summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/Doxyfile8
-rw-r--r--docs/conf/aliases/anope.conf.example20
-rw-r--r--docs/conf/aliases/atheme.conf.example25
-rw-r--r--docs/conf/censor.conf.example2
-rw-r--r--docs/conf/filter.conf.example27
-rw-r--r--docs/conf/helpop-full.conf.example187
-rw-r--r--docs/conf/helpop.conf.example33
-rw-r--r--docs/conf/inspircd.conf.example408
-rw-r--r--docs/conf/links.conf.example36
-rw-r--r--docs/conf/modules.conf.example1272
-rw-r--r--docs/conf/modules/charybdis.conf.example302
-rw-r--r--docs/conf/modules/unrealircd.conf.example399
-rw-r--r--docs/conf/opers.conf.example50
-rw-r--r--docs/conf/rules.txt.example3
-rw-r--r--docs/conf/services/anope.conf.example9
-rw-r--r--docs/conf/services/atheme.conf.example52
-rw-r--r--docs/conf/services/generic.conf.example47
-rw-r--r--docs/rfc/rfc1035.txt3077
-rw-r--r--docs/rfc/rfc1413.txt451
-rw-r--r--docs/rfc/rfc1459.txt3643
-rw-r--r--docs/sql/sqloper.mysql.sql12
-rw-r--r--docs/sql/sqloper.pgsql.sql13
-rw-r--r--docs/sql/sqloper.sqlite3.sql10
23 files changed, 1329 insertions, 8757 deletions
diff --git a/docs/Doxyfile b/docs/Doxyfile
index 807020af5..f835ab996 100644
--- a/docs/Doxyfile
+++ b/docs/Doxyfile
@@ -1,6 +1,6 @@
DOXYFILE_ENCODING = UTF-8
PROJECT_NAME = InspIRCd
-PROJECT_NUMBER = 2.0
+PROJECT_NUMBER = 3.0
PROJECT_BRIEF =
PROJECT_LOGO =
OUTPUT_DIRECTORY = docs/doxygen
@@ -93,8 +93,7 @@ EXCLUDE =
EXCLUDE_SYMLINKS = YES
EXCLUDE_PATTERNS = */.git/* \
*/doxygen/* \
- */commands/* \
- */modes/* \
+ */coremods/* \
*/modules/*
EXCLUDE_SYMBOLS =
EXAMPLE_PATH =
@@ -219,7 +218,8 @@ EXPAND_ONLY_PREDEF = NO
SEARCH_INCLUDES = YES
INCLUDE_PATH =
INCLUDE_FILE_PATTERNS =
-PREDEFINED =
+PREDEFINED = CoreExport=/**/ \
+ INSPIRCD_INTRUSIVE_LIST_NAME=intrusive_list
EXPAND_AS_DEFINED =
SKIP_FUNCTION_MACROS = YES
TAGFILES =
diff --git a/docs/conf/aliases/anope.conf.example b/docs/conf/aliases/anope.conf.example
deleted file mode 100644
index 4d1441473..000000000
--- a/docs/conf/aliases/anope.conf.example
+++ /dev/null
@@ -1,20 +0,0 @@
-# Aliases for nickserv, chanserv, operserv, memoserv, hostserv, botserv
-<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-
-# Shorthand aliases for nickserv, chanserv, operserv, memoserv, hostserv, botserv
-<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-
-# /id [account] <password>
-# Identify for a nickname
-<alias text="ID" format="*" replace="PRIVMSG NickServ :IDENTIFY $2-" requires="NickServ" uline="yes">
-<alias text="IDENTIFY" format="*" replace="PRIVMSG NickServ :IDENTIFY $2-" requires="NickServ" uline="yes">
diff --git a/docs/conf/aliases/atheme.conf.example b/docs/conf/aliases/atheme.conf.example
deleted file mode 100644
index 7a0bc015a..000000000
--- a/docs/conf/aliases/atheme.conf.example
+++ /dev/null
@@ -1,25 +0,0 @@
-# Aliases for nickserv, chanserv, operserv, memoserv
-<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-<alias text="GAMESERV" replace="PRIVMSG GameServ :$2-" requires="GameServ" uline="yes">
-<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-<alias text="ALIS" replace="PRIVMSG ALIS :$2-" requires="ALIS" uline="yes">
-
-# Shorthand aliases for nickserv, chanserv, operserv, memoserv
-<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-<alias text="GS" replace="PRIVMSG GameServ :$2-" requires="GameServ" uline="yes">
-<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-<alias text="LS" replace="PRIVMSG ALIS :$2-" requires="ALIS" uline="yes">
-
-# /id [channel] <password>
-# Identify for a channel or nickname
-<alias text="ID" format="#*" replace="PRIVMSG ChanServ :IDENTIFY $2 $3" requires="ChanServ" uline="yes">
-<alias text="ID" format="*" replace="PRIVMSG NickServ :IDENTIFY $2-" requires="NickServ" uline="yes">
-
diff --git a/docs/conf/censor.conf.example b/docs/conf/censor.conf.example
index ea9e08147..23924d14b 100644
--- a/docs/conf/censor.conf.example
+++ b/docs/conf/censor.conf.example
@@ -1,4 +1,4 @@
-# Configuration file for m_censor.so
+# Configuration file for the censor module
# The tags for this module are formatted as follows:
#
diff --git a/docs/conf/filter.conf.example b/docs/conf/filter.conf.example
index 45e5d2853..ea62efd1f 100644
--- a/docs/conf/filter.conf.example
+++ b/docs/conf/filter.conf.example
@@ -1,4 +1,4 @@
-# Configuration file for m_filter.so
+# Configuration file for the filter module
# The tags for this module are formatted as follows:
#
@@ -6,7 +6,7 @@
# reason="reason for filtering"
# action="action to take"
# flags="filter flags"
-# duration="optional length of gline">
+# duration="optional length of gline">
#
# Valid actions for 'action' are:
#
@@ -40,21 +40,26 @@
# c: Strip color codes from text before trying to match
# *: Represents all of the above flags
# -: Does nothing, a no-op for when you do not want to specify any flags
-#
-# IMPORTANT NOTE: Because the InspIRCd config reader places special meaning on the
-# '\' character, you must use '\\' if you wish to specify a '\' character in a regular
-# expression. For example, to indicate numbers, use \\d and not \d. This does not
-# apply when adding a regular expression over irc with the /FILTER command.
-# Example filters for m_filter:
+# Example filters:
#
# <keyword pattern="*qwerty*" reason="You qwertied!" action="block" flags="pn">
# <keyword pattern="*killmenow*" reason="As you request." action="kill" flags="*">
# <keyword pattern="*blah*" reason="Dont blah!" action="gline" duration="1d6h" flags="-">
-# An example regexp filter for m_filter_pcre:
+# An example regexp filter:
#
# <keyword pattern="^blah.*?$" reason="Dont blah!" action="gline" duration="1d6h" flags="pnPq">
-# An example of excluding a channel from filtering:
-# <exemptfromfilter channel="#help">
+# You may specify specific channels that are exempt from being filtered:
+#<exemptfromfilter target="#opers">
+#<exemptfromfilter target="#help">
+
+# You can also exempt messages from being filtered if they are sent to
+# specific nicks.
+# Example that exempts all messages sent *to* NickServ:
+#<exemptfromfilter target="NickServ">
+
+# Note that messages *from* services are never subject to filtering;
+# <exemptfromfilter> tags are only for exempting messages sent *to* the
+# configured targets.
diff --git a/docs/conf/helpop-full.conf.example b/docs/conf/helpop-full.conf.example
index 959f2249d..17e9ee37d 100644
--- a/docs/conf/helpop-full.conf.example
+++ b/docs/conf/helpop-full.conf.example
@@ -30,20 +30,18 @@ you searched for. Please try again.">
-------------
PRIVMSG NOTICE NICK JOIN PART
-CYCLE KNOCK MODE DEVOICE TOPIC
+CYCLE KNOCK MODE OPER TOPIC
KICK FPART REMOVE TBAN INVITE
UNINVITE AWAY DCCALLOW SILENCE ACCEPT
MKPASSWD VHOST TITLE SETNAME
WHOIS WHOWAS ISON USERHOST WATCH
-LIST NAMES WHO MOTD RULES
+LIST NAMES WHO MOTD
ADMIN MAP LINKS LUSERS TIME
STATS VERSION INFO MODULES COMMANDS
SSLINFO
-USER PASS PING PONG QUIT
-
-OPER">
+USER PASS PING PONG QUIT">
<helpop key="sslinfo" value="/SSLINFO <nick>
@@ -104,22 +102,21 @@ This command accepts multiple nicks like so:
Authenticate for a vhost using the specified username and password.">
-<helpop key="remove" value="/REMOVE <nick> <channel> [<reason>]
+<helpop key="remove" value="/REMOVE <channel> <nick> [<reason>]
Removes a user from a channel you specify. You must be at least a
channel halfoperator to remove a user. A removed user will part with
a message stating they were removed from the channel and by whom.">
-<helpop key="fpart" value="/FPART <channel> <nick> [<reason>]
+<helpop key="rmode" value="/RMODE [channel] [modeletter] {[pattern]}
-This behaves identically to /REMOVE, the only difference is that the
-<channel> and <nick> parameters are switched around to match /KICK's
-syntax. Also, /REMOVE is a built-in mIRC command which caused trouble
-for some users.">
+Removes listmodes from a channel.
+E.g. /RMODE #Chan b m:* will remove all mute extbans.">
-<helpop key="devoice" value="/DEVOICE <channel>
+<helpop key="fpart" value="/FPART <channel> <nick> [<reason>]
-Devoices yourself on the specified channel.">
+This behaves identically to /REMOVE. /REMOVE is a built-in mIRC command
+which caused trouble for some users.">
<helpop key="silence" value="/SILENCE - Shows a list of silenced masks
/SILENCE +<mask> [<flags>] - Add a mask
@@ -150,10 +147,10 @@ everything from people with a host matching *.foo.net, you would do
Sends a notice to a channel indicating you wish to join.">
-<helpop key="user" value="/USER <ident> <local host> <remote host> :<GECOS>
+<helpop key="user" value="/USER <ident> <local host> <remote host> :<real name>
This command is used by your client to register your
-IRC session, providing your ident and GECOS to the
+IRC session, providing your ident and real name to the
server.
You should not use it during an established connection.">
@@ -229,33 +226,47 @@ given in the command and either the channel is not +t, or
you are at least a halfoperator, the channel topic will be
changed to the new one you provide.">
-<helpop key="who" value="/WHO <pattern> [afhilMmoprt]
+<helpop key="who" value="/WHO <pattern> [<flags>][%[<fields>[,<querytype>]]] <pattern>
-Looks up the information of users matching the range you provide.
+Looks up information about users matching the provided pattern. You can specify
+a flag specific pattern, a channel name, user hostname, a user server name, a
+user real name, or a user nickname. Matching users will only be included in the
+WHO response if:
-You may only /WHO nicknames in channels or on servers where you
-share a common channel with them, or ones which are not +i (unless
-you are a server operator). The search pattern may be a special
-sequence of characters determined by the flags given below, or
-it may be one of a nickname, a channel, a hostmask, an IP address
-mask or a server mask.
+ 1) The specified pattern is an exact channel name that does not have the
+ private or secret channel modes set and the user does not have the invisible
+ user mode set.
+ 2) The specified pattern is an exact nickname.
+ 3) You share one or more common channels with the user.
+ 4) The user does not have the invisible user mode set.
+ 5) You are a server operator with the users/auspex privilege.
+
+If you specify any fields the response returned will be a WHOX response rather
+than a RFC 1459 WHO response.
Valid WHO Flags
---------------
The following flags use <pattern> to match against the specified user data:
- a Show users who have an away message matching <pattern>.
- i Show users who have an ident (username) matching <pattern>.
- M Show users who have metadata attached to them with a key name matching
- <pattern> (server operators only).
+ A Show users who have an away message matching <pattern>.
+ a Show users who have an account name matching <pattern>.
+ h Show users who have a hostname matching <pattern>. If the 'x' modifier
+ is specified then this will match against the real hostname instead of
+ the display hostname.
+ i Show users who have an IP address matching <pattern>.
m Show users who have the modes listed in <pattern>. The pattern
should be in the same format as a mode change e.g. +ow-i (server
operators only).
+ n Show users who have a nickname matching <pattern>.
p Show users who are connected to a port in the <pattern> range (server
operators only).
r Show users who have a real name matching <pattern>.
+ s Show users who are on a server with a name matching <pattern>. If the 'x'
+ modifier is specified then this will match against the real server name
+ instead of the masked server name.
t Show users who have connected in the last <pattern> seconds.
+ u Show users who have an ident (username) matching <pattern>.
The following flags filter users by their status:
@@ -265,11 +276,34 @@ The following flags filter users by their status:
The following flags modify the command output:
- h Show real hostnames rather than display hostnames (server operators
- only).
+ x Show sensitive data like real user hostnames and, when hideserver is
+ enabled, real server hostnames.
You may combine one flag from the first group and multiple from the others in
-one WHO command.">
+one WHO command.
+
+Valid WHO Fields
+----------------
+
+ a Include the user's account name in the response.
+ c Include the first common channel name in the response.
+ d Include the user's server distance from you in the response.
+ f Include the user's away status, oper status, and highest channel prefix
+ in the response.
+ h Include the user's hostname in the response. If the 'x' flag was
+ specified then this is the real host rather than the display host.
+ i Include the user's IP address in the response.
+ l Include the user's idle time in the response.
+ n Include the user's nickname in the response.
+ o Include the user's channel operator rank level in the response.
+ r Include the user's real name in the response.
+ s Include the user's server name in the response. If the 'x' flag was
+ specified then this is the real server name rather than the masked server
+ name.
+ t Include the query type in the response.
+ u Include the user's ident in the response.
+
+">
<helpop key="motd" value="/MOTD [<server>]
@@ -277,11 +311,6 @@ Show the message of the day for <server>. Messages of the day often
contain important server rules and notices and should be read prior
to using a server.">
-<helpop key="rules" value="/RULES
-
-Show the rules file for the local server. This is similar in effect to
-except that these are not sent automatically on connect.">
-
<helpop key="oper" value="/OPER <login> <password>
Attempts to authenticate a user as an IRC operator.
@@ -392,12 +421,12 @@ SAJOIN SAPART SAMODE SATOPIC SAKICK
KILL SAQUIT GLINE ZLINE QLINE
KLINE RLINE ELINE CBAN SHUN
-FILTER OJOIN
+FILTER OJOIN CLEARCHAN
CONNECT SQUIT RCONNECT RSQUIT
DIE RESTART REHASH
-CLEARCACHE LOADMODULE UNLOADMODULE
+ LOADMODULE UNLOADMODULE
RELOADMODULE GLOADMODULE GUNLOADMODULE
GRELOADMODULE CLOSE JUMPSERVER
LOCKSERV UNLOCKSERV">
@@ -413,7 +442,7 @@ and the percentage of clients matched, plus how they were matched
(by IP address or by hostname). Mask should be given as either a
nick!user@host or user@IP (wildcards acceptable).">
-<helpop key="lockserv" value="/LOCKSERV
+<helpop key="lockserv" value="/LOCKSERV :[<message>]
Locks out all new connections notifying connecting users that the
service is temporarily closed and to try again later.">
@@ -443,11 +472,11 @@ reason parameter is optional, and if not provided defaults to
'Please use this server/port instead' (the default given in various
numeric lists)">
-<helpop key="filter" value="/FILTER <filter-definition> [<action> <flags> [<gline-duration>] :<reason>]
+<helpop key="filter" value="/FILTER <filter-definition> [<action> <flags> [<duration>] :<reason>]
This command will add a filter when more than one parameter is given,
for messages of the types specified by the flags, with the given
-filter definition, action, gline duration (when the action is 'gline')
+filter definition, action, duration (when the action is 'gline' or 'shun'),
and reason.
The filter will take effect when a message of any type specified by
@@ -463,6 +492,7 @@ Block Blocks message and informs +s IRCops of the blocked message
Silent Blocks message, but does not notify IRCops
Kill Kills the user
Gline Glines the user for the specified duration
+Shun Shuns the user for the specified duration (requires the shun module)
Valid FILTER Flags
------------------
@@ -539,13 +569,14 @@ The duration may be specified in seconds, or in the format
1y2w3d4h5m6s - meaning one year, two weeks, three days, 4 hours,
5 minutes and 6 seconds. All fields in this format are optional.">
-<helpop key="sajoin" value="/SAJOIN <nick> <channel>
+<helpop key="sajoin" value="/SAJOIN [<nick>] <channel>[,<channel>]
-Forces the user to join the channel.">
+Forces the user to join the channel(s).
+If no nick is given, it joins the oper doing the /SAJOIN.">
-<helpop key="sapart" value="/SAPART <nick> <channel>
+<helpop key="sapart" value="/SAPART <nick> <channel>[,<channel>]
-Forces the user to part the channel.">
+Forces the user to part the channel(s).">
<helpop key="samode" value="/SAMODE <target> (+|-)<modes> [<parameters for modes>]
@@ -623,17 +654,15 @@ The duration may be specified in seconds, or in the format
1y2w3d4h5m6s - meaning one year, two weeks, three days, 4 hours,
5 minutes and 6 seconds. All fields in this format are optional.">
-<helpop key="die" value="/DIE <password>
+<helpop key="die" value="/DIE <server>
This command shuts down the local server. A single parameter is
-required, which must match the password in the configuration for the
-command to function.">
+required, which must match the name of the local server.">
-<helpop key="restart" value="/RESTART <password>
+<helpop key="restart" value="/RESTART <server>
This command restarts the local server. A single parameter is
-required, which must match the password in the configuration for the
-command to function.">
+required, which must match the name of the local server.">
<helpop key="commands" value="/COMMANDS
@@ -664,33 +693,29 @@ Disconnects the server matching the given server mask from this server.">
Lists currently loaded modules, their memory offsets, version numbers,
and flags. If you are not an operator, you will see reduced detail.">
-<helpop key="loadmodule" value="/LOADMODULE <filename.so>
+<helpop key="loadmodule" value="/LOADMODULE <modname>
Loads the specified module into the local server.">
-<helpop key="unloadmodule" value="/UNLOADMODULE <filename.so>
+<helpop key="unloadmodule" value="/UNLOADMODULE <modname>
-Unloads a module from the local server. The module cannot have the
-static flag set (see the output of /MODULES).">
+Unloads a module from the local server.">
-<helpop key="reloadmodule" value="/RELOADMODULE <filename.so>
+<helpop key="reloadmodule" value="/RELOADMODULE <modname>
-Unloads and reloads a module on the local server. This module cannot
-have the static flag set (see the output of /MODULES).">
+Unloads and reloads a module on the local server.">
-<helpop key="gloadmodule" value="/GLOADMODULE <filename.so>
+<helpop key="gloadmodule" value="/GLOADMODULE <modname>
Loads the specified module on all linked servers.">
-<helpop key="gunloadmodule" value="/GUNLOADMODULE <filename.so>
+<helpop key="gunloadmodule" value="/GUNLOADMODULE <modname>
-Unloads a module from all linked servers. The module cannot have the
-static flag set (see the output of /MODULES).">
+Unloads a module from all linked servers.">
-<helpop key="greloadmodule" value="/GRELOADMODULE <filename.so>
+<helpop key="greloadmodule" value="/GRELOADMODULE <modname>
-Unloads and reloads a module on all linked servers. This module cannot
-have the static flag set (see the output of /MODULES).">
+Unloads and reloads a module on all linked servers.">
<helpop key="kline" value="/KLINE <user@host> [<duration> :<reason>]
@@ -753,7 +778,7 @@ Sends a message to all +w users.">
<helpop key="rline" value="/RLINE <regex> [<duration> :<reason>]
-Sets or removes an r-line (regex line) on a n!u@h\sgecos mask. You
+Sets or removes an r-line (regex line) on a n!u@h\srealname mask. You
must specify all three parameters to add an rline, and one parameter
to remove an rline (just the regex).
@@ -761,14 +786,20 @@ The duration may be specified in seconds, or in the format
1y2w3d4h5m6s - meaning one year, two weeks, three days, 4 hours,
5 minutes and 6 seconds. All fields in this format are optional.">
-<helpop key="clearcache" value="/CLEARCACHE
-
-This command clears the DNS cache of the local server.">
-
<helpop key="close" value="/CLOSE
Closes all unregistered connections to the local server.">
+<helpop key="clearchan" value="/CLEARCHAN <channel> [<KILL|KICK|G|Z>] [<reason>]
+
+Quits or kicks all non-opers from a channel, optionally G/Z-Lines them.
+Useful for quickly nuking bot channels.
+
+The default method, KILL, simply disconnects the victims from the server,
+while methods G and Z also add G/Z-Lines for all the targets.
+
+When used, the victims won't see each other getting kicked or quitting.">
+
<helpop key="modenotice" value="/MODENOTICE <modeletters> <message>
Sends a notice to all users who have the given mode(s) set.
@@ -809,6 +840,8 @@ using their cloak when they quit.">
(requires the services account module).
w Receives wallops messages.
x Gives a cloaked hostname (requires the cloaking module).
+ z Only allow private messages from SSL users (requires the
+ sslmode module).
B Marks as a bot (requires the botmode module).
G Censors messages sent to the user based on filters
configured for the network (requires the censor module).
@@ -897,6 +930,9 @@ using their cloak when they quit.">
noctcp module).
D Delays join messages from users until they message
the channel (requires the delayjoin module).
+ E [~*][lines]:[sec]{[:difference]}{[:backlog]} Allows blocking of similar messages.
+ Kicks as default, blocks with ~ and bans with *
+ The last two parameters are optional.
F <changes>:<sec> Blocks nick changes when they equal or exceed the
specified rate (requires the nickflood module).
G Censors messages to the channel based on the
@@ -1011,8 +1047,10 @@ Note that all /STATS use is broadcast to online IRC operators.">
A Allows receipt of remote announcement messages.
c Allows receipt of local connect messages.
C Allows receipt of remote connect messages.
- d Allows receipt of general (and sometimes random) debug messages.
- f Allows receipt of flooding notices.
+ d Allows receipt of local DNSBL messages (requires the dnsbl module).
+ D Allows receipt of remote DNSBL messages (requires the dnsbl module).
+ f Allows receipt of local filter messages (requires the filter module).
+ F Allows receipt of remote filter messages (requires the filter module).
g Allows receipt of globops (requires the globops module).
j Allows receipt of channel creation notices (requires the chancreate module).
J Allows receipt of remote channel creation notices (requires the chancreate module).
@@ -1053,9 +1091,14 @@ setting +I <extban>.
Matching extbans:
+ a:<mask> Matches user with both a matching banmask and realname,
+ where <mask> is in the format nick!user@host+realname
+ (requires gecosban module).
j:<channel> Matches anyone in the given channel. Does not support
wildcards (requires the channelban module).
- r:<realname> Matches users with a matching realname (requires the
+ n:<class> Matches users in a matching connect class (requires the
+ classban module).
+ r:<realname> Matches users with a matching real name (requires the
gecosban module).
s:<server> Matches users on a matching server (requires the
serverban module).
diff --git a/docs/conf/helpop.conf.example b/docs/conf/helpop.conf.example
index bdd3c4605..8456346d9 100644
--- a/docs/conf/helpop.conf.example
+++ b/docs/conf/helpop.conf.example
@@ -1,4 +1,4 @@
-# Sample configuration file for m_helpop.so
+# Sample configuration file for the helpop module.
# You can either copy this into your conf folder and set up the module to use it,
# or you can customize the responses for your network and/or add more.
#
@@ -31,20 +31,18 @@ you searched for. Please try again.">
-------------
PRIVMSG NOTICE NICK JOIN PART
-CYCLE KNOCK MODE DEVOICE TOPIC
+CYCLE KNOCK MODE OPER TOPIC
KICK FPART REMOVE TBAN INVITE
UNINVITE AWAY DCCALLOW SILENCE ACCEPT
MKPASSWD VHOST TITLE SETNAME
WHOIS WHOWAS ISON USERHOST WATCH
-LIST NAMES WHO MOTD RULES
+LIST NAMES WHO MOTD
ADMIN MAP LINKS LUSERS TIME
STATS VERSION INFO MODULES COMMANDS
SSLINFO
-USER PASS PING PONG QUIT
-
-OPER">
+USER PASS PING PONG QUIT">
<helpop key="coper" value="Oper Commands
-------------
@@ -62,12 +60,12 @@ SAJOIN SAPART SAMODE SATOPIC SAKICK
KILL SAQUIT GLINE ZLINE QLINE
KLINE RLINE ELINE CBAN SHUN
-FILTER
+FILTER CLEARCHAN
CONNECT SQUIT RCONNECT RSQUIT
DIE RESTART REHASH
-CLEARCACHE LOADMODULE UNLOADMODULE
+ LOADMODULE UNLOADMODULE
RELOADMODULE GLOADMODULE GUNLOADMODULE
GRELOADMODULE CLOSE JUMPSERVER
LOCKSERV UNLOCKSERV">
@@ -96,6 +94,8 @@ LOCKSERV UNLOCKSERV">
(requires the services account module).
w Receives wallops messages.
x Gives a cloaked hostname (requires the cloaking module).
+ z Only allow private messages from SSL users (requires the
+ sslmode module).
B Marks as a bot (requires the botmode module).
G Censors messages sent to the user based on filters
configured for the network (requires the censor module).
@@ -184,6 +184,10 @@ LOCKSERV UNLOCKSERV">
noctcp module).
D Delays join messages from users until they message
the channel (requires the delayjoin module).
+ E [~*][lines]:[sec]{[:difference]}{[:backlog]} Allows blocking of similar messages.
+ Kicks as default, blocks with ~ and bans with *
+ The last two parameters are optional.
+
F <changes>:<sec> Blocks nick changes when they equal or exceed the
specified rate (requires the nickflood module).
G Censors messages to the channel based on the
@@ -233,8 +237,10 @@ help channel if you have any questions.">
A Allows receipt of remote announcement messages.
c Allows receipt of local connect messages.
C Allows receipt of remote connect messages.
- d Allows receipt of general (and sometimes random) debug messages.
- f Allows receipt of flooding notices.
+ d Allows receipt of local DNSBL messages (requires the dnsbl module).
+ D Allows receipt of remote DNSBL messages (requires the dnsbl module).
+ f Allows receipt of local filter messages (requires the filter module).
+ F Allows receipt of remote filter messages (requires the filter module).
g Allows receipt of globops (requires the globops module).
j Allows receipt of channel creation notices (requires the chancreate module).
J Allows receipt of remote channel creation notices (requires the chancreate module).
@@ -271,9 +277,14 @@ setting +I <extban>.
Matching extbans:
+ a:<mask> Matches user with both a matching banmask and realname,
+ where <mask> is in the format nick!user@host+realname
+ (requires gecosban module).
j:<channel> Matches anyone in the given channel. Does not support
wildcards (requires the channelban module).
- r:<realname> Matches users with a matching realname (requires the
+ n:<class> Matches users in a matching connect class (requires
+ the classban module).
+ r:<realname> Matches users with a matching real name (requires the
gecosban module).
s:<server> Matches users on a matching server (requires the
serverban module).
diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example
index d54cdc916..3ad2d5fd6 100644
--- a/docs/conf/inspircd.conf.example
+++ b/docs/conf/inspircd.conf.example
@@ -34,6 +34,15 @@
# #
########################################################################
+#-#-#-#-#-#-#-#-#-# CONFIGURATION FORMAT #-#-#-#-#-#-#-#-#-#-#-#-#-#-
+# #
+# In order to maintain compatibility with older configuration files, #
+# you can change the configuration parser to parse as it did in #
+# previous releases. When using the "compat" format, you need to use #
+# C++ escape sequences (e.g. \n) instead of XML ones (e.g. &nl;) and #
+# can not use <define> to create macros. #
+#<config format="compat">
+
#-#-#-#-#-#-#-#-#-# INCLUDE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# This optional tag allows you to include another config file #
@@ -65,11 +74,6 @@
# #
# Variables may be redefined and may reference other variables. #
# Value expansion happens at the time the tag is read. #
-# #
-# Using variable definitions REQUIRES that the config format be #
-# changed to "xml" from the default "compat" that uses escape #
-# sequences such as "\"" and "\n", and does not support <define> #
-<config format="xml">
<define name="bindip" value="1.2.2.3">
<define name="localips" value="&bindip;/24">
@@ -93,8 +97,7 @@
#id="97K"
# network: Network name given on connect to clients.
- # Should be the same on all servers on the network and
- # not contain spaces.
+ # Should be the same on all servers on the network.
network="Omega">
@@ -128,7 +131,7 @@
# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
# #
# If you want to link servers to InspIRCd you must load the #
-# m_spanningtree.so module! Please see the modules list for #
+# spanningtree module! Please see the modules list for #
# information on how to load this module! If you do not load this #
# module, server ports will NOT work! #
@@ -148,58 +151,59 @@
# to this bind section.
type="clients"
- # ssl: If you want the port(s) in this bind tag to use SSL, set this
- # to either "gnutls" or "openssl". The appropriate SSL module must be
- # loaded for SSL to work. If you do not want the port(s) in this bind
- # tag to support SSL, just remove or comment out this option.
+ # ssl: If you want the port(s) in this bind tag to use SSL, set this to
+ # the name of a custom <sslprofile> tag that you have defined or one
+ # of "openssl", "gnutls", "mbedtls" if you have not defined any. See the
+ # wiki page for the SSL module you are using for more details.
+ #
+ # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
+ # for GnuTLS and ssl_mbedtls for mbedTLS.
ssl="gnutls"
+
+ # defer: When this is non-zero, connections will not be handed over to
+ # the daemon from the operating system before data is ready.
+ # In Linux, the value indicates the time period we'll wait for a
+ # connection to come up with data. Don't set it too low!
+ # In BSD the value is ignored; only zero and non-zero is possible.
+ # Windows ignores this parameter completely.
+ # Note: This does not take effect on rehash.
+ # To change it on a running bind, you'll have to comment it out,
+ # rehash, comment it in and rehash again.
+ defer="0"
+
+ # free: When this is enabled the listener will be created regardless of
+ # whether the interface that provides the bind address is available. This
+ # is useful for if you are starting InspIRCd on boot when the server may
+ # not have brought the network interfaces up yet.
+ free="no"
>
<bind address="" port="6660-6669" type="clients">
-# When linking servers, the OpenSSL and GnuTLS implementations are completely
-# link-compatible and can be used alongside each other
-# on each end of the link without any significant issues.
-# Supported SSL types are: "openssl" and "gnutls".
-# You must load m_ssl_openssl for OpenSSL or m_ssl_gnutls for GnuTLS.
-
-<bind address="" port="7000,7001" type="servers">
-<bind address="1.2.3.4" port="7005" type="servers" ssl="openssl">
-
-
-#-#-#-#-#-#-#-#-#-#- DIE/RESTART CONFIGURATION -#-#-#-#-#-#-#-#-#-#-
-# #
-# You can configure the passwords here which you wish to use for #
-# the /DIE and /RESTART commands. Only trusted ircops who will #
-# need this ability should know the die and restart password. #
-# #
+# Listener accepting HTML5 WebSocket connections.
+# Requires the websocket module and SHA-1 hashing support (provided by the sha1
+# module).
+#<bind address="" port="7002" type="clients" hook="websocket">
-<power
- # hash: what hash these passwords are hashed with.
- # Requires the module for selected hash (m_md5.so, m_sha256.so
- # or m_ripemd160.so) be loaded and the password hashing module
- # (m_password_hash.so) loaded.
- # Options here are: "md5", "sha256" and "ripemd160", or one of
- # these prefixed with "hmac-", e.g.: "hmac-sha256".
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
+# EXPERIMENTAL: Listener that binds on a UNIX endpoint instead of a TCP/IP endpoint:
+#<bind path="/tmp/inspircd.sock" type="clients">
- # diepass: Password for opers to use if they need to shutdown (die)
- # a server.
- #
- # IMPORTANT: leaving this field empty does not disable the use of
- # the DIE command. In order to prevent the use of this command you
- # should remove it from the command privileges of your opers.
- diepass=""
+# You can define a custom <sslprofile> tag which defines the SSL configuration
+# for this listener. See the wiki page for the SSL module you are using for
+# more details.
+#
+# Alternatively, you can use one of the default SSL profiles which are created
+# when you have not defined any:
+# "openssl" (requires the ssl_openssl module)
+# "gnutls" (requires the ssl_gnutls module)
+# "mbedtls" (requires the ssl_mbedtls module)
+#
+# When linking servers, the OpenSSL, GnuTLS, and mbedTLS implementations are
+# completely link-compatible and can be used alongside each other on each end
+# of the link without any significant issues.
- # restartpass: Password for opers to use if they need to restart
- # a server.
- #
- # IMPORTANT: leaving this field empty does not disable the use of
- # the RESTART command. In order to prevent the use of this command
- # you should remove it from the command privileges of your opers.
- restartpass="">
+<bind address="" port="7000,7001" type="servers">
+<bind address="1.2.3.4" port="7005" type="servers" ssl="openssl">
#-#-#-#-#-#-#-#-#-#- CONNECTIONS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
@@ -245,23 +249,24 @@
# a CIDR range here.
allow="203.0.113.*"
- # hash: what hash this password is hashed with. requires the module
- # for selected hash (m_md5.so, m_sha256.so or m_ripemd160.so) be
- # loaded and the password hashing module (m_password_hash.so)
- # loaded. Options here are: "md5", "sha256" and "ripemd160".
- # Optional, but recommended. Create hashed passwords with:
- # /mkpasswd <hash> <password>
- #hash="sha256"
+ # hash: the hash function this password is hashed with. Requires the
+ # module for the selected function (bcrypt, md5, sha1, or sha256) and
+ # the password hashing module (password_hash) to be loaded.
+ #
+ # You may also use any of the above other than bcrypt prefixed with
+ # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module).
+ # Create hashed passwords with: /mkpasswd <hash> <password>
+ #hash="bcrypt"
# password: Password to use for this block/user(s)
password="secret"
# maxchans: Maximum number of channels a user in this class
- # be in at one time. This overrides every other maxchans setting.
- #maxchans="30"
+ # be in at one time.
+ maxchans="20"
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
+ # timeout: How long the server will wait before disconnecting
+ # a user if they do not do anything on connect.
# (Note, this is a client-side thing, if the client does not
# send /nick, /user or /pass)
timeout="10"
@@ -275,26 +280,34 @@
# maxconnwarn: Enable warnings when localmax or globalmax are reached (defaults to on)
maxconnwarn="off"
+ # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users
+ # in this class. This can save a lot of resources on very busy servers.
+ resolvehostnames="yes"
+
# usednsbl: Defines whether or not users in this class are subject to DNSBL. Default is yes.
- # This setting only has effect when m_dnsbl is loaded.
+ # This setting only has effect when the dnsbl module is loaded.
#usednsbl="yes"
# useident: Defines if users in this class MUST respond to a ident query or not.
useident="no"
+ # webirc: Restricts usage of this class to the specified WebIRC gateway.
+ # This setting only has effect when the cgiirc module is loaded.
+ #webirc="name"
+
# limit: How many users are allowed in this class
limit="5000"
# modes: Usermodes that are set on users in this block on connect.
- # Enabling this option requires that the m_conn_umodes module be loaded.
+ # Enabling this option requires that the conn_umodes module be loaded.
# This entry is highly recommended to use for/with IP Cloaking/masking.
- # For the example to work, this also requires that the m_cloaking
+ # For the example to work, this also requires that the "cloaking"
# module be loaded as well.
modes="+x"
# requireident, requiressl, requireaccount: require that users of this
# block have a valid ident response, use SSL, or have authenticated.
- # Requires m_ident, m_sslinfo, or m_services_account respectively.
+ # Requires ident, sslinfo, or the services_account module, respectively.
requiressl="on"
# NOTE: For requireaccount, you must complete the signon prior to full
# connection. Currently, this is only possible by using SASL
@@ -303,19 +316,23 @@
# Alternate MOTD file for this connect class. The contents of this file are
# specified using <files secretmotd="filename"> or <execfiles ...>
+ #
+ # NOTE: the following escape sequences for IRC formatting characters can be
+ # used in your MOTD:
+ # Bold: \b
+ # Color: \c<fg>[,<bg>]
+ # Italic: \i
+ # Monospace: \m (not widely supported)
+ # Reset: \x
+ # Strikethrough: \s (not widely supported)
+ # Underline: \u
+ # See https://defs.ircdocs.horse/info/formatting.html for more information
+ # on client support for formatting characters.
motd="secretmotd"
- # Allow color codes to be processed in the message of the day file.
- # the following characters are valid color code escapes:
- # \002 or \b = Bold
- # \037 or \u = Underline
- # \003 or \c = Color (with a code postfixed to this char)
- # \017 or \x = Stop all color sequences
- allowmotdcolors="false"
-
- # port: What port this user is allowed to connect on. (optional)
- # The port MUST be set to listen in the bind blocks above.
- port="6697">
+ # port: What port range this user is allowed to connect on. (optional)
+ # The ports MUST be set to listen in the bind blocks above.
+ port="6697,9999">
<connect
# name: Name to use for this connect block. Mainly used for
@@ -328,17 +345,17 @@
allow="*"
# maxchans: Maximum number of channels a user in this class
- # be in at one time. This overrides every other maxchans setting.
- #maxchans="30"
+ # be in at one time.
+ maxchans="20"
- # timeout: How long (in seconds) the server will wait before
- # disconnecting a user if they do not do anything on connect.
+ # timeout: How long the server will wait before disconnecting
+ # a user if they do not do anything on connect.
# (Note, this is a client-side thing, if the client does not
# send /nick, /user or /pass)
timeout="10"
- # pingfreq: How often (in seconds) the server tries to ping connecting clients.
- pingfreq="120"
+ # pingfreq: How often the server tries to ping connecting clients.
+ pingfreq="2m"
# hardsendq: maximum amount of data allowed in a client's send queue
# before they are dropped. Keep this value higher than the length of
@@ -384,6 +401,10 @@
# globalmax: Maximum global (network-wide) connections per IP.
globalmax="3"
+ # resolvehostnames: If disabled, no DNS lookups will be performed on connecting users
+ # in this class. This can save a lot of resources on very busy servers.
+ resolvehostnames="yes"
+
# useident: Defines if users in this class must respond to a ident query or not.
useident="no"
@@ -391,9 +412,9 @@
limit="5000"
# modes: Usermodes that are set on users in this block on connect.
- # Enabling this option requires that the m_conn_umodes module be loaded.
+ # Enabling this option requires that the conn_umodes module be loaded.
# This entry is highly recommended to use for/with IP Cloaking/masking.
- # For the example to work, this also requires that the m_cloaking
+ # For the example to work, this also requires that the cloaking
# module be loaded as well.
modes="+x">
@@ -425,11 +446,11 @@
# This file has all the information about oper classes, types and o:lines.
# You *MUST* edit it.
-<include file="conf/examples/opers.conf.example">
+<include file="examples/opers.conf.example">
# This file has all the information about server links and ulined servers.
# You *MUST* edit it if you intend to link servers.
-<include file="conf/examples/links.conf.example">
+<include file="examples/links.conf.example">
#-#-#-#-#-#-#-#-#-#- MISCELLANEOUS CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
@@ -437,23 +458,12 @@
# Files block - contains files whose contents are used by the ircd
#
# motd - displayed on connect and when a user executes /MOTD
-# rules - displayed when the user executes /RULES
# Modules can also define their own files
-<files motd="conf/examples/motd.txt.example" rules="conf/examples/rules.txt.example">
+<files motd="examples/motd.txt.example">
# Example of an executable file include. Note this will be read on rehash,
# not when the command is run.
-#<execfiles rules="wget -O - https://www.example.com/rules.txt">
-
-#-#-#-#-#-#-#-#-#-#-#-# MAXIMUM CHANNELS -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-
-<channels
- # users: Maximum number of channels a user can be in at once.
- users="20"
-
- # opers: Maximum number of channels an oper can be in at once.
- opers="60">
+#<execfiles motd="wget -O - https://www.example.com/motd.txt">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-# DNS SERVER -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# If these values are not defined, InspIRCd uses the default DNS resolver
@@ -469,7 +479,7 @@
#
# server="127.0.0.1"
- # timeout: seconds to wait to try to resolve DNS/hostname.
+ # timeout: time to wait to try to resolve DNS/hostname.
timeout="5">
# An example of using an IPv6 nameserver
@@ -494,11 +504,11 @@
# matches the channels name applies the banlimit to that channel. #
# It is advisable to put an entry with the channel as '*' at the #
# bottom of the list. If none are specified or no maxbans tag is #
-# matched, the banlist size defaults to 64 entries. #
+# matched, the banlist size defaults to 100 entries. #
# #
-<banlist chan="#largechan" limit="128">
-<banlist chan="*" limit="69">
+<banlist chan="#largechan" limit="200">
+<banlist chan="*" limit="100">
#-#-#-#-#-#-#-#-#-#-#- DISABLED FEATURES -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
@@ -519,16 +529,6 @@
# #
#<disabled commands="TOPIC MODE" usermodes="" chanmodes="" fakenonexistant="yes">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#- RTFM LINE -#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# Just remove this... Its here to make you read ALL of the config #
-# file options ;) #
-
-<die value="You should probably edit your config *PROPERLY* and try again.">
-
-
-
#-#-#-#-#-#-#-#-#-#-#-#-#- SERVER OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
# Settings to define which features are usable on your server. #
@@ -564,21 +564,19 @@
# the correct parameters are.
syntaxhints="no"
- # cyclehosts: If enabled, when a user gets a host set, it will cycle
- # them in all their channels. If not, it will simply change their host
- # without cycling them.
