Provides a random quote on connect. # NOTE: Some of these may mimic fatal errors and confuse users and # opers alike - BEWARE! -#<module name="m_randquote.so"> +#<module name="randquote"> # #-#-#-#-#-#-#-#-#-#- RANDOMQUOTES CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # -# Optional - If you specify to use the m_randquote.so module, then # -# specify below the path to the quotes file. # +# Optional - If you specify to use the randquote module, then specify # +# below the path to the quotes file. # # # #<randquote file="quotes.txt"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Redirect module: Adds channel redirection mode +L. # -# Optional: <redirect:antiredirect> to add usermode +L to stop forced # -# redirection and instead print an error. # -# # -# Note: You can not update this with a simple rehash, it requires # -# reloading the module for it to take effect. # -# This also breaks linking to servers that do not have the option. # -# This defaults to false for the 2.0 version, it will be enabled in # -# all the future versions. # -#<module name="m_redirect.so"> -#<redirect antiredirect="true"> +# Redirect module: Adds channel mode +L which redirects users to # +# another channel when the channel has reached its user limit and # +# user mode +L which stops redirection. # +#<module name="redirect"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for glob or wildcard (?/*) matching. -# You must have at least 1 provider loaded to use m_filter or m_rline +# You must have at least 1 provider loaded to use the filter or rline # modules. This module has no additional requirements, as it uses the # matching already present in InspIRCd core. -#<module name="m_regex_glob.so"> +#<module name="regex_glob"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for PCRE (Perl-Compatible Regular # Expressions). You need libpcre installed to compile and load this -# module. You must have at least 1 provider loaded to use m_filter or -# m_rline. -#<module name="m_regex_pcre.so"> +# module. You must have at least 1 provider loaded to use the filter or +# rline modules. +#<module name="regex_pcre"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Regular Expression Provider for RE2 Regular Expressions. +# You need libre2 installed and in your include/library paths in order +# to compile and load this module. +#<module name="regex_re2"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for POSIX regular expressions. # You shouldn't need any additional libraries on a POSIX-compatible # system (i.e.: any Linux, BSD, but not Windows). You must have at -# least 1 provider loaded to use m_filter or m_rline. +# least 1 provider loaded to use filter or rline. # On POSIX-compliant systems, regex syntax can be found by using the # command: 'man 7 regex'. -#<module name="m_regex_posix.so"> +#<module name="regex_posix"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Regular expression provider for C++11 std::regex regular expressions. @@ -1484,7 +1650,7 @@ # You should verify that std::regex is supported by your setup before # using this module, as it may compile normally but won't do anything # on some implementations. -#<module name="m_regex_stdlib.so"> +#<module name="regex_stdlib"> # # Specify the regular expression engine to use here. Valid settings are # bre, ere, awk, grep, egrep, ecmascript (default if not specified). @@ -1496,7 +1662,7 @@ # if you are most familiar with the syntax of /SPAMFILTER from there, # this is the provider you want. You need libtre installed in order # to compile and load this module. -#<module name="m_regex_tre.so"> +#<module name="regex_tre"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Registered users only channel creation module. If enabled, only @@ -1504,33 +1670,56 @@ # # You probably *DO NOT* want to load this module on a public network. # -#<module name="m_regonlycreate.so"> +#<module name="regonlycreate"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Remove module: Adds the /REMOVE command which is a peaceful # alternative to /KICK. -#<module name="m_remove.so"> +#<module name="remove"> +# +# supportnokicks: If true, /REMOVE is not allowed on channels where the +# nokicks (+Q) mode is set. Defaults to false. +# protectedrank: Members having this rank or above may not be /REMOVE'd +# by anyone. Set to 0 to disable this feature. Defaults to 50000. +#<remove supportnokicks="true" protectedrank="50000"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# A module to block, kick or ban upon similar messages being uttered several times. +# Syntax [~*][lines]:[sec]{[:difference]}{[:matchlines]} +# ~ is to block, * is to ban, default is kick. +# lines - In mode 1 the amount of lines that has to match consecutively - In mode 2 the size of the backlog to keep for matching +# seconds - How old the message has to be before it's invalidated. +# distance - Edit distance, in percent, between two strings to trigger on. +# matchlines - When set, the function goes into mode 2. In this mode the function will trigger if this many of the last <lines> matches. +# +# As this module can be rather CPU-intensive, it comes with some options. +# maxbacklog - Maximum size that can be specified for backlog. 0 disables multiline matching. +# maxdistance - Max percentage of difference between two lines we'll allow to match. Set to 0 to disable edit-distance matching. +# maxlines - Max lines of backlog to match against. +# maxtime - Maximum period of time a user can set. 0 to allow any. +# size - Maximum number of characters to check for, can be used to truncate messages +# before they are checked, resulting in less CPU usage. Increasing this beyond 512 +# doesn't have any effect, as the maximum length of a message on IRC cannot exceed that. +#<repeat maxbacklog="20" maxlines="20" maxdistance="50" maxtime="0" size="512"> +#<module name="repeat"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Restricted channels module: Allows only opers to create channels. # # You probably *DO NOT* want to load this module on a public network. # -#<module name="m_restrictchans.so"> +#<module name="restrictchans"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Restrict message module: Allows users to only message opers. # # You probably *DO NOT* want to load this module on a public network. # -#<module name="m_restrictmsg.so"> -# -# Uncomment this to allow users to message ulines (e.g. services): -#<restrictmsg uline="yes"> +#<module name="restrictmsg"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # R-Line module: Ban users through regular expression patterns. -#<module name="m_rline.so"> +#<module name="rline"> # #-#-#-#-#-#-#-#-#-#-#-#- RLINE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # @@ -1540,7 +1729,7 @@ # Also, this is where you set what Regular Expression engine is to be # used. If you ever change it while running, all of your R-Lines will # be wiped. This is the regex engine used by all R-Lines set, and -# m_regex_<engine>.so must be loaded, or rline will be non-functional +# regex_<engine> must be loaded, or rline will be non-functional # until you load it or change the engine to one that is loaded. # #<rline matchonnickchange="yes" engine="pcre"> @@ -1554,18 +1743,27 @@ # so that at least \s or [[:space:]] is available. #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# RMODE module: Adds the /RMODE command +# Allows channel mods to remove list modes en masse. +# Syntax: /rmode <channel> <mode> [pattern] +# E.g. '/rmode #Channel b m:*' will remove all mute-extbans on the channel. +#<module name="rmode"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAJOIN module: Adds the /SAJOIN command which forcibly joins a user # to the given channel. # This module is oper-only. # To use, SAJOIN must be in one of your oper class blocks. -#<module name="m_sajoin.so"> +# Opers need the users/sajoin-others priv to be able to /SAJOIN users +# other than themselves. +#<module name="sajoin"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAKICK module: Adds the /SAKICK command which kicks a user from the # given channel. # This module is oper-only. # To use, SAKICK must be in one of your oper class blocks. -#<module name="m_sakick.so"> +#<module name="sakick"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAMODE module: Adds the /SAMODE command which allows server operators @@ -1573,50 +1771,51 @@ # channel priviliges. Also allows changing user modes for any user. # This