- cyclehosts="yes"
+ # casemapping: This sets the case mapping method to be used by the
+ # server. This MUST be the same on all servers. Possible values are:
+ # "ascii" (recommended)
+ # "rfc1459" (default, required for linking to 2.0 servers)
+ # NOTE: if you are using the nationalchars module this setting will be
+ # ignored. You should use <nationalchars:casemapping> instead.
+ casemapping="ascii"
# cyclehostsfromuser: If enabled, the source of the mode change for
# cyclehosts will be the user who cycled. This can look nicer, but
# triggers anti-takeover mechanisms of some obsolete bots.
cyclehostsfromuser="no"
- # ircumsgprefix: Use undernet-style message prefixing for NOTICE and
- # PRIVMSG. If enabled, it will add users' prefix to the line, if not,
- # it will just message the user normally.
- ircumsgprefix="no"
-
# announcets: If set to yes, when the timestamp on a channel changes, all users
# in the channel will be sent a NOTICE about it.
announcets="yes"
@@ -597,21 +595,33 @@
# in the topic. If set to no, it will only show the nick of the topic setter.
hostintopic="yes"
- # pingwarning: If a server does not respond to a ping within x seconds,
+ # pingwarning: If a server does not respond to a ping within this period,
# it will send a notice to opers with snomask +l informing that the server
# is about to ping timeout.
pingwarning="15"
- # serverpingfreq: How often pings are sent between servers (in seconds).
- serverpingfreq="60"
+ # serverpingfreq: How often pings are sent between servers.
+ serverpingfreq="1m"
+
+ # splitwhois: Whether to split private/secret channels from normal channels
+ # in WHOIS responses. Possible values for this are:
+ # 'no' - list all channels together in the WHOIS response regardless of type.
+ # 'split' - split private/secret channels to a separate WHOIS response numeric.
+ # 'splitmsg' - the same as split but also send a message explaining the split.
+ splitwhois="no"
# defaultmodes: What modes are set on a empty channel when a user
# joins it and it is unregistered.
- defaultmodes="nt"
+ defaultmodes="not"
- # moronbanner: This is the text that is sent to a user when they are
+ # xlinemessage: This is the text that is sent to a user when they are
# banned from the server.
- moronbanner="You're banned! Email abuse@example.com with the ERROR line below for help."
+ xlinemessage="You're banned! Email irc@example.com with the ERROR line below for help."
+
+ # allowzerolimit: If enabled then allow a limit of 0 to be set on channels.
+ # This is non-standard behaviour and should only be enabled if you need to
+ # link with servers running 2.0. Defaults to yes.
+ allowzerolimit="no"
# exemptchanops: Allows users with with a status mode to be exempt
# from various channel restrictions. Possible restrictions are:
@@ -652,12 +662,7 @@
# nosnoticestack: This prevents snotices from 'stacking' and giving you
# the message saying '(last message repeated X times)'. Defaults to no.
- nosnoticestack="no"
-
- # welcomenotice: When turned on, this sends a NOTICE to connecting users
- # with the text Welcome to <networkname>! after successful registration.
- # Defaults to yes.
- welcomenotice="yes">
+ nosnoticestack="no">
#-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#
@@ -672,33 +677,37 @@
# in the accept queue. This is *NOT* the total maximum number of
# connections per server. Some systems may only allow this to be up
# to 5, while others (such as Linux and *BSD) default to 128.
+ # Setting this above the limit imposed by your OS can have undesired
+ # effects.
somaxconn="128"
- # limitsomaxconn: By default, somaxconn (see above) is limited to a
- # safe maximum value in the 2.0 branch for compatibility reasons.
- # This setting can be used to disable this limit, forcing InspIRCd
- # to use the value specified above.
- limitsomaxconn="true"
-
# softlimit: This optional feature allows a defined softlimit for
# connections. If defined, it sets a soft max connections value.
softlimit="12800"
+ # clonesonconnect: If this is set to false, we won't check for clones
+ # on initial connection, but only after the DNS check is done.
+ # This can be useful where your main class is more restrictive
+ # than some other class a user can be assigned after DNS lookup is complete.
+ # Turning this option off will make the server spend more time on users we may
+ # potentially not want. Normally this should be neglible, though.
+ # Default value is true
+ clonesonconnect="true"
+
# quietbursts: When syncing or splitting from a network, a server
# can generate a lot of connect and quit messages to opers with
# +C and +Q snomasks. Setting this to yes squelches those messages,
# which makes it easier for opers, but degrades the functionality of
# bots like BOPM during netsplits.
- quietbursts="yes"
-
- # nouserdns: If enabled, no DNS lookups will be performed on
- # connecting users. This can save a lot of resources on very busy servers.
- nouserdns="no">
+ quietbursts="yes">
#-#-#-#-#-#-#-#-#-#-#-# SECURITY CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
# #
<security
+ # allowcoreunload: If this value is set to yes, Opers will be able to
+ # unload core modules (e.g. core_privmsg).
+ allowcoreunload="no"
# announceinvites: This option controls which members of the channel
# receive an announcement when someone is INVITEd. Available values:
@@ -709,11 +718,6 @@
# higher ranked users. This is the recommended setting.
announceinvites="dynamic"
- # hidemodes: If enabled, then the listmodes given will be hidden
- # from users below halfop. This is not recommended to be set on +b
- # as it may break some functionality in popular clients such as mIRC.
- hidemodes="eI"
-
# hideulines: If this value is set to yes, U-lined servers will
# be hidden from non-opers in /links and /map.
hideulines="no"
@@ -722,13 +726,13 @@
# be flattened when shown to non-opers.
flatlinks="no"
- # hidewhois: When defined, the given text will be used in place
- # of the server a user is on when whoised by a non-oper. Most
- # networks will want to set this to something like "*.netname.net"
- # to conceal the actual server a user is on.
- # Note that enabling this will cause users' idle times to only be
- # shown when the format /WHOIS <nick> <nick> is used.
- hidewhois=""
+ # hideserver: When defined, the given text will be used in place
+ # of the server name in public messages. As with <server:name> this
+ # does not need to resolve but does need to be a valid hostname.
+ #
+ # NOTE: enabling this will cause users' idle times to only be shown
+ # when a remote whois (/WHOIS <nick> <nick>) is used.
+ #hideserver="*.example.com"
# hidebans: If this value is set to yes, when a user is banned ([gkz]lined)
# only opers will see the ban message when the user is removed
@@ -750,16 +754,10 @@
# (Commands like /notice, /privmsg, /kick, etc)
maxtargets="20"
- # customversion: Displays a custom string when a user /version's
- # the ircd. This may be set for security reasons or vanity reasons.
+ # customversion: A custom message to be displayed in the comments field
+ # of the VERSION command response. This does not hide the InspIRCd version.
customversion=""
- # operspywhois: show opers (users/auspex) the +s and +p channels a user is in. Values:
- # splitmsg Split secret/private from public channels with an explanatory message
- # yes Show secret/private channels
- # no Do not show secret/private channels
- operspywhois="no"
-
# runasuser: If this is set, InspIRCd will attempt to switch
# to run as this user, which allows binding of ports under 1024.
# You should NOT set this unless you are starting as root.
@@ -774,7 +772,8 @@
# restrictbannedusers: If this is set to yes, InspIRCd will not allow users
# banned on a channel to change nickname or message channels they are
- # banned on.
+ # banned on. This can also be set to silent to restrict the user but not
+ # notify them.
restrictbannedusers="yes"
# genericoper: Setting this value to yes makes all opers on this server
@@ -804,7 +803,7 @@
<limits
# maxnick: Maximum length of a nickname.
- maxnick="31"
+ maxnick="30"
# maxchan: Maximum length of a channel name.
maxchan="64"
@@ -813,7 +812,10 @@
maxmodes="20"
# maxident: Maximum length of a ident/username.
- maxident="11"
+ maxident="10"
+
+ # maxhost: Maximum length of a hostname.
+ maxhost="64"
# maxquit: Maximum length of a quit message.
maxquit="255"
@@ -824,12 +826,20 @@
# maxkick: Maximum length of a kick message.
maxkick="255"
- # maxgecos: Maximum length of a GECOS (realname).
- maxgecos="128"
+ # maxreal: Maximum length of a real name.
+ maxreal="128"
# maxaway: Maximum length of an away message.
maxaway="200">
+#-#-#-#-#-#-#-#-#-#-#-#-# PATHS CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# This configuration tag defines the location that InspIRCd stores #
+# various types of files such as configuration files, log files and #
+# modules. You will probably not need to change these from the values #
+# set when InspIRCd was built unless you are using a binary package #
+# where you do not have the ability to set build time configuration. #
+#<path configdir="conf" datadir="data" logdir="logs" moduledir="modules">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Logging
@@ -839,7 +849,7 @@
# the behaviour of the logging of the IRCd.
#
# An example log tag would be:
-# <log method="file" type="OPER" level="default" target="logs/opers.log">
+# <log method="file" type="OPER" level="default" target="opers.log">
# which would log all information on /oper (failed and successful) to
# a file called opers.log.
#
@@ -848,8 +858,7 @@
# - USERS - information relating to user connection and disconnection
# - OPER - succesful and failed oper attempts
# - KILL - kill related messages
-# - snomask - server notices (*all* snomasks will be logged)
-# - FILTER - messages related to filter matches (m_filter)
+# - FILTER - messages related to filter matches (filter module)
# - CONFIG - configuration related messages
# - COMMAND - die and restart messages, and messages related to unknown user types
# - SOCKET - socket engine informational/error messages
@@ -873,10 +882,15 @@
# - USERINPUT
# - USEROUTPUT
#
+# If your server is producing a high levels of log messages you can also set the
+# flush="[positive number]" attribute to specify how many log messages should be
+# buffered before flushing to disk. You should probably not specify this unless
+# you are having problems.
+#
# The following log tag is highly default and uncustomised. It is recommended you
# sort out your own log tags. This is just here so you get some output.
-<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="logs/ircd.log">
+<log method="file" type="* -USERINPUT -USEROUTPUT" level="default" target="ircd.log">
#-#-#-#-#-#-#-#-#-#-#-#-#- WHOWAS OPTIONS -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
@@ -919,11 +933,7 @@
nick="ChanServ"
# reason: Reason to display on /nick.
- reason="Reserved For Services">
-
-<badnick nick="NickServ" reason="Reserved For Services">
-<badnick nick="OperServ" reason="Reserved For Services">
-<badnick nick="MemoServ" reason="Reserved For Services">
+ reason="Reserved for a network service">
<badhost
# host: ident@hostname to ban.
@@ -973,13 +983,6 @@
# will be banning 955 or more users.
trigger="95.5">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#- YAWN -#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# You should already know what to do here :) #
-
-<die value="User error. You didn't edit your config properly. Go back and try again.">
-
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# MODULES #-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# ____ _ _____ _ _ ____ _ _ _ #
# | _ \ ___ __ _ __| | |_ _| |__ (_)___ | __ )(_) |_| | #
@@ -994,23 +997,22 @@
# provide almost all the features of InspIRCd. :) #
# #
# The default does nothing -- we include it for simplicity for you. #
-<include file="conf/examples/modules.conf.example">
+<include file="examples/modules.conf.example">
-# Here are some pre-built modules.conf files that closely match the
-# default configurations of some popular IRCd's. You still may want to
-# look over them and make sure if everything is correct for you and setup
-# the proper SSL information.
+#-#-#-#-#-#-#-#-#-#-#-# SERVICES CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
+# #
+# If you use services you will probably want to include one of the #
+# following files which set up aliases, nick reservations and filter #
+# exemptions for services pseudoclients: #
#
-# *NOTE*: These files have no comments for what the modules do. If you
-# are interested in that, please read the modules.conf.example. It is also
-# recommended that you make your own modules file based on modules.conf.example.
-
-# Settings similar to UnrealIRCd defaults.
-#<include file="conf/examples/modules/unrealircd.conf.example">
-
-# Settings similar to Charybdis IRCd defaults.
-#<include file="conf/examples/modules/charybdis.conf.example">
-
+# Anope users should uncomment this:
+#<include file="examples/services/anope.conf.example">
+#
+# Atheme users should uncomment this:
+#<include file="examples/services/atheme.conf.example">
+#
+# Users of other services should uncomment this:
+#<include file="examples/services/generic.conf.example">
#########################################################################
# #
diff --git a/docs/conf/links.conf.example b/docs/conf/links.conf.example
index ba18c5325..ad2efa9f7 100644
--- a/docs/conf/links.conf.example
+++ b/docs/conf/links.conf.example
@@ -10,7 +10,7 @@
# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
# #
# If you want to link servers to InspIRCd you must load the #
-# m_spanningtree.so module! #
+# spanningtree module! #
# #
# #
@@ -29,26 +29,28 @@
# allowmask: Range of IP addresses to allow for this link.
# Can be a CIDR (see example).
- allowmask="203.0.113.0/24"
+ allowmask="203.0.113.0/24 127.0.0.0/8 2001:db8::/32"
# timeout: If defined, this option defines how long the server
# will wait to consider the connect attempt failed and try the
# failover (see above).
- timeout="300"
+ timeout="5m"
- # ssl: If defined, this states the SSL module that will be used when
- # making an outbound connection to the server. Options are: "openssl"
- # and "gnutls" (they are compatible with each other).
+ # ssl: If defined, this states the SSL profile that will be used when
+ # making an outbound connection to the server. Options are the name of an
+ # <sslprofile> tag that you have defined or one of "openssl", "gnutls",
+ # "mbedtls" if you have not defined any. See the wiki page for the SSL
+ # module you are using for more details.
#
- # You will need to load the m_ssl_openssl.so module for OpenSSL,
- # m_ssl_gnutls.so for GnuTLS. The server port that you connect to
- # must be capable of accepting this type of connection.
+ # You will need to load the ssl_openssl module for OpenSSL, ssl_gnutls
+ # for GnuTLS and ssl_mbedtls for mbedTLS. The server port that you
+ # connect to must be capable of accepting this type of connection.
ssl="gnutls"
# fingerprint: If defined, this option will force servers to be
- # authenticated using SSL Fingerprints. See https://wiki.inspircd.org/SSL
- # for more information. This will require an SSL link for both inbound
- # and outbound connections.
+ # authenticated using SSL certificate fingerprints. See
+ # https://wiki.inspircd.org/SSL for more information. This will
+ # require an SSL link for both inbound and outbound connections.
#fingerprint=""
# bind: Local IP address to bind to.
@@ -75,7 +77,7 @@
ipaddr="penguin.example.org"
port="7000"
allowmask="203.0.113.0/24"
- timeout="300"
+ timeout="5m"
ssl="gnutls"
bind="1.2.3.4"
statshidden="no"
@@ -95,14 +97,14 @@
# Simple autoconnect block. This enables automatic connection of a server
# Recommended setup is to have leaves connect to the hub, and have no
# automatic connections started by the hub.
-<autoconnect period="300" server="hub.example.org">
+<autoconnect period="10m" server="hub.example.org">
# Failover autoconnect block. If you have multiple hubs, or want your network
# to automatically link even if the hub is down, you can specify multiple
# space separated servers to autoconnect; they will be tried in a round
# robin fashion until one succeeds. Period defines the time for restarting
# a single loop.
-<autoconnect period="120"
+<autoconnect period="2m"
server="hub.us.example.org hub.eu.example.org leaf.eu.example.org">
@@ -116,3 +118,7 @@
# to opers on the network. #
# #
<uline server="services.example.com" silent="yes">
+
+# Once you have edited this file you can remove this line. This is just to
+# ensure that you don't hastily include the file without reading it.
+<die reason="Using links.conf.example without editing it is a security risk">
diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example
index a538ea879..4dab9f55b 100644
--- a/docs/conf/modules.conf.example
+++ b/docs/conf/modules.conf.example
@@ -10,7 +10,7 @@
# #
# By default, ALL modules are commented out. You must uncomment them #
# or add lines to your config to load modules. Please refer to #
-# https://wiki.inspircd.org/2.0/Modules for a list of modules and #
+# https://wiki.inspircd.org/3.0/Modules for a list of modules and #
# each modules link for any additional conf tags they require. #
# #
# ____ _ _____ _ _ ____ _ _ _ #
@@ -19,8 +19,8 @@
# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
# #
-# To link servers to InspIRCd, you MUST load the m_spanningtree #
-# module. If you don't do this, server links will NOT work at all. #
+# To link servers to InspIRCd, you MUST load the spanningtree module. #
+# If you don't do this, server links will NOT work at all. #
# This is by design, to allow for the implementation of other linking #
# protocols in modules in the future. This module is at the bottom of #
# this file. #
@@ -31,38 +31,31 @@
# cryptographic uses and security.
#
# IMPORTANT:
-# Other modules such as m_cloaking.so and m_password_hash.so may rely on
+# Other modules such as cloaking and password_hash may rely on
# this module being loaded to function.
#
-#<module name="m_md5.so">
-#
+#<module name="md5">
+
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SHA256 module: Allows other modules to generate SHA256 hashes,
# usually for cryptographic uses and security.
#
# IMPORTANT:
-# Other modules such as m_password_hash.so may rely on this module being
-# loaded to function. Certain modules such as m_spanningtree.so will
+# Other modules such as password_hash may rely on this module being
+# loaded to function. Certain modules such as spanningtree will
# function without this module but when it is loaded their features will
# be enhanced (for example the addition of HMAC authentication).
#
-#<module name="m_sha256.so">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# RIPEMD160 module: Allows other modules to generate RIPEMD160 hashes,
-# usually for cryptographic uses and security.
-#
-# IMPORTANT:
-# Other modules may rely on this module being loaded to function.
-#<module name="m_ripemd160.so">
+#<module name="sha256">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Abbreviation module: Provides the ability to abbreviate commands a-la
# BBC BASIC keywords.
-#<module name="m_abbreviation.so">
+#<module name="abbreviation">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Alias module: Allows you to define server-side command aliases.
-#<module name="m_alias.so">
+#<module name="alias">
#
# Set the 'prefix' for in-channel aliases (fantasy commands) to the
# specified character. If not set, the default is "!".
@@ -72,9 +65,9 @@
#
#-#-#-#-#-#-#-#-#-#-#- ALIAS DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# If you have the m_alias.so module loaded, you may also define #
-# aliases as shown below. They are commonly used to provide shortcut #
-# commands to services, however they are not limited to just this use.#
+# If you have the alias module loaded, you may also define aliases as #
+# shown below. They are commonly used to provide shortcut commands to #
+# services, however they are not limited to just this use. #
# An alias tag requires the following values to be defined in it: #
# #
# text - The text to detect as the actual command line. #
@@ -135,18 +128,6 @@
# If a non-oper attempts to use the alias, it will #
# appear to not exist. #
# #
-#<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-#<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-#<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-#<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-#<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-#<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-#<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-#<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-#<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-#<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-#<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-#<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
#
# An example of using the format value to create an alias with two
# different behaviours depending on the format of the parameters.
@@ -159,8 +140,7 @@
#
# This alias fixes a glitch in xchat 2.6.x and above and the way it
# assumes IDENTIFY must be prefixed by a colon (:) character. It should
-# be placed ABOVE the default NICKSERV alias (the first example) listed
-# above.
+# be placed ABOVE the default NICKSERV alias.
#
#<alias text="NICKSERV" format=":IDENTIFY *" replace="PRIVMSG NickServ :IDENTIFY $3-"
# requires="NickServ" uline="yes">
@@ -180,18 +160,32 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Allowinvite module: Gives channel mode +A to allow all users to use
# /INVITE, and extban A to deny invite from specific masks.
-#<module name="m_allowinvite.so">
+#<module name="allowinvite">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Alltime module: Shows time on all connected servers at once.
# This module is oper-only and provides /ALLTIME.
# To use, ALLTIME must be in one of your oper class blocks.
-#<module name="m_alltime.so">
+#<module name="alltime">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Anticaps module: Adds channel mode +B which allows you to punish
+# users that send overly capitalised messages to channels. Unlike the
+# blockcaps module this module is more flexible as it has more options
+# for punishment and allows channels to configure their own punishment
+# policies.
+#<module name="anticaps">
+#
+# You may also configure the characters which anticaps considers to be
+# lower case and upper case. Any characters not listed here are assumed
+# to be punctuation and will be ignored when counting:
+# <anticaps lowercase="abcdefghijklmnopqrstuvwxyz"
+# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Auditorium module: Adds channel mode +u which makes everyone else
# except you in the channel invisible, used for large meetings etc.
-#<module name="m_auditorium.so">
+#<module name="auditorium">
#
# Auditorium settings:
#
@@ -215,28 +209,37 @@
# Another useful combination is with SSL client certificate
# fingerprints: +w h:z:72db600734bb9546c1bdd02377bc21d2a9690d48 will
# give halfop to the user(s) having the given certificate.
-#<module name="m_autoop.so">
+#<module name="autoop">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Ban except module: Adds support for channel ban exceptions (+e).
-#<module name="m_banexception.so">
+#<module name="banexception">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Ban redirection module: Allows bans which redirect to a specified
# channel. e.g. +b nick!ident@host#channelbanneduserissentto
-#<module name="m_banredirect.so">
+#<module name="banredirect">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# bcrypt module: Allows other modules to generate bcrypt hashes,
+# usually for cryptographic uses and security.
+#<module name="bcrypt">
+#
+# rounds: Defines how many rounds the bcrypt function will run when
+# generating new hashes.
+#<bcrypt rounds="10">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Block amsg module: Attempt to block all usage of /amsg and /ame.
-#<module name="m_blockamsg.so">
+#<module name="blockamsg">
#
#-#-#-#-#-#-#-#-#-#-#- BLOCKAMSG CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# If you have the m_blockamsg.so module loaded, you can configure it #
-# with the <blockamsg> tag: #
+# If you have the blockamsg module loaded, you can configure it with #
+# the <blockamsg> tag: #
# #
-# delay - How many seconds between two messages to force #
-# them to be recognised as unrelated. #
+# delay - How much time between two messages to force them #
+# to be recognised as unrelated. #
# action - Any of 'notice', 'noticeopers', 'silent', 'kill' #
# or 'killopers'. Define how to take action when #
# a user uses /amsg or /ame. #
@@ -245,114 +248,140 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Block CAPS module: Adds channel mode +B, blocks all-CAPS messages.
-#<module name="m_blockcaps.so">
+#
+# NOTE: This module is deprecated and will be removed in a future version
+# of InspIRCd. You should use the anticaps module shown above instead.
+#<module name="blockcaps">
#
#-#-#-#-#-#-#-#-#-#-#- BLOCKCAPS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# percent - How many percent of text must be caps before text #
+# percent - The percentage of a message which must be upper #
+# case before it will be blocked. #
+# #
+# minlen - The minimum length a message must be before it #
# will be blocked. #
# #
-# minlen - The minimum length a line must be for the block #
-# percent to have any effect. #
+# lowercase - The characters which will be considered lower #
+# case. #
# #
-# capsmap - A list of chars to be considered CAPS. Can be used #
-# to add CAPS characters for your language. Also you #
-# can add things like ! and space to further lock #
-# down on caps usage. #
+# uppercase - The characters which will be considered upper #
+# case. #
+#
#<blockcaps percent="50"
# minlen="5"
-# capsmap="ABCDEFGHIJKLMNOPQRSTUVWXYZ! ">
+# lowercase="abcdefghijklmnopqrstuvwxyz"
+# uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Block color module: Blocking color-coded messages with chan mode +c.
-#<module name="m_blockcolor.so">
+#<module name="blockcolor">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Botmode module: Adds the user mode +B. If set on a user, it will
# show that the user is a bot in /WHOIS.
-#<module name="m_botmode.so">
+#<module name="botmode">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CallerID module: Adds usermode +g which activates hybrid-style
# callerid: block all private messages unless you /ACCEPT first.
-#<module name="m_callerid.so">
+#<module name="callerid">
#
#-#-#-#-#-#-#-#-#-#-#- CALLERID CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# maxaccepts - Maximum number of entries a user can add to his #
# /ACCEPT list. Default is 16 entries. #
-# operoverride - Can opers (note: ALL opers) override callerid? #
-# Default is no. #
# tracknick - Preserve /accept entries when a user changes nick? #
# If no (the default), the user is removed from #
# everyone's accept list if he changes nickname. #
-# cooldown - Amount of time (in seconds) that must pass since #
-# the last notification sent to a user before he can #
-# be sent another. Default is 60 (1 minute). #
+# cooldown - Amount of time that must pass since the last #
+# notification sent to a user before he can be sent #
+# another. Default is 1 minute. #
#<callerid maxaccepts="16"
-# operoverride="no"
# tracknick="no"
-# cooldown="60">
+# cooldown="1m">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CAP module: Provides the CAP negotiation mechanism required by the
-# m_sasl, m_namesx, m_uhnames, and m_ircv3 modules.
-# It is also recommended for the STARTTLS support in m_ssl_gnutls.
-#<module name="m_cap.so">
+# sasl, namesx, uhnames, and ircv3 modules.
+# It is also recommended for STARTTLS support in the starttls module.
+#<module name="cap">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CBAN module: Lets you disallow channels from being used at runtime.
# This module is oper-only and provides /CBAN.
# To use, CBAN must be in one of your oper class blocks.
-#<module name="m_cban.so">
+#<module name="cban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Censor module: Adds channel and user mode +G.
-#<module name="m_censor.so">
+#<module name="censor">
#
#-#-#-#-#-#-#-#-#-#-#- CENSOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# Optional - If you specify to use the m_censor module, then you must #
+# Optional - If you specify to use the censor module, then you must #
# specify some censor tags. See also: #
-# https://wiki.inspircd.org/Modules/2.0/censor #
+# https://wiki.inspircd.org/Modules/3.0/censor #
#
-#<include file="conf/examples/censor.conf.example">
+#<include file="examples/censor.conf.example">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# CGI:IRC module: Adds support for automatic host changing in CGI:IRC
-# (http://cgiirc.sourceforge.net).
-#<module name="m_cgiirc.so">
+# CGI:IRC module: Enables forwarding the real IP address of a user from
+# a gateway to the IRC server.
+#<module name="cgiirc">
#
#-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
#
-# Optional - If you specify to use m_cgiirc, then you must specify one
-# or more cgihost tags which indicate authorised CGI:IRC servers which
-# will be connecting to your network, and an optional cgiirc tag.
-# For more information see: https://wiki.inspircd.org/Modules/2.0/cgiirc
-#
-# Set to yes if you want to notice opers when CGI:IRC clients connect.
+# If you use the cgiirc module then you must specify the gateways which
+# are authorised to forward IP/host information to your server. There
+# are currently two ways to do this:
+#
+# The webirc method is the recommended way to allow gateways to forward
+# IP/host information. When using this method the gateway sends a WEBIRC
+# message to the server on connection. For more details please read the
+# IRCv3 WebIRC specification at http://ircv3.net/specs/extensions/webirc.html.
+#
+# When using this method you must specify a wildcard mask or CIDR range
+# to allow gateway connections from and at least one of either a SSL
+# client certificate fingerprint for the gateway or a password to be
+# sent in the WEBIRC command.
+#
+# <cgihost type="webirc"
+# fingerprint="bd90547b59c1942b85f382bc059318f4c6ca54c5"
+# mask="192.0.2.0/24">
+# <cgihost type="webirc"
+# password="$2a$10$WEUpX9GweJiEF1WxBDSkeODBstIBMlVPweQTG9cKM8/Vd58BeM5cW"
+# hash="bcrypt"
+# mask="*.webirc.gateway.example.com">
+#
+# Alternatively if your gateway does not support sending the WEBIRC
+# message then you can configure InspIRCd to look for the client IP
+# address in the ident sent by the user. This is not recommended as it
+# only works with IPv4 connections.
+#
+# When using this method you must specify a wildcard mask or CIDR range to allow
+# gateway connections from. You can also optionally configure the static value
+# that replaces the IP in the ident to avoid leaking the real IP address of
+# gateway clients (defaults to "gateway" if not set).
+#
+# <cgihost type="ident"
+# mask="198.51.100.0/24"
+# newident="wibble">
+# <cgihost type="ident"
+# mask="*.ident.gateway.example.com"
+# newident="wobble">
+#
+# By default gateway connections are logged to the +w snomask. If you
+# do not want this to happen then you can uncomment this to disable it.
# <cgiirc opernotice="no">
-#
-# The type field indicates where the module should get the real
-# client's IP address from, for further information, please see the
-# CGI:IRC documentation.
-#
-# Old style:
-# <cgihost type="pass" mask="www.example.com"> # Get IP from PASS
-# <cgihost type="ident" mask="otherbox.example.com"> # Get IP from ident
-# <cgihost type="passfirst" mask="www.example.com"> # See the docs
-# New style:
-# <cgihost type="webirc" password="foobar"
-# mask="somebox.example.com"> # Get IP from WEBIRC
-#
+
# IMPORTANT NOTE:
# ---------------
#
-# When you connect CGI:IRC clients, there are two connect classes which
+# When you connect gateway clients, there are two connect classes which
# apply to these clients. When the client initially connects, the connect
-# class which matches the CGI:IRC site's host is checked. Therefore you
-# must raise the maximum local/global clients for this ip as high as you
-# want to allow cgi clients. After the client has connected and is
-# determined to be a cgi:irc client, the class which matches the client's
+# class which matches the gateway site's host is checked. Therefore you
+# must raise the maximum local/global clients for this IP as high as you
+# want to allow gateway clients. After the client has connected and is
+# determined to be a gateway client, the class which matches the client's
# real IP is then checked. You may set this class to a lower value, so that
# the real IP of the client can still be restricted to, for example, 3
# sessions maximum.
@@ -361,30 +390,35 @@
# Channel create module: Adds snomask +j, which will notify opers of
# any new channels that are created.
# This module is oper-only.
-#<module name="m_chancreate.so">
+#<module name="chancreate">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel filter module: Allows channel-op defined message filtering
# using simple string matches (channel mode +g).
-#<module name="m_chanfilter.so">
+#<module name="chanfilter">
#
# If hidemask is set to yes, the user will not be shown the mask when
# his/her message is blocked.
-#<chanfilter hidemask="yes">
+#
+# If maxlen is set then it defines the maximum length of a filter entry.
+#
+# If notifyuser is set to no, the user will not be notified when
+# his/her message is blocked.
+#<chanfilter hidemask="yes" maxlen="50" notifyuser="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel history module: Displays the last 'X' lines of chat to a user
# joining a channel with +H 'X:T' set; 'T' is the maximum time to keep
# lines in the history buffer. Designed so that the new user knows what
# the current topic of conversation is when joining the channel.
-#<module name="m_chanhistory.so">
+#<module name="chanhistory">
#
# Set the maximum number of lines allowed to be stored per channel below.
# This is the hard limit for 'X'.
# If notice is set to yes, joining users will get a NOTICE before playback
# telling them about the following lines being the pre-join history.
# If bots is set to yes, it will also send to users marked with +B
-#<chanhistory maxlines="20" notice="yes" bots="yes">
+#<chanhistory maxlines="50" notice="yes" bots="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel logging module: Used to send snotice output to channels, to
@@ -393,7 +427,7 @@
# The "channel" field is where you want the messages to go, "snomasks"
# is what snomasks you want to be sent to that channel. Multiple tags
# are allowed.
-#<module name="m_chanlog.so">
+#<module name="chanlog">
#<chanlog snomasks="AOcC" channel="#opers">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -401,7 +435,7 @@
# characters in the channel name such as bold, colorcodes, etc. which
# can be quite annoying and allow users to on occasion have a channel
# that looks like the name of another channel on the network.
-#<module name="m_channames.so">
+#<module name="channames">
#<channames
# denyrange: characters or range of characters to deny in channel
@@ -418,36 +452,7 @@
# Note that by default wildcard characters * and ? are allowed in
# channel names. To disallow them, load m_channames and add characters
# 42 and 63 to denyrange (see above).
-#<module name="m_channelban.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Chanprotect module: Gives +q and +a channel modes.
-#
-# IMPORTANT: This module has been removed in the next major version of
-# InspIRCd. You should use m_customprefix instead.
-#<module name="m_chanprotect.so">
-
-#<chanprotect
- # noservices: With this set to yes, when a user joins an empty channel,
- # the server will set +q on them. If set to no, it will only set +o
- # on them until they register the channel.
- #noservices="no"
-
- # qprefix: Prefix (symbol) to use for +q users.
- #qprefix="~"
-
- # aprefix: Prefix (symbol) to use for +a users.
- #aprefix="&amp;"
-
- # deprotectself: If this value is set (true, yes or 1), it will allow
- # +a and +q users to remove the +a and +q from themselves, otherwise,
- # the status will have to be removed by services.
- #deprotectself="yes"
-
- # deprotectothers: If this value is set to yes, true, or 1, then any
- # user with +q or +a may remove the +q or +a from other users.
- #deprotectothers="yes">
-
+#<module name="channelban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Check module: Adds the /CHECK command.
@@ -455,7 +460,7 @@
# IP addresses and hosts.
# This module is oper-only.
# To use, CHECK must be in one of your oper class blocks.
-#<module name="m_check.so">
+#<module name="check">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CHGHOST module: Adds the /CHGHOST command.
@@ -464,7 +469,7 @@
# NOTE: Services will not be able to set vhosts on users if this module
# isn't loaded. If you're planning on running services, you probably
# want to load this.
-#<module name="m_chghost.so">
+#<module name="chghost">
#
#-#-#-#-#-#-#-#-# /CHGHOST - /SETHOST CONFIGURATION #-#-#-#-#-#-#-#-#
# Optional - If you want to use special chars for hostnames you can #
@@ -479,64 +484,66 @@
# CHGIDENT module: Adds the /CHGIDENT command.
# This module is oper-only.
# To use, CHGIDENT must be in one of your oper class blocks.
-#<module name="m_chgident.so">
+#<module name="chgident">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# CHGNAME module: Adds the /CHGNAME command.
# This module is oper-only.
# To use, CHGNAME must be in one of your oper class blocks.
-#<module name="m_chgname.so">
+#<module name="chgname">
+#
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Connection class ban module: Adds support for extban 'n' which
+# matches against the class name of the user's connection.
+# This module assumes that connection classes are named in a uniform
+# way on all servers of the network.
+#<module name="classban">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Clear chan module: Allows opers to masskick, masskill or mass-G/ZLine
+# all users on a channel using /CLEARCHAN.
+#<module name="clearchan">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Cloaking module: Adds usermode +x and cloaking support.
-# Relies on the module m_md5.so being loaded.
-# To cloak users when they connect, load m_conn_umodes and set
+# Relies on the md5 module being loaded.
+# To cloak users when they connect, load the conn_umodes module and set
# <connect:modes> to include the +x mode. The example <connect> tag
-# shows this. See the m_conn_umodes module for more information.
-#<module name="m_cloaking.so">
+# shows this. See the conn_umodes module for more information.
+#<module name="cloaking">
#
#-#-#-#-#-#-#-#-#-#-#- CLOAKING CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# To use m_cloaking, you must define a cloak key, and optionally a #
+# To use cloaking, you must define a cloak key, and optionally a #
# cloak prefix as shown below. The cloak key must be shared across #
# the network for correct cloaking. #
# #
-# There are four methods of cloaking: #
+# There are two methods of cloaking: #
# #
-# half Cloak only the "unique" portion of a host; show #
-# the last 2 parts of the domain, /16 subnet of IPv4 #
-# or /48 subnet of the IPv6 address. #
+# half Cloak only the "unique" portion of a host; by #
+# default show the last 2 parts of the domain, #
+# /16 subnet of IPv4 or /48 subnet of the IPv6 #
+# address. #
+# To change the number of shown parts, modify the #
+# domainparts option. #
# #
# full Cloak the users completely, using three slices for #
# common CIDR bans (IPv4: /16, /24; IPv6: /48, /64). #
# #
-# These methods use a single key that can be any length of text. #
+# The methods use a single key that can be any length of text. #
# An optional prefix may be specified to mark cloaked hosts. #
-# #
-# The following methods are maintained for backwards compatibility; #
-# they are slightly less secure, and always hide unresolved IPs. #
-# #
-# compat-host InspIRCd 1.2-compatible host-based cloaking. #
-# compat-ip InspIRCd 1.2-compatible ip-always cloaking. #
-# #
-# If you use a compat cloaking mode then you must specify key1, key2, #
-# key3, key4; the values must be less than 0x80000000 and should be #
-# picked at random. Prefix is mandatory, will default to network name #
-# if not specified, and will always have a "-" appended. #
-# #
-# IMPORTANT: The compat-host and compat-ip modes have been removed in #
-# the next major version of InspIRCd. You should ONLY use them if you #
-# need backwards compatibility with InspIRCd 1.2. #
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
#
#<cloak mode="half"
# key="secret"
+# domainparts="3"
# prefix="net-">
#-#-#-#-#-#-#-#-#-#-#-#- CLOSE MODULE #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Close module: Allows an oper to close all unregistered connections.
# This module is oper-only and provides the /CLOSE command.
# To use, CLOSE must be in one of your oper class blocks.
-#<module name="m_close.so">
+#<module name="close">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Clones module: Adds an oper command /CLONES for detecting cloned
@@ -544,42 +551,47 @@
# issued, use with care.
# This module is oper-only.
# To use, CLONES must be in one of your oper class blocks.
-#<module name="m_clones.so">
+#<module name="clones">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Common channels module: Adds user mode +c, which, when set, requires
# that users must share a common channel with you to PRIVMSG or NOTICE
# you.
-#<module name="m_commonchans.so">
+#<module name="commonchans">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Auto join on connect module: Allows you to force users to join one
-# or more channels automatically upon connecting to the server.
-#<module name="m_conn_join.so">
+# or more channels automatically upon connecting to the server, or
+# join them in case they aren't on any channels after being online
+# for X seconds.
+#<module name="conn_join">
#
#-#-#-#-#-#-#-#-#-#-#-#- CONNJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
#
-# If you have m_conn_join.so loaded, you can configure it using the
-# following values, or set autojoin="#chat,#help" in <connect> blocks.
+# If you have the conn_join module loaded, you can configure it below
+# or set autojoin="#chat,#help" in <connect> blocks.
#
+# Join users immediately after connection to #one #two and #three.
#<autojoin channel="#one,#two,#three">
+# Join users to #chat after 15 seconds if they aren't on any channels.
+#<autojoin channel="#chat" delay="15">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Set modes on connect module: When this module is loaded <connect>
# blocks may have an optional modes="" value, which contains modes to
# add or remove from users when they connect to the server.
-#<module name="m_conn_umodes.so">
+#<module name="conn_umodes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Wait for PONG on connect module: Send a PING to all connecting users
# and don't let them connect until they reply with a PONG.
# This is useful to stop certain kinds of bots and proxies.
-#<module name="m_conn_waitpong.so">
+#<module name="conn_waitpong">
#
#-#-#-#-#-#-#-#-#-#-#- WAITPONG CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# If you have the m_conn_waitpong.so module loaded, configure it with #
-# the <waitpong> tag: #
+# If you have the conn_waitpong module loaded, configure it with the #
+# <waitpong> tag: #
# #
# sendsnotice - Whether to send a helpful notice to users on #
# connect telling them how to connect, should #
@@ -593,13 +605,13 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Channel cycle module: Adds the /CYCLE command which is a server-side
# /HOP that bypasses restrictive modes.
-#<module name="m_cycle.so">
+#<module name="cycle">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Connectban: Provides IP connection throttling. Any IP range that
# connects too many times (configurable) in an hour is Z-Lined for a
# (configurable) duration, and their count resets to 0.
-#<module name="m_connectban.so">
+#<module name="connectban">
#
# ipv4cidr and ipv6cidr allow you to turn the comparison from
# individual IP addresses (32 and 128 bits) into CIDR masks, to allow
@@ -608,14 +620,16 @@
#
# This allows for 10 connections in an hour with a 10 minute ban if
# that is exceeded.
-#<connectban threshold="10" duration="10m" ipv4cidr="32" ipv6cidr="128">
+#<connectban threshold="10" duration="10m" ipv4cidr="32" ipv6cidr="128"
+# A custom ban message may optionally be specified.
+# banmessage="Your IP range has been attempting to connect too many times in too short a duration. Wait a while, and you will be able to connect.">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Connection throttle module.
-#<module name="m_connflood.so">
+#<module name="connflood">
#
#-#-#-#-#-#-#-#-#-#-#- CONNTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#
-# seconds, maxconns - Amount of connections per <seconds>.
+# period, maxconns - Amount of connections per <period>.
#
# timeout - Time to wait after the throttle was activated
# before deactivating it. Be aware that the time
@@ -631,9 +645,8 @@
# quitmsg="Throttled" bootwait="10">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Custom prefixes: Allows for channel prefixes to be added.
-# This replaces m_chanprotect and m_halfop.
-#<module name="m_customprefix.so">
+# Custom prefixes: Allows for channel prefixes to be configured.
+#<module name="customprefix">
#
# name The name of the mode, must be unique from other modes.
# letter The letter used for this mode. Required.
@@ -641,26 +654,31 @@
# rank A numeric rank for this prefix, defining what permissions it gives.
# The rank of voice, halfop and op is 10000, 20000, and 30000,
# respectively.
-# ranktoset The numeric rank required to set/unset this mode. Defaults to rank.
+# ranktoset The numeric rank required to set this mode. Defaults to rank.
+# ranktounset The numeric rank required to unset this mode. Defaults to ranktoset.
# depriv Can you remove the mode from yourself? Defaults to yes.
#<customprefix name="founder" letter="q" prefix="~" rank="50000" ranktoset="50000">
#<customprefix name="admin" letter="a" prefix="&amp;" rank="40000" ranktoset="50000">
#<customprefix name="halfop" letter="h" prefix="%" rank="20000" ranktoset="30000">
-#<customprefix name="halfvoice" letter="V" prefix="-" rank="1" ranktoset="20000">
#
-# Do /RELOADMODULE m_customprefix.so after changing the settings of this module.
+# You can also override the configuration of prefix modes added by both the core
+# and other modules by adding a customprefix tag with change="yes" specified.