module is oper-only. # To use, SAMODE must be in one of your oper class blocks. -#<module name="m_samode.so"> +#<module name="samode"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SANICK module: Adds the /SANICK command which allows opers to change # users' nicks. # This module is oper-only. # To use, SANICK must be in one of your oper class blocks. -#<module name="m_sanick.so"> +#<module name="sanick"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAPART module: Adds the /SAPART command which forcibly parts a user # from a channel. # This module is oper-only. # To use, SAPART must be in one of your oper class blocks. -#<module name="m_sapart.so"> +#<module name="sapart"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SAQUIT module: Adds the /SAQUIT command which forcibly quits a user. # This module is oper-only. # To use, SAQUIT must be in one of your oper class blocks. -#<module name="m_saquit.so"> +#<module name="saquit"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SATOPIC module: Adds the /SATOPIC command which allows changing the # topic on a channel without requiring any channel priviliges. # This module is oper-only. # To use, SATOPIC must be in one of your oper class blocks. -#<module name="m_satopic.so"> +#<module name="satopic"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SASL authentication module: Provides support for IRC Authentication -# Layer via AUTHENTICATE. Note: You also need to have m_cap.so loaded +# Layer via AUTHENTICATE. Note: You also need to have cap loaded # for SASL to work. -#<module name="m_sasl.so"> +#<module name="sasl"> # Define the following to your services server name to improve security # by ensuring the SASL messages are only sent to the services server # and not to all connected servers. This prevents a rogue server from -# capturing SASL messages. +# capturing SASL messages and disables the SASL cap when services is +# down. #<sasl target="services.mynetwork.com"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Secure list module: Prevent /LIST in the first minute of connection, # crippling most spambots and trojan spreader bots. -#<module name="m_securelist.so"> +#<module name="securelist"> # #-#-#-#-#-#-#-#-#-# SECURELIST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # @@ -1630,24 +1829,24 @@ # Define the following variable to change how long a user must wait # # before issuing a LIST. If not defined, defaults to 60 seconds. # # # -#<securelist waittime="60"> # +#<securelist waittime="1m"> # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Servprotect module: Provides support for Austhex style +k / # UnrealIRCD +S services mode. -#<module name="m_servprotect.so"> +#<module name="servprotect"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # See nicks module: Adds snomask +n and +N which show local and remote # nick changes. # This module is oper-only. -#<module name="m_seenicks.so"> +#<module name="seenicks"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Set idle module: Adds a command for opers to change their idle time. # This module is oper-only. # To use, SETIDLE must be in one of your oper class blocks. -#<module name="m_setidle.so"> +#<module name="setidle"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Services support module: Adds several usermodes such as +R and +M. @@ -1662,39 +1861,76 @@ # +b R: (stop matching account names from joining) # +b U:n!u@h (blocks matching unregistered users) # -#<module name="m_services_account.so"> +#<module name="services_account"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Sethost module: Adds the /SETHOST command. # This module is oper-only. # To use, SETHOST must be in one of your oper class blocks. -# See m_chghost for how to customise valid chars for hostnames. -#<module name="m_sethost.so"> +# See the chghost module for how to customise valid chars for hostnames. +#<module name="sethost"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Setident module: Adds the /SETIDENT command. # This module is oper-only. # To use, SETIDENT must be in one of your oper class blocks. -#<module name="m_setident.so"> +#<module name="setident"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SETNAME module: Adds the /SETNAME command. -#<module name="m_setname.so"> +#<module name="setname"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Serverban: Implements extended ban 's', which stops anyone connected # to a server matching a mask like +b s:server.mask.here from joining. -#<module name="m_serverban.so"> +#<module name="serverban"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# SHA1 module: Allows other modules to generate SHA1 hashes. +# Required by the WebSocket module. +#<module name="sha1"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# Showfile: Provides support for showing a text file to users when # +# they enter a command. # +# This module adds one command for each <showfile> tag that shows the # +# given file to the user as a series of messages or numerics. # +#<module name="showfile"> # +# # +#-#-#-#-#-#-#-#-#-#-# SHOWFILE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# +# # +# name - The name of the command which displays this file. This is # +# the only mandatory setting, all others are optional. # +# file - The text file to be shown to the user. # +# By default same as the command name. # +# method - How should the file be shown? # +# * numeric: Send contents using a numeric # +# (similar to /MOTD; the default). # +# * notice: Send contents as a series of notices. # +# * msg: Send contents as a series of private messages. # +# # +# When using the method "numeric", the following extra settings are # +# available: # +# # +# introtext - Introductory line, "Showing <name>" by default. # +# intronumeric - Numeric used for the introductory line. # +# numeric - Numeric used for sending the text itself. # +# endtext - Ending line, "End of <name>" by default. # +# endnumeric - Numeric used for the ending line. # +# # +#<showfile name="RULES" +# file="rules.txt" +# introtext="Server rules:" +# endtext="End of server rules."> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Show whois module: Adds the +W usermode which allows opers to see # when they are /WHOIS'd. # This module is oper-only by default. -#<module name="m_showwhois.so"> +#<module name="showwhois"> # # If you wish, you may also let users set this mode. Only opers with the -# users/auspex priv will see real hosts of people, though. This setting -# is not reloadable via /REHASH, changing it requires /RELOADMODULE. +# users/auspex priv will see real hosts of people, though. #<showwhois opersonly="yes" # # You may also set whether or not users should receive whois notices, @@ -1706,7 +1942,7 @@ # executing all except configured commands. # This module is oper-only. # To use, SHUN must be in one of your oper class blocks. -#<module name="m_shun.so"> +#<module name="shun"> # # You may also configure which commands you wish a user to be able to # perform when shunned. It should be noted that if a shunned user @@ -1719,64 +1955,84 @@ #<shun enabledcommands="ADMIN PING PONG QUIT PART JOIN" notifyuser="yes" affectopers="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# SSL channel mode module: Adds support for SSL-only channels via -# channel mode +z and the 'z' extban which matches SSL client -# certificate fingerprints. +# SSL mode module: Adds support for SSL-only channels via the '+z' +# channel mode, SSL-only private messages via the '+z' user mode and +# the 'z:' extban which matches SSL client certificate fingerprints. +# # Does not do anything useful without a working SSL module and the -# m_sslinfo module (see below). -#<module name="m_sslmodes.so"> +# sslinfo module (see below). +#<module name="sslmodes"> +# +# The +z user mode is not enabled by default to enable link compatibility +# with 2.0 servers. You can enable it by uncommenting this: +#<sslmodes enableumode="yes"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# SSL rehash signal module: Allows the SSL modules to be rehashed by +# sending SIGUSR1 to a running InspIRCd process. +# This modules is in extras. Re-run configure with: +# ./configure --enable-extras=m_sslrehashsignal.cpp +# and run make install, then uncomment this module to enable it. +#<module name="sslrehashsignal"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # GnuTLS SSL module: Adds support for SSL connections using GnuTLS, # if enabled. You must answer 'yes' in ./configure when asked or # manually symlink the source for this module from the directory # src/modules/extra, if you want to enable this, or it will not load. -#<module name="m_ssl_gnutls.so"> +#<module name="ssl_gnutls"> # #-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# m_ssl_gnutls.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/ssl_gnutls # +# ssl_gnutls is too complex to describe here, see the wiki: # +# https://wiki.inspircd.org/Modules/3.0/ssl_gnutls # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SSL info module: Allows users to retrieve information about other # users' peer SSL certificates and keys. This can be used by client -# scripts to validate users. For this to work, one of m_ssl_gnutls.so -# or m_ssl_openssl.so must be loaded. This module also adds the +# scripts to validate users. For this to work, one of ssl_gnutls +# or ssl_openssl must be loaded. This module also adds the # "* <user> is using a secure connection" whois line, the ability for -# opers to use SSL fingerprints to verify their identity and the +# opers to use SSL cert fingerprints to verify their identity and the # ability to force opers to use SSL connections in order to oper up. # It is highly recommended to load this module if you use SSL on your # network. # For how to use the oper features, please see the first example <oper> tag # in opers.conf.example. # -#<module name="m_sslinfo.so"> +#<module name="sslinfo"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# mbedTLS SSL module: Adds support for SSL/TLS connections using mbedTLS. +#<module name="ssl_mbedtls"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # OpenSSL SSL module: Adds support for SSL connections using OpenSSL, # if enabled. You must answer 'yes' in ./configure when asked or symlink # the source for this module from the directory src/modules/extra, if # you want to enable this, or it will not load. -#<module name="m_ssl_openssl.so"> +#<module name="ssl_openssl"> # #-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# m_ssl_openssl.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/ssl_openssl # +# ssl_openssl is too complex to describe here, see the wiki: # +# https://wiki.inspircd.org/Modules/3.0/ssl_openssl # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Strip color module: Adds channel mode +S that strips mIRC color -# codes from all messages sent to the channel. -#<module name="m_stripcolor.so"> +# Strip color module: Adds channel mode +S that strips color codes and +# all control codes except CTCP from all messages sent to the channel. +#<module name="stripcolor"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Silence module: Adds support for the /SILENCE command, which allows # users to have a server-side ignore list for their client. -#<module name="m_silence.so"> +#<module name="silence"> # # Set the maximum number of entries allowed on a user's silence list. -#<silence maxentries="32"> +#<silence maxentries="32" +# +# Whether messages from U-lined servers will bypass silence masks. +#exemptuline="yes"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SQLite3 module: Allows other SQL modules to access SQLite3 # @@ -1785,12 +2041,12 @@ # ./configure --enable-extras=m_sqlite3.cpp # and run make install, then uncomment this module to enable it. # # -#<module name="m_sqlite3.so"> +#<module name="sqlite3"> # #-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # -# m_sqlite.so is more complex than described here, see the wiki for # -# more: https://wiki.inspircd.org/Modules/2.0/sqlite3 # +# sqlite is more complex than described here, see the wiki for more # +# info: https://wiki.inspircd.org/Modules/3.0/sqlite3 # # #<database module="sqlite" hostname="/full/path/to/database.db" id="anytext"> @@ -1798,61 +2054,64 @@ # SQL authentication module: Allows IRCd connections to be tied into # a database table (for example a forum). # -#<module name="m_sqlauth.so"> +#<module name="sqlauth"> # #-#-#-#-#-#-#-#-#-#-#- SQLAUTH CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # -# m_sqlauth.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/sqlauth # +# sqlauth is too complex to describe here, see the wiki: # +# https://wiki.inspircd.org/Modules/3.0/sqlauth # #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# SQL oper module: Allows you to store oper credentials in an SQL table +# SQL oper module: Allows you to store oper credentials in an SQL +# table. You can add additional table columns like you would config +# tags in opers.conf. Opers in opers.conf will override opers from +# this module. # -#<module name="m_sqloper.so"> +#<module name="sqloper"> # #-#-#-#-#-#-#-#-#-#-#- SQLOPER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# # # # dbid - Database ID to use (see SQL modules). # -# hash - Hashing provider to use for password hashing. # # # -# See also: https://wiki.inspircd.org/Modules/2.0/sqloper # +# See also: https://wiki.inspircd.org/Modules/3.0/sqloper # # # -#<sqloper dbid="1" hash="md5"> +#<sqloper dbid="1"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# StartTLS module: Implements STARTTLS, which allows clients # +# connected to non SSL enabled ports to enable SSL, if a proper SSL # +# module is loaded (either ssl_gnutls or ssl_openssl). # +#<module name="starttls"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SVSHold module: Implements SVSHOLD. Like Q:Lines, but can only be # # added/removed by Services. # -#<module name="m_svshold.so"> -# If silent is true no snotices will be generated by SVSHOLD. +#<module name="svshold"> +# SVSHOLD does not generate server notices by default, you can turn +# notices on by uncommenting the next line. #<svshold silent="false"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SWHOIS module: Allows you to add arbitrary lines to user WHOIS. # This module is oper-only. # To use, SWHOIS must be in one of your oper class blocks. -#<module name="m_swhois.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Test module: Enable this to create a command useful in testing -# flood control. To avoid accidental use on live networks, the server -# name must contain ".test" to load the module -#<module name="m_testnet.so"> +#<module name="swhois"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Timed bans module: Adds timed channel bans with the /TBAN command. -#<module name="m_timedbans.so"> +#<module name="timedbans"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Test line module: Adds the /TLINE command, used to test how many # users a /GLINE or /ZLINE etc. would match. # This module is oper-only. # To use, TLINE must be in one of your oper class blocks. -#<module name="m_tline.so"> +#<module name="tline"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Topiclock module: implements server-side topic locking to achieve deeper # integration with services packages. -#<module name="m_topiclock.so"> +#<module name="topiclock"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # UHNAMES support module: Adds support for the IRCX style UHNAMES @@ -1860,23 +2119,23 @@ # each user, saving clients from doing a WHO on the channel. # If a client does not support UHNAMES it will not enable it, this will # not break incompatible clients. -#<module name="m_uhnames.so"> +#<module name="uhnames"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Uninvite module: Adds the /UNINVITE command which lets users remove # pending invites from channels without waiting for the user to join. -#<module name="m_uninvite.so"> +#<module name="uninvite"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Userip module: Adds the /USERIP command. # Allows users to query their own IP, also allows opers to query the IP # of anyone else. -#<module name="m_userip.so"> +#<module name="userip"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Vhost module: Adds the VHOST command which allows for adding virtual # hosts which are accessible using a username and password in the config. -#<module name="m_vhost.so"> +#<module name="vhost"> # #-#-#-#-#-#-#-#-#-#-#- VHOST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# # # @@ -1885,32 +2144,39 @@ # pass - Password for the vhost. # # # # hash - The hash for the specific user (optional) # -# m_password_hash.so and a hashing module must be loaded # -# for this to work. # +# password_hash and a hashing module must be loaded for # +# this to work. # # # # host - Vhost to set. # # #<vhost