+# <customprefix name="op" change="yes" rank="30000" ranktoset="30000">
+# <customprefix name="voice" change="yes" rank="10000" ranktoset="10000" depriv="no">
+#
+# Do /RELOADMODULE customprefix after changing the settings of this module.
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Custom title module: Adds the /TITLE command which allows for trusted
# users to gain a custom whois line and an optional vhost can be
# specified.
-#<module name="m_customtitle.so">
+#<module name="customtitle">
#
#-#-#-#-#-#-#-#-#-#- CUSTOM TITLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# name - The username used to identify.
# password - The password used to identify.
# hash - The hash for the specific user's password (optional).
-# m_password_hash.so and a hashing module must be loaded
+# password_hash and a hashing module must be loaded
# for this to work.
# host - Allowed hostmask (optional).
# title - Title shown in whois.
@@ -668,11 +686,11 @@
#
#<title name="foo" password="bar" title="Official Chat Helper">
#<title name="bar" password="foo" host="ident@test.org" title="Official Chat Helper" vhost="helper.test.org">
-#<title name="foo" password="fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9" hash="sha256" title="Official Chat Helper">
+#<title name="foo" password="$2a$10$UYZ4OcO8NNTCCGyCdY9SK.2GHiqGgxZfHFPOPmWuxEVWVQTtoDC7C" hash="bcrypt" title="Official Chat Helper">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# DCCALLOW module: Adds the /DCCALLOW command.
-#<module name="m_dccallow.so">
+#<module name="dccallow">
#
#-#-#-#-#-#-#-#-#-#-#- DCCALLOW CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# blockchat - Whether to block DCC CHAT as well as DCC SEND.
@@ -694,7 +712,7 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Deaf module: Adds support for the usermode +d - deaf to channel
# messages and channel notices.
-#<module name="m_deaf.so">
+#<module name="deaf">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Delay join module: Adds the channel mode +D which delays all JOIN
@@ -702,24 +720,24 @@
# speaking, their quit or part message will not be shown to the channel
# which helps cut down noise on large channels in a more friendly way
# than the auditorium mode. Only channel ops may set the +D mode.
-#<module name="m_delayjoin.so">
+#<module name="delayjoin">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Delay message module: Adds the channel mode +d which disallows a user
# from talking in the channel unless they've been joined for X seconds.
# Settable using /MODE #chan +d 30
-#<module name="m_delaymsg.so">
+#<module name="delaymsg">
# Set allownotice to no to disallow NOTICEs too. Defaults to yes.
#<delaymsg allownotice="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Deny channels module: Deny channels from being used by users.
-#<module name="m_denychans.so">
+#<module name="denychans">
#
#-#-#-#-#-#-#-#-#-#-#- DENYCHAN DEFINITIONS -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# If you have the m_denychans.so module loaded, you need to specify #
-# the channels to deny: #
+# If you have the denychans module loaded, you need to specify the #
+# channels to deny: #
# #
# name - The channel name to deny (glob masks are ok). #
# allowopers - If operators are allowed to override the deny. #
@@ -737,16 +755,12 @@
# Glob masks are accepted here also. #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Devoice module: Let users devoice themselves using /DEVOICE #chan.
-#<module name="m_devoice.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# DNS blacklist module: Provides support for looking up IPs on one or #
# more blacklists. #
-#<module name="m_dnsbl.so"> #
+#<module name="dnsbl"> #
# #
-# For configuration options please see the wiki page for m_dnsbl at #
-# https://wiki.inspircd.org/Modules/2.0/dnsbl #
+# For configuration options please see the wiki page for dnsbl at #
+# https://wiki.inspircd.org/Modules/3.0/dnsbl #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Exempt channel operators module: Provides support for allowing #
@@ -757,45 +771,57 @@
# See <options:exemptchanops> in inspircd.conf.example for a more #
# detailed list of the restriction modes that can be exempted. #
# These are settable using /mode #chan +X <restriction>:<status> #
-#<module name="m_exemptchanops.so"> #
+#<module name="exemptchanops"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Filter module: Provides message filtering, similar to SPAMFILTER. #
-#<module name="m_filter.so">
+#<module name="filter">
# #
-# This module depends upon a regex provider such as m_regex_pcre or #
-# m_regex_glob to function. You must specify which of these you want #
-# m_filter to use via the tag below. #
+# This module depends upon a regex provider such as regex_pcre or #
+# regex_glob to function. You must specify which of these you want #
+# the filter module to use via the tag below. #
# #
# Valid engines are: #
# #
-# glob - Glob patterns, provided via m_regex_glob. #
-# pcre - PCRE regexps, provided via m_regex_pcre, needs libpcre. #
-# tre - TRE regexps, provided via m_regex_tre, requires libtre. #
-# posix - POSIX regexps, provided via m_regex_posix, not available #
+# glob - Glob patterns, provided via regex_glob. #
+# pcre - PCRE regexps, provided via regex_pcre, needs libpcre. #
+# tre - TRE regexps, provided via regex_tre, requires libtre. #
+# posix - POSIX regexps, provided via regex_posix, not available #
# on Windows, no dependencies on other operating systems. #
-# stdlib - stdlib regexps, provided via m_regex_stdlib, see comment #
+# stdlib - stdlib regexps, provided via regex_stdlib, see comment #
# at the <module> tag for info on availability. #
# #
-#<filteropts engine="glob"> #
+# If notifyuser is set to no, the user will not be notified when #
+# his/her message is blocked. #
+#<filteropts engine="glob" notifyuser="yes">
+# #
+# Your choice of regex engine must match on all servers network-wide. #
+# #
+# To learn more about the configuration of this module, read #
+# examples/filter.conf.example, which covers the various types of #
+# filters and shows how to add exemptions. #
# #
-# Your choice of regex engine must match on all servers network-wide.
-#
-# You may specify specific channels that are exempt from being filtered:
-#<exemptfromfilter channel="#blah">
-#
#-#-#-#-#-#-#-#-#-#-#- FILTER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# Optional - If you specify to use the m_filter module, then #
+# Optional - If you specify to use the filter module, then #
# specify below the path to the filter.conf file, or define some #
# <filter> tags. #
# #
-#<include file="conf/examples/filter.conf.example">
+#<include file="examples/filter.conf.example">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Gecos ban: Implements extended ban 'r', which stops anyone matching
-# a mask like +b r:*realname?here* from joining a channel.
-#<module name="m_gecosban.so">
+# Flash Policy Daemon module: Allows Flash IRC clients (e.g. LightIRC)#
+# to connect. If no file is specified, it'll serve a default policy #
+# allowing all IPs to connect to all plaintext IRC ports #
+#<bind address="" port="8430" type="flashpolicyd"> #
+#<flashpolicyd timeout="5" file=""> #
+#<module name="flashpolicyd"> #
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Real name ban: Implements two extended bans: #
+# 'a', which matches a n!u@h+realname mask like +b a:*!*@host+*real* #
+# 'r', which matches a realname mask like +b r:*realname?here* #
+#<module name="gecosban">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# GeoIP module: Allows the server admin to match users by country code.
@@ -805,7 +831,7 @@
# This module requires GeoIP to be installed on your system,
# use your package manager to find the appropriate packages
# or check the InspIRCd wiki page for this module.
-#<module name="m_geoip.so">
+#<module name="geoip">
#
# The actual allow/ban actions are done by connect classes, not by the
# GeoIP module. An example connect class to ban people from russia or
@@ -813,6 +839,10 @@
#
# <connect deny="*" geoip="TR,RU">
#
+# If enabled you can also ban people from channnels by country code
+# using the G: extban (e.g. /mode #channel +b G:US).
+# <geoip extban="yes">
+#
# The country code must be in capitals and should be an ISO country
# code such as TR, GB, or US. Unknown IPs (localhost, LAN IPs, etc)
# will be assigned the country code "UNK". Since connect classes are
@@ -823,7 +853,7 @@
# Globops module: Provides the /GLOBOPS command and snomask +g.
# This module is oper-only.
# To use, GLOBOPS must be in one of your oper class blocks.
-#<module name="m_globops.so">
+#<module name="globops">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Global load module: Allows loading and unloading of modules network-
@@ -832,29 +862,29 @@
# and /GRELOADMODULE.
# To use, GLOADMODULE, GUNLOADMODULE and GRELOADMODULE
# must be in one of your oper class blocks.
-#<module name="m_globalload.so">
+#<module name="globalload">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Halfop module: Provides the +h (halfops) channel status mode.
-#
-# IMPORTANT: This module has been removed in the next major version of
-# InspIRCd. You should use m_customprefix instead.
-#<module name="m_halfop.so">
+# HAProxy module: Adds support for the HAProxy PROXY v2 protocol. To
+# use this module specify hook="haproxy" in the <bind> tag that HAProxy
+# has been configured to connect to.
+#<module name="haproxy">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# HELPOP module: Provides the /HELPOP command.
-#<module name="m_helpop.so">
+# HELPOP module: Provides the /HELPOP command
+#<module name="helpop">
#
#-#-#-#-#-#-#-#-#-#-#-#- HELPOP CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# If you specify to use the m_helpop.so module, then specify below #
-# the path to the helpop.conf file. #
-#<include file="conf/examples/helpop-full.conf.example">
+# If you specify to use the helpop module, then specify below the #
+# path to the helpop.conf file. #
+# #
+#<include file="examples/helpop-full.conf.example">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hide chans module: Allows users to hide their channels list from non-
# opers by setting user mode +I on themselves.
-#<module name="m_hidechans.so">
+#<module name="hidechans">
#
# This mode can optionally prevent opers from seeing channels on a +I
# user, for more privacy if set to true.
@@ -862,50 +892,86 @@
#<hidechans affectsopers="false">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Hide list module: Allows for hiding the list of listmodes from users
+# who do not have sufficient channel rank.
+#<module name="hidelist">
+#
+# Each <hidelist> tag configures one listmode to hide.
+# mode: Name of the listmode to hide.
+# rank: Minimum rank required to view the list. If set to 0, all
+# members of the channel may view the list, but non-members may not.
+# The rank of the built-in op and voice mode is 30000 and 10000,
+# respectively; the rank of other prefix modes is configurable.
+# Defaults to 20000.
+#
+# Hiding the ban list is not recommended because it may break some
+# clients.
+#
+# Hide filter (+g) list:
+#<hidelist mode="filter" rank="30000">
+# Only show invite exceptions (+I) to channel members:
+#<hidelist mode="invex" rank="0">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Hide mode module: Allows for hiding mode changes from users who do not
+# have sufficient channel privileges.
+#<module name="hidemode">
+#
+# Hide bans (+b) from people who are not voiced:
+#<hidemode mode="ban" rank="10000">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hide oper module: Allows opers to hide their oper status from non-
# opers by setting user mode +H on themselves.
# This module is oper-only.
-#<module name="m_hideoper.so">
+#<module name="hideoper">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Hostchange module: Allows a different style of cloaking.
-#<module name="m_hostchange.so">
+#<module name="hostchange">
#
#-#-#-#-#-#-#-#-#-#-#- HOSTCHANGE CONFIGURATION -#-#-#-#-#-#-#-#-#-#
# #
-# See https://wiki.inspircd.org/Modules/2.0/hostchange for help. #
+# See https://wiki.inspircd.org/Modules/3.0/hostchange for help. #
# #
-#<host suffix="invalid.org" separator="." prefix="">
-#<hostchange mask="*@42.theanswer.example.org" action="addnick">
-#<hostchange mask="*root@*" action="suffix">
+#<hostchange mask="*@42.theanswer.example.org" action="addaccount" suffix=".users.example.com">
+#<hostchange mask="*root@*" action="addnick" prefix="example/users/">
#<hostchange mask="a@example.com" action="set" value="foo.bar.baz">
-#<hostchange mask="localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo">
+#<hostchange mask="*@localhost" ports="7000,7001,7005-7007" action="set" value="blahblah.foo">
+
+# hostcycle: If loaded, when a user gets a host or ident set, it will
+# cycle them in all their channels. If not loaded it will simply change
+# their host/ident without cycling them.
+# This module is compatible with the ircv3_chghost module. Clients
+# supporting the chghost extension will get the chghost message instead
+# of seeing a host cycle.
+#<module name="hostcycle">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# httpd module: Provides HTTP server support for InspIRCd.
-#<module name="m_httpd.so">
+#<module name="httpd">
#
#-#-#-#-#-#-#-#-#-#-#-#- HTTPD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
#
-# If you choose to use the m_httpd.so module, then you will need to add
+# If you choose to use the httpd module, then you will need to add
# a <bind> tag with type "httpd", and load at least one of the other
-# m_httpd_* modules to provide pages to display.
+# httpd_* modules to provide pages to display.
# <bind address="127.0.0.1" port="8067" type="httpd">
# <bind address="127.0.0.1" port="8097" type="httpd" ssl="gnutls">
#
# You can adjust the timeout for HTTP connections below. All HTTP
-# connections will be closed after (roughly) this many seconds.
+# connections will be closed after (roughly) this time period.
#<httpd timeout="20">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# HTTP ACL module: Provides access control lists for m_httpd dependent
+# HTTP ACL module: Provides access control lists for httpd dependent
# modules. Use this module to restrict pages by IP address and by
# password.
-#<module name="m_httpd_acl.so">
+#<module name="httpd_acl">
#
#-#-#-#-#-#-#-#-#-#-#-#- HTTPD ACL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
#
-# Restrict access to the m_httpd_stats module to all but the local
+# Restrict access to the httpd_stats module to all but the local
# network and when the correct password is specified:
# <httpdacl path="/stats*" types="password,whitelist"
# username="secrets" password="mypasshere" whitelist="127.0.0.*,10.*">
@@ -915,44 +981,48 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# HTTP config module: Allows the server configuration to be viewed over
-# HTTP via the /config path. Requires m_httpd.so to be loaded for it to
-# function.
+# HTTP via the /config path. Requires the httpd module to be loaded for
+# it to function.
#
# IMPORTANT: This module exposes extremely sensitive information about
# your server and users so you *MUST* protect it using a local-only
-# <bind> tag and/or the m_httpd_acl.so module. See above for details.
-#<module name="m_httpd_config.so">
+# <bind> tag and/or the httpd_acl module. See above for details.
+#<module name="httpd_config">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# HTTP stats module: Provides server statistics over HTTP via the /stats
-# path. Requires m_httpd.so to be loaded for it to function.
+# path. Requires the httpd module to be loaded for it to function.
#
# IMPORTANT: This module exposes extremely sensitive information about
# your server and users so you *MUST* protect it using a local-only
-# <bind> tag and/or the m_httpd_acl.so module. See above for details.
-#<module name="m_httpd_stats.so">
+# <bind> tag and/or the httpd_acl module. See above for details.
+#<module name="httpd_stats">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Ident: Provides RFC 1413 ident lookup support.
# When this module is loaded <connect:allow> tags may have an optional
# useident="yes|no" boolean value, determining whether or not to lookup
# ident on users matching that connect tag.
-#<module name="m_ident.so">
+#<module name="ident">
#
#-#-#-#-#-#-#-#-#-#-#-#- IDENT CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# Optional - If you are using the m_ident.so module, then you can #
-# specify the timeout for ident lookups here. If not defined, it will #
-# default to 5 seconds. This is a non-blocking timeout which holds #
-# the user in a 'connecting' state until the lookup is complete. #
+# Optional - If you are using the ident module, then you can specify #
+# the timeout for ident lookups here. If not defined, it will default #
+# to 5 seconds. This is a non-blocking timeout which holds the user #
+# in a 'connecting' state until the lookup is complete. #
# The bind value indicates which IP to bind outbound requests to. #
+# nolookupprefix: If on, the idents of users being in a connect class #
+# with ident lookups disabled (i.e. <connect useident="off">) will be #
+# prefixed with a "~". If off, the ident of those users will not be #
+# prefixed. Default is off. #
#
-#<ident timeout="5">
+#<ident timeout="5" nolookupprefix="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Invite exception module: Adds support for channel invite exceptions
# (+I).
-#<module name="m_inviteexception.so">
+#<module name="inviteexception">
# bypasskey: If this is enabled, exceptions will bypass +k as well as +i
#<inviteexception bypasskey="yes">
@@ -961,22 +1031,88 @@
# extended-join, away-notify and account-notify. These are optional
# enhancements to the client-to-server protocol. An extension is only
# active for a client when the client specifically requests it, so this
-# module needs m_cap to work.
+# module needs the cap module to work.
#
# Further information on these extensions can be found at the IRCv3
# working group website:
# http://ircv3.net/irc/
#
-#<module name="m_ircv3.so">
+#<module name="ircv3">
# The following block can be used to control which extensions are
-# enabled. Note that extended-join can be incompatible with m_delayjoin
+# enabled. Note that extended-join can be incompatible with delayjoin
# and host cycling.
#<ircv3 accountnotify="on" awaynotify="on" extendedjoin="on">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 account-tag module. Adds the 'account' tag which contains the
+# services account name of the message sender.
+#<module name="ircv3_accounttag">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 batch module: Provides the batch IRCv3 extension which allows
+# the server to inform a client that a group of messages are related to
+# each other.
+#<module name="ircv3_batch">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 cap-notify module: Provides the cap-notify IRCv3 extension.
+# Required for IRCv3 conformance.
+#<module name="ircv3_capnotify">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 chghost module: Provides the chghost IRCv3 extension which
+# allows capable clients to learn when the host/ident of another user
+# changes without cycling the user. This module is compatible with the
+# hostcycle module. If both are loaded, clients supporting the chghost
+# extension will get the chghost message and won't see host cycling.
+#<module name="ircv3_chghost">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 echo-message module: Provides the echo-message IRCv3
+# extension which allows capable clients to get an acknowledgement when
+# their messages are delivered and learn what modifications, if any,
+# were applied to them.
+#<module name="ircv3_echomessage">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 invite-notify module: Provides the invite-notify IRCv3
+# extension which notifies supporting clients when a user invites
+# another user into a channel. This respects <options:announceinvites>.
+#<module name="ircv3_invitenotify">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 server-time module. Adds the 'time' tag which adds a timestamp
+# to all messages received from the server.
+#<module name="ircv3_servertime">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# IRCv3 Strict Transport Security module: Provides the sts IRCv3
+# extension which allows clients connecting insecurely to upgrade their
+# connections to TLS.
+#<module name="ircv3_sts">
+#
+# If using the ircv3_sts module you MUST define a STS policy to send
+# to clients using the <sts> tag. This tag takes the following
+# attributes:
+#
+# host - A glob match for the SNI hostname to apply this policy to.
+# duration - The amount of time that the policy lasts for. Defaults to
+# approximately two months by default.
+# port - The port on which TLS connections to the server are being
+# accepted. You MUST have a CA-verified certificate on this
+# port. Self signed certificates are not acceptable.
+# preload - Whether client developers can include your certificate in
+# preload lists.
+#
+# <sts host="*.example.com" duration="60d" port="6697" preload="yes">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Join flood module: Adds support for join flood protection +j X:Y.
-# Closes the channel for 60 seconds if X users join in Y seconds.
-#<module name="m_joinflood.so">
+# Closes the channel for N seconds if X users join in Y seconds.
+#<module name="joinflood">
+#
+# The number of seconds to close the channel for:
+#<joinflood duration="1m">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Jump server module: Adds support for the RPL_REDIR numeric.
@@ -984,17 +1120,15 @@
# To use, JUMPSERVER must be in one of your oper class blocks.
# If your server is redirecting new clients and you get disconnected,
# do a REHASH from shell to open up again.
-#<module name="m_jumpserver.so">
+#<module name="jumpserver">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Anti auto rejoin: Adds support for prevention of auto-rejoin (+J).
-#<module name="m_kicknorejoin.so">
-# Set the maximum time that is accepted as a parameter for +J here.
-#<kicknorejoin maxtime="1m">
+#<module name="kicknorejoin">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Knock module: Adds the /KNOCK command and channel mode +K.
-#<module name="m_knock.so">
+#<module name="knock">
#
# This setting specifies what to do when someone successfully /KNOCKs.
# If set to "notice", then a NOTICE will be sent to the channel.
@@ -1006,24 +1140,38 @@
#<knock notify="notice">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# LDAP module: Allows other SQL modules to access a LDAP database
+# through a unified API.
+# This modules is in extras. Re-run configure with:
+# ./configure --enable-extras=m_ldap.cpp
+# and run make install, then uncomment this module to enable it.
+#
+#<module name="ldap">
+#<database module="ldap" id="ldapdb" server="ldap://localhost" binddn="cn=Manager,dc=inspircd,dc=org" bindauth="mysecretpass" searchscope="subtree">
+# The server parameter indicates the LDAP server to connect to. The #
+# ldap:// style scheme before the hostname proper is MANDATORY. #
+# #
+# The binddn and bindauth indicate the DN to bind to for searching, #
+# and the password for the distinguished name. Some LDAP servers will #
+# allow anonymous searching in which case these two values do not #
+# need defining, otherwise they should be set similar to the examples #
+# above. #
+# #
+# The searchscope value indicates the subtree to search under. On our #
+# test system this is 'subtree'. Your mileage may vary. #
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# LDAP authentication module: Adds the ability to authenticate users #
-# via LDAP. This is an extra module which must be enabled explicitly #
-# by symlinking it from modules/extra, and requires the OpenLDAP libs #
-# This module is in extras. To enable it, Re-run configure with: #
-# ./configure --enable-extras=m_ldapauth.cpp #
-# and run make install, then uncomment this module. #
-#<module name="m_ldapauth.so">
+# via LDAP. #
+#<module name="ldapauth">
# #
# Configuration: #
# #
-# <ldapauth baserdn="ou=People,dc=brainbox,dc=cc" #
+# <ldapauth dbid="ldapdb" #
+# baserdn="ou=People,dc=brainbox,dc=cc" #
# attribute="uid" #
-# server="ldap://brainwave.brainbox.cc" #
-# allowpattern="Guest*" #
+# allowpattern="Guest* Bot*" #
# killreason="Access denied" #
-# searchscope="subtree" #
-# binddn="cn=Manager,dc=brainbox,dc=cc" #
-# bindauth="mysecretpass" #
# verbose="yes" #
# host="$uid.$ou.inspircd.org" #
# useusername="no"> #
@@ -1038,32 +1186,21 @@
# The attribute value indicates the attribute which is used to locate #
# a user account by name. On POSIX systems this is usually 'uid'. #
# #
+# The allowpattern value allows you to specify a space separated list #
+# of wildcard masks which will always be allowed to connect #
+# regardless of if they have an account, for example guest and bot #
+# users. #
+# #
# The useusername setting chooses whether the user's username or #
# nickname is used when locating a user account, if a username isn't #
# provided in PASS. #
# #
-# The server parameter indicates the LDAP server to connect to. The #
-# ldap:// style scheme before the hostname proper is MANDATORY. #
-# #
-# The allowpattern value allows you to specify a wildcard mask which #
-# will always be allowed to connect regardless of if they have an #
-# account, for example guest users. #
-# #
# Killreason indicates the QUIT reason to give to users if they fail #
# to authenticate. #
# #
-# The searchscope value indicates the subtree to search under. On our #
-# test system this is 'subtree'. Your mileage may vary. #
-# #
# Setting the verbose value causes an oper notice to be sent out for #
# every failed authentication to the server, with an error string. #
# #
-# The binddn and bindauth indicate the DN to bind to for searching, #
-# and the password for the distinguished name. Some LDAP servers will #
-# allow anonymous searching in which case these two values do not #
-# need defining, otherwise they should be set similar to the examples #
-# above. #
-# #
# ldapwhitelist indicates that clients connecting from an IP in the #
# provided CIDR do not need to authenticate against LDAP. It can be #
# repeated to whitelist multiple CIDRs. #
@@ -1083,25 +1220,18 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# LDAP oper configuration module: Adds the ability to authenticate #
-# opers via LDAP. This is an extra module which must be enabled #
-# explicitly by symlinking it from modules/extra, and requires the #
-# OpenLDAP libs. Re-run configure with: #
-# ./configure --enable-extras=m_ldapoper.cpp
-# and run make install, then uncomment this module to enable it. #
-#<module name="m_ldapoper.so">
+# opers via LDAP. #
+#<module name="ldapoper">
# #
# Configuration: #
# #
-# <ldapoper baserdn="ou=People,dc=brainbox,dc=cc"
-# server="ldap://brainwave.brainbox.cc"
-# searchscope="subtree"
-# binddn="cn=Manager,dc=brainbox,dc=cc"
-# bindauth="mysecretpass"
+# <ldapoper dbid="ldapdb"
+# baserdn="ou=People,dc=brainbox,dc=cc"
# attribute="uid">
# #
# Available configuration items are identical to the same items in #
-# m_ldapauth above (except for the verbose setting, that is only #
-# supported in m_ldapauth). #
+# ldapauth above (except for the verbose setting, that is only #
+# supported in ldapauth). #
# Please always specify a password in your <oper> tags even if the #
# opers are to be authenticated via LDAP, so in case this module is #
# not loaded the oper accounts are still protected by a password. #
@@ -1115,39 +1245,37 @@
# If your server is locked and you get disconnected, do a REHASH from #
# shell to open up again. #
# This module is oper-only.
-#<module name="m_lockserv.so">
+#<module name="lockserv">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Map hiding module: replaces /MAP and /LINKS output to users with a #
# message to see a website, set by maphide="http://test.org/map" in #
# the <security> tag, instead. #
-#<module name="m_maphide.so">
+#<module name="maphide">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Message flood module: Adds message/notice flood protection via
# channel mode +f.
-#<module name="m_messageflood.so">
+#<module name="messageflood">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# MLOCK module: Adds support for server-side enforcement of services
# side MLOCKs. Basically, this module suppresses any mode change that
# would likely be immediately bounced by services.
-#<module name="m_mlock.so">
+#<module name="mlock">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# MsSQL module: Allows other SQL modules to access MS SQL Server
-# through a unified API.
-# This module is in extras. Re-run configure with:
-# ./configure --enable-extras=m_mssql.cpp
-# and run make install, then uncomment this module to enable it.
-#<module name="m_mssql.so">
-#
-#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# m_mssql.so is more complex than described here, see wiki for more #
-# info https://wiki.inspircd.org/Modules/2.0/mssql #
+# Modenotice module: Adds the /MODENOTICE command that allows opers to
+# send notices to all users having the given user mode(s) set.
+#<module name="modenotice">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Monitor module: Adds support for MONITOR which is used by clients to
+# maintain notify lists.
+#<module name="monitor">
#
-#<database module="mssql" name="db" user="user" pass="pass" host="localhost" id="db1">
+# Set the maximum number of entries on a user's monitor list below.
+#<monitor maxentries="30">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# MySQL module: Allows other SQL modules to access MySQL databases
@@ -1155,12 +1283,12 @@
# This module is in extras. Re-run configure with:
# ./configure --enable-extras=m_mysql.cpp
# and run make install, then uncomment this module to enable it.
-#<module name="m_mysql.so">
+#<module name="mysql">
#
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# m_mysql.so is more complex than described here, see the wiki for #
-# more: https://wiki.inspircd.org/Modules/2.0/mysql #
+# mysql is more complex than described here, see the wiki for more #
+# info: https://wiki.inspircd.org/Modules/3.0/mysql #
#
#<database module="mysql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database2">
@@ -1169,19 +1297,19 @@
# modes via long-form mode names via +Z and the /PROP command.
# For example, to set a ban, do /mode #channel +Z ban=foo!bar@baz or
# /PROP #channel ban=foo!bar@baz
-#<module name="m_namedmodes.so">
+#<module name="namedmodes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# NAMESX module: Provides support for the NAMESX extension which allows
# clients to see all the prefixes set on a user without getting confused.
# This is supported by mIRC, x-chat, klient, and maybe more.
-#<module name="m_namesx.so">
+#<module name="namesx">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# National characters module:
# 1) Allows using national characters in nicknames.
# 2) Allows using custom (national) casemapping over the network.
-#<module name="m_nationalchars.so">
+#<module name="nationalchars">
#
# file - Location of the file which contains casemapping rules. If this
# is a relative path then it is relative to "<PWD>/../locales"
@@ -1195,47 +1323,54 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Nickchange flood protection module: Provides channel mode +F X:Y
# which allows up to X nick changes in Y seconds.
-#<module name="m_nickflood.so">
+#<module name="nickflood">
+#
+# The number of seconds to prevent nick changes for:
+#<nickflood duration="1m">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Nicklock module: Let opers change a user's nick and then stop that
# user from changing their nick again until unlocked.
# This module is oper-only.
# To use, NICKLOCK and NICKUNLOCK must be in one of your oper class blocks.
-#<module name="m_nicklock.so">
+#<module name="nicklock">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# No CTCP module: Adds the channel mode +C to block CTCPs and extban
-# 'C' to block CTCPs sent by specific users.
-#<module name="m_noctcp.so">
+# No CTCP module: Adds the channel mode +C and user mode +T to block
+# CTCPs and extban 'C' to block CTCPs sent by specific users.
+#<module name="noctcp">
+#
+# The +T user mode is not enabled by default to enable link compatibility
+# with 2.0 servers. You can enable it by uncommenting this:
+#<noctcp enableumode="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# No kicks module: Adds the +Q channel mode and the Q: extban to deny
# certain users from kicking.
-#<module name="m_nokicks.so">
+#<module name="nokicks">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# No nicks module: Adds the +N channel mode, as well as the 'N' extban.
# +N stops all users from changing their nick, the N extban stops
# anyone from matching a +b N:nick!user@host mask from changing their
# nick.
-#<module name="m_nonicks.so">
+#<module name="nonicks">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# No part message module: Adds extban 'p' to block part messages from #
# matching users. #
-#<module name="m_nopartmsg.so">
+#<module name="nopartmsg">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# No notice module: Adds the channel mode +T and the extban 'T' to
# block specific users from noticing the channel.
-#<module name="m_nonotice.so">
+#<module name="nonotice">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Network business join module:
# Allows an oper to join a channel using /OJOIN, giving them +Y on the
# channel which makes them immune to kick/deop/etc.
-#<module name="m_ojoin.so">
+#<module name="ojoin">
#
# Specify the prefix that +Y will grant here.
# Leave 'prefix' empty if you do not wish +Y to grant a prefix.
@@ -1250,16 +1385,17 @@
# /mode #channel +iI O:* is equivalent to channel mode +O, but you
# may also set +iI O:AdminTypeOnly to only allow admins.
# Modes +I and +e work in a similar fashion.
-#<module name="m_operchans.so">
+#<module name="operchans">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper join module: Auto-joins opers to a channel upon oper-up.
-# This module is oper-only. For the user equivalent, see m_conn_join.
-#<module name="m_operjoin.so">
+# This module is oper-only. For the user equivalent, see the conn_join
+# module.
+#<module name="operjoin">
#
#-#-#-#-#-#-#-#-#-#-# OPERJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# If you are using the m_operjoin.so module, specify options here: #
+# If you are using the operjoin module, specify options here: #
# #
# channel - The channel name to join, can also be a comma #
# separated list e.g. "#channel1,#channel2". #
@@ -1279,7 +1415,7 @@
# type "m_operlog" at default loglevel), and optionally to the 'r'
# snomask.
# This module is oper-only.
-#<module name="m_operlog.so">
+#<module name="operlog">
#
# If the following option is on then all oper commands will be sent to
# the snomask 'r'. The default is off.
@@ -1293,7 +1429,7 @@
#
# Load this module if you want all your IRC operators to have channel
# operator powers.
-#<module name="m_operprefix.so">
+#<module name="operprefix">
#
# You may additionally customise the prefix character.
#<operprefix prefix="!">
@@ -1302,51 +1438,59 @@
# Oper MOTD module: Provides support for separate message of the day
# on oper-up.
# This module is oper-only.
-#<module name="m_opermotd.so">
+#<module name="opermotd">
#
#-#-#-#-#-#-#-#-#-#-# OPERMOTD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# If you are using the m_opermotd.so module, specify the motd here. #
+# If you are using the opermotd module, specify the motd here. #
# #
# onoper - If on, the message is sent on /OPER, otherwise it's #
# only sent when /OPERMOTD is used. #
# #
-# processcolors - Allow color codes to be processed in the opermotd. #
-# Read the comment above <connect:allowmotdcolors> in #
-# inspircd.conf.example for details. #
-# #
-#<opermotd file="conf/examples/opermotd.txt.example" onoper="yes" processcolors="false">
+#<opermotd file="examples/opermotd.txt.example" onoper="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Override module: Adds support for oper override.
# This module is oper-only.
-#<module name="m_override.so">
+#<module name="override">
#
#-#-#-#-#-#-#-#-#-#-# OVERRIDE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# m_override.so is too complex it describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/override #
+# Much of override's configuration relates to your oper blocks. #
+# For more information on how to allow opers to override, see: #
+# https://wiki.inspircd.org/Modules/3.0/override #
+# #
+# noisy - If enabled, all oper overrides will be announced #
+# via channel notice. #
+# #
+# requirekey - If enabled, overriding on join requires a channel #
+# key of "override" to be specified #
+# #
+# enableumode - If enabled, usermode +O is required for override. #
+# #
+#<override noisy="yes" requirekey="no" enableumode="true">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper levels module: Gives each oper a level and prevents actions
# being taken by lower level opers against higher level opers.
# Specify the level as the 'level' parameter of the <type> tag.
# This module is oper-only.
-#<module name="m_operlevels.so">
+#<module name="operlevels">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Oper modes module: Allows you to specify modes to add/remove on oper.
# Specify the modes as the 'modes' parameter of the <type> tag
# and/or as the 'modes' parameter of the <oper> tag.
-# This module is oper-only. For the user equivalent, see m_conn_umodes.
-#<module name="m_opermodes.so">
+# This module is oper-only. For the user equivalent, see the
+# conn_umodes module.
+#<module name="opermodes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Password forwarding module: Forwards a password users can send on
# connect to the specified client below. The client is usually NickServ
# and this module is usually used to authenticate users with NickServ
# using their connect password.
-#<module name="m_passforward.so">
+#<module name="passforward">
<passforward
# nick: nick to forward connect passwords to.
@@ -1364,8 +1508,8 @@
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Password hash module: Allows hashed passwords to be used.
-# To be useful, a hashing module like m_sha256.so also needs to be loaded.
-#<module name="m_password_hash.so">
+# To be useful, a hashing module like bcrypt also needs to be loaded.
+#<module name="password_hash">
#
#-#-#-#-#-#-#-#-#-# PASSWORD HASH CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#
#
@@ -1374,37 +1518,52 @@
#
# <oper name="Brain"
# host="ident@dialup15.isp.test.com"
-# hash="sha256"
-# password="01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b"
+# hash="bcrypt"
+# password="$2a$10$Mss9AtHHslZTLBrXqM0FB.JBwD.UTSu8A48SfrY9exrpxbsRiRTbO"
# type="NetAdmin">
#
-# Starting from 2.0, you can use a more secure salted hash that prevents simply
-# looking up the hash's value in a rainbow table built for the hash.
+# If you are using a hash algorithm which does not perform salting you can use
+# HMAC to salt your passwords in order to prevent them from being looked up in
+# a rainbow table.
+#
# hash="hmac-sha256" password="lkS1Nbtp$CyLd/WPQXizsbxFUTqFRoMvaC+zhOULEeZaQkUJj+Gg"
#
# Generate hashes using the /MKPASSWD command on the server.
# Don't run it on a server you don't trust with your password.
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# PBKDF2 module: Allows other modules to generate PBKDF2 hashes,
+# usually for cryptographic uses and security.
+# This module relies on other hash providers (e.g. SHA256).
+#<module name="pbkdf2">
+#
+# iterations: Iterations the hashing function runs when generating new
+# hashes.
+# length: Length in bytes of the derived key.
+#<pbkdf2 iterations="12288" length="32">
+# You can override these values with specific values
+# for specific providers if you want to. Example given for SHA256.
+#<pbkdf2prov hash="sha256" iterations="24576">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Permanent channels module: Channels with the permanent channel mode
# will remain open even after everyone else has left the channel, and
# therefore keep things like modes, ban lists and topic. Permanent
# channels -may- need support from your Services package to function
# properly with them. This adds channel mode +P.
# This module is oper-only.
-#<module name="m_permchannels.so">
+#<module name="permchannels">
#
-# If you like, m_permchannels can write a config file of permanent channels
+# If you like, this module can write a config file of permanent channels
# whenever +P is set, unset, or the topic/modes on a +P channel is changed.
# If you want to do this, set the filename below, and uncomment the include.
#
# If 'listmodes' is true then all list modes (+b, +I, +e, +g...) will be
# saved. Defaults to false.
-#<permchanneldb filename="data/permchannels.conf" listmodes="true">
-#<include file="data/permchannels.conf">
+#<permchanneldb filename="permchannels.conf" listmodes="true">
+#<include file="permchannels.conf">
#
# You may also create channels on startup by using the <permchannels> block.
-# Don't forget to set them +P in the modes, or they won't stay permanent.
#<permchannels channel="#opers" modes="isP" topic="Opers only.">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
@@ -1413,68 +1572,71 @@
# This module is in extras. Re-run configure with:
# ./configure --enable-extras=m_pgsql.cpp
# and run make install, then uncomment this module to enable it.
-#<module name="m_pgsql.so">
+#<module name="pgsql">
#
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# m_pgsql.so is more complex than described here, see the wiki for #
-# more: https://wiki.inspircd.org/Modules/2.0/pgsql #
+# pgsql is more complex than described here, see the wiki for #
+# more: https://wiki.inspircd.org/Modules/3.0/pgsql #
#
#<database module="pgsql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database" ssl="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Muteban: Implements extended ban 'm', which stops anyone matching
# a mask like +b m:nick!user@host from speaking on channel.
-#<module name="m_muteban.so">
+#<module name="muteban">
+#
+# If notifyuser is set to no, the user will not be notified when
+# his/her message is blocked.
+#<muteban notifyuser="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Random quote module: Provides a random quote on connect.
# NOTE: Some of these may mimic fatal errors and confuse users and
# opers alike - BEWARE!
-#<module name="m_randquote.so">
+#<module name="randquote">
#
#-#-#-#-#-#-#-#-#-#- RANDOMQUOTES CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
# #
-# Optional - If you specify to use the m_randquote.so module, then #
-# specify below the path to the quotes file. #
+# Optional - If you specify to use the randquote module, then specify #
+# below the path to the quotes file. #
# #
#<randquote file="quotes.txt">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Redirect module: Adds channel redirection mode +L. #
-# Optional: <redirect:antiredirect> to add usermode +L to stop forced #
-# redirection and instead print an error. #
-# #
-# Note: You can not update this with a simple rehash, it requires #
-# reloading the module for it to take effect. #
-# This also breaks linking to servers that do not have the option. #
-# This defaults to false for the 2.0 version, it will be enabled in #
-# all the future versions. #
-#<module name="m_redirect.so">
-#<redirect antiredirect="true">
+# Redirect module: Adds channel mode +L which redirects users to #
+# another channel when the channel has reached its user limit and #
+# user mode +L which stops redirection. #
+#<module name="redirect">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Regular expression provider for glob or wildcard (?/*) matching.
-# You must have at least 1 provider loaded to use m_filter or m_rline
+# You must have at least 1 provider loaded to use the filter or rline
# modules. This module has no additional requirements, as it uses the
# matching already present in InspIRCd core.
-#<module name="m_regex_glob.so">
+#<module name="regex_glob">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Regular expression provider for PCRE (Perl-Compatible Regular
# Expressions). You need libpcre installed to compile and load this
-# module. You must have at least 1 provider loaded to use m_filter or
-# m_rline.
-#<module name="m_regex_pcre.so">
+# module. You must have at least 1 provider loaded to use the filter or
+# rline modules.
+#<module name="regex_pcre">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Regular Expression Provider for RE2 Regular Expressions.
+# You need libre2 installed and in your include/library paths in order
+# to compile and load this module.
+#<module name="regex_re2">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Regular expression provider for POSIX regular expressions.
# You shouldn't need any additional libraries on a POSIX-compatible
# system (i.e.: any Linux, BSD, but not Windows). You must have at
-# least 1 provider loaded to use m_filter or m_rline.
+# least 1 provider loaded to use filter or rline.
# On POSIX-compliant systems, regex syntax can be found by using the
# command: 'man 7 regex'.
-#<module name="m_regex_posix.so">
+#<module name="regex_posix">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Regular expression provider for C++11 std::regex regular expressions.
@@ -1484,7 +1646,7 @@
# You should verify that std::regex is supported by your setup before
# using this module, as it may compile normally but won't do anything
# on some implementations.
-#<module name="m_regex_stdlib.so">
+#<module name="regex_stdlib">
#
# Specify the regular expression engine to use here. Valid settings are
# bre, ere, awk, grep, egrep, ecmascript (default if not specified).
@@ -1496,7 +1658,7 @@
# if you are most familiar with the syntax of /SPAMFILTER from there,
# this is the provider you want. You need libtre installed in order
# to compile and load this module.
-#<module name="m_regex_tre.so">
+#<module name="regex_tre">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Registered users only channel creation module. If enabled, only
@@ -1504,33 +1666,56 @@
#
# You probably *DO NOT* want to load this module on a public network.
#
-#<module name="m_regonlycreate.so">
+#<module name="regonlycreate">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Remove module: Adds the /REMOVE command which is a peaceful
# alternative to /KICK.
-#<module name="m_remove.so">
+#<module name="remove">
+#
+# supportnokicks: If true, /REMOVE is not allowed on channels where the
+# nokicks (+Q) mode is set. Defaults to false.
+# protectedrank: Members having this rank or above may not be /REMOVE'd
+# by anyone. Set to 0 to disable this feature. Defaults to 50000.
+#<remove supportnokicks="true" protectedrank="50000">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# A module to block, kick or ban upon similar messages being uttered several times.
+# Syntax [~*][lines]:[sec]{[:difference]}{[:matchlines]}
+# ~ is to block, * is to ban, default is kick.