user="some_username" pass="some_password" host="some.host.test.cc"> -#<vhost user="foo" password="fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9" hash="sha256" host="some.other.host.example.com"> +#<vhost user="foo" password="$2a$10$iTuYLT6BRhRlOgzfsW9oPe62etW.oXwSpyKw5rJit64SGZanLXghO" hash="bcrypt" host="some.other.host.example.com"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Watch module: Adds the WATCH command, which is used by clients to # maintain notify lists. -#<module name="m_watch.so"> +#<module name="watch"> # # Set the maximum number of entries on a user's watch list below. #<watch maxentries="32"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# +# WebSocket module: Adds HTML5 WebSocket support. +# Specify hook="websocket" in a <bind> tag to make that port accept +# WebSocket connections. Compatible with SSL/TLS. +# Requires SHA-1 hash support available in the sha1 module. +#<module name="websocket"> + +#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # XLine database: Stores all *Lines (G/Z/K/R/any added by other modules) # in a file which is re-loaded on restart. This is useful # for two reasons: it keeps bans so users may not evade them, and on # bigger networks, server connections will take less time as there will # be a lot less bans to apply - as most of them will already be there. -#<module name="m_xline_db.so"> +#<module name="xline_db"> # Specify the filename for the xline database here. -#<xlinedb filename="data/xline.db"> +#<xlinedb filename="xline.db"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # ____ _ _____ _ _ ____ _ _ _ # @@ -1919,8 +2185,8 @@ # | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| # # |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) # # # -# To link servers to InspIRCd, you MUST load the m_spanningtree # -# module. If you don't do this, server links will NOT work at all. # +# To link servers to InspIRCd, you MUST load the spanningtree module. # +# If you don't do this, server links will NOT work at all. # # This is by design, to allow for the implementation of other linking # # protocols in modules in the future. # @@ -1929,4 +2195,4 @@ # tree protocol (see the READ THIS BIT section above). # You will almost always want to load this. # -#<module name="m_spanningtree.so"> +#<module name="spanningtree"> diff --git a/docs/conf/modules/charybdis.conf.example b/docs/conf/modules/charybdis.conf.example deleted file mode 100644 index 91260c7d3..000000000 --- a/docs/conf/modules/charybdis.conf.example +++ /dev/null @@ -1,302 +0,0 @@ -<module name="m_md5.so"> -<module name="m_sha256.so"> -<module name="m_alias.so"> -<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> -<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> -<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -<alias text="ID" replace="PRIVMSG NickServ :IDENTIFY $2" requires="NickServ" uline="yes"> - -<module name="m_banexception.so"> -<module name="m_banredirect.so"> -<module name="m_blockcolor.so"> -<module name="m_callerid.so"> -<callerid maxaccepts="16" - operoverride="no" - tracknick="no" - cooldown="60"> - -<module name="m_cap.so"> -<module name="m_cban.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# CGI:IRC module: Adds support for automatic host changing in CGI:IRC -# (http://cgiirc.sourceforge.net). -#<module name="m_cgiirc.so"> -# -#-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-# -# -# Optional - If you specify to use m_cgiirc, then you must specify one -# or more cgihost tags which indicate authorised CGI:IRC servers which -# will be connecting to your network, and an optional cgiirc tag. -# For more information see: https://wiki.inspircd.org/Modules/2.0/cgiirc -# -# Set to yes if you want to notice opers when CGI clients connect -# <cgiirc opernotice="no"> -# -# The type field indicates where the module should get the real -# client's IP address from, for further information, please see the -# CGI:IRC documentation. -# -# Old style: -# <cgihost type="pass" mask="www.mysite.com"> # Get IP from PASS -# <cgihost type="ident" mask="otherbox.mysite.com"> # Get IP from ident -# <cgihost type="passfirst" mask="www.mysite.com"> # See the docs -# New style: -# <cgihost type="webirc" password="foobar" -# mask="somebox.mysite.com"> # Get IP from WEBIRC -# -# IMPORTANT NOTE: -# --------------- -# -# When you connect CGI:IRC clients, there are two connect classes which -# apply to these clients. When the client initially connects, the connect -# class which matches the cgi:irc site's host is checked. Therefore you -# must raise the maximum local/global clients for this ip as high as you -# want to allow cgi clients. After the client has connected and is -# determined to be a cgi:irc client, the class which matches the client's -# real IP is then checked. You may set this class to a lower value, so that -# the real IP of the client can still be restricted to, for example, 3 -# sessions maximum. -# - -<module name="m_chancreate.so"> -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Channel names module: Allows disabling channels which have certain -# characters in the channel name such as bold, colorcodes, etc. which -# can be quite annoying and allow users to on occasion have a channel -# that looks like the name of another channel on the network. -<module name="m_channames.so"> - -<channames - # denyrange: characters or range of characters to deny in channel - # names. - denyrange="2" - - # allowrange: characters or range of characters to specifically allow - # in channel names. - allowrange=""> - -<module name="m_channelban.so"> -<module name="m_chghost.so"> -<hostname charmap="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-_/0123456789"> -<module name="m_chgident.so"> -<module name="m_chgname.so"> -<module name="m_cloaking.so"> -# -#-#-#-#-#-#-#-#-#-#-#- CLOAKING CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# -# # -# If you specify the m_cloaking.so module as above, you must define # -# cloak keys, and optionally a cloak prefix as shown below. The cloak # -# keys must be shared across the network for correct cloaking. # -# # -# There are four methods of cloaking: # -# # -# half Cloak only the "unique" portion of a host; show # -# the last 2 parts of the domain, /16 subnet of IPv4 # -# or /48 subnet of the IPv6 address. # -# # -# full Cloak the users completely, using three slices for # -# common CIDR bans (IPv4: /16, /24; IPv6: /48, /64) # -# # -# These methods use a single key that can be any length of text. # -# An optional prefix may be specified to mark cloaked hosts. # -# # -# The following methods are maintained for backwards compatibility; # -# they are slightly less secure, and always hide unresolved IPs # -# # -# compat-host InspIRCd 1.2-compatible host-based cloaking # -# compat-ip InspIRCd 1.2-compatible ip-always cloaking # -# # -# You must specify key1, key2, key3, key4 for the compat cloaking # -# modes; the values must be less than 0x80000000 and should be picked # -# at random. Prefix is mandatory, will default to network name if not # -# specified, and will always have a "-" appended. # -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# -<cloak mode="half" - key="secret" - prefix="net-"> - -<module name="m_close.so"> -<module name="m_conn_umodes.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Connectban: Provides IP connection throttling. Any IP range that connects -# too many times (configurable) in an hour is zlined for a (configurable) -# duration, and their count resets to 0. -# -# ipv4cidr and ipv6cidr allow you to turn the comparison from individual -# IP addresses (32 and 128 bits) into CIDR masks, to allow for throttling -# over whole ISPs/blocks of IPs, which may be needed to prevent attacks. -# -#<connectban threshold="10" duration="10m" ipv4cidr="32" ipv6cidr="128"> -# This allows for 10 connections in an hour with a 10 minute ban if that is exceeded. -# -#<module name="m_connectban.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Connection throttle module. -#<module name="m_connflood.so"> -# -#-#-#-#-#-#-#-#-#-#-#- CONTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# -# seconds, maxconns - Amount of connections per <seconds>. -# -# timeout - Time to wait after the throttle was activated -# before deactivating it. Be aware that the time -# is seconds + timeout. -# -# quitmsg - The message that users get if they attempt to -# connect while the throttle is active. -# -# bootwait - Amount of time to wait before enforcing the -# throttling when the server just booted. -# -#<connflood seconds="30" maxconns="3" timeout="30" -# quitmsg="Throttled" bootwait="10"> - -<module name="m_deaf.so"> -<module name="m_dnsbl.so"> -<module name="m_gecosban.so"> -<module name="m_globalload.so"> -<module name="m_ident.so"> -<ident timeout="1"> -<module name="m_inviteexception.so"> -<module name="m_joinflood.so"> -<module name="m_knock.so"> -<module name="m_namesx.so"> -<module name="m_operchans.so"> -<module name="m_operlog.so"> -<module name="m_opermodes.so"> -<module name="m_password_hash.so"> -<module name="m_permchannels.so"> -<module name="m_muteban.so"> -<module name="m_redirect.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Regular expression provider for glob or wildcard (?/*) matching. -# You must have at least 1 provider loaded to use m_filter or m_rline -# modules. This module has no additional requirements, as it uses the -# matching already present in InspIRCd core. -#<module name="m_regex_glob.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Regular expression provider for PCRE (Perl-Compatible Regular -# Expressions). You need libpcre installed to compile and load this -# module. You must have at least 1 provider loaded to use m_filter or -# m_rline. -#<module name="m_regex_pcre.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Regular expression provider for POSIX regular expressions. -# You shouldn't need any additional libraries on a POSIX-compatible -# system (ie: any Linux, BSD, but not Windows). You must have at least -# 1 provider loaded to use m_filter or m_rline. -# On POSIX-compliant systems, regex syntax can be found by using the -# command: 'man 7 regex'. -#<module name="m_regex_posix.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Registered users only channel creation -# Allows only registered users and opers to create new channels. -# -# You probably *DO NOT* want to load this module on a public network. -# -#<module name="m_regonlycreate.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Ban users through regular expression patterns -#<module name="m_rline.so"> -# -#-#-#-#-#-#-#-#-#-#-#-#- RLINE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-# -# -# If you wish to re-check a user when they change nickname (can be -# useful under some situations, but *can* also use CPU with more users -# on a server) then set the following configuration value: -# Also, this is where you set what Regular Expression engine is to be -# used. If you ever change it while running, all of your R-Lines will be -# wiped. This is the regex engine used by all R-Lines set, and -# m_regex_<engine>.so must be loaded, or rline will be nonfunctional -# until you load it or change the engine to one that is loaded. -# -#<rline matchonnickchange="yes" engine="pcre"> -# -# Generally, you will NOT want to use 'glob' here, as this turns -# rline into just another gline. The exceptions are that rline will -# always use the full nick!user@host realname string, rather than only -# user@host, but beware that only the ? and * wildcards are available, -# and are the only way to specify where the space can occur if you do -# use glob. For this reason, is recommended to use a real regex engine -# so that at least \s or [[:space:]] is available. - -<module name="m_sasl.so"> -<module name="m_servprotect.so"> -<module name="m_services_account.so"> -<module name="m_sethost.so"> -<module name="m_serverban.so"> -<module name="m_showwhois.so"> -<showwhois opersonly="yes" showfromopers="yes"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# SSL channel mode module: Adds support for SSL-only channels via -# channel mode +z and the 'z' extban which matches SSL client -# certificate fingerprints. -# Does not do anything useful without a working SSL module (see below). -#<module name="m_sslmodes.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# GnuTLS SSL module: Adds support for SSL connections using GnuTLS, -# if enabled. You must answer 'yes' in ./configure when asked or -# manually symlink the source for this module from the directory -# src/modules/extra, if you want to enable this, or it will not load. -#<module name="m_ssl_gnutls.so"> -# -#-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# -# # -# m_ssl_gnutls.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/ssl_gnutls # - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# SSL Info module: Allows users to retrieve information about other -# user's peer SSL certificates and keys. This can be used by client -# scripts to validate users. For this to work, one of m_ssl_gnutls.so -# or m_ssl_openssl.so must be loaded. This module also adds the -# "* <user> is using a secure connection" whois line, the ability for -# opers to use SSL fingerprints to verify their identity and the ability -# to force opers to use SSL connections in order to oper up. -# It is highly recommended to load this module especially if -# you use SSL on your network. -# For how to use the oper features, please see the first example <oper> tag -# in opers.conf.example. -# -#<module name="m_sslinfo.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# OpenSSL SSL module: Adds support for SSL connections using OpenSSL, -# if enabled. You must answer 'yes' in ./configure when asked or symlink -# the source for this module from the directory src/modules/extra, if -# you want to enable this, or it will not load. -#<module name="m_ssl_openssl.so"> -# -#-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# -# # -# m_ssl_openssl.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/ssl_openssl # - -<module name="m_stripcolor.so"> -<module name="m_svshold.so"> -<module name="m_tline.so"> -<module name="m_uhnames.so"> -<module name="m_watch.so"> -<watch maxentries="32"> -<module name="m_xline_db.so"> - -<module name="m_spanningtree.so"> diff --git a/docs/conf/modules/unrealircd.conf.example b/docs/conf/modules/unrealircd.conf.example deleted file mode 100644 index 65d713394..000000000 --- a/docs/conf/modules/unrealircd.conf.example +++ /dev/null @@ -1,399 +0,0 @@ -<module name="m_md5.so"> -<module name="m_sha256.so"> -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Alias module: Allows you to define server-side command aliases. -<module name="m_alias.so"> -<fantasy prefix="!" allowbots="no"> -# Aliases -<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> -<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes"> -<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes"> -<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes"> -<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes"> -<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes"> -<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes"> -# -# An example of using the format value to create an alias with two -# different behaviours depending on the format of the parameters. -# -#<alias text="ID" format="#*" replace="PRIVMSG ChanServ :IDENTIFY $2 $3" -# requires="ChanServ" uline="yes"> -# -#<alias text="ID" replace="PRIVMSG NickServ :IDENTIFY $2" -# requires="NickServ" uline="yes"> -# -# This alias fixes a glitch in xchat 2.6.x and above and the way it -# assumes IDENTIFY must be prefixed by a colon (:) character. It should -# be placed ABOVE the default NICKSERV alias (the first example) listed -# above. -# -#<alias text="NICKSERV" format=":IDENTIFY *" replace="PRIVMSG NickServ :IDENTIFY $3-" -# requires="NickServ" uline="yes"> - -<module name="m_allowinvite.so"> -<module name="m_alltime.so"> -<module name="m_auditorium.so"> -<auditorium showops="yes" operoverride="yes"> -<module name="m_banexception.so"> -<module name="m_blockcaps.so"> -<blockcaps percent="50" - minlen="5" - capsmap="ABCDEFGHIJKLMNOPQRSTUVWXYZ! "> -<module name="m_blockcolor.so"> -<module name="m_botmode.so"> -<module name="m_censor.so"> -<include file="inspircd.censor.example"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# CGI:IRC module: Adds support for automatic host changing in CGI:IRC -# (http://cgiirc.sourceforge.net). -#<module name="m_cgiirc.so"> -# -#-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-# -# -# Optional - If you specify to use m_cgiirc, then you must specify one -# or more cgihost tags which indicate authorised CGI:IRC servers which -# will be connecting to your network, and an optional cgiirc tag. -# For more information see: https://wiki.inspircd.org/Modules/2.0/cgiirc -# -# Set to yes if you want to notice opers when CGI clients connect -# <cgiirc opernotice="no"> -# -# The type field indicates where the module should get the real -# client's IP address from, for further information, please see the -# CGI:IRC documentation. -# -# Old style: -# <cgihost type="pass" mask="www.mysite.com"> # Get IP from PASS -# <cgihost type="ident" mask="otherbox.mysite.com"> # Get IP from ident -# <cgihost type="passfirst" mask="www.mysite.com"> # See the docs -# New style: -# <cgihost type="webirc" password="foobar" -# mask="somebox.mysite.com"> # Get IP from WEBIRC -# -# IMPORTANT NOTE: -# --------------- -# -# When you connect CGI:IRC clients, there are two connect classes which -# apply to these clients. When the client initially connects, the connect -# class which matches the cgi:irc site's host is checked. Therefore you -# must raise the maximum local/global clients for this ip as high as you -# want to allow cgi clients. After the client has connected and is -# determined to be a cgi:irc client, the class which matches the client's -# real IP is then checked. You may set this class to a lower value, so that -# the real IP of the client can still be restricted to, for example, 3 -# sessions maximum. -# - -<module name="m_chanfilter.so"> -<chanfilter hidemask="yes"> - -<module name="m_chanprotect.so"> - -<chanprotect - noservices="no" - qprefix="~" - aprefix="&" - deprotectself="yes" - deprotectothers="yes"> - -<module name="m_check.so"> -<module name="m_chghost.so"> -<hostname charmap="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-_/0123456789"> - -<module name="m_chgident.so"> -<module name="m_chgname.so"> -<module name="m_cloaking.so"> -<cloak mode="half" - key="secret" - prefix="net-"> - -<module name="m_close.so"> -<module name="m_clones.so"> -<module name="m_commonchans.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Auto join on connect module: Allows you to force users to join one -# or more channels automatically upon connecting to the server. -#<module name="m_conn_join.so"> -# -#-#-#-#-#-#-#-#-#-#-#-#- CONNJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# -# -# If you have m_conn_join.so loaded, you can configure it using the -# follow values: -# -#<autojoin channel="#one,#two,#three"> - -<module name="m_conn_umodes.so"> -<module name="m_cycle.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Connection throttle module. -#<module name="m_connflood.so"> -# -#-#-#-#-#-#-#-#-#-#-#- CONTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# -# seconds, maxconns - Amount of connections per <seconds>. -# -# timeout - Time to wait after the throttle was activated -# before deactivating it. Be aware that the time -# is seconds + timeout. -# -# quitmsg - The message that users get if they attempt to -# connect while the throttle is active. -# -# bootwait - Amount of time to wait before enforcing the -# throttling when the server just booted. -# -#<connflood seconds="30" maxconns="3" timeout="30" -# quitmsg="Throttled" bootwait="10"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# DCCALLOW module: Adds the /DCCALLOW command. -<module name="m_dccallow.so"> -# -#-#-#-#-#-#-#-#-#-#-#- DCCALLOW CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# -# blockchat - Whether to block DCC CHAT as well as DCC SEND -# length - Default duration of entries in DCCALLOW list -# action - Default action to take if no action is specified -# can be 'block' or 'allow' -# -# File configuration: -# pattern - The glob pattern to match against -# action - Action to take if a user attempts to send a file -# that matches this pattern, can be 'block' or 'allow' -# -#<dccallow blockchat="yes" length="5m" action="block"> -#<banfile pattern="*.exe" action="block"> -#<banfile pattern="*.txt" action="allow"> -# -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# - -<module name="m_deaf.so"> -<module name="m_denychans.so"> -#<badchan name="#gods*" allowopers="yes" reason="Tortoises!"> # -#<badchan name="#heaven" redirect="#hell" reason="Nice try!"> # - -<module name="m_devoice.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Filter module: Provides message filtering, similar to SPAMFILTER. -<module name="m_filter.so"> -# # -# This module depends upon a regex provider such as m_regex_pcre or # -# m_regex_glob to function. You must specify which of these you want # -# m_filter to use via the tag below. # -# # -# Valid engines are: # -# # -# glob - Glob patterns, provided via m_regex_glob. # -# pcre - PCRE regexps, provided via m_regex_pcre, needs libpcre. # -# tre - TRE regexps, provided via m_regex_tre, requires libtre. # -# posix - POSIX regexps, provided via m_regex_posix, not available # -# on Windows, no dependencies on other operating systems. # -# stdlib - stdlib regexps, provided via m_regex_stdlib, see comment # -# at the <module> tag for info on availability. # -# # -<filteropts engine="glob"> -# # -# Your choice of regex engine must match on all servers network-wide. -# -# You may specify specific channels that are exempt from being filtered: -#<exemptfromfilter channel="#blah"> -# -#-#-#-#-#-#-#-#-#-#-#- FILTER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# -# # -# Optional - If you specify to use the m_filter module, then # -# specfiy below the path to the filter.conf file, or define some # -# <filter> tags. # -# # -#<include file="filter.conf"> - -<module name="m_gecosban.so"> -<module name="m_globops.so"> -<module name="m_globalload.so"> -<module name="m_halfop.so"> -<module name="m_helpop.so"> -<include file="inspircd.helpop-full.example"> - -<module name="m_hidechans.so"> -<hidechans affectsopers="false"> - -<module name="m_hideoper.so"> -<module name="m_ident.so"> -<ident timeout="1"> -<module name="m_inviteexception.so"> -<module name="m_joinflood.so"> -<module name="m_jumpserver.so"> -<module name="m_knock.so"> -<module name="m_messageflood.so"> -<module name="m_namesx.so"> -<module name="m_nickflood.so"> -<module name="m_noctcp.so"> -<module name="m_nokicks.so"> -<module name="m_nonicks.so"> -<module name="m_nopartmsg.so"> -<module name="m_nonotice.so"> -<module name="m_operchans.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Oper join module: Auto-joins opers to a channel upon oper-up. -# This module is oper-only. For the user equivalent, see m_conn_join. -<module name="m_operjoin.so"> -# -#-#-#-#-#-#-#-#-#-#-# OPERJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# -# # -# If you are using the m_operjoin.so module, specify options here: # -# # -# channel - The channel name to join, can also be a comma # -# separated list eg. "#channel1,#channel2". # -# # -# override - Lets the oper join walking thru any modes that # -# might be set, even bans. Use "yes" or "no". # -# # -#<operjoin channel="#channel" override="no"> -# -# Alternatively you can use the autojoin="channellist" in a <type> # -# tag to set specific autojoins for a type of oper, for example: # -# -#<type name="Helper" autojoin="#help" classes="..."> - -<module name="m_operlog.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Oper MOTD module: Provides support for separate message of the day -# on oper-up. -# This module is oper-only. -#<module name="m_opermotd.so"> -# -#-#-#-#-#-#-#-#-#-#-# OPERMOTD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# -# # -# If you are using the m_opermotd.so module, specify the motd here # -# # -# onoper - If on, the message is sent on /OPER, otherwise it's # -# only sent when /OPERMOTD is used. # -# # -#<opermotd file="oper.motd" onoper="yes"> - -<module name="m_override.so"> -#-#-#-#-#-#-#-#-#-#-# OVERRIDE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# -# # -# m_override.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/override # - -<module name="m_operlevels.so"> -<module name="m_opermodes.so"> -<module name="m_password_hash.so"> -<module name="m_muteban.so"> - -<module name="m_redirect.so"> -<module name="m_regex_glob.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Regular expression provider for PCRE (Perl-Compatible Regular -# Expressions). You need libpcre installed to compile and load this -# module. You must have at least 1 provider loaded to use m_filter or -# m_rline. -#<module name="m_regex_pcre.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Regular expression provider for POSIX Regular Expressions. -# You shouldn't need any additional libraries on a POSIX-compatible -# system (ie: any Linux, BSD, but not Windows). You must have at least -# 1 provider loaded to use m_filter or m_rline. -# On POSIX-compliant systems, regex syntax can be found by using the -# command: 'man 7 regex'. -#<module name="m_regex_posix.