+# lines - In mode 1 the amount of lines that has to match consecutively - In mode 2 the size of the backlog to keep for matching
+# seconds - How old the message has to be before it's invalidated.
+# distance - Edit distance, in percent, between two strings to trigger on.
+# matchlines - When set, the function goes into mode 2. In this mode the function will trigger if this many of the last <lines> matches.
+#
+# As this module can be rather CPU-intensive, it comes with some options.
+# maxbacklog - Maximum size that can be specified for backlog. 0 disables multiline matching.
+# maxdistance - Max percentage of difference between two lines we'll allow to match. Set to 0 to disable edit-distance matching.
+# maxlines - Max lines of backlog to match against.
+# maxtime - Maximum period of time a user can set. 0 to allow any.
+# size - Maximum number of characters to check for, can be used to truncate messages
+# before they are checked, resulting in less CPU usage. Increasing this beyond 512
+# doesn't have any effect, as the maximum length of a message on IRC cannot exceed that.
+#<repeat maxbacklog="20" maxlines="20" maxdistance="50" maxtime="0" size="512">
+#<module name="repeat">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Restricted channels module: Allows only opers to create channels.
#
# You probably *DO NOT* want to load this module on a public network.
#
-#<module name="m_restrictchans.so">
+#<module name="restrictchans">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Restrict message module: Allows users to only message opers.
#
# You probably *DO NOT* want to load this module on a public network.
#
-#<module name="m_restrictmsg.so">
-#
-# Uncomment this to allow users to message ulines (e.g. services):
-#<restrictmsg uline="yes">
+#<module name="restrictmsg">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# R-Line module: Ban users through regular expression patterns.
-#<module name="m_rline.so">
+#<module name="rline">
#
#-#-#-#-#-#-#-#-#-#-#-#- RLINE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
#
@@ -1540,7 +1725,7 @@
# Also, this is where you set what Regular Expression engine is to be
# used. If you ever change it while running, all of your R-Lines will
# be wiped. This is the regex engine used by all R-Lines set, and
-# m_regex_<engine>.so must be loaded, or rline will be non-functional
+# regex_<engine> must be loaded, or rline will be non-functional
# until you load it or change the engine to one that is loaded.
#
#<rline matchonnickchange="yes" engine="pcre">
@@ -1554,18 +1739,27 @@
# so that at least \s or [[:space:]] is available.
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# RMODE module: Adds the /RMODE command
+# Allows channel mods to remove list modes en masse.
+# Syntax: /rmode <channel> <mode> [pattern]
+# E.g. '/rmode #Channel b m:*' will remove all mute-extbans on the channel.
+#<module name="rmode">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAJOIN module: Adds the /SAJOIN command which forcibly joins a user
# to the given channel.
# This module is oper-only.
# To use, SAJOIN must be in one of your oper class blocks.
-#<module name="m_sajoin.so">
+# Opers need the users/sajoin-others priv to be able to /SAJOIN users
+# other than themselves.
+#<module name="sajoin">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAKICK module: Adds the /SAKICK command which kicks a user from the
# given channel.
# This module is oper-only.
# To use, SAKICK must be in one of your oper class blocks.
-#<module name="m_sakick.so">
+#<module name="sakick">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAMODE module: Adds the /SAMODE command which allows server operators
@@ -1573,50 +1767,51 @@
# channel priviliges. Also allows changing user modes for any user.
# This module is oper-only.
# To use, SAMODE must be in one of your oper class blocks.
-#<module name="m_samode.so">
+#<module name="samode">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SANICK module: Adds the /SANICK command which allows opers to change
# users' nicks.
# This module is oper-only.
# To use, SANICK must be in one of your oper class blocks.
-#<module name="m_sanick.so">
+#<module name="sanick">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAPART module: Adds the /SAPART command which forcibly parts a user
# from a channel.
# This module is oper-only.
# To use, SAPART must be in one of your oper class blocks.
-#<module name="m_sapart.so">
+#<module name="sapart">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SAQUIT module: Adds the /SAQUIT command which forcibly quits a user.
# This module is oper-only.
# To use, SAQUIT must be in one of your oper class blocks.
-#<module name="m_saquit.so">
+#<module name="saquit">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SATOPIC module: Adds the /SATOPIC command which allows changing the
# topic on a channel without requiring any channel priviliges.
# This module is oper-only.
# To use, SATOPIC must be in one of your oper class blocks.
-#<module name="m_satopic.so">
+#<module name="satopic">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SASL authentication module: Provides support for IRC Authentication
-# Layer via AUTHENTICATE. Note: You also need to have m_cap.so loaded
+# Layer via AUTHENTICATE. Note: You also need to have cap loaded
# for SASL to work.
-#<module name="m_sasl.so">
+#<module name="sasl">
# Define the following to your services server name to improve security
# by ensuring the SASL messages are only sent to the services server
# and not to all connected servers. This prevents a rogue server from
-# capturing SASL messages.
+# capturing SASL messages and disables the SASL cap when services is
+# down.
#<sasl target="services.mynetwork.com">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Secure list module: Prevent /LIST in the first minute of connection,
# crippling most spambots and trojan spreader bots.
-#<module name="m_securelist.so">
+#<module name="securelist">
#
#-#-#-#-#-#-#-#-#-# SECURELIST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
@@ -1630,24 +1825,24 @@
# Define the following variable to change how long a user must wait #
# before issuing a LIST. If not defined, defaults to 60 seconds. #
# #
-#<securelist waittime="60"> #
+#<securelist waittime="1m"> #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Servprotect module: Provides support for Austhex style +k /
# UnrealIRCD +S services mode.
-#<module name="m_servprotect.so">
+#<module name="servprotect">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# See nicks module: Adds snomask +n and +N which show local and remote
# nick changes.
# This module is oper-only.
-#<module name="m_seenicks.so">
+#<module name="seenicks">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Set idle module: Adds a command for opers to change their idle time.
# This module is oper-only.
# To use, SETIDLE must be in one of your oper class blocks.
-#<module name="m_setidle.so">
+#<module name="setidle">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Services support module: Adds several usermodes such as +R and +M.
@@ -1662,39 +1857,76 @@
# +b R: (stop matching account names from joining)
# +b U:n!u@h (blocks matching unregistered users)
#
-#<module name="m_services_account.so">
+#<module name="services_account">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Sethost module: Adds the /SETHOST command.
# This module is oper-only.
# To use, SETHOST must be in one of your oper class blocks.
-# See m_chghost for how to customise valid chars for hostnames.
-#<module name="m_sethost.so">
+# See the chghost module for how to customise valid chars for hostnames.
+#<module name="sethost">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Setident module: Adds the /SETIDENT command.
# This module is oper-only.
# To use, SETIDENT must be in one of your oper class blocks.
-#<module name="m_setident.so">
+#<module name="setident">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SETNAME module: Adds the /SETNAME command.
-#<module name="m_setname.so">
+#<module name="setname">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Serverban: Implements extended ban 's', which stops anyone connected
# to a server matching a mask like +b s:server.mask.here from joining.
-#<module name="m_serverban.so">
+#<module name="serverban">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# SHA1 module: Allows other modules to generate SHA1 hashes.
+# Required by the WebSocket module.
+#<module name="sha1">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# Showfile: Provides support for showing a text file to users when #
+# they enter a command. #
+# This module adds one command for each <showfile> tag that shows the #
+# given file to the user as a series of messages or numerics. #
+#<module name="showfile"> #
+# #
+#-#-#-#-#-#-#-#-#-#-# SHOWFILE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# name - The name of the command which displays this file. This is #
+# the only mandatory setting, all others are optional. #
+# file - The text file to be shown to the user. #
+# By default same as the command name. #
+# method - How should the file be shown? #
+# * numeric: Send contents using a numeric #
+# (similar to /MOTD; the default). #
+# * notice: Send contents as a series of notices. #
+# * msg: Send contents as a series of private messages. #
+# #
+# When using the method "numeric", the following extra settings are #
+# available: #
+# #
+# introtext - Introductory line, "Showing <name>" by default. #
+# intronumeric - Numeric used for the introductory line. #
+# numeric - Numeric used for sending the text itself. #
+# endtext - Ending line, "End of <name>" by default. #
+# endnumeric - Numeric used for the ending line. #
+# #
+#<showfile name="RULES"
+# file="rules.txt"
+# introtext="Server rules:"
+# endtext="End of server rules.">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Show whois module: Adds the +W usermode which allows opers to see
# when they are /WHOIS'd.
# This module is oper-only by default.
-#<module name="m_showwhois.so">
+#<module name="showwhois">
#
# If you wish, you may also let users set this mode. Only opers with the
-# users/auspex priv will see real hosts of people, though. This setting
-# is not reloadable via /REHASH, changing it requires /RELOADMODULE.
+# users/auspex priv will see real hosts of people, though.
#<showwhois opersonly="yes"
#
# You may also set whether or not users should receive whois notices,
@@ -1706,7 +1938,7 @@
# executing all except configured commands.
# This module is oper-only.
# To use, SHUN must be in one of your oper class blocks.
-#<module name="m_shun.so">
+#<module name="shun">
#
# You may also configure which commands you wish a user to be able to
# perform when shunned. It should be noted that if a shunned user
@@ -1719,64 +1951,84 @@
#<shun enabledcommands="ADMIN PING PONG QUIT PART JOIN" notifyuser="yes" affectopers="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SSL channel mode module: Adds support for SSL-only channels via
-# channel mode +z and the 'z' extban which matches SSL client
-# certificate fingerprints.
+# SSL mode module: Adds support for SSL-only channels via the '+z'
+# channel mode, SSL-only private messages via the '+z' user mode and
+# the 'z:' extban which matches SSL client certificate fingerprints.
+#
# Does not do anything useful without a working SSL module and the
-# m_sslinfo module (see below).
-#<module name="m_sslmodes.so">
+# sslinfo module (see below).
+#<module name="sslmodes">
+#
+# The +z user mode is not enabled by default to enable link compatibility
+# with 2.0 servers. You can enable it by uncommenting this:
+#<sslmodes enableumode="yes">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# SSL rehash signal module: Allows the SSL modules to be rehashed by
+# sending SIGUSR1 to a running InspIRCd process.
+# This modules is in extras. Re-run configure with:
+# ./configure --enable-extras=m_sslrehashsignal.cpp
+# and run make install, then uncomment this module to enable it.
+#<module name="sslrehashsignal">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# GnuTLS SSL module: Adds support for SSL connections using GnuTLS,
# if enabled. You must answer 'yes' in ./configure when asked or
# manually symlink the source for this module from the directory
# src/modules/extra, if you want to enable this, or it will not load.
-#<module name="m_ssl_gnutls.so">
+#<module name="ssl_gnutls">
#
#-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# m_ssl_gnutls.so is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/ssl_gnutls #
+# ssl_gnutls is too complex to describe here, see the wiki: #
+# https://wiki.inspircd.org/Modules/3.0/ssl_gnutls #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SSL info module: Allows users to retrieve information about other
# users' peer SSL certificates and keys. This can be used by client
-# scripts to validate users. For this to work, one of m_ssl_gnutls.so
-# or m_ssl_openssl.so must be loaded. This module also adds the
+# scripts to validate users. For this to work, one of ssl_gnutls
+# or ssl_openssl must be loaded. This module also adds the
# "* <user> is using a secure connection" whois line, the ability for
-# opers to use SSL fingerprints to verify their identity and the
+# opers to use SSL cert fingerprints to verify their identity and the
# ability to force opers to use SSL connections in order to oper up.
# It is highly recommended to load this module if you use SSL on your
# network.
# For how to use the oper features, please see the first example <oper> tag
# in opers.conf.example.
#
-#<module name="m_sslinfo.so">
+#<module name="sslinfo">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# mbedTLS SSL module: Adds support for SSL/TLS connections using mbedTLS.
+#<module name="ssl_mbedtls">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# OpenSSL SSL module: Adds support for SSL connections using OpenSSL,
# if enabled. You must answer 'yes' in ./configure when asked or symlink
# the source for this module from the directory src/modules/extra, if
# you want to enable this, or it will not load.
-#<module name="m_ssl_openssl.so">
+#<module name="ssl_openssl">
#
#-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# m_ssl_openssl.so is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/ssl_openssl #
+# ssl_openssl is too complex to describe here, see the wiki: #
+# https://wiki.inspircd.org/Modules/3.0/ssl_openssl #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Strip color module: Adds channel mode +S that strips mIRC color
-# codes from all messages sent to the channel.
-#<module name="m_stripcolor.so">
+# Strip color module: Adds channel mode +S that strips color codes and
+# all control codes except CTCP from all messages sent to the channel.
+#<module name="stripcolor">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Silence module: Adds support for the /SILENCE command, which allows
# users to have a server-side ignore list for their client.
-#<module name="m_silence.so">
+#<module name="silence">
#
# Set the maximum number of entries allowed on a user's silence list.
-#<silence maxentries="32">
+#<silence maxentries="32"
+#
+# Whether messages from U-lined servers will bypass silence masks.
+#exemptuline="yes">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SQLite3 module: Allows other SQL modules to access SQLite3 #
@@ -1785,12 +2037,12 @@
# ./configure --enable-extras=m_sqlite3.cpp
# and run make install, then uncomment this module to enable it. #
#
-#<module name="m_sqlite3.so">
+#<module name="sqlite3">
#
#-#-#-#-#-#-#-#-#-#-#-#- SQL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# m_sqlite.so is more complex than described here, see the wiki for #
-# more: https://wiki.inspircd.org/Modules/2.0/sqlite3 #
+# sqlite is more complex than described here, see the wiki for more #
+# info: https://wiki.inspircd.org/Modules/3.0/sqlite3 #
#
#<database module="sqlite" hostname="/full/path/to/database.db" id="anytext">
@@ -1798,61 +2050,64 @@
# SQL authentication module: Allows IRCd connections to be tied into
# a database table (for example a forum).
#
-#<module name="m_sqlauth.so">
+#<module name="sqlauth">
#
#-#-#-#-#-#-#-#-#-#-#- SQLAUTH CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
-# m_sqlauth.so is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/sqlauth #
+# sqlauth is too complex to describe here, see the wiki: #
+# https://wiki.inspircd.org/Modules/3.0/sqlauth #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SQL oper module: Allows you to store oper credentials in an SQL table
+# SQL oper module: Allows you to store oper credentials in an SQL
+# table. You can add additional table columns like you would config
+# tags in opers.conf. Opers in opers.conf will override opers from
+# this module.
#
-#<module name="m_sqloper.so">
+#<module name="sqloper">
#
#-#-#-#-#-#-#-#-#-#-#- SQLOPER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
# #
# dbid - Database ID to use (see SQL modules). #
-# hash - Hashing provider to use for password hashing. #
# #
-# See also: https://wiki.inspircd.org/Modules/2.0/sqloper #
+# See also: https://wiki.inspircd.org/Modules/3.0/sqloper #
# #
-#<sqloper dbid="1" hash="md5">
+#<sqloper dbid="1">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# StartTLS module: Implements STARTTLS, which allows clients #
+# connected to non SSL enabled ports to enable SSL, if a proper SSL #
+# module is loaded (either ssl_gnutls or ssl_openssl). #
+#<module name="starttls">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SVSHold module: Implements SVSHOLD. Like Q:Lines, but can only be #
# added/removed by Services. #
-#<module name="m_svshold.so">
-# If silent is true no snotices will be generated by SVSHOLD.
+#<module name="svshold">
+# SVSHOLD does not generate server notices by default, you can turn
+# notices on by uncommenting the next line.
#<svshold silent="false">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SWHOIS module: Allows you to add arbitrary lines to user WHOIS.
# This module is oper-only.
# To use, SWHOIS must be in one of your oper class blocks.
-#<module name="m_swhois.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Test module: Enable this to create a command useful in testing
-# flood control. To avoid accidental use on live networks, the server
-# name must contain ".test" to load the module
-#<module name="m_testnet.so">
+#<module name="swhois">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Timed bans module: Adds timed channel bans with the /TBAN command.
-#<module name="m_timedbans.so">
+#<module name="timedbans">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Test line module: Adds the /TLINE command, used to test how many
# users a /GLINE or /ZLINE etc. would match.
# This module is oper-only.
# To use, TLINE must be in one of your oper class blocks.
-#<module name="m_tline.so">
+#<module name="tline">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Topiclock module: implements server-side topic locking to achieve deeper
# integration with services packages.
-#<module name="m_topiclock.so">
+#<module name="topiclock">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# UHNAMES support module: Adds support for the IRCX style UHNAMES
@@ -1860,23 +2115,23 @@
# each user, saving clients from doing a WHO on the channel.
# If a client does not support UHNAMES it will not enable it, this will
# not break incompatible clients.
-#<module name="m_uhnames.so">
+#<module name="uhnames">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Uninvite module: Adds the /UNINVITE command which lets users remove
# pending invites from channels without waiting for the user to join.
-#<module name="m_uninvite.so">
+#<module name="uninvite">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Userip module: Adds the /USERIP command.
# Allows users to query their own IP, also allows opers to query the IP
# of anyone else.
-#<module name="m_userip.so">
+#<module name="userip">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Vhost module: Adds the VHOST command which allows for adding virtual
# hosts which are accessible using a username and password in the config.
-#<module name="m_vhost.so">
+#<module name="vhost">
#
#-#-#-#-#-#-#-#-#-#-#- VHOST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
@@ -1885,32 +2140,51 @@
# pass - Password for the vhost. #
# #
# hash - The hash for the specific user (optional) #
-# m_password_hash.so and a hashing module must be loaded #
-# for this to work. #
+# password_hash and a hashing module must be loaded for #
+# this to work. #
# #
# host - Vhost to set. #
#
#<vhost user="some_username" pass="some_password" host="some.host.test.cc">
-#<vhost user="foo" password="fcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9" hash="sha256" host="some.other.host.example.com">
+#<vhost user="foo" password="$2a$10$iTuYLT6BRhRlOgzfsW9oPe62etW.oXwSpyKw5rJit64SGZanLXghO" hash="bcrypt" host="some.other.host.example.com">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Watch module: Adds the WATCH command, which is used by clients to
# maintain notify lists.
-#<module name="m_watch.so">
+#<module name="watch">
#
# Set the maximum number of entries on a user's watch list below.
#<watch maxentries="32">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
+# WebSocket module: Adds HTML5 WebSocket support.
+# Specify hook="websocket" in a <bind> tag to make that port accept
+# WebSocket connections. Compatible with SSL/TLS.
+# Requires SHA-1 hash support available in the sha1 module.
+#<module name="websocket">
+#
+# Whether to re-encode messages as UTF-8 before sending to WebSocket
+# clients. This is recommended as the WebSocket protocol requires all
+# text frames to be sent as UTF-8. If you do not have this enabled
+# messages will be sent as binary frames instead.
+#<websocket sendastext="yes">
+#
+# If you use the websocket module you MUST specify one or more origins
+# which are allowed to connect to the server. You should set this as
+# strict as possible to prevent malicious webpages from connecting to
+# your server.
+# <wsorigin allow="https://webchat.example.com/*">
+
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# XLine database: Stores all *Lines (G/Z/K/R/any added by other modules)
# in a file which is re-loaded on restart. This is useful
# for two reasons: it keeps bans so users may not evade them, and on
# bigger networks, server connections will take less time as there will
# be a lot less bans to apply - as most of them will already be there.
-#<module name="m_xline_db.so">
+#<module name="xline_db">
# Specify the filename for the xline database here.
-#<xlinedb filename="data/xline.db">
+#<xlinedb filename="xline.db">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# ____ _ _____ _ _ ____ _ _ _ #
@@ -1919,8 +2193,8 @@
# | _ < __/ (_| | (_| | | | | | | | \__ \ | |_) | | |_|_| #
# |_| \_\___|\__,_|\__,_| |_| |_| |_|_|___/ |____/|_|\__(_) #
# #
-# To link servers to InspIRCd, you MUST load the m_spanningtree #
-# module. If you don't do this, server links will NOT work at all. #
+# To link servers to InspIRCd, you MUST load the spanningtree module. #
+# If you don't do this, server links will NOT work at all. #
# This is by design, to allow for the implementation of other linking #
# protocols in modules in the future. #
@@ -1929,4 +2203,4 @@
# tree protocol (see the READ THIS BIT section above).
# You will almost always want to load this.
#
-#<module name="m_spanningtree.so">
+#<module name="spanningtree">
diff --git a/docs/conf/modules/charybdis.conf.example b/docs/conf/modules/charybdis.conf.example
deleted file mode 100644
index 91260c7d3..000000000
--- a/docs/conf/modules/charybdis.conf.example
+++ /dev/null
@@ -1,302 +0,0 @@
-<module name="m_md5.so">
-<module name="m_sha256.so">
-<module name="m_alias.so">
-<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-<alias text="ID" replace="PRIVMSG NickServ :IDENTIFY $2" requires="NickServ" uline="yes">
-
-<module name="m_banexception.so">
-<module name="m_banredirect.so">
-<module name="m_blockcolor.so">
-<module name="m_callerid.so">
-<callerid maxaccepts="16"
- operoverride="no"
- tracknick="no"
- cooldown="60">
-
-<module name="m_cap.so">
-<module name="m_cban.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# CGI:IRC module: Adds support for automatic host changing in CGI:IRC
-# (http://cgiirc.sourceforge.net).
-#<module name="m_cgiirc.so">
-#
-#-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
-#
-# Optional - If you specify to use m_cgiirc, then you must specify one
-# or more cgihost tags which indicate authorised CGI:IRC servers which
-# will be connecting to your network, and an optional cgiirc tag.
-# For more information see: https://wiki.inspircd.org/Modules/2.0/cgiirc
-#
-# Set to yes if you want to notice opers when CGI clients connect
-# <cgiirc opernotice="no">
-#
-# The type field indicates where the module should get the real
-# client's IP address from, for further information, please see the
-# CGI:IRC documentation.
-#
-# Old style:
-# <cgihost type="pass" mask="www.mysite.com"> # Get IP from PASS
-# <cgihost type="ident" mask="otherbox.mysite.com"> # Get IP from ident
-# <cgihost type="passfirst" mask="www.mysite.com"> # See the docs
-# New style:
-# <cgihost type="webirc" password="foobar"
-# mask="somebox.mysite.com"> # Get IP from WEBIRC
-#
-# IMPORTANT NOTE:
-# ---------------
-#
-# When you connect CGI:IRC clients, there are two connect classes which
-# apply to these clients. When the client initially connects, the connect
-# class which matches the cgi:irc site's host is checked. Therefore you
-# must raise the maximum local/global clients for this ip as high as you
-# want to allow cgi clients. After the client has connected and is
-# determined to be a cgi:irc client, the class which matches the client's
-# real IP is then checked. You may set this class to a lower value, so that
-# the real IP of the client can still be restricted to, for example, 3
-# sessions maximum.
-#
-
-<module name="m_chancreate.so">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Channel names module: Allows disabling channels which have certain
-# characters in the channel name such as bold, colorcodes, etc. which
-# can be quite annoying and allow users to on occasion have a channel
-# that looks like the name of another channel on the network.
-<module name="m_channames.so">
-
-<channames
- # denyrange: characters or range of characters to deny in channel
- # names.
- denyrange="2"
-
- # allowrange: characters or range of characters to specifically allow
- # in channel names.
- allowrange="">
-
-<module name="m_channelban.so">
-<module name="m_chghost.so">
-<hostname charmap="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-_/0123456789">
-<module name="m_chgident.so">
-<module name="m_chgname.so">
-<module name="m_cloaking.so">
-#
-#-#-#-#-#-#-#-#-#-#-#- CLOAKING CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# If you specify the m_cloaking.so module as above, you must define #
-# cloak keys, and optionally a cloak prefix as shown below. The cloak #
-# keys must be shared across the network for correct cloaking. #
-# #
-# There are four methods of cloaking: #
-# #
-# half Cloak only the "unique" portion of a host; show #
-# the last 2 parts of the domain, /16 subnet of IPv4 #
-# or /48 subnet of the IPv6 address. #
-# #
-# full Cloak the users completely, using three slices for #
-# common CIDR bans (IPv4: /16, /24; IPv6: /48, /64) #
-# #
-# These methods use a single key that can be any length of text. #
-# An optional prefix may be specified to mark cloaked hosts. #
-# #
-# The following methods are maintained for backwards compatibility; #
-# they are slightly less secure, and always hide unresolved IPs #
-# #
-# compat-host InspIRCd 1.2-compatible host-based cloaking #
-# compat-ip InspIRCd 1.2-compatible ip-always cloaking #
-# #
-# You must specify key1, key2, key3, key4 for the compat cloaking #
-# modes; the values must be less than 0x80000000 and should be picked #
-# at random. Prefix is mandatory, will default to network name if not #
-# specified, and will always have a "-" appended. #
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-#
-<cloak mode="half"
- key="secret"
- prefix="net-">
-
-<module name="m_close.so">
-<module name="m_conn_umodes.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Connectban: Provides IP connection throttling. Any IP range that connects
-# too many times (configurable) in an hour is zlined for a (configurable)
-# duration, and their count resets to 0.
-#
-# ipv4cidr and ipv6cidr allow you to turn the comparison from individual
-# IP addresses (32 and 128 bits) into CIDR masks, to allow for throttling
-# over whole ISPs/blocks of IPs, which may be needed to prevent attacks.
-#
-#<connectban threshold="10" duration="10m" ipv4cidr="32" ipv6cidr="128">
-# This allows for 10 connections in an hour with a 10 minute ban if that is exceeded.
-#
-#<module name="m_connectban.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Connection throttle module.
-#<module name="m_connflood.so">
-#
-#-#-#-#-#-#-#-#-#-#-#- CONTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
-# seconds, maxconns - Amount of connections per <seconds>.
-#
-# timeout - Time to wait after the throttle was activated
-# before deactivating it. Be aware that the time
-# is seconds + timeout.
-#
-# quitmsg - The message that users get if they attempt to
-# connect while the throttle is active.
-#
-# bootwait - Amount of time to wait before enforcing the
-# throttling when the server just booted.
-#
-#<connflood seconds="30" maxconns="3" timeout="30"
-# quitmsg="Throttled" bootwait="10">
-
-<module name="m_deaf.so">
-<module name="m_dnsbl.so">
-<module name="m_gecosban.so">
-<module name="m_globalload.so">
-<module name="m_ident.so">
-<ident timeout="1">
-<module name="m_inviteexception.so">
-<module name="m_joinflood.so">
-<module name="m_knock.so">
-<module name="m_namesx.so">
-<module name="m_operchans.so">
-<module name="m_operlog.so">
-<module name="m_opermodes.so">
-<module name="m_password_hash.so">
-<module name="m_permchannels.so">
-<module name="m_muteban.so">
-<module name="m_redirect.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Regular expression provider for glob or wildcard (?/*) matching.
-# You must have at least 1 provider loaded to use m_filter or m_rline
-# modules. This module has no additional requirements, as it uses the
-# matching already present in InspIRCd core.
-#<module name="m_regex_glob.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Regular expression provider for PCRE (Perl-Compatible Regular
-# Expressions). You need libpcre installed to compile and load this
-# module. You must have at least 1 provider loaded to use m_filter or
-# m_rline.
-#<module name="m_regex_pcre.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Regular expression provider for POSIX regular expressions.
-# You shouldn't need any additional libraries on a POSIX-compatible
-# system (ie: any Linux, BSD, but not Windows). You must have at least
-# 1 provider loaded to use m_filter or m_rline.
-# On POSIX-compliant systems, regex syntax can be found by using the
-# command: 'man 7 regex'.
-#<module name="m_regex_posix.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Registered users only channel creation
-# Allows only registered users and opers to create new channels.
-#
-# You probably *DO NOT* want to load this module on a public network.
-#
-#<module name="m_regonlycreate.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Ban users through regular expression patterns
-#<module name="m_rline.so">
-#
-#-#-#-#-#-#-#-#-#-#-#-#- RLINE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
-#
-# If you wish to re-check a user when they change nickname (can be
-# useful under some situations, but *can* also use CPU with more users
-# on a server) then set the following configuration value:
-# Also, this is where you set what Regular Expression engine is to be
-# used. If you ever change it while running, all of your R-Lines will be
-# wiped. This is the regex engine used by all R-Lines set, and
-# m_regex_<engine>.so must be loaded, or rline will be nonfunctional
-# until you load it or change the engine to one that is loaded.
-#
-#<rline matchonnickchange="yes" engine="pcre">
-#
-# Generally, you will NOT want to use 'glob' here, as this turns
-# rline into just another gline. The exceptions are that rline will
-# always use the full nick!user@host realname string, rather than only
-# user@host, but beware that only the ? and * wildcards are available,
-# and are the only way to specify where the space can occur if you do
-# use glob. For this reason, is recommended to use a real regex engine
-# so that at least \s or [[:space:]] is available.
-
-<module name="m_sasl.so">
-<module name="m_servprotect.so">
-<module name="m_services_account.so">
-<module name="m_sethost.so">
-<module name="m_serverban.so">
-<module name="m_showwhois.so">
-<showwhois opersonly="yes" showfromopers="yes">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SSL channel mode module: Adds support for SSL-only channels via
-# channel mode +z and the 'z' extban which matches SSL client
-# certificate fingerprints.
-# Does not do anything useful without a working SSL module (see below).
-#<module name="m_sslmodes.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# GnuTLS SSL module: Adds support for SSL connections using GnuTLS,
-# if enabled. You must answer 'yes' in ./configure when asked or
-# manually symlink the source for this module from the directory
-# src/modules/extra, if you want to enable this, or it will not load.
-#<module name="m_ssl_gnutls.so">
-#
-#-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# m_ssl_gnutls.so is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/ssl_gnutls #
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# SSL Info module: Allows users to retrieve information about other
-# user's peer SSL certificates and keys. This can be used by client
-# scripts to validate users. For this to work, one of m_ssl_gnutls.so
-# or m_ssl_openssl.so must be loaded. This module also adds the
-# "* <user> is using a secure connection" whois line, the ability for
-# opers to use SSL fingerprints to verify their identity and the ability
-# to force opers to use SSL connections in order to oper up.
-# It is highly recommended to load this module especially if
-# you use SSL on your network.
-# For how to use the oper features, please see the first example <oper> tag
-# in opers.conf.example.
-#
-#<module name="m_sslinfo.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# OpenSSL SSL module: Adds support for SSL connections using OpenSSL,
-# if enabled. You must answer 'yes' in ./configure when asked or symlink
-# the source for this module from the directory src/modules/extra, if
-# you want to enable this, or it will not load.
-#<module name="m_ssl_openssl.so">
-#
-#-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# m_ssl_openssl.so is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/ssl_openssl #
-
-<module name="m_stripcolor.so">
-<module name="m_svshold.so">
-<module name="m_tline.so">
-<module name="m_uhnames.so">
-<module name="m_watch.so">
-<watch maxentries="32">
-<module name="m_xline_db.so">
-
-<module name="m_spanningtree.so">
diff --git a/docs/conf/modules/unrealircd.conf.example b/docs/conf/modules/unrealircd.conf.example
deleted file mode 100644
index 65d713394..000000000
--- a/docs/conf/modules/unrealircd.conf.example
+++ /dev/null
@@ -1,399 +0,0 @@
-<module name="m_md5.so">
-<module name="m_sha256.so">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Alias module: Allows you to define server-side command aliases.
-<module name="m_alias.so">
-<fantasy prefix="!" allowbots="no">
-# Aliases
-<alias text="NICKSERV" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-<alias text="CHANSERV" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-<alias text="OPERSERV" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-<alias text="BOTSERV" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-<alias text="HOSTSERV" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-<alias text="MEMOSERV" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-<alias text="NS" replace="PRIVMSG NickServ :$2-" requires="NickServ" uline="yes">
-<alias text="CS" replace="PRIVMSG ChanServ :$2-" requires="ChanServ" uline="yes">
-<alias text="OS" replace="PRIVMSG OperServ :$2-" requires="OperServ" uline="yes" operonly="yes">
-<alias text="BS" replace="PRIVMSG BotServ :$2-" requires="BotServ" uline="yes">
-<alias text="HS" replace="PRIVMSG HostServ :$2-" requires="HostServ" uline="yes">
-<alias text="MS" replace="PRIVMSG MemoServ :$2-" requires="MemoServ" uline="yes">
-#
-# An example of using the format value to create an alias with two
-# different behaviours depending on the format of the parameters.
-#
-#<alias text="ID" format="#*" replace="PRIVMSG ChanServ :IDENTIFY $2 $3"
-# requires="ChanServ" uline="yes">
-#
-#<alias text="ID" replace="PRIVMSG NickServ :IDENTIFY $2"
-# requires="NickServ" uline="yes">
-#
-# This alias fixes a glitch in xchat 2.6.x and above and the way it
-# assumes IDENTIFY must be prefixed by a colon (:) character. It should
-# be placed ABOVE the default NICKSERV alias (the first example) listed
-# above.
-#
-#<alias text="NICKSERV" format=":IDENTIFY *" replace="PRIVMSG NickServ :IDENTIFY $3-"
-# requires="NickServ" uline="yes">
-
-<module name="m_allowinvite.so">
-<module name="m_alltime.so">
-<module name="m_auditorium.so">
-<auditorium showops="yes" operoverride="yes">
-<module name="m_banexception.so">
-<module name="m_blockcaps.so">
-<blockcaps percent="50"
- minlen="5"
- capsmap="ABCDEFGHIJKLMNOPQRSTUVWXYZ! ">
-<module name="m_blockcolor.so">
-<module name="m_botmode.so">
-<module name="m_censor.so">
-<include file="inspircd.censor.example">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# CGI:IRC module: Adds support for automatic host changing in CGI:IRC
-# (http://cgiirc.sourceforge.net).
-#<module name="m_cgiirc.so">
-#
-#-#-#-#-#-#-#-#-#-#-#-# CGIIRC CONFIGURATION #-#-#-#-#-#-#-#-#-#-#-#-#
-#
-# Optional - If you specify to use m_cgiirc, then you must specify one
-# or more cgihost tags which indicate authorised CGI:IRC servers which
-# will be connecting to your network, and an optional cgiirc tag.
-# For more information see: https://wiki.inspircd.org/Modules/2.0/cgiirc
-#
-# Set to yes if you want to notice opers when CGI clients connect
-# <cgiirc opernotice="no">
-#
-# The type field indicates where the module should get the real
-# client's IP address from, for further information, please see the
-# CGI:IRC documentation.
-#
-# Old style:
-# <cgihost type="pass" mask="www.mysite.com"> # Get IP from PASS
-# <cgihost type="ident" mask="otherbox.mysite.com"> # Get IP from ident
-# <cgihost type="passfirst" mask="www.mysite.com"> # See the docs
-# New style:
-# <cgihost type="webirc" password="foobar"
-# mask="somebox.mysite.com"> # Get IP from WEBIRC
-#
-# IMPORTANT NOTE:
-# ---------------
-#
-# When you connect CGI:IRC clients, there are two connect classes which
-# apply to these clients. When the client initially connects, the connect
-# class which matches the cgi:irc site's host is checked. Therefore you
-# must raise the maximum local/global clients for this ip as high as you
-# want to allow cgi clients. After the client has connected and is
-# determined to be a cgi:irc client, the class which matches the client's
-# real IP is then checked. You may set this class to a lower value, so that
-# the real IP of the client can still be restricted to, for example, 3
-# sessions maximum.
-#
-
-<module name="m_chanfilter.so">
-<chanfilter hidemask="yes">
-
-<module name="m_chanprotect.so">
-
-<chanprotect
- noservices="no"
- qprefix="~"
- aprefix="&amp;"
- deprotectself="yes"
- deprotectothers="yes">
-
-<module name="m_check.so">
-<module name="m_chghost.so">
-<hostname charmap="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-_/0123456789">
-
-<module name="m_chgident.so">
-<module name="m_chgname.so">
-<module name="m_cloaking.so">
-<cloak mode="half"
- key="secret"
- prefix="net-">
-
-<module name="m_close.so">
-<module name="m_clones.so">
-<module name="m_commonchans.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Auto join on connect module: Allows you to force users to join one
-# or more channels automatically upon connecting to the server.
-#<module name="m_conn_join.so">
-#
-#-#-#-#-#-#-#-#-#-#-#-#- CONNJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
-#
-# If you have m_conn_join.so loaded, you can configure it using the
-# follow values:
-#
-#<autojoin channel="#one,#two,#three">
-
-<module name="m_conn_umodes.so">
-<module name="m_cycle.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Connection throttle module.
-#<module name="m_connflood.so">
-#
-#-#-#-#-#-#-#-#-#-#-#- CONTHROTTLE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
-# seconds, maxconns - Amount of connections per <seconds>.
-#
-# timeout - Time to wait after the throttle was activated
-# before deactivating it. Be aware that the time
-# is seconds + timeout.
-#
-# quitmsg - The message that users get if they attempt to
-# connect while the throttle is active.
-#
-# bootwait - Amount of time to wait before enforcing the
-# throttling when the server just booted.
-#
-#<connflood seconds="30" maxconns="3" timeout="30"
-# quitmsg="Throttled" bootwait="10">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# DCCALLOW module: Adds the /DCCALLOW command.
-<module name="m_dccallow.so">
-#
-#-#-#-#-#-#-#-#-#-#-#- DCCALLOW CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
-# blockchat - Whether to block DCC CHAT as well as DCC SEND
-# length - Default duration of entries in DCCALLOW list
-# action - Default action to take if no action is specified
-# can be 'block' or 'allow'
-#
-# File configuration:
-# pattern - The glob pattern to match against
-# action - Action to take if a user attempts to send a file
-# that matches this pattern, can be 'block' or 'allow'
-#
-#<dccallow blockchat="yes" length="5m" action="block">
-#<banfile pattern="*.exe" action="block">
-#<banfile pattern="*.txt" action="allow">
-#
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-
-<module name="m_deaf.so">
-<module name="m_denychans.so">
-#<badchan name="#gods*" allowopers="yes" reason="Tortoises!"> #
-#<badchan name="#heaven" redirect="#hell" reason="Nice try!"> #
-
-<module name="m_devoice.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Filter module: Provides message filtering, similar to SPAMFILTER.
-<module name="m_filter.so">
-# #
-# This module depends upon a regex provider such as m_regex_pcre or #
-# m_regex_glob to function. You must specify which of these you want #
-# m_filter to use via the tag below. #
-# #
-# Valid engines are: #
-# #
-# glob - Glob patterns, provided via m_regex_glob. #
-# pcre - PCRE regexps, provided via m_regex_pcre, needs libpcre. #
-# tre - TRE regexps, provided via m_regex_tre, requires libtre. #
-# posix - POSIX regexps, provided via m_regex_posix, not available #
-# on Windows, no dependencies on other operating systems. #
-# stdlib - stdlib regexps, provided via m_regex_stdlib, see comment #
-# at the <module> tag for info on availability. #
-# #
-<filteropts engine="glob">
-# #
-# Your choice of regex engine must match on all servers network-wide.
-#
-# You may specify specific channels that are exempt from being filtered:
-#<exemptfromfilter channel="#blah">
-#
-#-#-#-#-#-#-#-#-#-#-#- FILTER CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# Optional - If you specify to use the m_filter module, then #
-# specfiy below the path to the filter.conf file, or define some #
-# <filter> tags. #
-# #
-#<include file="filter.conf">
-
-<module name="m_gecosban.so">
-<module name="m_globops.so">
-<module name="m_globalload.so">
-<module name="m_halfop.so">
-<module name="m_helpop.so">
-<include file="inspircd.helpop-full.example">
-
-<module name="m_hidechans.so">
-<hidechans affectsopers="false">
-
-<module name="m_hideoper.so">
-<module name="m_ident.so">
-<ident timeout="1">
-<module name="m_inviteexception.so">
-<module name="m_joinflood.so">
-<module name="m_jumpserver.so">
-<module name="m_knock.so">
-<module name="m_messageflood.so">
-<module name="m_namesx.so">
-<module name="m_nickflood.so">
-<module name="m_noctcp.so">
-<module name="m_nokicks.so">
-<module name="m_nonicks.so">
-<module name="m_nopartmsg.so">
-<module name="m_nonotice.so">
-<module name="m_operchans.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Oper join module: Auto-joins opers to a channel upon oper-up.
-# This module is oper-only. For the user equivalent, see m_conn_join.
-<module name="m_operjoin.so">
-#
-#-#-#-#-#-#-#-#-#-#-# OPERJOIN CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
-# #
-# If you are using the m_operjoin.so module, specify options here: #
-# #
-# channel - The channel name to join, can also be a comma #
-# separated list eg. "#channel1,#channel2". #
-# #
-# override - Lets the oper join walking thru any modes that #
-# might be set, even bans. Use "yes" or "no". #
-# #
-#<operjoin channel="#channel" override="no">
-#
-# Alternatively you can use the autojoin="channellist" in a <type> #
-# tag to set specific autojoins for a type of oper, for example: #
-#
-#<type name="Helper" autojoin="#help" classes="...">
-
-<module name="m_operlog.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Oper MOTD module: Provides support for separate message of the day
-# on oper-up.
-# This module is oper-only.
-#<module name="m_opermotd.so">
-#
-#-#-#-#-#-#-#-#-#-#-# OPERMOTD CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
-# #
-# If you are using the m_opermotd.so module, specify the motd here #
-# #
-# onoper - If on, the message is sent on /OPER, otherwise it's #
-# only sent when /OPERMOTD is used. #
-# #
-#<opermotd file="oper.motd" onoper="yes">
-
-<module name="m_override.so">
-#-#-#-#-#-#-#-#-#-#-# OVERRIDE CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#
-# #
-# m_override.so is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/override #
-
-<module name="m_operlevels.so">
-<module name="m_opermodes.so">
-<module name="m_password_hash.so">
-<module name="m_muteban.so">
-
-<module name="m_redirect.so">
-<module name="m_regex_glob.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Regular expression provider for PCRE (Perl-Compatible Regular
-# Expressions). You need libpcre installed to compile and load this
-# module. You must have at least 1 provider loaded to use m_filter or
-# m_rline.