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Regular expression provider for TRE Regular Expressions. -# This is the same regular expression engine used by UnrealIRCd, so -# if you are most familiar with the syntax of /spamfilter from there, -# this is the provider you want. You need libtre installed in order -# to compile and load this module. -#<module name="m_regex_tre.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Registered users only channel creation module. If enabled, only -# registered users and opers can create new channels. -# -# You probably *DO NOT* want to load this module on a public network. -# -#<module name="m_regonlycreate.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Restricted channels module: Allows only opers to create channels. -# -# You probably *DO NOT* want to load this module on a public network. -# -#<module name="m_restrictchans.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# Restrict message module: Allows users to only message opers. -# -# You probably *DO NOT* want to load this module on a public network. -# -#<module name="m_restrictmsg.so"> - -<module name="m_sajoin.so"> -<module name="m_sakick.so"> -<module name="m_samode.so"> -<module name="m_sanick.so"> -<module name="m_sapart.so"> -<module name="m_saquit.so"> -<module name="m_satopic.so"> -<module name="m_servprotect.so"> -<module name="m_seenicks.so"> -<module name="m_setidle.so"> -<module name="m_services_account.so"> -<module name="m_sethost.so"> -<module name="m_setident.so"> -<module name="m_setname.so"> -<module name="m_showwhois.so"> -<showwhois opersonly="yes" showfromopers="yes"> - -<module name="m_shun.so"> -<shun enabledcommands="PING PONG QUIT PART JOIN" notifyuser="no" affectopers="no"> - -<module name="m_sslmodes.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# GnuTLS SSL module: Adds support for SSL connections using GnuTLS, -# if enabled. You must answer 'yes' in ./configure when asked or symlink -# the source for this module from the directory src/modules/extra, if -# you want to enable this, or it will not load. -#<module name="m_ssl_gnutls.so"> -# -#-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# -# # -# m_ssl_gnutls.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/ssl_gnutls # - -<module name="m_sslinfo.so"> - -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# -# OpenSSL SSL module: Adds support for SSL connections using OpenSSL, -# if enabled. You must answer 'yes' in ./configure when asked or symlink -# the source for this module from the directory src/modules/extra, if -# you want to enable this, or it will not load. -#<module name="m_ssl_openssl.so"> -# -#-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-# -# # -# m_ssl_openssl.so is too complex to describe here, see the wiki: # -# https://wiki.inspircd.org/Modules/2.0/ssl_openssl # - -<module name="m_stripcolor.so"> -<module name="m_svshold.so"> -<module name="m_swhois.so"> -<module name="m_tline.so"> -<module name="m_uhnames.so"> -<module name="m_userip.so"> -<module name="m_watch.so"> -<watch maxentries="32"> - -<module name="m_spanningtree.so"> diff --git a/docs/conf/opers.conf.example b/docs/conf/opers.conf.example index 75b54faf0..c388230b4 100644 --- a/docs/conf/opers.conf.example +++ b/docs/conf/opers.conf.example @@ -21,17 +21,20 @@ # VIEWING: # - channels/auspex: allows opers with this priv to see more detail about channels than normal users. # - users/auspex: allows opers with this priv to view more details about users than normal users, e.g. real host and IP. + # - users/channel-spy: allows opers with this priv to view the private/secret channels that a user is on. # - servers/auspex: allows opers with this priv to see more detail about server information than normal users. # ACTIONS: # - users/mass-message: allows opers with this priv to PRIVMSG and NOTICE to a server mask (e.g. NOTICE $*) - # - channels/high-join-limit: allows opers with this priv to join <channels:opers> total channels instead of <channels:users> total channels. + # - users/samode-usermodes: allows opers with this priv to change the user modes of any other user using /SAMODE # PERMISSIONS: + #. - channels/ignore-nonicks: allows opers with this priv to change their nick when on a +N channel. # - users/flood/no-fakelag: prevents opers from being penalized with fake lag for flooding (*NOTE) # - users/flood/no-throttle: allows opers with this priv to send commands without being throttled (*NOTE) # - users/flood/increased-buffers: allows opers with this priv to send and receive data without worrying about being disconnected for exceeding limits (*NOTE) + #. - users/callerid-override: allows opers with this priv to message people using callerid without being on their callerid list. # # *NOTE: These privs are potentially dangerous, as they grant users with them the ability to hammer your server's CPU/RAM as much as they want, essentially. - privs="users/auspex channels/auspex servers/auspex users/mass-message channels/high-join-limit users/flood/no-throttle users/flood/increased-buffers" + privs="users/auspex channels/auspex servers/auspex users/mass-message users/flood/no-throttle users/flood/increased-buffers" # usermodes: Oper-only usermodes that opers with this class can use. usermodes="*" @@ -55,8 +58,6 @@ <type # name: Name of type. Used in actual server operator accounts below. - # Cannot contain spaces. If you would like a space, use - # the _ character instead and it will translate to a space on whois. name="NetAdmin" # classes: Classes (blocks above) that this type belongs to. @@ -65,9 +66,12 @@ # vhost: Host opers of this type get when they log in (oper up). This is optional. vhost="netadmin.omega.example.org" + # maxchans: Maximum number of channels opers of this type can be in at once. + maxchans="60" + # modes: User modes besides +o that are set on an oper of this type # when they oper up. Used for snomasks and other things. - # Requires that m_opermodes.so be loaded. + # Requires the opermodes module be loaded. modes="+s +cCqQ"> <type name="GlobalOp" classes="SACommands OperChat BanControl HostCloak ServerLink" vhost="ircop.omega.example.org"> @@ -96,26 +100,26 @@ host="attila@inspircd.org *@2001:db8::/32" # ** ADVANCED ** This option is disabled by default. - # fingerprint: When using the m_sslinfo module, you may specify + # fingerprint: When using the sslinfo module, you may specify # a key fingerprint here. This can be obtained by using the /sslinfo # command while the module is loaded, and is also noticed on connect. # This enhances security by verifying that the person opering up has # a matching SSL client certificate, which is very difficult to # forge (impossible unless preimage attacks on the hash exist). - # If m_sslinfo isn't loaded, this option will be ignored. + # If the sslinfo module isn't loaded, this option will be ignored. #fingerprint="67cb9dc013248a829bb2171ed11becd4" - # autologin: If an SSL fingerprint for this oper is specified, you can - # have the oper block automatically log in. This moves all security of the - # oper block to the protection of the client certificate, so be sure that - # the private key is well-protected! Requires m_sslinfo. + # autologin: If an SSL certificate fingerprint for this oper is specified, + # you can have the oper block automatically log in. This moves all security + # of the oper block to the protection of the client certificate, so be sure + # that the private key is well-protected! Requires the sslinfo module. #autologin="on" # sslonly: If on, this oper can only oper up if they're using a SSL connection. # Setting this option adds a decent bit of security. Highly recommended # if the oper is on wifi, or specifically, unsecured wifi. Note that it # is redundant to specify this option if you specify a fingerprint. - # This setting only takes effect if m_sslinfo is loaded. + # This setting only takes effect if the sslinfo module is loaded. #sslonly="yes" # vhost: Overrides the vhost in the type block. Class and modes may also @@ -140,18 +144,18 @@ # Remember: This is case sensitive. name="Adam" - # hash: What hash this password is hashed with. - # Requires the module for selected hash (m_md5.so, m_sha256.so - # or m_ripemd160.so) be loaded and the password hashing module - # (m_password_hash.so) loaded. - # Options here are: "md5", "sha256" and "ripemd160", or one of - # these prefixed with "hmac-", e.g.: "hmac-sha256". + # hash: the hash function this password is hashed with. Requires the + # module for the selected function (bcrypt, md5, sha1, or sha256) and + # the password hashing module (password_hash) to be loaded. + # + # You may also use any of the above other than bcrypt prefixed with + # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module). # Create hashed passwords with: /mkpasswd <hash> <password> - hash="hmac-sha256" + hash="bcrypt" # password: A hash of the password (see above option) hashed - # with /mkpasswd <hash> <password>. See m_password_hash in modules.conf - # for more information about password hashing. + # with /mkpasswd <hash> <password>. See the password_hash module + # in modules.conf for more information about password hashing. password="qQmv3LcF$Qh63wzmtUqWp9OXnLwe7yv1GcBwHpq59k2a0UrY8xe0" # host: What hostnames and IPs are allowed to use this operator account. diff --git a/docs/conf/rules.txt.example b/docs/conf/rules.txt.example deleted file mode 100644 index 1a4b99a70..000000000 --- a/docs/conf/rules.txt.example +++ /dev/null @@ -1,3 +0,0 @@ -This is the InspIRCd rules file. - -Place any network or server rules here :) diff --git a/docs/conf/services/anope.conf.example b/docs/conf/services/anope.conf.example new file mode 100644 index 000000000..603bb538d --- /dev/null +++ b/docs/conf/services/anope.conf.example @@ -0,0 +1,9 @@ +# This file contains aliases and nickname reservations which are used +# by Anope. See https://www.anope.org/ for more information on Anope. + +# This file inherits from the generic config to avoid repetition. +<include file="examples/services/generic.conf.example"> + +# /GLOBAL <message> +# Sends a global notice. +<alias text="GLOBAL" format="*" replace="PRIVMSG $requirement :GLOBAL $2-" requires="Global" uline="yes" operonly="yes"> diff --git a/docs/conf/services/atheme.conf.example b/docs/conf/services/atheme.conf.example new file mode 100644 index 000000000..037087998 --- /dev/null +++ b/docs/conf/services/atheme.conf.example @@ -0,0 +1,52 @@ +# This file contains aliases and nickname reservations which are used +# by Atheme. See http://atheme.net for more information on Atheme. + +# This file inherits from the generic config to avoid repetition. +<include file="examples/services/generic.conf.example"> + +# Long hand aliases for services pseudoclients. +<alias text="ALIS" replace="PRIVMSG $requirement :$2-" requires="ALIS" uline="yes"> +<alias text="CHANFIX" replace="PRIVMSG $requirement :$2-" requires="ChanFix" uline="yes"> +<alias text="GAMESERV" replace="PRIVMSG $requirement :$2-" requires="GameServ" uline="yes"> +<alias text="GLOBAL" replace="PRIVMSG $requirement :$2-" requires="Global" uline="yes" operonly="yes"> +<alias text="GROUPSERV" replace="PRIVMSG $requirement :$2-" requires="GroupServ" uline="yes"> +<alias text="HELPSERV" replace="PRIVMSG $requirement :$2-" requires="HelpServ" uline="yes"> +<alias text="INFOSERV" replace="PRIVMSG $requirement :$2-" requires="InfoServ" uline="yes"> +<alias text="PROXYSCAN" replace="PRIVMSG $requirement :$2-" requires="Proxyscan" uline="yes" operonly="yes"> +<alias text="RPGSERV" replace="PRIVMSG $requirement :$2-" requires="RPGServ" uline="yes"> + +# Short hand aliases for services pseudoclients. +<alias text="CF" replace="PRIVMSG $requirement :$2-" requires="ChanFix" uline="yes"> +<alias text="GL" replace="PRIVMSG $requirement :$2-" requires="Global" uline="yes" operonly="yes"> +<alias text="GS" replace="PRIVMSG $requirement :$2-" requires="GroupServ" uline="yes"> +<alias text="IS" replace="PRIVMSG $requirement :$2-" requires="InfoServ" uline="yes"> +<alias text="LS" replace="PRIVMSG $requirement :$2-" requires="ALIS" uline="yes"> +<alias text="PS" replace="PRIVMSG $requirement :$2-" requires="Proxyscan" uline="yes" operonly="yes"> +<alias text="RS" replace="PRIVMSG $requirement :$2-" requires="RPGServ" uline="yes"> + +# These short hand aliases conflict with other pseudoclients. You can enable +# them but you will need to comment out the uncommented ones above first, +#<alias text="GS" replace="PRIVMSG $requirement :$2-" requires="GameServ" uline="yes"> +#<alias text="HS" replace="PRIVMSG $requirement :$2-" requires="HelpServ" uline="yes"> + +# Prevent clients from using the nicknames of services pseudoclients. +<badnick nick="ALIS" reason="Reserved for a network service"> +<badnick nick="ChanFix" reason="Reserved for a network service"> +<badnick nick="GameServ" reason="Reserved for a network service"> +<badnick nick="GroupServ" reason="Reserved for a network service"> +<badnick nick="HelpServ" reason="Reserved for a network service"> +<badnick nick="InfoServ" reason="Reserved for a network service"> +<badnick nick="Proxyscan" reason="Reserved for a network service"> +<badnick nick="RPGServ" reason="Reserved for a network service"> +<badnick nick="SaslServ" reason="Reserved for a network service"> + +# Exempt services pseudoclients from filters. +<exemptfromfilter target="ALIS"> +<exemptfromfilter target="ChanFix"> +<exemptfromfilter target="GameServ"> +<exemptfromfilter target="GroupServ"> +<exemptfromfilter target="HelpServ"> +<exemptfromfilter target="InfoServ"> +<exemptfromfilter target="Proxyscan"> +<exemptfromfilter target="RPGServ"> +<exemptfromfilter target="SaslServ"> diff --git a/docs/conf/services/generic.conf.example b/docs/conf/services/generic.conf.example new file mode 100644 index 000000000..93b89ea0c --- /dev/null +++ b/docs/conf/services/generic.conf.example @@ -0,0 +1,47 @@ +# This file contains aliases and nickname reservations which are used +# by all common services implementations. + +<module name="alias"> + +# Long hand aliases for services pseudoclients. +<alias text="BOTSERV" replace="PRIVMSG $requirement :$2-" requires="BotServ" uline="yes"> +<alias text="CHANSERV" replace="PRIVMSG $requirement :$2-" requires="ChanServ" uline="yes"> +<alias text="HOSTSERV" replace="PRIVMSG $requirement :$2-" requires="HostServ" uline="yes"> +<alias text="MEMOSERV" replace="PRIVMSG $requirement :$2-" requires="MemoServ" uline="yes"> +<alias text="NICKSERV" replace="PRIVMSG $requirement :$2-" requires="NickServ" uline="yes"> +<alias text="OPERSERV" replace="PRIVMSG $requirement :$2-" requires="OperServ" uline="yes" operonly="yes"> +<alias text="STATSERV" replace="PRIVMSG $requirement :$2-" requires="StatServ" uline="yes"> + +# Short hand aliases for services pseudoclients. +<alias text="BS" replace="PRIVMSG $requirement :$2-" requires="BotServ" uline="yes"> +<alias text="CS" replace="PRIVMSG $requirement :$2-" requires="ChanServ" uline="yes"> +<alias text="HS" replace="PRIVMSG $requirement :$2-" requires="HostServ" uline="yes"> +<alias text="MS" replace="PRIVMSG $requirement :$2-" requires="MemoServ" uline="yes"> +<alias text="NS" replace="PRIVMSG $requirement :$2-" requires="NickServ" uline="yes"> +<alias text="OS" replace="PRIVMSG $requirement :$2-" requires="OperServ" uline="yes" operonly="yes"> +<alias text="SS" replace="PRIVMSG $requirement :$2-" requires="StatServ" uline="yes"> + +# /ID [account] <password> +# Identifies to a services account. +<alias text="ID" format="*" replace="PRIVMSG $requirement :IDENTIFY $2-" requires="NickServ" uline="yes"> +<alias text="IDENTIFY" format="*" replace="PRIVMSG $requirement :IDENTIFY $2-" requires="NickServ" uline="yes"> + +# Prevent clients from using the nicknames of services pseudoclients. +<badnick nick="BotServ" reason="Reserved for a network service"> +<badnick nick="ChanServ" reason="Reserved for a network service"> +<badnick nick="Global" reason="Reserved for a network service"> +<badnick nick="HostServ" reason="Reserved for a network service"> +<badnick nick="MemoServ" reason="Reserved for a network service"> +<badnick nick="NickServ" reason="Reserved for a network service"> +<badnick nick="OperServ" reason="Reserved for a network service"> +<badnick nick="StatServ" reason="Reserved for a network service"> + +# Exempt services pseudoclients from filters. +<exemptfromfilter target="BotServ"> +<exemptfromfilter target="ChanServ"> +<exemptfromfilter target="Global"> +<exemptfromfilter target="HostServ"> +<exemptfromfilter target="MemoServ"> +<exemptfromfilter target="NickServ"> +<exemptfromfilter target="OperServ"> +<exemptfromfilter target="StatServ"> |