-#<module name="m_regex_pcre.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Regular expression provider for POSIX Regular Expressions.
-# You shouldn't need any additional libraries on a POSIX-compatible
-# system (ie: any Linux, BSD, but not Windows). You must have at least
-# 1 provider loaded to use m_filter or m_rline.
-# On POSIX-compliant systems, regex syntax can be found by using the
-# command: 'man 7 regex'.
-#<module name="m_regex_posix.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Regular expression provider for TRE Regular Expressions.
-# This is the same regular expression engine used by UnrealIRCd, so
-# if you are most familiar with the syntax of /spamfilter from there,
-# this is the provider you want. You need libtre installed in order
-# to compile and load this module.
-#<module name="m_regex_tre.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Registered users only channel creation module. If enabled, only
-# registered users and opers can create new channels.
-#
-# You probably *DO NOT* want to load this module on a public network.
-#
-#<module name="m_regonlycreate.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Restricted channels module: Allows only opers to create channels.
-#
-# You probably *DO NOT* want to load this module on a public network.
-#
-#<module name="m_restrictchans.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Restrict message module: Allows users to only message opers.
-#
-# You probably *DO NOT* want to load this module on a public network.
-#
-#<module name="m_restrictmsg.so">
-
-<module name="m_sajoin.so">
-<module name="m_sakick.so">
-<module name="m_samode.so">
-<module name="m_sanick.so">
-<module name="m_sapart.so">
-<module name="m_saquit.so">
-<module name="m_satopic.so">
-<module name="m_servprotect.so">
-<module name="m_seenicks.so">
-<module name="m_setidle.so">
-<module name="m_services_account.so">
-<module name="m_sethost.so">
-<module name="m_setident.so">
-<module name="m_setname.so">
-<module name="m_showwhois.so">
-<showwhois opersonly="yes" showfromopers="yes">
-
-<module name="m_shun.so">
-<shun enabledcommands="PING PONG QUIT PART JOIN" notifyuser="no" affectopers="no">
-
-<module name="m_sslmodes.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# GnuTLS SSL module: Adds support for SSL connections using GnuTLS,
-# if enabled. You must answer 'yes' in ./configure when asked or symlink
-# the source for this module from the directory src/modules/extra, if
-# you want to enable this, or it will not load.
-#<module name="m_ssl_gnutls.so">
-#
-#-#-#-#-#-#-#-#-#-#-#- GNUTLS CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# m_ssl_gnutls.so is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/ssl_gnutls #
-
-<module name="m_sslinfo.so">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# OpenSSL SSL module: Adds support for SSL connections using OpenSSL,
-# if enabled. You must answer 'yes' in ./configure when asked or symlink
-# the source for this module from the directory src/modules/extra, if
-# you want to enable this, or it will not load.
-#<module name="m_ssl_openssl.so">
-#
-#-#-#-#-#-#-#-#-#-#-#- OPENSSL CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#
-# #
-# m_ssl_openssl.so is too complex to describe here, see the wiki: #
-# https://wiki.inspircd.org/Modules/2.0/ssl_openssl #
-
-<module name="m_stripcolor.so">
-<module name="m_svshold.so">
-<module name="m_swhois.so">
-<module name="m_tline.so">
-<module name="m_uhnames.so">
-<module name="m_userip.so">
-<module name="m_watch.so">
-<watch maxentries="32">
-
-<module name="m_spanningtree.so">
diff --git a/docs/conf/opers.conf.example b/docs/conf/opers.conf.example
index 75b54faf0..4112e56dd 100644
--- a/docs/conf/opers.conf.example
+++ b/docs/conf/opers.conf.example
@@ -21,17 +21,20 @@
# VIEWING:
# - channels/auspex: allows opers with this priv to see more detail about channels than normal users.
# - users/auspex: allows opers with this priv to view more details about users than normal users, e.g. real host and IP.
+ # - users/channel-spy: allows opers with this priv to view the private/secret channels that a user is on.
# - servers/auspex: allows opers with this priv to see more detail about server information than normal users.
# ACTIONS:
# - users/mass-message: allows opers with this priv to PRIVMSG and NOTICE to a server mask (e.g. NOTICE $*)
- # - channels/high-join-limit: allows opers with this priv to join <channels:opers> total channels instead of <channels:users> total channels.
+ # - users/samode-usermodes: allows opers with this priv to change the user modes of any other user using /SAMODE
# PERMISSIONS:
+ #. - channels/ignore-nonicks: allows opers with this priv to change their nick when on a +N channel.
# - users/flood/no-fakelag: prevents opers from being penalized with fake lag for flooding (*NOTE)
# - users/flood/no-throttle: allows opers with this priv to send commands without being throttled (*NOTE)
# - users/flood/increased-buffers: allows opers with this priv to send and receive data without worrying about being disconnected for exceeding limits (*NOTE)
+ #. - users/callerid-override: allows opers with this priv to message people using callerid without being on their callerid list.
#
# *NOTE: These privs are potentially dangerous, as they grant users with them the ability to hammer your server's CPU/RAM as much as they want, essentially.
- privs="users/auspex channels/auspex servers/auspex users/mass-message channels/high-join-limit users/flood/no-throttle users/flood/increased-buffers"
+ privs="users/auspex channels/auspex servers/auspex users/mass-message users/flood/no-throttle users/flood/increased-buffers"
# usermodes: Oper-only usermodes that opers with this class can use.
usermodes="*"
@@ -55,8 +58,6 @@
<type
# name: Name of type. Used in actual server operator accounts below.
- # Cannot contain spaces. If you would like a space, use
- # the _ character instead and it will translate to a space on whois.
name="NetAdmin"
# classes: Classes (blocks above) that this type belongs to.
@@ -65,9 +66,12 @@
# vhost: Host opers of this type get when they log in (oper up). This is optional.
vhost="netadmin.omega.example.org"
+ # maxchans: Maximum number of channels opers of this type can be in at once.
+ maxchans="60"
+
# modes: User modes besides +o that are set on an oper of this type
# when they oper up. Used for snomasks and other things.
- # Requires that m_opermodes.so be loaded.
+ # Requires the opermodes module be loaded.
modes="+s +cCqQ">
<type name="GlobalOp" classes="SACommands OperChat BanControl HostCloak ServerLink" vhost="ircop.omega.example.org">
@@ -96,26 +100,26 @@
host="attila@inspircd.org *@2001:db8::/32"
# ** ADVANCED ** This option is disabled by default.
- # fingerprint: When using the m_sslinfo module, you may specify
+ # fingerprint: When using the sslinfo module, you may specify
# a key fingerprint here. This can be obtained by using the /sslinfo
# command while the module is loaded, and is also noticed on connect.
# This enhances security by verifying that the person opering up has
# a matching SSL client certificate, which is very difficult to
# forge (impossible unless preimage attacks on the hash exist).
- # If m_sslinfo isn't loaded, this option will be ignored.
+ # If the sslinfo module isn't loaded, this option will be ignored.
#fingerprint="67cb9dc013248a829bb2171ed11becd4"
- # autologin: If an SSL fingerprint for this oper is specified, you can
- # have the oper block automatically log in. This moves all security of the
- # oper block to the protection of the client certificate, so be sure that
- # the private key is well-protected! Requires m_sslinfo.
+ # autologin: If an SSL certificate fingerprint for this oper is specified,
+ # you can have the oper block automatically log in. This moves all security
+ # of the oper block to the protection of the client certificate, so be sure
+ # that the private key is well-protected! Requires the sslinfo module.
#autologin="on"
# sslonly: If on, this oper can only oper up if they're using a SSL connection.
# Setting this option adds a decent bit of security. Highly recommended
# if the oper is on wifi, or specifically, unsecured wifi. Note that it
# is redundant to specify this option if you specify a fingerprint.
- # This setting only takes effect if m_sslinfo is loaded.
+ # This setting only takes effect if the sslinfo module is loaded.
#sslonly="yes"
# vhost: Overrides the vhost in the type block. Class and modes may also
@@ -140,18 +144,18 @@
# Remember: This is case sensitive.
name="Adam"
- # hash: What hash this password is hashed with.
- # Requires the module for selected hash (m_md5.so, m_sha256.so
- # or m_ripemd160.so) be loaded and the password hashing module
- # (m_password_hash.so) loaded.
- # Options here are: "md5", "sha256" and "ripemd160", or one of
- # these prefixed with "hmac-", e.g.: "hmac-sha256".
+ # hash: the hash function this password is hashed with. Requires the
+ # module for the selected function (bcrypt, md5, sha1, or sha256) and
+ # the password hashing module (password_hash) to be loaded.
+ #
+ # You may also use any of the above other than bcrypt prefixed with
+ # either "hmac-" or "pbkdf2-hmac-" (requires the pbkdf2 module).
# Create hashed passwords with: /mkpasswd <hash> <password>
- hash="hmac-sha256"
+ hash="bcrypt"
# password: A hash of the password (see above option) hashed
- # with /mkpasswd <hash> <password>. See m_password_hash in modules.conf
- # for more information about password hashing.
+ # with /mkpasswd <hash> <password>. See the password_hash module
+ # in modules.conf for more information about password hashing.
password="qQmv3LcF$Qh63wzmtUqWp9OXnLwe7yv1GcBwHpq59k2a0UrY8xe0"
# host: What hostnames and IPs are allowed to use this operator account.
@@ -163,3 +167,7 @@
# type: Which type of operator this person is; see the block
# above for the list of types. NOTE: This is case-sensitive as well.
type="Helper">
+
+# Once you have edited this file you can remove this line. This is just to
+# ensure that you don't hastily include the file without reading it.
+<die reason="Using opers.conf.example without editing it is a security risk">
diff --git a/docs/conf/rules.txt.example b/docs/conf/rules.txt.example
deleted file mode 100644
index 1a4b99a70..000000000
--- a/docs/conf/rules.txt.example
+++ /dev/null
@@ -1,3 +0,0 @@
-This is the InspIRCd rules file.
-
-Place any network or server rules here :)
diff --git a/docs/conf/services/anope.conf.example b/docs/conf/services/anope.conf.example
new file mode 100644
index 000000000..603bb538d
--- /dev/null
+++ b/docs/conf/services/anope.conf.example
@@ -0,0 +1,9 @@
+# This file contains aliases and nickname reservations which are used
+# by Anope. See https://www.anope.org/ for more information on Anope.
+
+# This file inherits from the generic config to avoid repetition.
+<include file="examples/services/generic.conf.example">
+
+# /GLOBAL <message>
+# Sends a global notice.
+<alias text="GLOBAL" format="*" replace="PRIVMSG $requirement :GLOBAL $2-" requires="Global" uline="yes" operonly="yes">
diff --git a/docs/conf/services/atheme.conf.example b/docs/conf/services/atheme.conf.example
new file mode 100644
index 000000000..037087998
--- /dev/null
+++ b/docs/conf/services/atheme.conf.example
@@ -0,0 +1,52 @@
+# This file contains aliases and nickname reservations which are used
+# by Atheme. See http://atheme.net for more information on Atheme.
+
+# This file inherits from the generic config to avoid repetition.
+<include file="examples/services/generic.conf.example">
+
+# Long hand aliases for services pseudoclients.
+<alias text="ALIS" replace="PRIVMSG $requirement :$2-" requires="ALIS" uline="yes">
+<alias text="CHANFIX" replace="PRIVMSG $requirement :$2-" requires="ChanFix" uline="yes">
+<alias text="GAMESERV" replace="PRIVMSG $requirement :$2-" requires="GameServ" uline="yes">
+<alias text="GLOBAL" replace="PRIVMSG $requirement :$2-" requires="Global" uline="yes" operonly="yes">
+<alias text="GROUPSERV" replace="PRIVMSG $requirement :$2-" requires="GroupServ" uline="yes">
+<alias text="HELPSERV" replace="PRIVMSG $requirement :$2-" requires="HelpServ" uline="yes">
+<alias text="INFOSERV" replace="PRIVMSG $requirement :$2-" requires="InfoServ" uline="yes">
+<alias text="PROXYSCAN" replace="PRIVMSG $requirement :$2-" requires="Proxyscan" uline="yes" operonly="yes">
+<alias text="RPGSERV" replace="PRIVMSG $requirement :$2-" requires="RPGServ" uline="yes">
+
+# Short hand aliases for services pseudoclients.
+<alias text="CF" replace="PRIVMSG $requirement :$2-" requires="ChanFix" uline="yes">
+<alias text="GL" replace="PRIVMSG $requirement :$2-" requires="Global" uline="yes" operonly="yes">
+<alias text="GS" replace="PRIVMSG $requirement :$2-" requires="GroupServ" uline="yes">
+<alias text="IS" replace="PRIVMSG $requirement :$2-" requires="InfoServ" uline="yes">
+<alias text="LS" replace="PRIVMSG $requirement :$2-" requires="ALIS" uline="yes">
+<alias text="PS" replace="PRIVMSG $requirement :$2-" requires="Proxyscan" uline="yes" operonly="yes">
+<alias text="RS" replace="PRIVMSG $requirement :$2-" requires="RPGServ" uline="yes">
+
+# These short hand aliases conflict with other pseudoclients. You can enable
+# them but you will need to comment out the uncommented ones above first,
+#<alias text="GS" replace="PRIVMSG $requirement :$2-" requires="GameServ" uline="yes">
+#<alias text="HS" replace="PRIVMSG $requirement :$2-" requires="HelpServ" uline="yes">
+
+# Prevent clients from using the nicknames of services pseudoclients.
+<badnick nick="ALIS" reason="Reserved for a network service">
+<badnick nick="ChanFix" reason="Reserved for a network service">
+<badnick nick="GameServ" reason="Reserved for a network service">
+<badnick nick="GroupServ" reason="Reserved for a network service">
+<badnick nick="HelpServ" reason="Reserved for a network service">
+<badnick nick="InfoServ" reason="Reserved for a network service">
+<badnick nick="Proxyscan" reason="Reserved for a network service">
+<badnick nick="RPGServ" reason="Reserved for a network service">
+<badnick nick="SaslServ" reason="Reserved for a network service">
+
+# Exempt services pseudoclients from filters.
+<exemptfromfilter target="ALIS">
+<exemptfromfilter target="ChanFix">
+<exemptfromfilter target="GameServ">
+<exemptfromfilter target="GroupServ">
+<exemptfromfilter target="HelpServ">
+<exemptfromfilter target="InfoServ">
+<exemptfromfilter target="Proxyscan">
+<exemptfromfilter target="RPGServ">
+<exemptfromfilter target="SaslServ">
diff --git a/docs/conf/services/generic.conf.example b/docs/conf/services/generic.conf.example
new file mode 100644
index 000000000..93b89ea0c
--- /dev/null
+++ b/docs/conf/services/generic.conf.example
@@ -0,0 +1,47 @@
+# This file contains aliases and nickname reservations which are used
+# by all common services implementations.
+
+<module name="alias">
+
+# Long hand aliases for services pseudoclients.
+<alias text="BOTSERV" replace="PRIVMSG $requirement :$2-" requires="BotServ" uline="yes">
+<alias text="CHANSERV" replace="PRIVMSG $requirement :$2-" requires="ChanServ" uline="yes">
+<alias text="HOSTSERV" replace="PRIVMSG $requirement :$2-" requires="HostServ" uline="yes">
+<alias text="MEMOSERV" replace="PRIVMSG $requirement :$2-" requires="MemoServ" uline="yes">
+<alias text="NICKSERV" replace="PRIVMSG $requirement :$2-" requires="NickServ" uline="yes">
+<alias text="OPERSERV" replace="PRIVMSG $requirement :$2-" requires="OperServ" uline="yes" operonly="yes">
+<alias text="STATSERV" replace="PRIVMSG $requirement :$2-" requires="StatServ" uline="yes">
+
+# Short hand aliases for services pseudoclients.
+<alias text="BS" replace="PRIVMSG $requirement :$2-" requires="BotServ" uline="yes">
+<alias text="CS" replace="PRIVMSG $requirement :$2-" requires="ChanServ" uline="yes">
+<alias text="HS" replace="PRIVMSG $requirement :$2-" requires="HostServ" uline="yes">
+<alias text="MS" replace="PRIVMSG $requirement :$2-" requires="MemoServ" uline="yes">
+<alias text="NS" replace="PRIVMSG $requirement :$2-" requires="NickServ" uline="yes">
+<alias text="OS" replace="PRIVMSG $requirement :$2-" requires="OperServ" uline="yes" operonly="yes">
+<alias text="SS" replace="PRIVMSG $requirement :$2-" requires="StatServ" uline="yes">
+
+# /ID [account] <password>
+# Identifies to a services account.
+<alias text="ID" format="*" replace="PRIVMSG $requirement :IDENTIFY $2-" requires="NickServ" uline="yes">
+<alias text="IDENTIFY" format="*" replace="PRIVMSG $requirement :IDENTIFY $2-" requires="NickServ" uline="yes">
+
+# Prevent clients from using the nicknames of services pseudoclients.
+<badnick nick="BotServ" reason="Reserved for a network service">
+<badnick nick="ChanServ" reason="Reserved for a network service">
+<badnick nick="Global" reason="Reserved for a network service">
+<badnick nick="HostServ" reason="Reserved for a network service">
+<badnick nick="MemoServ" reason="Reserved for a network service">
+<badnick nick="NickServ" reason="Reserved for a network service">
+<badnick nick="OperServ" reason="Reserved for a network service">
+<badnick nick="StatServ" reason="Reserved for a network service">
+
+# Exempt services pseudoclients from filters.
+<exemptfromfilter target="BotServ">
+<exemptfromfilter target="ChanServ">
+<exemptfromfilter target="Global">
+<exemptfromfilter target="HostServ">
+<exemptfromfilter target="MemoServ">
+<exemptfromfilter target="NickServ">
+<exemptfromfilter target="OperServ">
+<exemptfromfilter target="StatServ">
diff --git a/docs/rfc/rfc1035.txt b/docs/rfc/rfc1035.txt
deleted file mode 100644
index b1a9bf5a9..000000000
--- a/docs/rfc/rfc1035.txt
+++ /dev/null
@@ -1,3077 +0,0 @@
-Network Working Group P. Mockapetris
-Request for Comments: 1035 ISI
- November 1987
-Obsoletes: RFCs 882, 883, 973
-
- DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION
-
-
-1. STATUS OF THIS MEMO
-
-This RFC describes the details of the domain system and protocol, and
-assumes that the reader is familiar with the concepts discussed in a
-companion RFC, "Domain Names - Concepts and Facilities" [RFC-1034].
-
-The domain system is a mixture of functions and data types which are an
-official protocol and functions and data types which are still
-experimental. Since the domain system is intentionally extensible, new
-data types and experimental behavior should always be expected in parts
-of the system beyond the official protocol. The official protocol parts
-include standard queries, responses and the Internet class RR data
-formats (e.g., host addresses). Since the previous RFC set, several
-definitions have changed, so some previous definitions are obsolete.
-
-Experimental or obsolete features are clearly marked in these RFCs, and
-such information should be used with caution.
-
-The reader is especially cautioned not to depend on the values which
-appear in examples to be current or complete, since their purpose is
-primarily pedagogical. Distribution of this memo is unlimited.
-
- Table of Contents
-
- 1. STATUS OF THIS MEMO 1
- 2. INTRODUCTION 3
- 2.1. Overview 3
- 2.2. Common configurations 4
- 2.3. Conventions 7
- 2.3.1. Preferred name syntax 7
- 2.3.2. Data Transmission Order 8
- 2.3.3. Character Case 9
- 2.3.4. Size limits 10
- 3. DOMAIN NAME SPACE AND RR DEFINITIONS 10
- 3.1. Name space definitions 10
- 3.2. RR definitions 11
- 3.2.1. Format 11
- 3.2.2. TYPE values 12
- 3.2.3. QTYPE values 12
- 3.2.4. CLASS values 13
-
-
-
-Mockapetris [Page 1]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- 3.2.5. QCLASS values 13
- 3.3. Standard RRs 13
- 3.3.1. CNAME RDATA format 14
- 3.3.2. HINFO RDATA format 14
- 3.3.3. MB RDATA format (EXPERIMENTAL) 14
- 3.3.4. MD RDATA format (Obsolete) 15
- 3.3.5. MF RDATA format (Obsolete) 15
- 3.3.6. MG RDATA format (EXPERIMENTAL) 16
- 3.3.7. MINFO RDATA format (EXPERIMENTAL) 16
- 3.3.8. MR RDATA format (EXPERIMENTAL) 17
- 3.3.9. MX RDATA format 17
- 3.3.10. NULL RDATA format (EXPERIMENTAL) 17
- 3.3.11. NS RDATA format 18
- 3.3.12. PTR RDATA format 18
- 3.3.13. SOA RDATA format 19
- 3.3.14. TXT RDATA format 20
- 3.4. ARPA Internet specific RRs 20
- 3.4.1. A RDATA format 20
- 3.4.2. WKS RDATA format 21
- 3.5. IN-ADDR.ARPA domain 22
- 3.6. Defining new types, classes, and special namespaces 24
- 4. MESSAGES 25
- 4.1. Format 25
- 4.1.1. Header section format 26
- 4.1.2. Question section format 28
- 4.1.3. Resource record format 29
- 4.1.4. Message compression 30
- 4.2. Transport 32
- 4.2.1. UDP usage 32
- 4.2.2. TCP usage 32
- 5. MASTER FILES 33
- 5.1. Format 33
- 5.2. Use of master files to define zones 35
- 5.3. Master file example 36
- 6. NAME SERVER IMPLEMENTATION 37
- 6.1. Architecture 37
- 6.1.1. Control 37
- 6.1.2. Database 37
- 6.1.3. Time 39
- 6.2. Standard query processing 39
- 6.3. Zone refresh and reload processing 39
- 6.4. Inverse queries (Optional) 40
- 6.4.1. The contents of inverse queries and responses 40
- 6.4.2. Inverse query and response example 41
- 6.4.3. Inverse query processing 42
-
-
-
-
-
-
-Mockapetris [Page 2]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- 6.5. Completion queries and responses 42
- 7. RESOLVER IMPLEMENTATION 43
- 7.1. Transforming a user request into a query 43
- 7.2. Sending the queries 44
- 7.3. Processing responses 46
- 7.4. Using the cache 47
- 8. MAIL SUPPORT 47
- 8.1. Mail exchange binding 48
- 8.2. Mailbox binding (Experimental) 48
- 9. REFERENCES and BIBLIOGRAPHY 50
- Index 54
-
-2. INTRODUCTION
-
-2.1. Overview
-
-The goal of domain names is to provide a mechanism for naming resources
-in such a way that the names are usable in different hosts, networks,
-protocol families, internets, and administrative organizations.
-
-From the user's point of view, domain names are useful as arguments to a
-local agent, called a resolver, which retrieves information associated
-with the domain name. Thus a user might ask for the host address or
-mail information associated with a particular domain name. To enable
-the user to request a particular type of information, an appropriate
-query type is passed to the resolver with the domain name. To the user,
-the domain tree is a single information space; the resolver is
-responsible for hiding the distribution of data among name servers from
-the user.
-
-From the resolver's point of view, the database that makes up the domain
-space is distributed among various name servers. Different parts of the
-domain space are stored in different name servers, although a particular
-data item will be stored redundantly in two or more name servers. The
-resolver starts with knowledge of at least one name server. When the
-resolver processes a user query it asks a known name server for the
-information; in return, the resolver either receives the desired
-information or a referral to another name server. Using these
-referrals, resolvers learn the identities and contents of other name
-servers. Resolvers are responsible for dealing with the distribution of
-the domain space and dealing with the effects of name server failure by
-consulting redundant databases in other servers.
-
-Name servers manage two kinds of data. The first kind of data held in
-sets called zones; each zone is the complete database for a particular
-"pruned" subtree of the domain space. This data is called
-authoritative. A name server periodically checks to make sure that its
-zones are up to date, and if not, obtains a new copy of updated zones
-
-
-
-Mockapetris [Page 3]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-from master files stored locally or in another name server. The second
-kind of data is cached data which was acquired by a local resolver.
-This data may be incomplete, but improves the performance of the
-retrieval process when non-local data is repeatedly accessed. Cached
-data is eventually discarded by a timeout mechanism.
-
-This functional structure isolates the problems of user interface,
-failure recovery, and distribution in the resolvers and isolates the
-database update and refresh problems in the name servers.
-
-2.2. Common configurations
-
-A host can participate in the domain name system in a number of ways,
-depending on whether the host runs programs that retrieve information
-from the domain system, name servers that answer queries from other
-hosts, or various combinations of both functions. The simplest, and
-perhaps most typical, configuration is shown below:
-
- Local Host | Foreign
- |
- +---------+ +----------+ | +--------+
- | | user queries | |queries | | |
- | User |-------------->| |---------|->|Foreign |
- | Program | | Resolver | | | Name |
- | |<--------------| |<--------|--| Server |
- | | user responses| |responses| | |
- +---------+ +----------+ | +--------+
- | A |
- cache additions | | references |
- V | |
- +----------+ |
- | cache | |
- +----------+ |
-
-User programs interact with the domain name space through resolvers; the
-format of user queries and user responses is specific to the host and
-its operating system. User queries will typically be operating system
-calls, and the resolver and its cache will be part of the host operating
-system. Less capable hosts may choose to implement the resolver as a
-subroutine to be linked in with every program that needs its services.
-Resolvers answer user queries with information they acquire via queries
-to foreign name servers and the local cache.
-
-Note that the resolver may have to make several queries to several
-different foreign name servers to answer a particular user query, and
-hence the resolution of a user query may involve several network
-accesses and an arbitrary amount of time. The queries to foreign name
-servers and the corresponding responses have a standard format described
-
-
-
-Mockapetris [Page 4]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-in this memo, and may be datagrams.
-
-Depending on its capabilities, a name server could be a stand alone
-program on a dedicated machine or a process or processes on a large
-timeshared host. A simple configuration might be:
-
- Local Host | Foreign
- |
- +---------+ |
- / /| |
- +---------+ | +----------+ | +--------+
- | | | | |responses| | |
- | | | | Name |---------|->|Foreign |
- | Master |-------------->| Server | | |Resolver|
- | files | | | |<--------|--| |
- | |/ | | queries | +--------+
- +---------+ +----------+ |
-
-Here a primary name server acquires information about one or more zones
-by reading master files from its local file system, and answers queries
-about those zones that arrive from foreign resolvers.
-
-The DNS requires that all zones be redundantly supported by more than
-one name server. Designated secondary servers can acquire zones and
-check for updates from the primary server using the zone transfer
-protocol of the DNS. This configuration is shown below:
-
- Local Host | Foreign
- |
- +---------+ |
- / /| |
- +---------+ | +----------+ | +--------+
- | | | | |responses| | |
- | | | | Name |---------|->|Foreign |
- | Master |-------------->| Server | | |Resolver|
- | files | | | |<--------|--| |
- | |/ | | queries | +--------+
- +---------+ +----------+ |
- A |maintenance | +--------+
- | +------------|->| |
- | queries | |Foreign |
- | | | Name |
- +------------------|--| Server |
- maintenance responses | +--------+
-
-In this configuration, the name server periodically establishes a
-virtual circuit to a foreign name server to acquire a copy of a zone or
-to check that an existing copy has not changed. The messages sent for
-
-
-
-Mockapetris [Page 5]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-these maintenance activities follow the same form as queries and
-responses, but the message sequences are somewhat different.
-
-The information flow in a host that supports all aspects of the domain
-name system is shown below:
-
- Local Host | Foreign
- |
- +---------+ +----------+ | +--------+
- | | user queries | |queries | | |
- | User |-------------->| |---------|->|Foreign |
- | Program | | Resolver | | | Name |
- | |<--------------| |<--------|--| Server |
- | | user responses| |responses| | |
- +---------+ +----------+ | +--------+
- | A |
- cache additions | | references |
- V | |
- +----------+ |
- | Shared | |
- | database | |
- +----------+ |
- A | |
- +---------+ refreshes | | references |
- / /| | V |
- +---------+ | +----------+ | +--------+
- | | | | |responses| | |
- | | | | Name |---------|->|Foreign |
- | Master |-------------->| Server | | |Resolver|
- | files | | | |<--------|--| |
- | |/ | | queries | +--------+
- +---------+ +----------+ |
- A |maintenance | +--------+
- | +------------|->| |
- | queries | |Foreign |
- | | | Name |
- +------------------|--| Server |
- maintenance responses | +--------+
-
-The shared database holds domain space data for the local name server
-and resolver. The contents of the shared database will typically be a
-mixture of authoritative data maintained by the periodic refresh
-operations of the name server and cached data from previous resolver
-requests. The structure of the domain data and the necessity for
-synchronization between name servers and resolvers imply the general
-characteristics of this database, but the actual format is up to the
-local implementor.
-
-
-
-
-Mockapetris [Page 6]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-Information flow can also be tailored so that a group of hosts act
-together to optimize activities. Sometimes this is done to offload less
-capable hosts so that they do not have to implement a full resolver.
-This can be appropriate for PCs or hosts which want to minimize the
-amount of new network code which is required. This scheme can also
-allow a group of hosts can share a small number of caches rather than
-maintaining a large number of separate caches, on the premise that the
-centralized caches will have a higher hit ratio. In either case,
-resolvers are replaced with stub resolvers which act as front ends to
-resolvers located in a recursive server in one or more name servers
-known to perform that service:
-
- Local Hosts | Foreign
- |
- +---------+ |
- | | responses |
- | Stub |<--------------------+ |
- | Resolver| | |
- | |----------------+ | |
- +---------+ recursive | | |
- queries | | |
- V | |
- +---------+ recursive +----------+ | +--------+
- | | queries | |queries | | |
- | Stub |-------------->| Recursive|---------|->|Foreign |
- | Resolver| | Server | | | Name |
- | |<--------------| |<--------|--| Server |
- +---------+ responses | |responses| | |
- +----------+ | +--------+
- | Central | |
- | cache | |
- +----------+ |
-
-In any case, note that domain components are always replicated for
-reliability whenever possible.
-
-2.3. Conventions
-
-The domain system has several conventions dealing with low-level, but
-fundamental, issues. While the implementor is free to violate these
-conventions WITHIN HIS OWN SYSTEM, he must observe these conventions in
-ALL behavior observed from other hosts.
-
-2.3.1. Preferred name syntax
-
-The DNS specifications attempt to be as general as possible in the rules
-for constructing domain names. The idea is that the name of any
-existing object can be expressed as a domain name with minimal changes.
-
-
-
-Mockapetris [Page 7]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-However, when assigning a domain name for an object, the prudent user
-will select a name which satisfies both the rules of the domain system
-and any existing rules for the object, whether these rules are published
-or implied by existing programs.
-
-For example, when naming a mail domain, the user should satisfy both the
-rules of this memo and those in RFC-822. When creating a new host name,
-the old rules for HOSTS.TXT should be followed. This avoids problems
-when old software is converted to use domain names.
-
-The following syntax will result in fewer problems with many
-
-applications that use domain names (e.g., mail, TELNET).
-
-<domain> ::= <subdomain> | " "
-
-<subdomain> ::= <label> | <subdomain> "." <label>
-
-<label> ::= <letter> [ [ <ldh-str> ] <let-dig> ]
-
-<ldh-str> ::= <let-dig-hyp> | <let-dig-hyp> <ldh-str>
-
-<let-dig-hyp> ::= <let-dig> | "-"
-
-<let-dig> ::= <letter> | <digit>
-
-<letter> ::= any one of the 52 alphabetic characters A through Z in
-upper case and a through z in lower case
-
-<digit> ::= any one of the ten digits 0 through 9
-
-Note that while upper and lower case letters are allowed in domain
-names, no significance is attached to the case. That is, two names with
-the same spelling but different case are to be treated as if identical.
-
-The labels must follow the rules for ARPANET host names. They must
-start with a letter, end with a letter or digit, and have as interior
-characters only letters, digits, and hyphen. There are also some
-restrictions on the length. Labels must be 63 characters or less.
-
-For example, the following strings identify hosts in the Internet:
-
-A.ISI.EDU XX.LCS.MIT.EDU SRI-NIC.ARPA
-
-2.3.2. Data Transmission Order
-
-The order of transmission of the header and data described in this
-document is resolved to the octet level. Whenever a diagram shows a
-
-
-
-Mockapetris [Page 8]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-group of octets, the order of transmission of those octets is the normal
-order in which they are read in English. For example, in the following
-diagram, the octets are transmitted in the order they are numbered.
-
- 0 1
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | 1 | 2 |
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | 3 | 4 |
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- | 5 | 6 |
- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-
-Whenever an octet represents a numeric quantity, the left most bit in
-the diagram is the high order or most significant bit. That is, the bit
-labeled 0 is the most significant bit. For example, the following
-diagram represents the value 170 (decimal).
-
- 0 1 2 3 4 5 6 7
- +-+-+-+-+-+-+-+-+
- |1 0 1 0 1 0 1 0|
- +-+-+-+-+-+-+-+-+
-
-Similarly, whenever a multi-octet field represents a numeric quantity
-the left most bit of the whole field is the most significant bit. When
-a multi-octet quantity is transmitted the most significant octet is
-transmitted first.
-
-2.3.3. Character Case
-
-For all parts of the DNS that are part of the official protocol, all
-comparisons between character strings (e.g., labels, domain names, etc.)
-are done in a case-insensitive manner. At present, this rule is in
-force throughout the domain system without exception. However, future
-additions beyond current usage may need to use the full binary octet
-capabilities in names, so attempts to store domain names in 7-bit ASCII
-or use of special bytes to terminate labels, etc., should be avoided.
-
-When data enters the domain system, its original case should be
-preserved whenever possible. In certain circumstances this cannot be
-done. For example, if two RRs are stored in a database, one at x.y and
-one at X.Y, they are actually stored at the same place in the database,
-and hence only one casing would be preserved. The basic rule is that
-case can be discarded only when data is used to define structure in a
-database, and two names are identical when compared in a case
-insensitive manner.
-
-
-
-
-Mockapetris [Page 9]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-Loss of case sensitive data must be minimized. Thus while data for x.y
-and X.Y may both be stored under a single location x.y or X.Y, data for
-a.x and B.X would never be stored under A.x, A.X, b.x, or b.X. In
-general, this preserves the case of the first label of a domain name,
-but forces standardization of interior node labels.
-
-Systems administrators who enter data into the domain database should
-take care to represent the data they supply to the domain system in a
-case-consistent manner if their system is case-sensitive. The data
-distribution system in the domain system will ensure that consistent
-representations are preserved.
-
-2.3.4. Size limits
-
-Various objects and parameters in the DNS have size limits. They are
-listed below. Some could be easily changed, others are more
-fundamental.
-
-labels 63 octets or less
-
-names 255 octets or less
-
-TTL positive values of a signed 32 bit number.
-
-UDP messages 512 octets or less
-
-3. DOMAIN NAME SPACE AND RR DEFINITIONS
-
-3.1. Name space definitions
-
-Domain names in messages are expressed in terms of a sequence of labels.
-Each label is represented as a one octet length field followed by that
-number of octets. Since every domain name ends with the null label of
-the root, a domain name is terminated by a length byte of zero. The
-high order two bits of every length octet must be zero, and the
-remaining six bits of the length field limit the label to 63 octets or
-less.
-
-To simplify implementations, the total length of a domain name (i.e.,
-label octets and label length octets) is restricted to 255 octets or
-less.
-
-Although labels can contain any 8 bit values in octets that make up a
-label, it is strongly recommended that labels follow the preferred
-syntax described elsewhere in this memo, which is compatible with
-existing host naming conventions. Name servers and resolvers must
-compare labels in a case-insensitive manner (i.e., A=a), assuming ASCII
-with zero parity. Non-alphabetic codes must match exactly.
-
-
-
-Mockapetris [Page 10]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-3.2. RR definitions
-
-3.2.1. Format
-
-All RRs have the same top level format shown below:
-
- 1 1 1 1 1 1
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | |
- / /
- / NAME /
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | TYPE |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | CLASS |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | TTL |
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | RDLENGTH |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--|
- / RDATA /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-
-where:
-
-NAME an owner name, i.e., the name of the node to which this
- resource record pertains.
-
-TYPE two octets containing one of the RR TYPE codes.
-
-CLASS two octets containing one of the RR CLASS codes.
-
-TTL a 32 bit signed integer that specifies the time interval
- that the resource record may be cached before the source
- of the information should again be consulted. Zero
- values are interpreted to mean that the RR can only be
- used for the transaction in progress, and should not be
- cached. For example, SOA records are always distributed
- with a zero TTL to prohibit caching. Zero values can
- also be used for extremely volatile data.
-
-RDLENGTH an unsigned 16 bit integer that specifies the length in
- octets of the RDATA field.
-
-
-
-Mockapetris [Page 11]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-RDATA a variable length string of octets that describes the
- resource. The format of this information varies
- according to the TYPE and CLASS of the resource record.
-
-3.2.2. TYPE values
-
-TYPE fields are used in resource records. Note that these types are a
-subset of QTYPEs.
-
-TYPE value and meaning
-
-A 1 a host address
-
-NS 2 an authoritative name server
-
-MD 3 a mail destination (Obsolete - use MX)
-
-MF 4 a mail forwarder (Obsolete - use MX)
-
-CNAME 5 the canonical name for an alias
-
-SOA 6 marks the start of a zone of authority
-
-MB 7 a mailbox domain name (EXPERIMENTAL)
-
-MG 8 a mail group member (EXPERIMENTAL)
-
-MR 9 a mail rename domain name (EXPERIMENTAL)
-
-NULL 10 a null RR (EXPERIMENTAL)
-
-WKS 11 a well known service description
-
-PTR 12 a domain name pointer
-
-HINFO 13 host information
-
-MINFO 14 mailbox or mail list information
-
-MX 15 mail exchange
-
-TXT 16 text strings
-
-3.2.3. QTYPE values
-
-QTYPE fields appear in the question part of a query. QTYPES are a
-superset of TYPEs, hence all TYPEs are valid QTYPEs. In addition, the
-following QTYPEs are defined:
-
-
-
-Mockapetris [Page 12]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-AXFR 252 A request for a transfer of an entire zone
-
-MAILB 253 A request for mailbox-related records (MB, MG or MR)
-
-MAILA 254 A request for mail agent RRs (Obsolete - see MX)
-
-* 255 A request for all records
-
-3.2.4. CLASS values
-
-CLASS fields appear in resource records. The following CLASS mnemonics
-and values are defined:
-
-IN 1 the Internet
-
-CS 2 the CSNET class (Obsolete - used only for examples in
- some obsolete RFCs)
-
-CH 3 the CHAOS class
-
-HS 4 Hesiod [Dyer 87]
-
-3.2.5. QCLASS values
-
-QCLASS fields appear in the question section of a query. QCLASS values
-are a superset of CLASS values; every CLASS is a valid QCLASS. In
-addition to CLASS values, the following QCLASSes are defined:
-
-* 255 any class
-
-3.3. Standard RRs
-
-The following RR definitions are expected to occur, at least
-potentially, in all classes. In particular, NS, SOA, CNAME, and PTR
-will be used in all classes, and have the same format in all classes.
-Because their RDATA format is known, all domain names in the RDATA
-section of these RRs may be compressed.
-
-<domain-name> is a domain name represented as a series of labels, and
-terminated by a label with zero length. <character-string> is a single
-length octet followed by that number of characters. <character-string>
-is treated as binary information, and can be up to 256 characters in
-length (including the length octet).
-
-
-
-
-
-
-
-
-Mockapetris [Page 13]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-3.3.1. CNAME RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / CNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-CNAME A <domain-name> which specifies the canonical or primary
- name for the owner. The owner name is an alias.
-
-CNAME RRs cause no additional section processing, but name servers may
-choose to restart the query at the canonical name in certain cases. See
-the description of name server logic in [RFC-1034] for details.
-
-3.3.2. HINFO RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / CPU /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / OS /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-CPU A <character-string> which specifies the CPU type.
-
-OS A <character-string> which specifies the operating
- system type.
-
-Standard values for CPU and OS can be found in [RFC-1010].
-
-HINFO records are used to acquire general information about a host. The
-main use is for protocols such as FTP that can use special procedures
-when talking between machines or operating systems of the same type.
-
-3.3.3. MB RDATA format (EXPERIMENTAL)
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / MADNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-MADNAME A <domain-name> which specifies a host which has the
- specified mailbox.
-
-
-
-Mockapetris [Page 14]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-MB records cause additional section processing which looks up an A type
-RRs corresponding to MADNAME.
-
-3.3.4. MD RDATA format (Obsolete)
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / MADNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-MADNAME A <domain-name> which specifies a host which has a mail
- agent for the domain which should be able to deliver
- mail for the domain.
-
-MD records cause additional section processing which looks up an A type
-record corresponding to MADNAME.
-
-MD is obsolete. See the definition of MX and [RFC-974] for details of
-the new scheme. The recommended policy for dealing with MD RRs found in
-a master file is to reject them, or to convert them to MX RRs with a
-preference of 0.
-
-3.3.5. MF RDATA format (Obsolete)
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / MADNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-MADNAME A <domain-name> which specifies a host which has a mail
- agent for the domain which will accept mail for
- forwarding to the domain.
-
-MF records cause additional section processing which looks up an A type
-record corresponding to MADNAME.
-
-MF is obsolete. See the definition of MX and [RFC-974] for details ofw
-the new scheme. The recommended policy for dealing with MD RRs found in
-a master file is to reject them, or to convert them to MX RRs with a
-preference of 10.
-
-
-
-
-
-
-
-Mockapetris [Page 15]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-3.3.6. MG RDATA format (EXPERIMENTAL)
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / MGMNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-MGMNAME A <domain-name> which specifies a mailbox which is a
- member of the mail group specified by the domain name.
-
-MG records cause no additional section processing.
-
-3.3.7. MINFO RDATA format (EXPERIMENTAL)
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / RMAILBX /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / EMAILBX /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-RMAILBX A <domain-name> which specifies a mailbox which is
- responsible for the mailing list or mailbox. If this
- domain name names the root, the owner of the MINFO RR is
- responsible for itself. Note that many existing mailing
- lists use a mailbox X-request for the RMAILBX field of
- mailing list X, e.g., Msgroup-request for Msgroup. This
- field provides a more general mechanism.
-
-
-EMAILBX A <domain-name> which specifies a mailbox which is to
- receive error messages related to the mailing list or
- mailbox specified by the owner of the MINFO RR (similar
- to the ERRORS-TO: field which has been proposed). If
- this domain name names the root, errors should be
- returned to the sender of the message.
-
-MINFO records cause no additional section processing. Although these
-records can be associated with a simple mailbox, they are usually used
-with a mailing list.
-
-
-
-
-
-
-
-
-Mockapetris [Page 16]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-3.3.8. MR RDATA format (EXPERIMENTAL)
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / NEWNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-NEWNAME A <domain-name> which specifies a mailbox which is the
- proper rename of the specified mailbox.
-
-MR records cause no additional section processing. The main use for MR
-is as a forwarding entry for a user who has moved to a different
-mailbox.
-
-3.3.9. MX RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | PREFERENCE |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / EXCHANGE /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-PREFERENCE A 16 bit integer which specifies the preference given to
- this RR among others at the same owner. Lower values
- are preferred.
-
-EXCHANGE A <domain-name> which specifies a host willing to act as
- a mail exchange for the owner name.
-
-MX records cause type A additional section processing for the host
-specified by EXCHANGE. The use of MX RRs is explained in detail in
-[RFC-974].
-
-3.3.10. NULL RDATA format (EXPERIMENTAL)
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / <anything> /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-Anything at all may be in the RDATA field so long as it is 65535 octets
-or less.
-
-
-
-
-Mockapetris [Page 17]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-NULL records cause no additional section processing. NULL RRs are not
-allowed in master files. NULLs are used as placeholders in some
-experimental extensions of the DNS.
-
-3.3.11. NS RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / NSDNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-NSDNAME A <domain-name> which specifies a host which should be
- authoritative for the specified class and domain.
-
-NS records cause both the usual additional section processing to locate
-a type A record, and, when used in a referral, a special search of the
-zone in which they reside for glue information.
-
-The NS RR states that the named host should be expected to have a zone
-starting at owner name of the specified class. Note that the class may
-not indicate the protocol family which should be used to communicate
-with the host, although it is typically a strong hint. For example,
-hosts which are name servers for either Internet (IN) or Hesiod (HS)
-class information are normally queried using IN class protocols.
-
-3.3.12. PTR RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / PTRDNAME /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-PTRDNAME A <domain-name> which points to some location in the
- domain name space.
-
-PTR records cause no additional section processing. These RRs are used
-in special domains to point to some other location in the domain space.
-These records are simple data, and don't imply any special processing
-similar to that performed by CNAME, which identifies aliases. See the
-description of the IN-ADDR.ARPA domain for an example.
-
-
-
-
-
-
-
-
-Mockapetris [Page 18]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-3.3.13. SOA RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / MNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / RNAME /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | SERIAL |
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | REFRESH |
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | RETRY |
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | EXPIRE |
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | MINIMUM |
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-MNAME The <domain-name> of the name server that was the
- original or primary source of data for this zone.
-
-RNAME A <domain-name> which specifies the mailbox of the
- person responsible for this zone.
-
-SERIAL The unsigned 32 bit version number of the original copy
- of the zone. Zone transfers preserve this value. This
- value wraps and should be compared using sequence space
- arithmetic.
-
-REFRESH A 32 bit time interval before the zone should be
- refreshed.
-
-RETRY A 32 bit time interval that should elapse before a
- failed refresh should be retried.
-
-EXPIRE A 32 bit time value that specifies the upper limit on
- the time interval that can elapse before the zone is no
- longer authoritative.
-
-
-
-
-
-Mockapetris [Page 19]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-MINIMUM The unsigned 32 bit minimum TTL field that should be
- exported with any RR from this zone.
-
-SOA records cause no additional section processing.
-
-All times are in units of seconds.
-
-Most of these fields are pertinent only for name server maintenance
-operations. However, MINIMUM is used in all query operations that
-retrieve RRs from a zone. Whenever a RR is sent in a response to a
-query, the TTL field is set to the maximum of the TTL field from the RR
-and the MINIMUM field in the appropriate SOA. Thus MINIMUM is a lower
-bound on the TTL field for all RRs in a zone. Note that this use of
-MINIMUM should occur when the RRs are copied into the response and not
-when the zone is loaded from a master file or via a zone transfer. The
-reason for this provison is to allow future dynamic update facilities to
-change the SOA RR with known semantics.
-
-
-3.3.14. TXT RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- / TXT-DATA /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-TXT-DATA One or more <character-string>s.
-
-TXT RRs are used to hold descriptive text. The semantics of the text
-depends on the domain where it is found.
-
-3.4. Internet specific RRs
-
-3.4.1. A RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | ADDRESS |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-ADDRESS A 32 bit Internet address.
-
-Hosts that have multiple Internet addresses will have multiple A
-records.
-
-
-
-
-
-Mockapetris [Page 20]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-A records cause no additional section processing. The RDATA section of
-an A line in a master file is an Internet address expressed as four
-decimal numbers separated by dots without any imbedded spaces (e.g.,
-"10.2.0.52" or "192.0.5.6").
-
-3.4.2. WKS RDATA format
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | ADDRESS |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | PROTOCOL | |
- +--+--+--+--+--+--+--+--+ |
- | |
- / <BIT MAP> /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-ADDRESS An 32 bit Internet address
-
-PROTOCOL An 8 bit IP protocol number
-
-<BIT MAP> A variable length bit map. The bit map must be a
- multiple of 8 bits long.
-
-The WKS record is used to describe the well known services supported by
-a particular protocol on a particular internet address. The PROTOCOL
-field specifies an IP protocol number, and the bit map has one bit per
-port of the specified protocol. The first bit corresponds to port 0,
-the second to port 1, etc. If the bit map does not include a bit for a
-protocol of interest, that bit is assumed zero. The appropriate values
-and mnemonics for ports and protocols are specified in [RFC-1010].
-
-For example, if PROTOCOL=TCP (6), the 26th bit corresponds to TCP port
-25 (SMTP). If this bit is set, a SMTP server should be listening on TCP
-port 25; if zero, SMTP service is not supported on the specified
-address.
-
-The purpose of WKS RRs is to provide availability information for
-servers for TCP and UDP. If a server supports both TCP and UDP, or has
-multiple Internet addresses, then multiple WKS RRs are used.
-
-WKS RRs cause no additional section processing.
-
-In master files, both ports and protocols are expressed using mnemonics
-or decimal numbers.
-
-
-
-
-Mockapetris [Page 21]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-3.5. IN-ADDR.ARPA domain
-
-The Internet uses a special domain to support gateway location and
-Internet address to host mapping. Other classes may employ a similar
-strategy in other domains. The intent of this domain is to provide a
-guaranteed method to perform host address to host name mapping, and to
-facilitate queries to locate all gateways on a particular network in the
-Internet.
-
-Note that both of these services are similar to functions that could be
-performed by inverse queries; the difference is that this part of the
-domain name space is structured according to address, and hence can
-guarantee that the appropriate data can be located without an exhaustive
-search of the domain space.
-
-The domain begins at IN-ADDR.ARPA and has a substructure which follows
-the Internet addressing structure.
-
-Domain names in the IN-ADDR.ARPA domain are defined to have up to four
-labels in addition to the IN-ADDR.ARPA suffix. Each label represents
-one octet of an Internet address, and is expressed as a character string
-for a decimal value in the range 0-255 (with leading zeros omitted
-except in the case of a zero octet which is represented by a single
-zero).
-
-Host addresses are represented by domain names that have all four labels
-specified. Thus data for Internet address 10.2.0.52 is located at
-domain name 52.0.2.10.IN-ADDR.ARPA. The reversal, though awkward to
-read, allows zones to be delegated which are exactly one network of
-address space. For example, 10.IN-ADDR.ARPA can be a zone containing
-data for the ARPANET, while 26.IN-ADDR.ARPA can be a separate zone for
-MILNET. Address nodes are used to hold pointers to primary host names
-in the normal domain space.
-
-Network numbers correspond to some non-terminal nodes at various depths
-in the IN-ADDR.ARPA domain, since Internet network numbers are either 1,
-2, or 3 octets. Network nodes are used to hold pointers to the primary
-host names of gateways attached to that network. Since a gateway is, by
-definition, on more than one network, it will typically have two or more
-network nodes which point at it. Gateways will also have host level
-pointers at their fully qualified addresses.
-
-Both the gateway pointers at network nodes and the normal host pointers
-at full address nodes use the PTR RR to point back to the primary domain
-names of the corresponding hosts.
-
-For example, the IN-ADDR.ARPA domain will contain information about the
-ISI gateway between net 10 and 26, an MIT gateway from net 10 to MIT's
-
-
-
-Mockapetris [Page 22]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-net 18, and hosts A.ISI.EDU and MULTICS.MIT.EDU. Assuming that ISI
-gateway has addresses 10.2.0.22 and 26.0.0.103, and a name MILNET-
-GW.ISI.EDU, and the MIT gateway has addresses 10.0.0.77 and 18.10.0.4
-and a name GW.LCS.MIT.EDU, the domain database would contain:
-
- 10.IN-ADDR.ARPA. PTR MILNET-GW.ISI.EDU.
- 10.IN-ADDR.ARPA. PTR GW.LCS.MIT.EDU.
- 18.IN-ADDR.ARPA. PTR GW.LCS.MIT.EDU.
- 26.IN-ADDR.ARPA. PTR MILNET-GW.ISI.EDU.
- 22.0.2.10.IN-ADDR.ARPA. PTR MILNET-GW.ISI.EDU.
- 103.0.0.26.IN-ADDR.ARPA. PTR MILNET-GW.ISI.EDU.
- 77.0.0.10.IN-ADDR.ARPA. PTR GW.LCS.MIT.EDU.
- 4.0.10.18.IN-ADDR.ARPA. PTR GW.LCS.MIT.EDU.
- 103.0.3.26.IN-ADDR.ARPA. PTR A.ISI.EDU.
- 6.0.0.10.IN-ADDR.ARPA. PTR MULTICS.MIT.EDU.
-
-Thus a program which wanted to locate gateways on net 10 would originate
-a query of the form QTYPE=PTR, QCLASS=IN, QNAME=10.IN-ADDR.ARPA. It
-would receive two RRs in response:
-
- 10.IN-ADDR.ARPA. PTR MILNET-GW.ISI.EDU.
- 10.IN-ADDR.ARPA. PTR GW.LCS.MIT.EDU.
-
-The program could then originate QTYPE=A, QCLASS=IN queries for MILNET-
-GW.ISI.EDU. and GW.LCS.MIT.EDU. to discover the Internet addresses of
-these gateways.
-
-A resolver which wanted to find the host name corresponding to Internet
-host address 10.0.0.6 would pursue a query of the form QTYPE=PTR,
-QCLASS=IN, QNAME=6.0.0.10.IN-ADDR.ARPA, and would receive:
-
- 6.0.0.10.IN-ADDR.ARPA. PTR MULTICS.MIT.EDU.
-
-Several cautions apply to the use of these services:
- - Since the IN-ADDR.ARPA special domain and the normal domain
- for a particular host or gateway will be in different zones,
- the possibility exists that that the data may be inconsistent.
-
- - Gateways will often have two names in separate domains, only
- one of which can be primary.
-
- - Systems that use the domain database to initialize their
- routing tables must start with enough gateway information to
- guarantee that they can access the appropriate name server.
-
- - The gateway data only reflects the existence of a gateway in a
- manner equivalent to the current HOSTS.TXT file. It doesn't
- replace the dynamic availability information from GGP or EGP.
-
-
-
-Mockapetris [Page 23]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-3.6. Defining new types, classes, and special namespaces
-
-The previously defined types and classes are the ones in use as of the
-date of this memo. New definitions should be expected. This section
-makes some recommendations to designers considering additions to the
-existing facilities. The mailing list NAMEDROPPERS@SRI-NIC.ARPA is the
-forum where general discussion of design issues takes place.
-
-In general, a new type is appropriate when new information is to be
-added to the database about an existing object, or we need new data
-formats for some totally new object. Designers should attempt to define
-types and their RDATA formats that are generally applicable to all
-classes, and which avoid duplication of information. New classes are
-appropriate when the DNS is to be used for a new protocol, etc which
-requires new class-specific data formats, or when a copy of the existing
-name space is desired, but a separate management domain is necessary.
-
-New types and classes need mnemonics for master files; the format of the
-master files requires that the mnemonics for type and class be disjoint.
-
-TYPE and CLASS values must be a proper subset of QTYPEs and QCLASSes
-respectively.
-
-The present system uses multiple RRs to represent multiple values of a
-type rather than storing multiple values in the RDATA section of a
-single RR. This is less efficient for most applications, but does keep
-RRs shorter. The multiple RRs assumption is incorporated in some
-experimental work on dynamic update methods.
-
-The present system attempts to minimize the duplication of data in the
-database in order to insure consistency. Thus, in order to find the
-address of the host for a mail exchange, you map the mail domain name to
-a host name, then the host name to addresses, rather than a direct
-mapping to host address. This approach is preferred because it avoids
-the opportunity for inconsistency.
-
-In defining a new type of data, multiple RR types should not be used to
-create an ordering between entries or express different formats for
-equivalent bindings, instead this information should be carried in the
-body of the RR and a single type used. This policy avoids problems with
-caching multiple types and defining QTYPEs to match multiple types.
-
-For example, the original form of mail exchange binding used two RR
-types one to represent a "closer" exchange (MD) and one to represent a
-"less close" exchange (MF). The difficulty is that the presence of one
-RR type in a cache doesn't convey any information about the other
-because the query which acquired the cached information might have used
-a QTYPE of MF, MD, or MAILA (which matched both). The redesigned
-
-
-
-Mockapetris [Page 24]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-service used a single type (MX) with a "preference" value in the RDATA
-section which can order different RRs. However, if any MX RRs are found
-in the cache, then all should be there.
-
-4. MESSAGES
-
-4.1. Format
-
-All communications inside of the domain protocol are carried in a single
-format called a message. The top level format of message is divided
-into 5 sections (some of which are empty in certain cases) shown below:
-
- +---------------------+
- | Header |
- +---------------------+
- | Question | the question for the name server
- +---------------------+
- | Answer | RRs answering the question
- +---------------------+
- | Authority | RRs pointing toward an authority
- +---------------------+
- | Additional | RRs holding additional information
- +---------------------+
-
-The header section is always present. The header includes fields that
-specify which of the remaining sections are present, and also specify
-whether the message is a query or a response, a standard query or some
-other opcode, etc.
-
-The names of the sections after the header are derived from their use in
-standard queries. The question section contains fields that describe a
-question to a name server. These fields are a query type (QTYPE), a
-query class (QCLASS), and a query domain name (QNAME). The last three
-sections have the same format: a possibly empty list of concatenated
-resource records (RRs). The answer section contains RRs that answer the
-question; the authority section contains RRs that point toward an
-authoritative name server; the additional records section contains RRs
-which relate to the query, but are not strictly answers for the
-question.
-
-
-
-
-
-
-
-
-
-
-
-
-Mockapetris [Page 25]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-4.1.1. Header section format
-
-The header contains the following fields:
-
- 1 1 1 1 1 1
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | ID |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- |QR| Opcode |AA|TC|RD|RA| Z | RCODE |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | QDCOUNT |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | ANCOUNT |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | NSCOUNT |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | ARCOUNT |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-ID A 16 bit identifier assigned by the program that
- generates any kind of query. This identifier is copied
- the corresponding reply and can be used by the requester
- to match up replies to outstanding queries.
-
-QR A one bit field that specifies whether this message is a
- query (0), or a response (1).
-
-OPCODE A four bit field that specifies kind of query in this
- message. This value is set by the originator of a query
- and copied into the response. The values are:
-
- 0 a standard query (QUERY)
-
- 1 an inverse query (IQUERY)
-
- 2 a server status request (STATUS)
-
- 3-15 reserved for future use
-
-AA Authoritative Answer - this bit is valid in responses,
- and specifies that the responding name server is an
- authority for the domain name in question section.
-
- Note that the contents of the answer section may have
- multiple owner names because of aliases. The AA bit
-
-
-
-Mockapetris [Page 26]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- corresponds to the name which matches the query name, or
- the first owner name in the answer section.
-
-TC TrunCation - specifies that this message was truncated
- due to length greater than that permitted on the
- transmission channel.
-
-RD Recursion Desired - this bit may be set in a query and
- is copied into the response. If RD is set, it directs
- the name server to pursue the query recursively.
- Recursive query support is optional.
-
-RA Recursion Available - this be is set or cleared in a
- response, and denotes whether recursive query support is
- available in the name server.
-
-Z Reserved for future use. Must be zero in all queries
- and responses.
-
-RCODE Response code - this 4 bit field is set as part of
- responses. The values have the following
- interpretation:
-
- 0 No error condition
-
- 1 Format error - The name server was
- unable to interpret the query.
-
- 2 Server failure - The name server was
- unable to process this query due to a
- problem with the name server.
-
- 3 Name Error - Meaningful only for
- responses from an authoritative name
- server, this code signifies that the
- domain name referenced in the query does
- not exist.
-
- 4 Not Implemented - The name server does
- not support the requested kind of query.
-
- 5 Refused - The name server refuses to
- perform the specified operation for
- policy reasons. For example, a name
- server may not wish to provide the
- information to the particular requester,
- or a name server may not wish to perform
- a particular operation (e.g., zone
-
-
-
-Mockapetris [Page 27]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- transfer) for particular data.
-
- 6-15 Reserved for future use.
-
-QDCOUNT an unsigned 16 bit integer specifying the number of
- entries in the question section.
-
-ANCOUNT an unsigned 16 bit integer specifying the number of
- resource records in the answer section.
-
-NSCOUNT an unsigned 16 bit integer specifying the number of name
- server resource records in the authority records
- section.
-
-ARCOUNT an unsigned 16 bit integer specifying the number of
- resource records in the additional records section.
-
-4.1.2. Question section format
-
-The question section is used to carry the "question" in most queries,
-i.e., the parameters that define what is being asked. The section
-contains QDCOUNT (usually 1) entries, each of the following format:
-
- 1 1 1 1 1 1
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | |
- / QNAME /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | QTYPE |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | QCLASS |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-QNAME a domain name represented as a sequence of labels, where
- each label consists of a length octet followed by that
- number of octets. The domain name terminates with the
- zero length octet for the null label of the root. Note
- that this field may be an odd number of octets; no
- padding is used.
-
-QTYPE a two octet code which specifies the type of the query.
- The values for this field include all codes valid for a
- TYPE field, together with some more general codes which
- can match more than one type of RR.
-
-
-
-Mockapetris [Page 28]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-QCLASS a two octet code that specifies the class of the query.
- For example, the QCLASS field is IN for the Internet.
-
-4.1.3. Resource record format
-
-The answer, authority, and additional sections all share the same
-format: a variable number of resource records, where the number of
-records is specified in the corresponding count field in the header.
-Each resource record has the following format:
- 1 1 1 1 1 1
- 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | |
- / /
- / NAME /
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | TYPE |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | CLASS |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | TTL |
- | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | RDLENGTH |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--|
- / RDATA /
- / /
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-where:
-
-NAME a domain name to which this resource record pertains.
-
-TYPE two octets containing one of the RR type codes. This
- field specifies the meaning of the data in the RDATA
- field.
-
-CLASS two octets which specify the class of the data in the
- RDATA field.
-
-TTL a 32 bit unsigned integer that specifies the time
- interval (in seconds) that the resource record may be
- cached before it should be discarded. Zero values are
- interpreted to mean that the RR can only be used for the
- transaction in progress, and should not be cached.
-
-
-
-
-
-Mockapetris [Page 29]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-RDLENGTH an unsigned 16 bit integer that specifies the length in
- octets of the RDATA field.
-
-RDATA a variable length string of octets that describes the
- resource. The format of this information varies
- according to the TYPE and CLASS of the resource record.
- For example, the if the TYPE is A and the CLASS is IN,
- the RDATA field is a 4 octet ARPA Internet address.
-
-4.1.4. Message compression
-
-In order to reduce the size of messages, the domain system utilizes a
-compression scheme which eliminates the repetition of domain names in a
-message. In this scheme, an entire domain name or a list of labels at
-the end of a domain name is replaced with a pointer to a prior occurance
-of the same name.
-
-The pointer takes the form of a two octet sequence:
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- | 1 1| OFFSET |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-The first two bits are ones. This allows a pointer to be distinguished
-from a label, since the label must begin with two zero bits because
-labels are restricted to 63 octets or less. (The 10 and 01 combinations
-are reserved for future use.) The OFFSET field specifies an offset from
-the start of the message (i.e., the first octet of the ID field in the
-domain header). A zero offset specifies the first byte of the ID field,
-etc.
-
-The compression scheme allows a domain name in a message to be
-represented as either:
-
- - a sequence of labels ending in a zero octet
-
- - a pointer
-
- - a sequence of labels ending with a pointer
-
-Pointers can only be used for occurances of a domain name where the
-format is not class specific. If this were not the case, a name server
-or resolver would be required to know the format of all RRs it handled.
-As yet, there are no such cases, but they may occur in future RDATA
-formats.
-
-If a domain name is contained in a part of the message subject to a
-length field (such as the RDATA section of an RR), and compression is
-
-
-
-Mockapetris [Page 30]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-used, the length of the compressed name is used in the length
-calculation, rather than the length of the expanded name.
-
-Programs are free to avoid using pointers in messages they generate,
-although this will reduce datagram capacity, and may cause truncation.
-However all programs are required to understand arriving messages that
-contain pointers.
-
-For example, a datagram might need to use the domain names F.ISI.ARPA,
-FOO.F.ISI.ARPA, ARPA, and the root. Ignoring the other fields of the
-message, these domain names might be represented as:
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 20 | 1 | F |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 22 | 3 | I |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 24 | S | I |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 26 | 4 | A |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 28 | R | P |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 30 | A | 0 |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 40 | 3 | F |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 42 | O | O |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 44 | 1 1| 20 |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 64 | 1 1| 26 |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
- 92 | 0 | |
- +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-
-The domain name for F.ISI.ARPA is shown at offset 20. The domain name
-FOO.F.ISI.ARPA is shown at offset 40; this definition uses a pointer to
-concatenate a label for FOO to the previously defined F.ISI.ARPA. The
-domain name ARPA is defined at offset 64 using a pointer to the ARPA
-component of the name F.ISI.ARPA at 20; note that this pointer relies on
-ARPA being the last label in the string at 20. The root domain name is
-
-
-
-Mockapetris [Page 31]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-defined by a single octet of zeros at 92; the root domain name has no
-labels.
-
-4.2. Transport
-
-The DNS assumes that messages will be transmitted as datagrams or in a
-byte stream carried by a virtual circuit. While virtual circuits can be
-used for any DNS activity, datagrams are preferred for queries due to
-their lower overhead and better performance. Zone refresh activities
-must use virtual circuits because of the need for reliable transfer.
-
-The Internet supports name server access using TCP [RFC-793] on server
-port 53 (decimal) as well as datagram access using UDP [RFC-768] on UDP
-port 53 (decimal).
-
-4.2.1. UDP usage
-
-Messages sent using UDP user server port 53 (decimal).
-
-Messages carried by UDP are restricted to 512 bytes (not counting the IP
-or UDP headers). Longer messages are truncated and the TC bit is set in
-the header.
-
-UDP is not acceptable for zone transfers, but is the recommended method
-for standard queries in the Internet. Queries sent using UDP may be
-lost, and hence a retransmission strategy is required. Queries or their
-responses may be reordered by the network, or by processing in name
-servers, so resolvers should not depend on them being returned in order.
-
-The optimal UDP retransmission policy will vary with performance of the
-Internet and the needs of the client, but the following are recommended:
-
- - The client should try other servers and server addresses
- before repeating a query to a specific address of a server.
-
- - The retransmission interval should be based on prior
- statistics if possible. Too aggressive retransmission can
- easily slow responses for the community at large. Depending
- on how well connected the client is to its expected servers,
- the minimum retransmission interval should be 2-5 seconds.
-
-More suggestions on server selection and retransmission policy can be
-found in the resolver section of this memo.
-
-4.2.2. TCP usage
-
-Messages sent over TCP connections use server port 53 (decimal). The
-message is prefixed with a two byte length field which gives the message
-
-
-
-Mockapetris [Page 32]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-length, excluding the two byte length field. This length field allows
-the low-level processing to assemble a complete message before beginning
-to parse it.
-
-Several connection management policies are recommended:
-
- - The server should not block other activities waiting for TCP
- data.
-
- - The server should support multiple connections.
-
- - The server should assume that the client will initiate
- connection closing, and should delay closing its end of the
- connection until all outstanding client requests have been
- satisfied.
-
- - If the server needs to close a dormant connection to reclaim
- resources, it should wait until the connection has been idle
- for a period on the order of two minutes. In particular, the
- server should allow the SOA and AXFR request sequence (which
- begins a refresh operation) to be made on a single connection.
- Since the server would be unable to answer queries anyway, a
- unilateral close or reset may be used instead of a graceful
- close.
-
-5. MASTER FILES
-
-Master files are text files that contain RRs in text form. Since the
-contents of a zone can be expressed in the form of a list of RRs a
-master file is most often used to define a zone, though it can be used
-to list a cache's contents. Hence, this section first discusses the
-format of RRs in a master file, and then the special considerations when
-a master file is used to create a zone in some name server.
-
-5.1. Format
-
-The format of these files is a sequence of entries. Entries are
-predominantly line-oriented, though parentheses can be used to continue
-a list of items across a line boundary, and text literals can contain
-CRLF within the text. Any combination of tabs and spaces act as a
-delimiter between the separate items that make up an entry. The end of
-any line in the master file can end with a comment. The comment starts
-with a ";" (semicolon).
-
-The following entries are defined:
-
- <blank>[<comment>]
-
-
-
-
-Mockapetris [Page 33]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- $ORIGIN <domain-name> [<comment>]
-
- $INCLUDE <file-name> [<domain-name>] [<comment>]
-
- <domain-name><rr> [<comment>]
-
- <blank><rr> [<comment>]
-
-Blank lines, with or without comments, are allowed anywhere in the file.
-
-Two control entries are defined: $ORIGIN and $INCLUDE. $ORIGIN is
-followed by a domain name, and resets the current origin for relative
-domain names to the stated name. $INCLUDE inserts the named file into
-the current file, and may optionally specify a domain name that sets the
-relative domain name origin for the included file. $INCLUDE may also
-have a comment. Note that a $INCLUDE entry never changes the relative
-origin of the parent file, regardless of changes to the relative origin
-made within the included file.
-
-The last two forms represent RRs. If an entry for an RR begins with a
-blank, then the RR is assumed to be owned by the last stated owner. If
-an RR entry begins with a <domain-name>, then the owner name is reset.
-
-<rr> contents take one of the following forms:
-
- [<TTL>] [<class>] <type> <RDATA>
-
- [<class>] [<TTL>] <type> <RDATA>
-
-The RR begins with optional TTL and class fields, followed by a type and
-RDATA field appropriate to the type and class. Class and type use the
-standard mnemonics, TTL is a decimal integer. Omitted class and TTL
-values are default to the last explicitly stated values. Since type and
-class mnemonics are disjoint, the parse is unique. (Note that this
-order is different from the order used in examples and the order used in
-the actual RRs; the given order allows easier parsing and defaulting.)
-
-<domain-name>s make up a large share of the data in the master file.
-The labels in the domain name are expressed as character strings and
-separated by dots. Quoting conventions allow arbitrary characters to be
-stored in domain names. Domain names that end in a dot are called
-absolute, and are taken as complete. Domain names which do not end in a
-dot are called relative; the actual domain name is the concatenation of
-the relative part with an origin specified in a $ORIGIN, $INCLUDE, or as
-an argument to the master file loading routine. A relative name is an
-error when no origin is available.
-
-
-
-
-
-Mockapetris [Page 34]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-<character-string> is expressed in one or two ways: as a contiguous set
-of characters without interior spaces, or as a string beginning with a "
-and ending with a ". Inside a " delimited string any character can
-occur, except for a " itself, which must be quoted using \ (back slash).
-
-Because these files are text files several special encodings are
-necessary to allow arbitrary data to be loaded. In particular:
-
- of the root.
-
-@ A free standing @ is used to denote the current origin.
-
-\X where X is any character other than a digit (0-9), is
- used to quote that character so that its special meaning
- does not apply. For example, "\." can be used to place
- a dot character in a label.
-
-\DDD where each D is a digit is the octet corresponding to
- the decimal number described by DDD. The resulting
- octet is assumed to be text and is not checked for
- special meaning.
-
-( ) Parentheses are used to group data that crosses a line
- boundary. In effect, line terminations are not
- recognized within parentheses.
-
-; Semicolon is used to start a comment; the remainder of
- the line is ignored.
-
-5.2. Use of master files to define zones
-
-When a master file is used to load a zone, the operation should be
-suppressed if any errors are encountered in the master file. The
-rationale for this is that a single error can have widespread
-consequences. For example, suppose that the RRs defining a delegation
-have syntax errors; then the server will return authoritative name
-errors for all names in the subzone (except in the case where the
-subzone is also present on the server).
-
-Several other validity checks that should be performed in addition to
-insuring that the file is syntactically correct:
-
- 1. All RRs in the file should have the same class.
-
- 2. Exactly one SOA RR should be present at the top of the zone.
-
- 3. If delegations are present and glue information is required,
- it should be present.
-
-
-
-Mockapetris [Page 35]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- 4. Information present outside of the authoritative nodes in the
- zone should be glue information, rather than the result of an
- origin or similar error.
-
-5.3. Master file example
-
-The following is an example file which might be used to define the
-ISI.EDU zone.and is loaded with an origin of ISI.EDU:
-
-@ IN SOA VENERA Action\.domains (
- 20 ; SERIAL
- 7200 ; REFRESH
- 600 ; RETRY
- 3600000; EXPIRE
- 60) ; MINIMUM
-
- NS A.ISI.EDU.
- NS VENERA
- NS VAXA
- MX 10 VENERA
- MX 20 VAXA
-
-A A 26.3.0.103
-
-VENERA A 10.1.0.52
- A 128.9.0.32
-
-VAXA A 10.2.0.27
- A 128.9.0.33
-
-
-$INCLUDE <SUBSYS>ISI-MAILBOXES.TXT
-
-Where the file <SUBSYS>ISI-MAILBOXES.TXT is:
-
- MOE MB A.ISI.EDU.
- LARRY MB A.ISI.EDU.
- CURLEY MB A.ISI.EDU.
- STOOGES MG MOE
- MG LARRY
- MG CURLEY
-
-Note the use of the \ character in the SOA RR to specify the responsible
-person mailbox "Action.domains@E.ISI.EDU".
-
-
-
-
-
-
-
-Mockapetris [Page 36]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-6. NAME SERVER IMPLEMENTATION
-
-6.1. Architecture
-
-The optimal structure for the name server will depend on the host
-operating system and whether the name server is integrated with resolver
-operations, either by supporting recursive service, or by sharing its
-database with a resolver. This section discusses implementation
-considerations for a name server which shares a database with a
-resolver, but most of these concerns are present in any name server.
-
-6.1.1. Control
-
-A name server must employ multiple concurrent activities, whether they
-are implemented as separate tasks in the host's OS or multiplexing
-inside a single name server program. It is simply not acceptable for a
-name server to block the service of UDP requests while it waits for TCP
-data for refreshing or query activities. Similarly, a name server
-should not attempt to provide recursive service without processing such
-requests in parallel, though it may choose to serialize requests from a
-single client, or to regard identical requests from the same client as
-duplicates. A name server should not substantially delay requests while
-it reloads a zone from master files or while it incorporates a newly
-refreshed zone into its database.
-
-6.1.2. Database
-
-While name server implementations are free to use any internal data
-structures they choose, the suggested structure consists of three major
-parts:
-
- - A "catalog" data structure which lists the zones available to
- this server, and a "pointer" to the zone data structure. The
- main purpose of this structure is to find the nearest ancestor
- zone, if any, for arriving standard queries.
-
- - Separate data structures for each of the zones held by the
- name server.
-
- - A data structure for cached data. (or perhaps separate caches
- for different classes)
-
-All of these data structures can be implemented an identical tree
-structure format, with different data chained off the nodes in different
-parts: in the catalog the data is pointers to zones, while in the zone
-and cache data structures, the data will be RRs. In designing the tree
-framework the designer should recognize that query processing will need
-to traverse the tree using case-insensitive label comparisons; and that
-
-
-
-Mockapetris [Page 37]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-in real data, a few nodes have a very high branching factor (100-1000 or
-more), but the vast majority have a very low branching factor (0-1).
-
-One way to solve the case problem is to store the labels for each node
-in two pieces: a standardized-case representation of the label where all
-ASCII characters are in a single case, together with a bit mask that
-denotes which characters are actually of a different case. The
-branching factor diversity can be handled using a simple linked list for
-a node until the branching factor exceeds some threshold, and
-transitioning to a hash structure after the threshold is exceeded. In
-any case, hash structures used to store tree sections must insure that
-hash functions and procedures preserve the casing conventions of the
-DNS.
-
-The use of separate structures for the different parts of the database
-is motivated by several factors:
-
- - The catalog structure can be an almost static structure that
- need change only when the system administrator changes the
- zones supported by the server. This structure can also be
- used to store parameters used to control refreshing
- activities.
-
- - The individual data structures for zones allow a zone to be
- replaced simply by changing a pointer in the catalog. Zone
- refresh operations can build a new structure and, when
- complete, splice it into the database via a simple pointer
- replacement. It is very important that when a zone is
- refreshed, queries should not use old and new data
- simultaneously.
-
- - With the proper search procedures, authoritative data in zones
- will always "hide", and hence take precedence over, cached
- data.
-
- - Errors in zone definitions that cause overlapping zones, etc.,
- may cause erroneous responses to queries, but problem
- determination is simplified, and the contents of one "bad"
- zone can't corrupt another.
-
- - Since the cache is most frequently updated, it is most
- vulnerable to corruption during system restarts. It can also
- become full of expired RR data. In either case, it can easily
- be discarded without disturbing zone data.
-
-A major aspect of database design is selecting a structure which allows
-the name server to deal with crashes of the name server's host. State
-information which a name server should save across system crashes
-
-
-
-Mockapetris [Page 38]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-includes the catalog structure (including the state of refreshing for
-each zone) and the zone data itself.
-
-6.1.3. Time
-
-Both the TTL data for RRs and the timing data for refreshing activities
-depends on 32 bit timers in units of seconds. Inside the database,
-refresh timers and TTLs for cached data conceptually "count down", while
-data in the zone stays with constant TTLs.
-
-A recommended implementation strategy is to store time in two ways: as
-a relative increment and as an absolute time. One way to do this is to
-use positive 32 bit numbers for one type and negative numbers for the
-other. The RRs in zones use relative times; the refresh timers and
-cache data use absolute times. Absolute numbers are taken with respect
-to some known origin and converted to relative values when placed in the
-response to a query. When an absolute TTL is negative after conversion
-to relative, then the data is expired and should be ignored.
-
-6.2. Standard query processing
-
-The major algorithm for standard query processing is presented in
-[RFC-1034].
-
-When processing queries with QCLASS=*, or some other QCLASS which
-matches multiple classes, the response should never be authoritative
-unless the server can guarantee that the response covers all classes.
-
-When composing a response, RRs which are to be inserted in the
-additional section, but duplicate RRs in the answer or authority
-sections, may be omitted from the additional section.
-
-When a response is so long that truncation is required, the truncation
-should start at the end of the response and work forward in the
-datagram. Thus if there is any data for the authority section, the
-answer section is guaranteed to be unique.
-
-The MINIMUM value in the SOA should be used to set a floor on the TTL of
-data distributed from a zone. This floor function should be done when
-the data is copied into a response. This will allow future dynamic
-update protocols to change the SOA MINIMUM field without ambiguous
-semantics.
-
-6.3. Zone refresh and reload processing
-
-In spite of a server's best efforts, it may be unable to load zone data
-from a master file due to syntax errors, etc., or be unable to refresh a
-zone within the its expiration parameter. In this case, the name server
-
-
-
-Mockapetris [Page 39]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-should answer queries as if it were not supposed to possess the zone.
-
-If a master is sending a zone out via AXFR, and a new version is created
-during the transfer, the master should continue to send the old version
-if possible. In any case, it should never send part of one version and
-part of another. If completion is not possible, the master should reset
-the connection on which the zone transfer is taking place.
-
-6.4. Inverse queries (Optional)
-
-Inverse queries are an optional part of the DNS. Name servers are not
-required to support any form of inverse queries. If a name server
-receives an inverse query that it does not support, it returns an error
-response with the "Not Implemented" error set in the header. While
-inverse query support is optional, all name servers must be at least
-able to return the error response.
-
-6.4.1. The contents of inverse queries and responses Inverse
-queries reverse the mappings performed by standard query operations;
-while a standard query maps a domain name to a resource, an inverse
-query maps a resource to a domain name. For example, a standard query
-might bind a domain name to a host address; the corresponding inverse
-query binds the host address to a domain name.
-
-Inverse queries take the form of a single RR in the answer section of
-the message, with an empty question section. The owner name of the
-query RR and its TTL are not significant. The response carries
-questions in the question section which identify all names possessing
-the query RR WHICH THE NAME SERVER KNOWS. Since no name server knows
-about all of the domain name space, the response can never be assumed to
-be complete. Thus inverse queries are primarily useful for database
-management and debugging activities. Inverse queries are NOT an
-acceptable method of mapping host addresses to host names; use the IN-
-ADDR.ARPA domain instead.
-
-Where possible, name servers should provide case-insensitive comparisons
-for inverse queries. Thus an inverse query asking for an MX RR of
-"Venera.isi.edu" should get the same response as a query for
-"VENERA.ISI.EDU"; an inverse query for HINFO RR "IBM-PC UNIX" should
-produce the same result as an inverse query for "IBM-pc unix". However,
-this cannot be guaranteed because name servers may possess RRs that
-contain character strings but the name server does not know that the
-data is character.
-
-When a name server processes an inverse query, it either returns:
-
- 1. zero, one, or multiple domain names for the specified
- resource as QNAMEs in the question section
-
-
-
-Mockapetris [Page 40]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- 2. an error code indicating that the name server doesn't support
- inverse mapping of the specified resource type.
-
-When the response to an inverse query contains one or more QNAMEs, the
-owner name and TTL of the RR in the answer section which defines the
-inverse query is modified to exactly match an RR found at the first
-QNAME.
-
-RRs returned in the inverse queries cannot be cached using the same
-mechanism as is used for the replies to standard queries. One reason
-for this is that a name might have multiple RRs of the same type, and
-only one would appear. For example, an inverse query for a single
-address of a multiply homed host might create the impression that only
-one address existed.
-
-6.4.2. Inverse query and response example The overall structure
-of an inverse query for retrieving the domain name that corresponds to
-Internet address 10.1.0.52 is shown below:
-
- +-----------------------------------------+
- Header | OPCODE=IQUERY, ID=997 |
- +-----------------------------------------+
- Question | <empty> |
- +-----------------------------------------+
- Answer | <anyname> A IN 10.1.0.52 |
- +-----------------------------------------+
- Authority | <empty> |
- +-----------------------------------------+
- Additional | <empty> |
- +-----------------------------------------+
-
-This query asks for a question whose answer is the Internet style
-address 10.1.0.52. Since the owner name is not known, any domain name
-can be used as a placeholder (and is ignored). A single octet of zero,
-signifying the root, is usually used because it minimizes the length of
-the message. The TTL of the RR is not significant. The response to
-this query might be:
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Mockapetris [Page 41]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- +-----------------------------------------+
- Header | OPCODE=RESPONSE, ID=997 |
- +-----------------------------------------+
- Question |QTYPE=A, QCLASS=IN, QNAME=VENERA.ISI.EDU |
- +-----------------------------------------+
- Answer | VENERA.ISI.EDU A IN 10.1.0.52 |
- +-----------------------------------------+
- Authority | <empty> |
- +-----------------------------------------+
- Additional | <empty> |
- +-----------------------------------------+
-
-Note that the QTYPE in a response to an inverse query is the same as the
-TYPE field in the answer section of the inverse query. Responses to
-inverse queries may contain multiple questions when the inverse is not
-unique. If the question section in the response is not empty, then the
-RR in the answer section is modified to correspond to be an exact copy
-of an RR at the first QNAME.
-
-6.4.3. Inverse query processing
-
-Name servers that support inverse queries can support these operations
-through exhaustive searches of their databases, but this becomes
-impractical as the size of the database increases. An alternative
-approach is to invert the database according to the search key.
-
-For name servers that support multiple zones and a large amount of data,
-the recommended approach is separate inversions for each zone. When a
-particular zone is changed during a refresh, only its inversions need to
-be redone.
-
-Support for transfer of this type of inversion may be included in future
-versions of the domain system, but is not supported in this version.
-
-6.5. Completion queries and responses
-
-The optional completion services described in RFC-882 and RFC-883 have
-been deleted. Redesigned services may become available in the future.
-
-
-
-
-
-
-
-
-
-
-
-
-
-Mockapetris [Page 42]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-7. RESOLVER IMPLEMENTATION
-
-The top levels of the recommended resolver algorithm are discussed in
-[RFC-1034]. This section discusses implementation details assuming the
-database structure suggested in the name server implementation section
-of this memo.
-
-7.1. Transforming a user request into a query
-
-The first step a resolver takes is to transform the client's request,
-stated in a format suitable to the local OS, into a search specification
-for RRs at a specific name which match a specific QTYPE and QCLASS.
-Where possible, the QTYPE and QCLASS should correspond to a single type
-and a single class, because this makes the use of cached data much
-simpler. The reason for this is that the presence of data of one type
-in a cache doesn't confirm the existence or non-existence of data of
-other types, hence the only way to be sure is to consult an
-authoritative source. If QCLASS=* is used, then authoritative answers
-won't be available.
-
-Since a resolver must be able to multiplex multiple requests if it is to
-perform its function efficiently, each pending request is usually
-represented in some block of state information. This state block will
-typically contain:
-
- - A timestamp indicating the time the request began.
- The timestamp is used to decide whether RRs in the database
- can be used or are out of date. This timestamp uses the
- absolute time format previously discussed for RR storage in
- zones and caches. Note that when an RRs TTL indicates a
- relative time, the RR must be timely, since it is part of a
- zone. When the RR has an absolute time, it is part of a
- cache, and the TTL of the RR is compared against the timestamp
- for the start of the request.
-
- Note that using the timestamp is superior to using a current
- time, since it allows RRs with TTLs of zero to be entered in
- the cache in the usual manner, but still used by the current
- request, even after intervals of many seconds due to system
- load, query retransmission timeouts, etc.
-
- - Some sort of parameters to limit the amount of work which will
- be performed for this request.
-
- The amount of work which a resolver will do in response to a
- client request must be limited to guard against errors in the
- database, such as circular CNAME references, and operational
- problems, such as network partition which prevents the
-
-
-
-Mockapetris [Page 43]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- resolver from accessing the name servers it needs. While
- local limits on the number of times a resolver will retransmit
- a particular query to a particular name server address are
- essential, the resolver should have a global per-request
- counter to limit work on a single request. The counter should
- be set to some initial value and decremented whenever the
- resolver performs any action (retransmission timeout,
- retransmission, etc.) If the counter passes zero, the request
- is terminated with a temporary error.
-
- Note that if the resolver structure allows one request to
- start others in parallel, such as when the need to access a
- name server for one request causes a parallel resolve for the
- name server's addresses, the spawned request should be started
- with a lower counter. This prevents circular references in
- the database from starting a chain reaction of resolver
- activity.
-
- - The SLIST data structure discussed in [RFC-1034].
-
- This structure keeps track of the state of a request if it
- must wait for answers from foreign name servers.
-
-7.2. Sending the queries
-
-As described in [RFC-1034], the basic task of the resolver is to
-formulate a query which will answer the client's request and direct that
-query to name servers which can provide the information. The resolver
-will usually only have very strong hints about which servers to ask, in
-the form of NS RRs, and may have to revise the query, in response to
-CNAMEs, or revise the set of name servers the resolver is asking, in
-response to delegation responses which point the resolver to name
-servers closer to the desired information. In addition to the
-information requested by the client, the resolver may have to call upon
-its own services to determine the address of name servers it wishes to
-contact.
-
-In any case, the model used in this memo assumes that the resolver is
-multiplexing attention between multiple requests, some from the client,
-and some internally generated. Each request is represented by some
-state information, and the desired behavior is that the resolver
-transmit queries to name servers in a way that maximizes the probability
-that the request is answered, minimizes the time that the request takes,
-and avoids excessive transmissions. The key algorithm uses the state
-information of the request to select the next name server address to
-query, and also computes a timeout which will cause the next action
-should a response not arrive. The next action will usually be a
-transmission to some other server, but may be a temporary error to the
-
-
-
-Mockapetris [Page 44]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-client.
-
-The resolver always starts with a list of server names to query (SLIST).
-This list will be all NS RRs which correspond to the nearest ancestor
-zone that the resolver knows about. To avoid startup problems, the
-resolver should have a set of default servers which it will ask should
-it have no current NS RRs which are appropriate. The resolver then adds
-to SLIST all of the known addresses for the name servers, and may start
-parallel requests to acquire the addresses of the servers when the
-resolver has the name, but no addresses, for the name servers.
-
-To complete initialization of SLIST, the resolver attaches whatever
-history information it has to the each address in SLIST. This will
-usually consist of some sort of weighted averages for the response time
-of the address, and the batting average of the address (i.e., how often
-the address responded at all to the request). Note that this
-information should be kept on a per address basis, rather than on a per
-name server basis, because the response time and batting average of a
-particular server may vary considerably from address to address. Note
-also that this information is actually specific to a resolver address /
-server address pair, so a resolver with multiple addresses may wish to
-keep separate histories for each of its addresses. Part of this step
-must deal with addresses which have no such history; in this case an
-expected round trip time of 5-10 seconds should be the worst case, with
-lower estimates for the same local network, etc.
-
-Note that whenever a delegation is followed, the resolver algorithm
-reinitializes SLIST.
-
-The information establishes a partial ranking of the available name
-server addresses. Each time an address is chosen and the state should
-be altered to prevent its selection again until all other addresses have
-been tried. The timeout for each transmission should be 50-100% greater
-than the average predicted value to allow for variance in response.
-
-Some fine points:
-
- - The resolver may encounter a situation where no addresses are
- available for any of the name servers named in SLIST, and
- where the servers in the list are precisely those which would
- normally be used to look up their own addresses. This
- situation typically occurs when the glue address RRs have a
- smaller TTL than the NS RRs marking delegation, or when the
- resolver caches the result of a NS search. The resolver
- should detect this condition and restart the search at the
- next ancestor zone, or alternatively at the root.
-
-
-
-
-
-Mockapetris [Page 45]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- - If a resolver gets a server error or other bizarre response
- from a name server, it should remove it from SLIST, and may
- wish to schedule an immediate transmission to the next
- candidate server address.
-
-7.3. Processing responses
-
-The first step in processing arriving response datagrams is to parse the
-response. This procedure should include:
-
- - Check the header for reasonableness. Discard datagrams which
- are queries when responses are expected.
-
- - Parse the sections of the message, and insure that all RRs are
- correctly formatted.
-
- - As an optional step, check the TTLs of arriving data looking
- for RRs with excessively long TTLs. If a RR has an
- excessively long TTL, say greater than 1 week, either discard
- the whole response, or limit all TTLs in the response to 1
- week.
-
-The next step is to match the response to a current resolver request.
-The recommended strategy is to do a preliminary matching using the ID
-field in the domain header, and then to verify that the question section
-corresponds to the information currently desired. This requires that
-the transmission algorithm devote several bits of the domain ID field to
-a request identifier of some sort. This step has several fine points:
-
- - Some name servers send their responses from different
- addresses than the one used to receive the query. That is, a
- resolver cannot rely that a response will come from the same
- address which it sent the corresponding query to. This name
- server bug is typically encountered in UNIX systems.
-
- - If the resolver retransmits a particular request to a name
- server it should be able to use a response from any of the
- transmissions. However, if it is using the response to sample
- the round trip time to access the name server, it must be able
- to determine which transmission matches the response (and keep
- transmission times for each outgoing message), or only
- calculate round trip times based on initial transmissions.
-
- - A name server will occasionally not have a current copy of a
- zone which it should have according to some NS RRs. The
- resolver should simply remove the name server from the current
- SLIST, and continue.
-
-
-
-
-Mockapetris [Page 46]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-7.4. Using the cache
-
-In general, we expect a resolver to cache all data which it receives in
-responses since it may be useful in answering future client requests.
-However, there are several types of data which should not be cached:
-
- - When several RRs of the same type are available for a
- particular owner name, the resolver should either cache them
- all or none at all. When a response is truncated, and a
- resolver doesn't know whether it has a complete set, it should
- not cache a possibly partial set of RRs.
-
- - Cached data should never be used in preference to
- authoritative data, so if caching would cause this to happen
- the data should not be cached.
-
- - The results of an inverse query should not be cached.
-
- - The results of standard queries where the QNAME contains "*"
- labels if the data might be used to construct wildcards. The
- reason is that the cache does not necessarily contain existing
- RRs or zone boundary information which is necessary to
- restrict the application of the wildcard RRs.
-
- - RR data in responses of dubious reliability. When a resolver
- receives unsolicited responses or RR data other than that
- requested, it should discard it without caching it. The basic
- implication is that all sanity checks on a packet should be
- performed before any of it is cached.
-
-In a similar vein, when a resolver has a set of RRs for some name in a
-response, and wants to cache the RRs, it should check its cache for
-already existing RRs. Depending on the circumstances, either the data
-in the response or the cache is preferred, but the two should never be
-combined. If the data in the response is from authoritative data in the
-answer section, it is always preferred.
-
-8. MAIL SUPPORT
-
-The domain system defines a standard for mapping mailboxes into domain
-names, and two methods for using the mailbox information to derive mail
-routing information. The first method is called mail exchange binding
-and the other method is mailbox binding. The mailbox encoding standard
-and mail exchange binding are part of the DNS official protocol, and are
-the recommended method for mail routing in the Internet. Mailbox
-binding is an experimental feature which is still under development and
-subject to change.
-
-
-
-
-Mockapetris [Page 47]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-The mailbox encoding standard assumes a mailbox name of the form
-"<local-part>@<mail-domain>". While the syntax allowed in each of these
-sections varies substantially between the various mail internets, the
-preferred syntax for the ARPA Internet is given in [RFC-822].
-
-The DNS encodes the <local-part> as a single label, and encodes the
-<mail-domain> as a domain name. The single label from the <local-part>
-is prefaced to the domain name from <mail-domain> to form the domain
-name corresponding to the mailbox. Thus the mailbox HOSTMASTER@SRI-
-NIC.ARPA is mapped into the domain name HOSTMASTER.SRI-NIC.ARPA. If the
-<local-part> contains dots or other special characters, its
-representation in a master file will require the use of backslash
-quoting to ensure that the domain name is properly encoded. For
-example, the mailbox Action.domains@ISI.EDU would be represented as
-Action\.domains.ISI.EDU.
-
-8.1. Mail exchange binding
-
-Mail exchange binding uses the <mail-domain> part of a mailbox
-specification to determine where mail should be sent. The <local-part>
-is not even consulted. [RFC-974] specifies this method in detail, and
-should be consulted before attempting to use mail exchange support.
-
-One of the advantages of this method is that it decouples mail
-destination naming from the hosts used to support mail service, at the
-cost of another layer of indirection in the lookup function. However,
-the addition layer should eliminate the need for complicated "%", "!",
-etc encodings in <local-part>.
-
-The essence of the method is that the <mail-domain> is used as a domain
-name to locate type MX RRs which list hosts willing to accept mail for
-<mail-domain>, together with preference values which rank the hosts
-according to an order specified by the administrators for <mail-domain>.
-
-In this memo, the <mail-domain> ISI.EDU is used in examples, together
-with the hosts VENERA.ISI.EDU and VAXA.ISI.EDU as mail exchanges for
-ISI.EDU. If a mailer had a message for Mockapetris@ISI.EDU, it would
-route it by looking up MX RRs for ISI.EDU. The MX RRs at ISI.EDU name
-VENERA.ISI.EDU and VAXA.ISI.EDU, and type A queries can find the host
-addresses.
-
-8.2. Mailbox binding (Experimental)
-
-In mailbox binding, the mailer uses the entire mail destination
-specification to construct a domain name. The encoded domain name for
-the mailbox is used as the QNAME field in a QTYPE=MAILB query.
-
-Several outcomes are possible for this query:
-
-
-
-Mockapetris [Page 48]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- 1. The query can return a name error indicating that the mailbox
- does not exist as a domain name.
-
- In the long term, this would indicate that the specified
- mailbox doesn't exist. However, until the use of mailbox
- binding is universal, this error condition should be
- interpreted to mean that the organization identified by the
- global part does not support mailbox binding. The
- appropriate procedure is to revert to exchange binding at
- this point.
-
- 2. The query can return a Mail Rename (MR) RR.
-
- The MR RR carries new mailbox specification in its RDATA
- field. The mailer should replace the old mailbox with the
- new one and retry the operation.
-
- 3. The query can return a MB RR.
-
- The MB RR carries a domain name for a host in its RDATA
- field. The mailer should deliver the message to that host
- via whatever protocol is applicable, e.g., b,SMTP.
-
- 4. The query can return one or more Mail Group (MG) RRs.
-
- This condition means that the mailbox was actually a mailing
- list or mail group, rather than a single mailbox. Each MG RR
- has a RDATA field that identifies a mailbox that is a member
- of the group. The mailer should deliver a copy of the
- message to each member.
-
- 5. The query can return a MB RR as well as one or more MG RRs.
-
- This condition means the the mailbox was actually a mailing
- list. The mailer can either deliver the message to the host
- specified by the MB RR, which will in turn do the delivery to
- all members, or the mailer can use the MG RRs to do the
- expansion itself.
-
-In any of these cases, the response may include a Mail Information
-(MINFO) RR. This RR is usually associated with a mail group, but is
-legal with a MB. The MINFO RR identifies two mailboxes. One of these
-identifies a responsible person for the original mailbox name. This
-mailbox should be used for requests to be added to a mail group, etc.
-The second mailbox name in the MINFO RR identifies a mailbox that should
-receive error messages for mail failures. This is particularly
-appropriate for mailing lists when errors in member names should be
-reported to a person other than the one who sends a message to the list.
-
-
-
-Mockapetris [Page 49]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-New fields may be added to this RR in the future.
-
-
-9. REFERENCES and BIBLIOGRAPHY
-
-[Dyer 87] S. Dyer, F. Hsu, "Hesiod", Project Athena
- Technical Plan - Name Service, April 1987, version 1.9.
-
- Describes the fundamentals of the Hesiod name service.
-
-[IEN-116] J. Postel, "Internet Name Server", IEN-116,
- USC/Information Sciences Institute, August 1979.
-
- A name service obsoleted by the Domain Name System, but
- still in use.
-
-[Quarterman 86] J. Quarterman, and J. Hoskins, "Notable Computer Networks",
- Communications of the ACM, October 1986, volume 29, number
- 10.
-
-[RFC-742] K. Harrenstien, "NAME/FINGER", RFC-742, Network
- Information Center, SRI International, December 1977.
-
-[RFC-768] J. Postel, "User Datagram Protocol", RFC-768,
- USC/Information Sciences Institute, August 1980.
-
-[RFC-793] J. Postel, "Transmission Control Protocol", RFC-793,
- USC/Information Sciences Institute, September 1981.
-
-[RFC-799] D. Mills, "Internet Name Domains", RFC-799, COMSAT,
- September 1981.
-
- Suggests introduction of a hierarchy in place of a flat
- name space for the Internet.
-
-[RFC-805] J. Postel, "Computer Mail Meeting Notes", RFC-805,
- USC/Information Sciences Institute, February 1982.
-
-[RFC-810] E. Feinler, K. Harrenstien, Z. Su, and V. White, "DOD
- Internet Host Table Specification", RFC-810, Network
- Information Center, SRI International, March 1982.
-
- Obsolete. See RFC-952.
-
-[RFC-811] K. Harrenstien, V. White, and E. Feinler, "Hostnames
- Server", RFC-811, Network Information Center, SRI
- International, March 1982.
-
-
-
-
-Mockapetris [Page 50]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- Obsolete. See RFC-953.
-
-[RFC-812] K. Harrenstien, and V. White, "NICNAME/WHOIS", RFC-812,
- Network Information Center, SRI International, March
- 1982.
-
-[RFC-819] Z. Su, and J. Postel, "The Domain Naming Convention for
- Internet User Applications", RFC-819, Network
- Information Center, SRI International, August 1982.
-
- Early thoughts on the design of the domain system.
- Current implementation is completely different.
-
-[RFC-821] J. Postel, "Simple Mail Transfer Protocol", RFC-821,
- USC/Information Sciences Institute, August 1980.
-
-[RFC-830] Z. Su, "A Distributed System for Internet Name Service",
- RFC-830, Network Information Center, SRI International,
- October 1982.
-
- Early thoughts on the design of the domain system.
- Current implementation is completely different.
-
-[RFC-882] P. Mockapetris, "Domain names - Concepts and
- Facilities," RFC-882, USC/Information Sciences
- Institute, November 1983.
-
- Superceeded by this memo.
-
-[RFC-883] P. Mockapetris, "Domain names - Implementation and
- Specification," RFC-883, USC/Information Sciences
- Institute, November 1983.
-
- Superceeded by this memo.
-
-[RFC-920] J. Postel and J. Reynolds, "Domain Requirements",
- RFC-920, USC/Information Sciences Institute,
- October 1984.
-
- Explains the naming scheme for top level domains.
-
-[RFC-952] K. Harrenstien, M. Stahl, E. Feinler, "DoD Internet Host
- Table Specification", RFC-952, SRI, October 1985.
-
- Specifies the format of HOSTS.TXT, the host/address
- table replaced by the DNS.
-
-
-
-
-
-Mockapetris [Page 51]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-[RFC-953] K. Harrenstien, M. Stahl, E. Feinler, "HOSTNAME Server",
- RFC-953, SRI, October 1985.
-
- This RFC contains the official specification of the
- hostname server protocol, which is obsoleted by the DNS.
- This TCP based protocol accesses information stored in
- the RFC-952 format, and is used to obtain copies of the
- host table.
-
-[RFC-973] P. Mockapetris, "Domain System Changes and
- Observations", RFC-973, USC/Information Sciences
- Institute, January 1986.
-
- Describes changes to RFC-882 and RFC-883 and reasons for
- them.
-
-[RFC-974] C. Partridge, "Mail routing and the domain system",
- RFC-974, CSNET CIC BBN Labs, January 1986.
-
- Describes the transition from HOSTS.TXT based mail
- addressing to the more powerful MX system used with the
- domain system.
-
-[RFC-1001] NetBIOS Working Group, "Protocol standard for a NetBIOS
- service on a TCP/UDP transport: Concepts and Methods",
- RFC-1001, March 1987.
-
- This RFC and RFC-1002 are a preliminary design for
- NETBIOS on top of TCP/IP which proposes to base NetBIOS
- name service on top of the DNS.
-
-[RFC-1002] NetBIOS Working Group, "Protocol standard for a NetBIOS
- service on a TCP/UDP transport: Detailed
- Specifications", RFC-1002, March 1987.
-
-[RFC-1010] J. Reynolds, and J. Postel, "Assigned Numbers", RFC-1010,
- USC/Information Sciences Institute, May 1987.
-
- Contains socket numbers and mnemonics for host names,
- operating systems, etc.
-
-[RFC-1031] W. Lazear, "MILNET Name Domain Transition", RFC-1031,
- November 1987.
-
- Describes a plan for converting the MILNET to the DNS.
-
-[RFC-1032] M. Stahl, "Establishing a Domain - Guidelines for
- Administrators", RFC-1032, November 1987.
-
-
-
-Mockapetris [Page 52]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- Describes the registration policies used by the NIC to
- administer the top level domains and delegate subzones.
-
-[RFC-1033] M. Lottor, "Domain Administrators Operations Guide",
- RFC-1033, November 1987.
-
- A cookbook for domain administrators.
-
-[Solomon 82] M. Solomon, L. Landweber, and D. Neuhengen, "The CSNET
- Name Server", Computer Networks, vol 6, nr 3, July 1982.
-
- Describes a name service for CSNET which is independent
- from the DNS and DNS use in the CSNET.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Mockapetris [Page 53]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
-Index
-
- * 13
-
- ; 33, 35
-
- <character-string> 35
- <domain-name> 34
-
- @ 35
-
- \ 35
-
- A 12
-
- Byte order 8
-
- CH 13
- Character case 9
- CLASS 11
- CNAME 12
- Completion 42
- CS 13
-
- Hesiod 13
- HINFO 12
- HS 13
-
- IN 13
- IN-ADDR.ARPA domain 22
- Inverse queries 40
-
- Mailbox names 47
- MB 12
- MD 12
- MF 12
- MG 12
- MINFO 12
- MINIMUM 20
- MR 12
- MX 12
-
- NS 12
- NULL 12
-
- Port numbers 32
- Primary server 5
- PTR 12, 18
-
-
-
-Mockapetris [Page 54]
-
-RFC 1035 Domain Implementation and Specification November 1987
-
-
- QCLASS 13
- QTYPE 12
-
- RDATA 12
- RDLENGTH 11
-
- Secondary server 5
- SOA 12
- Stub resolvers 7
-
- TCP 32
- TXT 12
- TYPE 11
-
- UDP 32
-
- WKS 12
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Mockapetris [Page 55]
-
diff --git a/docs/rfc/rfc1413.txt b/docs/rfc/rfc1413.txt
deleted file mode 100644
index 17ede58a2..000000000
--- a/docs/rfc/rfc1413.txt
+++ /dev/null
@@ -1,451 +0,0 @@
-
-
-
-
-
-
-Network Working Group M. St. Johns
-Request for Comments: 1413 US Department of Defense
-Obsoletes: 931 February 1993
-
-
- Identification Protocol
-
-Status of this Memo
-
- This RFC specifies an IAB standards track protocol for the Internet
- community, and requests discussion and suggestions for improvements.
- Please refer to the current edition of the "IAB Official Protocol
- Standards" for the standardization state and status of this protocol.
- Distribution of this memo is unlimited.
-
-1. INTRODUCTION
-
- The Identification Protocol (a.k.a., "ident", a.k.a., "the Ident
- Protocol") provides a means to determine the identity of a user of a
- particular TCP connection. Given a TCP port number pair, it returns
- a character string which identifies the owner of that connection on
- the server's system.
-
- The Identification Protocol was formerly called the Authentication
- Server Protocol. It has been renamed to better reflect its function.
- This document is a product of the TCP Client Identity Protocol
- Working Group of the Internet Engineering Task Force (IETF).
-
-2. OVERVIEW
-
- This is a connection based application on TCP. A server listens for
- TCP connections on TCP port 113 (decimal). Once a connection is
- established, the server reads a line of data which specifies the
- connection of interest. If it exists, the system dependent user
- identifier of the connection of interest is sent as the reply. The
- server may then either shut the connection down or it may continue to
- read/respond to multiple queries.
-
- The server should close the connection down after a configurable
- amount of time with no queries - a 60-180 second idle timeout is
- recommended. The client may close the connection down at any time;
- however to allow for network delays the client should wait at least
- 30 seconds (or longer) after a query before abandoning the query and
- closing the connection.
-
-
-
-
-
-
-
-St. Johns [Page 1]
-
-RFC 1413 Identification Protocol February 1993
-
-
-3. RESTRICTIONS
-
- Queries are permitted only for fully specified connections. The
- query contains the local/foreign port pair -- the local/foreign
- address pair used to fully specify the connection is taken from the
- local and foreign address of query connection. This means a user on
- address A may only query the server on address B about connections
- between A and B.
-
-4. QUERY/RESPONSE FORMAT
-
- The server accepts simple text query requests of the form:
-
- <port-on-server> , <port-on-client>
-
- where <port-on-server> is the TCP port (decimal) on the target (where
- the "ident" server is running) system, and <port-on-client> is the
- TCP port (decimal) on the source (client) system.
-
- N.B - If a client on host A wants to ask a server on host B about a
- connection specified locally (on the client's machine) as 23, 6191
- (an inbound TELNET connection), the client must actually ask about
- 6191, 23 - which is how the connection would be specified on host B.
-
- For example:
-
- 6191, 23
-
- The response is of the form
-
- <port-on-server> , <port-on-client> : <resp-type> : <add-info>
-
- where <port-on-server>,<port-on-client> are the same pair as the
- query, <resp-type> is a keyword identifying the type of response, and
- <add-info> is context dependent.
-
- The information returned is that associated with the fully specified
- TCP connection identified by <server-address>, <client-address>,
- <port-on-server>, <port-on-client>, where <server-address> and
- <client-address> are the local and foreign IP addresses of the
- querying connection -- i.e., the TCP connection to the Identification
- Protocol Server. (<port-on-server> and <port-on-client> are taken
- from the query.)
-
- For example:
-
- 6193, 23 : USERID : UNIX : stjohns
- 6195, 23 : ERROR : NO-USER
-
-
-
-St. Johns [Page 2]
-
-RFC 1413 Identification Protocol February 1993
-
-
-5. RESPONSE TYPES
-
-A response can be one of two types:
-
-USERID
-
- In this case, <add-info> is a string consisting of an
- operating system name (with an optional character set
- identifier), followed by ":", followed by an
- identification string.
-
- The character set (if present) is separated from the
- operating system name by ",". The character set
- identifier is used to indicate the character set of the
- identification string. The character set identifier,
- if omitted, defaults to "US-ASCII" (see below).
-
- Permitted operating system names and character set
- names are specified in RFC 1340, "Assigned Numbers" or
- its successors.
-
- In addition to those operating system and character set
- names specified in "Assigned Numbers" there is one
- special case operating system identifier - "OTHER".
-
- Unless "OTHER" is specified as the operating system
- type, the server is expected to return the "normal"
- user identification of the owner of this connection.
- "Normal" in this context may be taken to mean a string
- of characters which uniquely identifies the connection
- owner such as a user identifier assigned by the system
- administrator and used by such user as a mail
- identifier, or as the "user" part of a user/password
- pair used to gain access to system resources. When an
- operating system is specified (e.g., anything but
- "OTHER"), the user identifier is expected to be in a
- more or less immediately useful form - e.g., something
- that could be used as an argument to "finger" or as a
- mail address.
-
- "OTHER" indicates the identifier is an unformatted
- character string consisting of printable characters in
- the specified character set. "OTHER" should be
- specified if the user identifier does not meet the
- constraints of the previous paragraph. Sending an
- encrypted audit token, or returning other non-userid
- information about a user (such as the real name and
- phone number of a user from a UNIX passwd file) are
-
-
-
-St. Johns [Page 3]
-
-RFC 1413 Identification Protocol February 1993
-
-
- both examples of when "OTHER" should be used.
-
- Returned user identifiers are expected to be printable
- in the character set indicated.
-
- The identifier is an unformatted octet string - - all
- octets are permissible EXCEPT octal 000 (NUL), 012 (LF)
- and 015 (CR). N.B. - space characters (040) following the
- colon separator ARE part of the identifier string and
- may not be ignored. A response string is still
- terminated normally by a CR/LF. N.B. A string may be
- printable, but is not *necessarily* printable.
-
-ERROR
-
- For some reason the port owner could not be determined, <add-info>
- tells why. The following are the permitted values of <add-info> and
- their meanings:
-
- INVALID-PORT
-
- Either the local or foreign port was improperly
- specified. This should be returned if either or
- both of the port ids were out of range (TCP port
- numbers are from 1-65535), negative integers, reals or
- in any fashion not recognized as a non-negative
- integer.
-
- NO-USER
-
- The connection specified by the port pair is not
- currently in use or currently not owned by an
- identifiable entity.
-
- HIDDEN-USER
-
- The server was able to identify the user of this
- port, but the information was not returned at the
- request of the user.
-
- UNKNOWN-ERROR
-
- Can't determine connection owner; reason unknown.
- Any error not covered above should return this
- error code value. Optionally, this code MAY be
- returned in lieu of any other specific error code
- if, for example, the server desires to hide
- information implied by the return of that error
-
-
-
-St. Johns [Page 4]
-
-RFC 1413 Identification Protocol February 1993
-
-
- code, or for any other reason. If a server
- implements such a feature, it MUST be configurable
- and it MUST default to returning the proper error
- message.
-
- Other values may eventually be specified and defined in future
- revisions to this document. If an implementer has a need to specify
- a non-standard error code, that code must begin with "X".
-
- In addition, the server is allowed to drop the query connection
- without responding. Any premature close (i.e., one where the client
- does not receive the EOL, whether graceful or an abort should be
- considered to have the same meaning as "ERROR : UNKNOWN-ERROR".
-
-FORMAL SYNTAX
-
- <request> ::= <port-pair> <EOL>
-
- <port-pair> ::= <integer> "," <integer>
-
- <reply> ::= <reply-text> <EOL>
-
- <EOL> ::= "015 012" ; CR-LF End of Line Indicator
-
- <reply-text> ::= <error-reply> | <ident-reply>
-
- <error-reply> ::= <port-pair> ":" "ERROR" ":" <error-type>
-
- <ident-reply> ::= <port-pair> ":" "USERID" ":" <opsys-field>
- ":" <user-id>
-
- <error-type> ::= "INVALID-PORT" | "NO-USER" | "UNKNOWN-ERROR"
- | "HIDDEN-USER" | <error-token>
-
- <opsys-field> ::= <opsys> [ "," <charset>]
-
- <opsys> ::= "OTHER" | "UNIX" | <token> ...etc.
- ; (See "Assigned Numbers")
-
- <charset> ::= "US-ASCII" | ...etc.
- ; (See "Assigned Numbers")
-
- <user-id> ::= <octet-string>
-
- <token> ::= 1*64<token-characters> ; 1-64 characters
-
- <error-token> ::= "X"1*63<token-characters>
- ; 2-64 chars beginning w/X
-
-
-
-St. Johns [Page 5]
-
-RFC 1413 Identification Protocol February 1993
-
-
- <integer> ::= 1*5<digit> ; 1-5 digits.
-
- <digit> ::= "0" | "1" ... "8" | "9" ; 0-9
-
- <token-characters> ::=
- <Any of these ASCII characters: a-z, A-Z,
- - (dash), .!@#$%^&*()_=+.,<>/?"'~`{}[]; >
- ; upper and lowercase a-z plus
- ; printables minus the colon ":"
- ; character.
-
- <octet-string> ::= 1*512<octet-characters>
-
- <octet-characters> ::=
- <any octet from 00 to 377 (octal) except for
- ASCII NUL (000), CR (015) and LF (012)>
-
-Notes on Syntax:
-
- 1) To promote interoperability among variant
- implementations, with respect to white space the above
- syntax is understood to embody the "be conservative in
- what you send and be liberal in what you accept"
- philosophy. Clients and servers should not generate
- unnecessary white space (space and tab characters) but
- should accept white space anywhere except within a
- token. In parsing responses, white space may occur
- anywhere, except within a token. Specifically, any
- amount of white space is permitted at the beginning or
- end of a line both for queries and responses. This
- does not apply for responses that contain a user ID
- because everything after the colon after the operating
- system type until the terminating CR/LF is taken as
- part of the user ID. The terminating CR/LF is NOT
- considered part of the user ID.
-
- 2) The above notwithstanding, servers should restrict the
- amount of inter-token white space they send to the
- smallest amount reasonable or useful. Clients should
- feel free to abort a connection if they receive 1000
- characters without receiving an <EOL>.
-
- 3) The 512 character limit on user IDs and the 64
- character limit on tokens should be understood to mean
- as follows: a) No new token (i.e., OPSYS or ERROR-TYPE)
- token will be defined that has a length greater than 64
- and b) a server SHOULD NOT send more than 512 octets of
- user ID and a client MUST accept at least 512 octets of
-
-
-
-St. Johns [Page 6]
-
-RFC 1413 Identification Protocol February 1993
-
-
- user ID. Because of this limitation, a server MUST
- return the most significant portion of the user ID in
- the first 512 octets.
-
- 4) The character sets and character set identifiers should
- map directly to those defined in or referenced by RFC 1340,
- "Assigned Numbers" or its successors. Character set
- identifiers only apply to the user identification field
- - all other fields will be defined in and must be sent
- as US-ASCII.
-
- 5) Although <user-id> is defined as an <octet-string>
- above, it must follow the format and character set
- constraints implied by the <opsys-field>; see the
- discussion above.
-
- 6) The character set provides context for the client to
- print or store the returned user identification string.
- If the client does not recognize or implement the
- returned character set, it should handle the returned
- identification string as OCTET, but should in addition
- store or report the character set. An OCTET string
- should be printed, stored or handled in hex notation
- (0-9a-f) in addition to any other representation the
- client implements - this provides a standard
- representation among differing implementations.
-
-6. Security Considerations
-
- The information returned by this protocol is at most as trustworthy
- as the host providing it OR the organization operating the host. For
- example, a PC in an open lab has few if any controls on it to prevent
- a user from having this protocol return any identifier the user
- wants. Likewise, if the host has been compromised the information
- returned may be completely erroneous and misleading.
-
- The Identification Protocol is not intended as an authorization or
- access control protocol. At best, it provides some additional
- auditing information with respect to TCP connections. At worst, it
- can provide misleading, incorrect, or maliciously incorrect
- information.
-
- The use of the information returned by this protocol for other than
- auditing is strongly discouraged. Specifically, using Identification
- Protocol information to make access control decisions - either as the
- primary method (i.e., no other checks) or as an adjunct to other
- methods may result in a weakening of normal host security.
-
-
-
-
-St. Johns [Page 7]
-
-RFC 1413 Identification Protocol February 1993
-
-
- An Identification server may reveal information about users,
- entities, objects or processes which might normally be considered
- private. An Identification server provides service which is a rough
- analog of the CallerID services provided by some phone companies and
- many of the same privacy considerations and arguments that apply to
- the CallerID service apply to Identification. If you wouldn't run a
- "finger" server due to privacy considerations you may not want to run
- this protocol.
-
-7. ACKNOWLEDGEMENTS
-
- Acknowledgement is given to Dan Bernstein who is primarily
- responsible for renewing interest in this protocol and for pointing
- out some annoying errors in RFC 931.
-
-References
-
- [1] St. Johns, M., "Authentication Server", RFC 931, TPSC, January
- 1985.
-
- [2] Reynolds, J., and J. Postel, "Assigned Numbers", STD 2, RFC 1340,
- USC/Information Sciences Institute, July 1992.
-
-Author's Address
-
- Michael C. St. Johns
- DARPA/CSTO
- 3701 N. Fairfax Dr
- Arlington, VA 22203
-
- Phone: (703) 696-2271
- EMail: stjohns@DARPA.MIL
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-St. Johns [Page 8]
- \ No newline at end of file
diff --git a/docs/rfc/rfc1459.txt b/docs/rfc/rfc1459.txt
deleted file mode 100644
index 09fbf34f7..000000000
--- a/docs/rfc/rfc1459.txt
+++ /dev/null
@@ -1,3643 +0,0 @@
-
-
-
-
-
-
-Network Working Group J. Oikarinen
-Request for Comments: 1459 D. Reed
- May 1993
-
-
- Internet Relay Chat Protocol
-
-Status of This Memo
-
- This memo defines an Experimental Protocol for the Internet
- community. Discussion and suggestions for improvement are requested.
- Please refer to the current edition of the "IAB Official Protocol
- Standards" for the standardization state and status of this protocol.
- Distribution of this memo is unlimited.
-
-Abstract
-
- The IRC protocol was developed over the last 4 years since it was
- first implemented as a means for users on a BBS to chat amongst
- themselves. Now it supports a world-wide network of servers and
- clients, and is stringing to cope with growth. Over the past 2 years,
- the average number of users connected to the main IRC network has
- grown by a factor of 10.
-
- The IRC protocol is a text-based protocol, with the simplest client
- being any socket program capable of connecting to the server.
-
-Table of Contents
-
- 1. INTRODUCTION ............................................... 4
- 1.1 Servers ................................................ 4
- 1.2 Clients ................................................ 5
- 1.2.1 Operators .......................................... 5
- 1.3 Channels ................................................ 5
- 1.3.1 Channel Operators .................................... 6
- 2. THE IRC SPECIFICATION ....................................... 7
- 2.1 Overview ................................................ 7
- 2.2 Character codes ......................................... 7
- 2.3 Messages ................................................ 7
- 2.3.1 Message format in 'pseudo' BNF .................... 8
- 2.4 Numeric replies ......................................... 10
- 3. IRC Concepts ................................................ 10
- 3.1 One-to-one communication ................................ 10
- 3.2 One-to-many ............................................. 11
- 3.2.1 To a list .......................................... 11
- 3.2.2 To a group (channel) ............................... 11
- 3.2.3 To a host/server mask .............................. 12
- 3.3 One to all .............................................. 12
-
-
-
-Oikarinen & Reed [Page 1]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- 3.3.1 Client to Client ................................... 12
- 3.3.2 Clients to Server .................................. 12
- 3.3.3 Server to Server ................................... 12
- 4. MESSAGE DETAILS ............................................. 13
- 4.1 Connection Registration ................................. 13
- 4.1.1 Password message ................................... 14
- 4.1.2 Nickname message ................................... 14
- 4.1.3 User message ....................................... 15
- 4.1.4 Server message ..................................... 16
- 4.1.5 Operator message ................................... 17
- 4.1.6 Quit message ....................................... 17
- 4.1.7 Server Quit message ................................ 18
- 4.2 Channel operations ...................................... 19
- 4.2.1 Join message ....................................... 19
- 4.2.2 Part message ....................................... 20
- 4.2.3 Mode message ....................................... 21
- 4.2.3.1 Channel modes ................................. 21
- 4.2.3.2 User modes .................................... 22
- 4.2.4 Topic message ...................................... 23
- 4.2.5 Names message ...................................... 24
- 4.2.6 List message ....................................... 24
- 4.2.7 Invite message ..................................... 25
- 4.2.8 Kick message ....................................... 25
- 4.3 Server queries and commands ............................. 26
- 4.3.1 Version message .................................... 26
- 4.3.2 Stats message ...................................... 27
- 4.3.3 Links message ...................................... 28
- 4.3.4 Time message ....................................... 29
- 4.3.5 Connect message .................................... 29
- 4.3.6 Trace message ...................................... 30
- 4.3.7 Admin message ...................................... 31
- 4.3.8 Info message ....................................... 31
- 4.4 Sending messages ........................................ 32
- 4.4.1 Private messages ................................... 32
- 4.4.2 Notice messages .................................... 33
- 4.5 User-based queries ...................................... 33
- 4.5.1 Who query .......................................... 33
- 4.5.2 Whois query ........................................ 34
- 4.5.3 Whowas message ..................................... 35
- 4.6 Miscellaneous messages .................................. 35
- 4.6.1 Kill message ....................................... 36
- 4.6.2 Ping message ....................................... 37
- 4.6.3 Pong message ....................................... 37
- 4.6.4 Error message ...................................... 38
- 5. OPTIONAL MESSAGES ........................................... 38
- 5.1 Away message ............................................ 38
- 5.2 Rehash command .......................................... 39
- 5.3 Restart command ......................................... 39
-
-
-
-Oikarinen & Reed [Page 2]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- 5.4 Summon message .......................................... 40
- 5.5 Users message ........................................... 40
- 5.6 Operwall command ........................................ 41
- 5.7 Userhost message ........................................ 42
- 5.8 Ison message ............................................ 42
- 6. REPLIES ..................................................... 43
- 6.1 Error Replies ........................................... 43
- 6.2 Command responses ....................................... 48
- 6.3 Reserved numerics ....................................... 56
- 7. Client and server authentication ............................ 56
- 8. Current Implementations Details ............................. 56
- 8.1 Network protocol: TCP ................................... 57
- 8.1.1 Support of Unix sockets ............................ 57
- 8.2 Command Parsing ......................................... 57
- 8.3 Message delivery ........................................ 57
- 8.4 Connection 'Liveness' ................................... 58
- 8.5 Establishing a server-client connection ................. 58
- 8.6 Establishing a server-server connection ................. 58
- 8.6.1 State information exchange when connecting ......... 59
- 8.7 Terminating server-client connections ................... 59
- 8.8 Terminating server-server connections ................... 59
- 8.9 Tracking nickname changes ............................... 60
- 8.10 Flood control of clients ............................... 60
- 8.11 Non-blocking lookups ................................... 61
- 8.11.1 Hostname (DNS) lookups ............................ 61
- 8.11.2 Username (Ident) lookups .......................... 61
- 8.12 Configuration file ..................................... 61
- 8.12.1 Allowing clients to connect ....................... 62
- 8.12.2 Operators ......................................... 62
- 8.12.3 Allowing servers to connect ....................... 62
- 8.12.4 Administrivia ..................................... 63
- 8.13 Channel membership ..................................... 63
- 9. Current problems ............................................ 63
- 9.1 Scalability ............................................. 63
- 9.2 Labels .................................................. 63
- 9.2.1 Nicknames .......................................... 63
- 9.2.2 Channels ........................................... 64
- 9.2.3 Servers ............................................ 64
- 9.3 Algorithms .............................................. 64
- 10. Support and availability ................................... 64
- 11. Security Considerations .................................... 65
- 12. Authors' Addresses ......................................... 65
-
-
-
-
-
-
-
-
-
-Oikarinen & Reed [Page 3]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-1. INTRODUCTION
-
- The IRC (Internet Relay Chat) protocol has been designed over a
- number of years for use with text based conferencing. This document
- describes the current IRC protocol.
-
- The IRC protocol has been developed on systems using the TCP/IP
- network protocol, although there is no requirement that this remain
- the only sphere in which it operates.
-
- IRC itself is a teleconferencing system, which (through the use of
- the client-server model) is well-suited to running on many machines
- in a distributed fashion. A typical setup involves a single process
- (the server) forming a central point for clients (or other servers)
- to connect to, performing the required message delivery/multiplexing
- and other functions.
-
-1.1 Servers
-
- The server forms the backbone of IRC, providing a point to which
- clients may connect to to talk to each other, and a point for other
- servers to connect to, forming an IRC network. The only network
- configuration allowed for IRC servers is that of a spanning tree [see
- Fig. 1] where each server acts as a central node for the rest of the
- net it sees.
-
-
- [ Server 15 ] [ Server 13 ] [ Server 14]
- / \ /
- / \ /
- [ Server 11 ] ------ [ Server 1 ] [ Server 12]
- / \ /
- / \ /
- [ Server 2 ] [ Server 3 ]
- / \ \
- / \ \
- [ Server 4 ] [ Server 5 ] [ Server 6 ]
- / | \ /
- / | \ /
- / | \____ /
- / | \ /
- [ Server 7 ] [ Server 8 ] [ Server 9 ] [ Server 10 ]
-
- :
- [ etc. ]
- :
-
- [ Fig. 1. Format of IRC server network ]
-
-
-
-Oikarinen & Reed [Page 4]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-1.2 Clients
-
- A client is anything connecting to a server that is not another
- server. Each client is distinguished from other clients by a unique
- nickname having a maximum length of nine (9) characters. See the
- protocol grammar rules for what may and may not be used in a
- nickname. In addition to the nickname, all servers must have the
- following information about all clients: the real name of the host
- that the client is running on, the username of the client on that
- host, and the server to which the client is connected.
-
-1.2.1 Operators
-
- To allow a reasonable amount of order to be kept within the IRC
- network, a special class of clients (operators) is allowed to perform
- general maintenance functions on the network. Although the powers
- granted to an operator can be considered as 'dangerous', they are
- nonetheless required. Operators should be able to perform basic
- network tasks such as disconnecting and reconnecting servers as
- needed to prevent long-term use of bad network routing. In
- recognition of this need, the protocol discussed herein provides for
- operators only to be able to perform such functions. See sections
- 4.1.7 (SQUIT) and 4.3.5 (CONNECT).
-
- A more controversial power of operators is the ability to remove a
- user from the connected network by 'force', i.e. operators are able
- to close the connection between any client and server. The
- justification for this is delicate since its abuse is both
- destructive and annoying. For further details on this type of
- action, see section 4.6.1 (KILL).
-
-1.3 Channels
-
- A channel is a named group of one or more clients which will all
- receive messages addressed to that channel. The channel is created
- implicitly when the first client joins it, and the channel ceases to
- exist when the last client leaves it. While channel exists, any
- client can reference the channel using the name of the channel.
-
- Channels names are strings (beginning with a '&' or '#' character) of
- length up to 200 characters. Apart from the the requirement that the
- first character being either '&' or '#'; the only restriction on a
- channel name is that it may not contain any spaces (' '), a control G
- (^G or ASCII 7), or a comma (',' which is used as a list item
- separator by the protocol).
-
- There are two types of channels allowed by this protocol. One is a
- distributed channel which is known to all the servers that are
-
-
-
-Oikarinen & Reed [Page 5]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- connected to the network. These channels are marked by the first
- character being a only clients on the server where it exists may join
- it. These are distinguished by a leading '&' character. On top of
- these two types, there are the various channel modes available to
- alter the characteristics of individual channels. See section 4.2.3
- (MODE command) for more details on this.
-
- To create a new channel or become part of an existing channel, a user
- is required to JOIN the channel. If the channel doesn't exist prior
- to joining, the channel is created and the creating user becomes a
- channel operator. If the channel already exists, whether or not your
- request to JOIN that channel is honoured depends on the current modes
- of the channel. For example, if the channel is invite-only, (+i),
- then you may only join if invited. As part of the protocol, a user
- may be a part of several channels at once, but a limit of ten (10)
- channels is recommended as being ample for both experienced and
- novice users. See section 8.13 for more information on this.
-
- If the IRC network becomes disjoint because of a split between two
- servers, the channel on each side is only composed of those clients
- which are connected to servers on the respective sides of the split,
- possibly ceasing to exist on one side of the split. When the split
- is healed, the connecting servers announce to each other who they
- think is in each channel and the mode of that channel. If the
- channel exists on both sides, the JOINs and MODEs are interpreted in
- an inclusive manner so that both sides of the new connection will
- agree about which clients are in the channel and what modes the
- channel has.
-
-1.3.1 Channel Operators
-
- The channel operator (also referred to as a "chop" or "chanop") on a
- given channel is considered to 'own' that channel. In recognition of
- this status, channel operators are endowed with certain powers which
- enable them to keep control and some sort of sanity in their channel.
- As an owner of a channel, a channel operator is not required to have
- reasons for their actions, although if their actions are generally
- antisocial or otherwise abusive, it might be reasonable to ask an IRC
- operator to intervene, or for the usersjust leave and go elsewhere
- and form their own channel.
-
- The commands which may only be used by channel operators are:
-
- KICK - Eject a client from the channel
- MODE - Change the channel's mode
- INVITE - Invite a client to an invite-only channel (mode +i)
- TOPIC - Change the channel topic in a mode +t channel
-
-
-
-
-Oikarinen & Reed [Page 6]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- A channel operator is identified by the '@' symbol next to their
- nickname whenever it is associated with a channel (ie replies to the
- NAMES, WHO and WHOIS commands).
-
-2. The IRC Specification
-
-2.1 Overview
-
- The protocol as described herein is for use both with server to
- server and client to server connections. There are, however, more
- restrictions on client connections (which are considered to be
- untrustworthy) than on server connections.
-
-2.2 Character codes
-
- No specific character set is specified. The protocol is based on a a
- set of codes which are composed of eight (8) bits, making up an
- octet. Each message may be composed of any number of these octets;
- however, some octet values are used for control codes which act as
- message delimiters.
-
- Regardless of being an 8-bit protocol, the delimiters and keywords
- are such that protocol is mostly usable from USASCII terminal and a
- telnet connection.
-
- Because of IRC's scandanavian origin, the characters {}| are
- considered to be the lower case equivalents of the characters []\,
- respectively. This is a critical issue when determining the
- equivalence of two nicknames.
-
-2.3 Messages
-
- Servers and clients send eachother messages which may or may not
- generate a reply. If the message contains a valid command, as
- described in later sections, the client should expect a reply as
- specified but it is not advised to wait forever for the reply; client
- to server and server to server communication is essentially
- asynchronous in nature.
-
- Each IRC message may consist of up to three main parts: the prefix
- (optional), the command, and the command parameters (of which there
- may be up to 15). The prefix, command, and all parameters are
- separated by one (or more) ASCII space character(s) (0x20).
-
- The presence of a prefix is indicated with a single leading ASCII
- colon character (':', 0x3b), which must be the first character of the
- message itself. There must be no gap (whitespace) between the colon
- and the prefix. The prefix is used by servers to indicate the true
-
-
-
-Oikarinen & Reed [Page 7]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- origin of the message. If the prefix is missing from the message, it
- is assumed to have originated from the connection from which it was
- received. Clients should not use prefix when sending a message from
- themselves; if they use a prefix, the only valid prefix is the
- registered nickname associated with the client. If the source
- identified by the prefix cannot be found from the server's internal
- database, or if the source is registered from a different link than
- from which the message arrived, the server must ignore the message
- silently.
-
- The command must either be a valid IRC command or a three (3) digit
- number represented in ASCII text.
-
- IRC messages are always lines of characters terminated with a CR-LF
- (Carriage Return - Line Feed) pair, and these messages shall not
- exceed 512 characters in length, counting all characters including
- the trailing CR-LF. Thus, there are 510 characters maximum allowed
- for the command and its parameters. There is no provision for
- continuation message lines. See section 7 for more details about
- current implementations.
-
-2.3.1 Message format in 'pseudo' BNF
-
- The protocol messages must be extracted from the contiguous stream of
- octets. The current solution is to designate two characters, CR and
- LF, as message separators. Empty messages are silently ignored,
- which permits use of the sequence CR-LF between messages
- without extra problems.
-
- The extracted message is parsed into the components <prefix>,
- <command> and list of parameters matched either by <middle> or
- <trailing> components.
-
- The BNF representation for this is:
-
-
-<message> ::= [':' <prefix> <SPACE> ] <command> <params> <crlf>
-<prefix> ::= <servername> | <nick> [ '!' <user> ] [ '@' <host> ]
-<command> ::= <letter> { <letter> } | <number> <number> <number>
-<SPACE> ::= ' ' { ' ' }
-<params> ::= <SPACE> [ ':' <trailing> | <middle> <params> ]
-
-<middle> ::= <Any *non-empty* sequence of octets not including SPACE
- or NUL or CR or LF, the first of which may not be ':'>
-<trailing> ::= <Any, possibly *empty*, sequence of octets not including
- NUL or CR or LF>
-
-<crlf> ::= CR LF
-
-
-
-Oikarinen & Reed [Page 8]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-NOTES:
-
- 1) <SPACE> is consists only of SPACE character(s) (0x20).
- Specially notice that TABULATION, and all other control
- characters are considered NON-WHITE-SPACE.
-
- 2) After extracting the parameter list, all parameters are equal,
- whether matched by <middle> or <trailing>. <Trailing> is just
- a syntactic trick to allow SPACE within parameter.
-
- 3) The fact that CR and LF cannot appear in parameter strings is
- just artifact of the message framing. This might change later.
-
- 4) The NUL character is not special in message framing, and
- basically could end up inside a parameter, but as it would
- cause extra complexities in normal C string handling. Therefore
- NUL is not allowed within messages.
-
- 5) The last parameter may be an empty string.
-
- 6) Use of the extended prefix (['!' <user> ] ['@' <host> ]) must
- not be used in server to server communications and is only
- intended for server to client messages in order to provide
- clients with more useful information about who a message is
- from without the need for additional queries.
-
- Most protocol messages specify additional semantics and syntax for
- the extracted parameter strings dictated by their position in the
- list. For example, many server commands will assume that the first
- parameter after the command is the list of targets, which can be
- described with:
-
- <target> ::= <to> [ "," <target> ]
- <to> ::= <channel> | <user> '@' <servername> | <nick> | <mask>
- <channel> ::= ('#' | '&') <chstring>
- <servername> ::= <host>
- <host> ::= see RFC 952 [DNS:4] for details on allowed hostnames
- <nick> ::= <letter> { <letter> | <number> | <special> }
- <mask> ::= ('#' | '$') <chstring>
- <chstring> ::= <any 8bit code except SPACE, BELL, NUL, CR, LF and
- comma (',')>
-
- Other parameter syntaxes are:
-
- <user> ::= <nonwhite> { <nonwhite> }
- <letter> ::= 'a' ... 'z' | 'A' ... 'Z'
- <number> ::= '0' ... '9'
- <special> ::= '-' | '[' | ']' | '\' | '`' | '^' | '{' | '}'
-
-
-
-Oikarinen & Reed [Page 9]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- <nonwhite> ::= <any 8bit code except SPACE (0x20), NUL (0x0), CR
- (0xd), and LF (0xa)>
-
-2.4 Numeric replies
-
- Most of the messages sent to the server generate a reply of some
- sort. The most common reply is the numeric reply, used for both
- errors and normal replies. The numeric reply must be sent as one
- message consisting of the sender prefix, the three digit numeric, and
- the target of the reply. A numeric reply is not allowed to originate
- from a client; any such messages received by a server are silently
- dropped. In all other respects, a numeric reply is just like a normal
- message, except that the keyword is made up of 3 numeric digits
- rather than a string of letters. A list of different replies is
- supplied in section 6.
-
-3. IRC Concepts.
-
- This section is devoted to describing the actual concepts behind the
- organization of the IRC protocol and how the current
- implementations deliver different classes of messages.
-
-
-
- 1--\
- A D---4
- 2--/ \ /
- B----C
- / \
- 3 E
-
- Servers: A, B, C, D, E Clients: 1, 2, 3, 4
-
- [ Fig. 2. Sample small IRC network ]
-
-3.1 One-to-one communication
-
- Communication on a one-to-one basis is usually only performed by
- clients, since most server-server traffic is not a result of servers
- talking only to each other. To provide a secure means for clients to
- talk to each other, it is required that all servers be able to send a
- message in exactly one direction along the spanning tree in order to
- reach any client. The path of a message being delivered is the
- shortest path between any two points on the spanning tree.
-
- The following examples all refer to Figure 2 above.
-
-
-
-
-
-Oikarinen & Reed [Page 10]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-Example 1:
- A message between clients 1 and 2 is only seen by server A, which
- sends it straight to client 2.
-
-Example 2:
- A message between clients 1 and 3 is seen by servers A & B, and
- client 3. No other clients or servers are allowed see the message.
-
-Example 3:
- A message between clients 2 and 4 is seen by servers A, B, C & D
- and client 4 only.
-
-3.2 One-to-many
-
- The main goal of IRC is to provide a forum which allows easy and
- efficient conferencing (one to many conversations). IRC offers
- several means to achieve this, each serving its own purpose.
-
-3.2.1 To a list
-
- The least efficient style of one-to-many conversation is through
- clients talking to a 'list' of users. How this is done is almost
- self explanatory: the client gives a list of destinations to which
- the message is to be delivered and the server breaks it up and
- dispatches a separate copy of the message to each given destination.
- This isn't as efficient as using a group since the destination list
- is broken up and the dispatch sent without checking to make sure
- duplicates aren't sent down each path.
-
-3.2.2 To a group (channel)
-
- In IRC the channel has a role equivalent to that of the multicast
- group; their existence is dynamic (coming and going as people join
- and leave channels) and the actual conversation carried out on a
- channel is only sent to servers which are supporting users on a given
- channel. If there are multiple users on a server in the same
- channel, the message text is sent only once to that server and then
- sent to each client on the channel. This action is then repeated for
- each client-server combination until the original message has fanned
- out and reached each member of the channel.
-
- The following examples all refer to Figure 2.
-
-Example 4:
- Any channel with 1 client in it. Messages to the channel go to the
- server and then nowhere else.
-
-
-
-
-
-Oikarinen & Reed [Page 11]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-Example 5:
- 2 clients in a channel. All messages traverse a path as if they
- were private messages between the two clients outside a channel.
-
-Example 6:
- Clients 1, 2 and 3 in a channel. All messages to the channel are
- sent to all clients and only those servers which must be traversed
- by the message if it were a private message to a single client. If
- client 1 sends a message, it goes back to client 2 and then via
- server B to client 3.
-
-3.2.3 To a host/server mask
-
- To provide IRC operators with some mechanism to send messages to a
- large body of related users, host and server mask messages are
- provided. These messages are sent to users whose host or server
- information match that of the mask. The messages are only sent to
- locations where users are, in a fashion similar to that of channels.
-
-3.3 One-to-all
-
- The one-to-all type of message is better described as a broadcast
- message, sent to all clients or servers or both. On a large network
- of users and servers, a single message can result in a lot of traffic
- being sent over the network in an effort to reach all of the desired
- destinations.
-
- For some messages, there is no option but to broadcast it to all
- servers so that the state information held by each server is
- reasonably consistent between servers.
-
-3.3.1 Client-to-Client
-
- There is no class of message which, from a single message, results in
- a message being sent to every other client.
-
-3.3.2 Client-to-Server
-
- Most of the commands which result in a change of state information
- (such as channel membership, channel mode, user status, etc) must be
- sent to all servers by default, and this distribution may not be
- changed by the client.
-
-3.3.3 Server-to-Server.
-
- While most messages between servers are distributed to all 'other'
- servers, this is only required for any message that affects either a
- user, channel or server. Since these are the basic items found in
-
-
-
-Oikarinen & Reed [Page 12]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- IRC, nearly all messages originating from a server are broadcast to
- all other connected servers.
-
-4. Message details
-
- On the following pages are descriptions of each message recognized by
- the IRC server and client. All commands described in this section
- must be implemented by any server for this protocol.
-
- Where the reply ERR_NOSUCHSERVER is listed, it means that the
- <server> parameter could not be found. The server must not send any
- other replies after this for that command.
-
- The server to which a client is connected is required to parse the
- complete message, returning any appropriate errors. If the server
- encounters a fatal error while parsing a message, an error must be
- sent back to the client and the parsing terminated. A fatal error
- may be considered to be incorrect command, a destination which is
- otherwise unknown to the server (server, nick or channel names fit
- this category), not enough parameters or incorrect privileges.
-
- If a full set of parameters is presented, then each must be checked
- for validity and appropriate responses sent back to the client. In
- the case of messages which use parameter lists using the comma as an
- item separator, a reply must be sent for each item.
-
- In the examples below, some messages appear using the full format:
-
- :Name COMMAND parameter list
-
- Such examples represent a message from "Name" in transit between
- servers, where it is essential to include the name of the original
- sender of the message so remote servers may send back a reply along
- the correct path.
-
-4.1 Connection Registration
-
- The commands described here are used to register a connection with an
- IRC server as either a user or a server as well as correctly
- disconnect.
-
- A "PASS" command is not required for either client or server
- connection to be registered, but it must precede the server message
- or the latter of the NICK/USER combination. It is strongly
- recommended that all server connections have a password in order to
- give some level of security to the actual connections. The
- recommended order for a client to register is as follows:
-
-
-
-
-Oikarinen & Reed [Page 13]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- 1. Pass message
- 2. Nick message
- 3. User message
-
-4.1.1 Password message
-
-
- Command: PASS
- Parameters: <password>
-
- The PASS command is used to set a 'connection password'. The
- password can and must be set before any attempt to register the
- connection is made. Currently this requires that clients send a PASS
- command before sending the NICK/USER combination and servers *must*
- send a PASS command before any SERVER command. The password supplied
- must match the one contained in the C/N lines (for servers) or I
- lines (for clients). It is possible to send multiple PASS commands
- before registering but only the last one sent is used for
- verification and it may not be changed once registered. Numeric
- Replies:
-
- ERR_NEEDMOREPARAMS ERR_ALREADYREGISTRED
-
- Example:
-
- PASS secretpasswordhere
-
-4.1.2 Nick message
-
- Command: NICK
- Parameters: <nickname> [ <hopcount> ]
-
- NICK message is used to give user a nickname or change the previous
- one. The <hopcount> parameter is only used by servers to indicate
- how far away a nick is from its home server. A local connection has
- a hopcount of 0. If supplied by a client, it must be ignored.
-
- If a NICK message arrives at a server which already knows about an
- identical nickname for another client, a nickname collision occurs.
- As a result of a nickname collision, all instances of the nickname
- are removed from the server's database, and a KILL command is issued
- to remove the nickname from all other server's database. If the NICK
- message causing the collision was a nickname change, then the
- original (old) nick must be removed as well.
-
- If the server recieves an identical NICK from a client which is
- directly connected, it may issue an ERR_NICKCOLLISION to the local
- client, drop the NICK command, and not generate any kills.
-
-
-
-Oikarinen & Reed [Page 14]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- Numeric Replies:
-
- ERR_NONICKNAMEGIVEN ERR_ERRONEUSNICKNAME
- ERR_NICKNAMEINUSE ERR_NICKCOLLISION
-
- Example:
-
- NICK Wiz ; Introducing new nick "Wiz".
-
- :WiZ NICK Kilroy ; WiZ changed his nickname to Kilroy.
-
-4.1.3 User message
-
- Command: USER
- Parameters: <username> <hostname> <servername> <realname>
-
- The USER message is used at the beginning of connection to specify
- the username, hostname, servername and realname of s new user. It is
- also used in communication between servers to indicate new user
- arriving on IRC, since only after both USER and NICK have been
- received from a client does a user become registered.
-
- Between servers USER must to be prefixed with client's NICKname.
- Note that hostname and servername are normally ignored by the IRC
- server when the USER command comes from a directly connected client
- (for security reasons), but they are used in server to server
- communication. This means that a NICK must always be sent to a
- remote server when a new user is being introduced to the rest of the
- network before the accompanying USER is sent.
-
- It must be noted that realname parameter must be the last parameter,
- because it may contain space characters and must be prefixed with a
- colon (':') to make sure this is recognised as such.
-
- Since it is easy for a client to lie about its username by relying
- solely on the USER message, the use of an "Identity Server" is
- recommended. If the host which a user connects from has such a
- server enabled the username is set to that as in the reply from the
- "Identity Server".
-
- Numeric Replies:
-
- ERR_NEEDMOREPARAMS ERR_ALREADYREGISTRED
-
- Examples:
-
-
- USER guest tolmoon tolsun :Ronnie Reagan
-
-
-
-Oikarinen & Reed [Page 15]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- ; User registering themselves with a
- username of "guest" and real name
- "Ronnie Reagan".
-
-
- :testnick USER guest tolmoon tolsun :Ronnie Reagan
- ; message between servers with the
- nickname for which the USER command
- belongs to
-
-4.1.4 Server message
-
- Command: SERVER
- Parameters: <servername> <hopcount> <info>
-
- The server message is used to tell a server that the other end of a
- new connection is a server. This message is also used to pass server
- data over whole net. When a new server is connected to net,
- information about it be broadcast to the whole network. <hopcount>
- is used to give all servers some internal information on how far away
- all servers are. With a full server list, it would be possible to
- construct a map of the entire server tree, but hostmasks prevent this
- from being done.
-
- The SERVER message must only be accepted from either (a) a connection
- which is yet to be registered and is attempting to register as a
- server, or (b) an existing connection to another server, in which
- case the SERVER message is introducing a new server behind that
- server.
-
- Most errors that occur with the receipt of a SERVER command result in
- the connection being terminated by the destination host (target
- SERVER). Error replies are usually sent using the "ERROR" command
- rather than the numeric since the ERROR command has several useful
- properties which make it useful here.
-
- If a SERVER message is parsed and attempts to introduce a server
- which is already known to the receiving server, the connection from
- which that message must be closed (following the correct procedures),
- since a duplicate route to a server has formed and the acyclic nature
- of the IRC tree broken.
-
- Numeric Replies:
-
- ERR_ALREADYREGISTRED
-
- Example:
-
-
-
-
-Oikarinen & Reed [Page 16]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-SERVER test.oulu.fi 1 :[tolsun.oulu.fi] Experimental server
- ; New server test.oulu.fi introducing
- itself and attempting to register. The
- name in []'s is the hostname for the
- host running test.oulu.fi.
-
-
-:tolsun.oulu.fi SERVER csd.bu.edu 5 :BU Central Server
- ; Server tolsun.oulu.fi is our uplink
- for csd.bu.edu which is 5 hops away.
-
-4.1.5 Oper
-
- Command: OPER
- Parameters: <user> <password>
-
- OPER message is used by a normal user to obtain operator privileges.
- The combination of <user> and <password> are required to gain
- Operator privileges.
-
- If the client sending the OPER command supplies the correct password
- for the given user, the server then informs the rest of the network
- of the new operator by issuing a "MODE +o" for the clients nickname.
-
- The OPER message is client-server only.
-
- Numeric Replies:
-
- ERR_NEEDMOREPARAMS RPL_YOUREOPER
- ERR_NOOPERHOST ERR_PASSWDMISMATCH
-
- Example:
-
- OPER foo bar ; Attempt to register as an operator
- using a username of "foo" and "bar" as
- the password.
-
-4.1.6 Quit
-
- Command: QUIT
- Parameters: [<Quit message>]
-
- A client session is ended with a quit message. The server must close
- the connection to a client which sends a QUIT message. If a "Quit
- Message" is given, this will be sent instead of the default message,
- the nickname.
-
- When netsplits (disconnecting of two servers) occur, the quit message
-
-
-
-Oikarinen & Reed [Page 17]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- is composed of the names of two servers involved, separated by a
- space. The first name is that of the server which is still connected
- and the second name is that of the server that has become
- disconnected.
-
- If, for some other reason, a client connection is closed without the
- client issuing a QUIT command (e.g. client dies and EOF occurs
- on socket), the server is required to fill in the quit message with
- some sort of message reflecting the nature of the event which
- caused it to happen.
-
- Numeric Replies:
-
- None.
-
- Examples:
-
- QUIT :Gone to have lunch ; Preferred message format.
-
-4.1.7 Server quit message
-
- Command: SQUIT
- Parameters: <server> <comment>
-
- The SQUIT message is needed to tell about quitting or dead servers.
- If a server wishes to break the connection to another server it must
- send a SQUIT message to the other server, using the the name of the
- other server as the server parameter, which then closes its
- connection to the quitting server.
-
- This command is also available operators to help keep a network of
- IRC servers connected in an orderly fashion. Operators may also
- issue an SQUIT message for a remote server connection. In this case,
- the SQUIT must be parsed by each server inbetween the operator and
- the remote server, updating the view of the network held by each
- server as explained below.
-
- The <comment> should be supplied by all operators who execute a SQUIT
- for a remote server (that is not connected to the server they are
- currently on) so that other operators are aware for the reason of
- this action. The <comment> is also filled in by servers which may
- place an error or similar message here.
-
- Both of the servers which are on either side of the connection being
- closed are required to to send out a SQUIT message (to all its other
- server connections) for all other servers which are considered to be
- behind that link.
-
-
-
-
-Oikarinen & Reed [Page 18]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- Similarly, a QUIT message must be sent to the other connected servers
- rest of the network on behalf of all clients behind that link. In
- addition to this, all channel members of a channel which lost a
- member due to the split must be sent a QUIT message.
-
- If a server connection is terminated prematurely (e.g. the server on
- the other end of the link died), the server which detects
- this disconnection is required to inform the rest of the network
- that the connection has closed and fill in the comment field
- with something appropriate.
-
- Numeric replies:
-
- ERR_NOPRIVILEGES ERR_NOSUCHSERVER
-
- Example:
-
- SQUIT tolsun.oulu.fi :Bad Link ? ; the server link tolson.oulu.fi has
- been terminated because of "Bad Link".
-
- :Trillian SQUIT cm22.eng.umd.edu :Server out of control
- ; message from Trillian to disconnect
- "cm22.eng.umd.edu" from the net
- because "Server out of control".
-
-4.2 Channel operations
-
- This group of messages is concerned with manipulating channels, their
- properties (channel modes), and their contents (typically clients).
- In implementing these, a number of race conditions are inevitable
- when clients at opposing ends of a network send commands which will
- ultimately clash. It is also required that servers keep a nickname
- history to ensure that wherever a <nick> parameter is given, the
- server check its history in case it has recently been changed.
-
-4.2.1 Join message
-
- Command: JOIN
- Parameters: <channel>{,<channel>} [<key>{,<key>}]
-
- The JOIN command is used by client to start listening a specific
- channel. Whether or not a client is allowed to join a channel is
- checked only by the server the client is connected to; all other
- servers automatically add the user to the channel when it is received
- from other servers. The conditions which affect this are as follows:
-
- 1. the user must be invited if the channel is invite-only;
-
-
-
-
-Oikarinen & Reed [Page 19]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- 2. the user's nick/username/hostname must not match any
- active bans;
-
- 3. the correct key (password) must be given if it is set.
-
- These are discussed in more detail under the MODE command (see
- section 4.2.3 for more details).
-
- Once a user has joined a channel, they receive notice about all
- commands their server receives which affect the channel. This
- includes MODE, KICK, PART, QUIT and of course PRIVMSG/NOTICE. The
- JOIN command needs to be broadcast to all servers so that each server
- knows where to find the users who are on the channel. This allows
- optimal delivery of PRIVMSG/NOTICE messages to the channel.
-
- If a JOIN is successful, the user is then sent the channel's topic
- (using RPL_TOPIC) and the list of users who are on the channel (using
- RPL_NAMREPLY), which must include the user joining.
-
- Numeric Replies:
-
- ERR_NEEDMOREPARAMS ERR_BANNEDFROMCHAN
- ERR_INVITEONLYCHAN ERR_BADCHANNELKEY
- ERR_CHANNELISFULL ERR_BADCHANMASK
- ERR_NOSUCHCHANNEL ERR_TOOMANYCHANNELS
- RPL_TOPIC
-
- Examples:
-
- JOIN #foobar ; join channel #foobar.
-
- JOIN &foo fubar ; join channel &foo using key "fubar".
-
- JOIN #foo,&bar fubar ; join channel #foo using key "fubar"
- and &bar using no key.
-
- JOIN #foo,#bar fubar,foobar ; join channel #foo using key "fubar".
- and channel #bar using key "foobar".
-
- JOIN #foo,#bar ; join channels #foo and #bar.
-
- :WiZ JOIN #Twilight_zone ; JOIN message from WiZ
-
-4.2.2 Part message
-
- Command: PART
- Parameters: <channel>{,<channel>}
-
-
-
-
-Oikarinen & Reed [Page 20]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- The PART message causes the client sending the message to be removed
- from the list of active users for all given channels listed in the
- parameter string.
-
- Numeric Replies:
-
- ERR_NEEDMOREPARAMS ERR_NOSUCHCHANNEL
- ERR_NOTONCHANNEL
-
- Examples:
-
- PART #twilight_zone ; leave channel "#twilight_zone"
-
- PART #oz-ops,&group5 ; leave both channels "&group5" and
- "#oz-ops".
-
-4.2.3 Mode message
-
- Command: MODE
-
- The MODE command is a dual-purpose command in IRC. It allows both
- usernames and channels to have their mode changed. The rationale for
- this choice is that one day nicknames will be obsolete and the
- equivalent property will be the channel.
-
- When parsing MODE messages, it is recommended that the entire message
- be parsed first and then the changes which resulted then passed on.
-
-4.2.3.1 Channel modes
-
- Parameters: <channel> {[+|-]|o|p|s|i|t|n|b|v} [<limit>] [<user>]
- [<ban mask>]
-
- The MODE command is provided so that channel operators may change the
- characteristics of `their' channel. It is also required that servers
- be able to change channel modes so that channel operators may be
- created.
-
- The various modes available for channels are as follows:
-
- o - give/take channel operator privileges;
- p - private channel flag;
- s - secret channel flag;
- i - invite-only channel flag;
- t - topic settable by channel operator only flag;
- n - no messages to channel from clients on the outside;
- m - moderated channel;
- l - set the user limit to channel;
-
-
-
-Oikarinen & Reed [Page 21]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- b - set a ban mask to keep users out;
- v - give/take the ability to speak on a moderated channel;
- k - set a channel key (password).
-
- When using the 'o' and 'b' options, a restriction on a total of three
- per mode command has been imposed. That is, any combination of 'o'
- and
-
-4.2.3.2 User modes
-
- Parameters: <nickname> {[+|-]|i|w|s|o}
-
- The user MODEs are typically changes which affect either how the
- client is seen by others or what 'extra' messages the client is sent.
- A user MODE command may only be accepted if both the sender of the
- message and the nickname given as a parameter are both the same.
-
- The available modes are as follows:
-
- i - marks a users as invisible;
- s - marks a user for receipt of server notices;
- w - user receives wallops;
- o - operator flag.
-
- Additional modes may be available later on.
-
- If a user attempts to make themselves an operator using the "+o"
- flag, the attempt should be ignored. There is no restriction,
- however, on anyone `deopping' themselves (using "-o"). Numeric
- Replies:
-
- ERR_NEEDMOREPARAMS RPL_CHANNELMODEIS
- ERR_CHANOPRIVSNEEDED ERR_NOSUCHNICK
- ERR_NOTONCHANNEL ERR_KEYSET
- RPL_BANLIST RPL_ENDOFBANLIST
- ERR_UNKNOWNMODE ERR_NOSUCHCHANNEL
-
- ERR_USERSDONTMATCH RPL_UMODEIS
- ERR_UMODEUNKNOWNFLAG
-
- Examples:
-
- Use of Channel Modes:
-
-MODE #Finnish +im ; Makes #Finnish channel moderated and
- 'invite-only'.
-
-MODE #Finnish +o Kilroy ; Gives 'chanop' privileges to Kilroy on
-
-
-
-Oikarinen & Reed [Page 22]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- channel #Finnish.
-
-MODE #Finnish +v Wiz ; Allow WiZ to speak on #Finnish.
-
-MODE #Fins -s ; Removes 'secret' flag from channel
- #Fins.
-
-MODE #42 +k oulu ; Set the channel key to "oulu".
-
-MODE #eu-opers +l 10 ; Set the limit for the number of users
- on channel to 10.
-
-MODE &oulu +b ; list ban masks set for channel.
-
-MODE &oulu +b *!*@* ; prevent all users from joining.
-
-MODE &oulu +b *!*@*.edu ; prevent any user from a hostname
- matching *.edu from joining.
-
- Use of user Modes:
-
-:MODE WiZ -w ; turns reception of WALLOPS messages
- off for WiZ.
-
-:Angel MODE Angel +i ; Message from Angel to make themselves
- invisible.
-
-MODE WiZ -o ; WiZ 'deopping' (removing operator
- status). The plain reverse of this
- command ("MODE WiZ +o") must not be
- allowed from users since would bypass
- the OPER command.
-
-4.2.4 Topic message
-
- Command: TOPIC
- Parameters: <channel> [<topic>]
-
- The TOPIC message is used to change or view the topic of a channel.
- The topic for channel <channel> is returned if there is no <topic>
- given. If the <topic> parameter is present, the topic for that
- channel will be changed, if the channel modes permit this action.
-
- Numeric Replies:
-
- ERR_NEEDMOREPARAMS ERR_NOTONCHANNEL
- RPL_NOTOPIC RPL_TOPIC
- ERR_CHANOPRIVSNEEDED
-
-
-
-Oikarinen & Reed [Page 23]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- Examples:
-
- :Wiz TOPIC #test :New topic ;User Wiz setting the topic.
-
- TOPIC #test :another topic ;set the topic on #test to "another
- topic".
-
- TOPIC #test ; check the topic for #test.
-
-4.2.5 Names message
-
- Command: NAMES
- Parameters: [<channel>{,<channel>}]
-
- By using the NAMES command, a user can list all nicknames that are
- visible to them on any channel that they can see. Channel names
- which they can see are those which aren't private (+p) or secret (+s)
- or those which they are actually on. The <channel> parameter
- specifies which channel(s) to return information about if valid.
- There is no error reply for bad channel names.
-
- If no <channel> parameter is given, a list of all channels and their
- occupants is returned. At the end of this list, a list of users who
- are visible but either not on any channel or not on a visible channel
- are listed as being on `channel' "*".
-
- Numerics:
-
- RPL_NAMREPLY RPL_ENDOFNAMES
-
- Examples:
-
- NAMES #twilight_zone,#42 ; list visible users on #twilight_zone
- and #42 if the channels are visible to
- you.
-
- NAMES ; list all visible channels and users
-
-4.2.6 List message
-
- Command: LIST
- Parameters: [<channel>{,<channel>} [<server>]]
-
- The list message is used to list channels and their topics. If the
- <channel> parameter is used, only the status of that channel
- is displayed. Private channels are listed (without their
- topics) as channel "Prv" unless the client generating the query is
- actually on that channel. Likewise, secret channels are not listed
-
-
-
-Oikarinen & Reed [Page 24]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- at all unless the client is a member of the channel in question.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER RPL_LISTSTART
- RPL_LIST RPL_LISTEND
-
- Examples:
-
- LIST ; List all channels.
-
- LIST #twilight_zone,#42 ; List channels #twilight_zone and #42
-
-4.2.7 Invite message
-
- Command: INVITE
- Parameters: <nickname> <channel>
-
- The INVITE message is used to invite users to a channel. The
- parameter <nickname> is the nickname of the person to be invited to
- the target channel <channel>. There is no requirement that the
- channel the target user is being invited to must exist or be a valid
- channel. To invite a user to a channel which is invite only (MODE
- +i), the client sending the invite must be recognised as being a
- channel operator on the given channel.
-
- Numeric Replies:
-
- ERR_NEEDMOREPARAMS ERR_NOSUCHNICK
- ERR_NOTONCHANNEL ERR_USERONCHANNEL
- ERR_CHANOPRIVSNEEDED
- RPL_INVITING RPL_AWAY
-
- Examples:
-
- :Angel INVITE Wiz #Dust ; User Angel inviting WiZ to channel
- #Dust
-
- INVITE Wiz #Twilight_Zone ; Command to invite WiZ to
- #Twilight_zone
-
-4.2.8 Kick command
-
- Command: KICK
- Parameters: <channel> <user> [<comment>]
-
- The KICK command can be used to forcibly remove a user from a
- channel. It 'kicks them out' of the channel (forced PART).
-
-
-
-Oikarinen & Reed [Page 25]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- Only a channel operator may kick another user out of a channel.
- Each server that receives a KICK message checks that it is valid
- (ie the sender is actually a channel operator) before removing
- the victim from the channel.
-
- Numeric Replies:
-
- ERR_NEEDMOREPARAMS ERR_NOSUCHCHANNEL
- ERR_BADCHANMASK ERR_CHANOPRIVSNEEDED
- ERR_NOTONCHANNEL
-
- Examples:
-
-KICK &Melbourne Matthew ; Kick Matthew from &Melbourne
-
-KICK #Finnish John :Speaking English
- ; Kick John from #Finnish using
- "Speaking English" as the reason
- (comment).
-
-:WiZ KICK #Finnish John ; KICK message from WiZ to remove John
- from channel #Finnish
-
-NOTE:
- It is possible to extend the KICK command parameters to the
-following:
-
-<channel>{,<channel>} <user>{,<user>} [<comment>]
-
-4.3 Server queries and commands
-
- The server query group of commands has been designed to return
- information about any server which is connected to the network. All
- servers connected must respond to these queries and respond
- correctly. Any invalid response (or lack thereof) must be considered
- a sign of a broken server and it must be disconnected/disabled as
- soon as possible until the situation is remedied.
-
- In these queries, where a parameter appears as "<server>", it will
- usually mean it can be a nickname or a server or a wildcard name of
- some sort. For each parameter, however, only one query and set of
- replies is to be generated.
-
-4.3.1 Version message
-
- Command: VERSION
- Parameters: [<server>]
-
-
-
-
-Oikarinen & Reed [Page 26]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- The VERSION message is used to query the version of the server
- program. An optional parameter <server> is used to query the version
- of the server program which a client is not directly connected to.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER RPL_VERSION
-
- Examples:
-
- :Wiz VERSION *.se ; message from Wiz to check the version
- of a server matching "*.se"
-
- VERSION tolsun.oulu.fi ; check the version of server
- "tolsun.oulu.fi".
-
-4.3.2 Stats message
-
- Command: STATS
- Parameters: [<query> [<server>]]
-
- The stats message is used to query statistics of certain server. If
- <server> parameter is omitted, only the end of stats reply is sent
- back. The implementation of this command is highly dependent on the
- server which replies, although the server must be able to supply
- information as described by the queries below (or similar).
-
- A query may be given by any single letter which is only checked by
- the destination server (if given as the <server> parameter) and is
- otherwise passed on by intermediate servers, ignored and unaltered.
- The following queries are those found in the current IRC
- implementation and provide a large portion of the setup information
- for that server. Although these may not be supported in the same way
- by other versions, all servers should be able to supply a valid reply
- to a STATS query which is consistent with the reply formats currently
- used and the purpose of the query.
-
- The currently supported queries are:
-
- c - returns a list of servers which the server may connect
- to or allow connections from;
- h - returns a list of servers which are either forced to be
- treated as leaves or allowed to act as hubs;
- i - returns a list of hosts which the server allows a client
- to connect from;
- k - returns a list of banned username/hostname combinations
- for that server;
- l - returns a list of the server's connections, showing how
-
-
-
-Oikarinen & Reed [Page 27]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- long each connection has been established and the traffic
- over that connection in bytes and messages for each
- direction;
- m - returns a list of commands supported by the server and
- the usage count for each if the usage count is non zero;
- o - returns a list of hosts from which normal clients may
- become operators;
- y - show Y (Class) lines from server's configuration file;
- u - returns a string showing how long the server has been up.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER
- RPL_STATSCLINE RPL_STATSNLINE
- RPL_STATSILINE RPL_STATSKLINE
- RPL_STATSQLINE RPL_STATSLLINE
- RPL_STATSLINKINFO RPL_STATSUPTIME
- RPL_STATSCOMMANDS RPL_STATSOLINE
- RPL_STATSHLINE RPL_ENDOFSTATS
-
- Examples:
-
-STATS m ; check the command usage for the server
- you are connected to
-
-:Wiz STATS c eff.org ; request by WiZ for C/N line
- information from server eff.org
-
-4.3.3 Links message
-
- Command: LINKS
- Parameters: [[<remote server>] <server mask>]
-
- With LINKS, a user can list all servers which are known by the server
- answering the query. The returned list of servers must match the
- mask, or if no mask is given, the full list is returned.
-
- If <remote server> is given in addition to <server mask>, the LINKS
- command is forwarded to the first server found that matches that name
- (if any), and that server is then required to answer the query.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER
- RPL_LINKS RPL_ENDOFLINKS
-
- Examples:
-
-
-
-
-Oikarinen & Reed [Page 28]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-LINKS *.au ; list all servers which have a name
- that matches *.au;
-
-:WiZ LINKS *.bu.edu *.edu ; LINKS message from WiZ to the first
- server matching *.edu for a list of
- servers matching *.bu.edu.
-
-4.3.4 Time message
-
- Command: TIME
- Parameters: [<server>]
-
- The time message is used to query local time from the specified
- server. If the server parameter is not given, the server handling the
- command must reply to the query.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER RPL_TIME
-
- Examples:
-
- TIME tolsun.oulu.fi ; check the time on the server
- "tolson.oulu.fi"
-
- Angel TIME *.au ; user angel checking the time on a
- server matching "*.au"
-
-4.3.5 Connect message
-
- Command: CONNECT
- Parameters: <target server> [<port> [<remote server>]]
-
- The CONNECT command can be used to force a server to try to establish
- a new connection to another server immediately. CONNECT is a
- privileged command and is to be available only to IRC Operators. If
- a remote server is given then the CONNECT attempt is made by that
- server to <target server> and <port>.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER ERR_NOPRIVILEGES
- ERR_NEEDMOREPARAMS
-
- Examples:
-
-CONNECT tolsun.oulu.fi ; Attempt to connect a server to
- tolsun.oulu.fi
-
-
-
-Oikarinen & Reed [Page 29]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-:WiZ CONNECT eff.org 6667 csd.bu.edu
- ; CONNECT attempt by WiZ to get servers
- eff.org and csd.bu.edu connected on port
- 6667.
-
-4.3.6 Trace message
-
- Command: TRACE
- Parameters: [<server>]
-
- TRACE command is used to find the route to specific server. Each
- server that processes this message must tell the sender about it by
- sending a reply indicating it is a pass-through link, forming a chain
- of replies similar to that gained from using "traceroute". After
- sending this reply back, it must then send the TRACE message to the
- next server until given server is reached. If the <server> parameter
- is omitted, it is recommended that TRACE command send a message to
- the sender telling which servers the current server has direct
- connection to.
-
- If the destination given by "<server>" is an actual server, then the
- destination server is required to report all servers and users which
- are connected to it, although only operators are permitted to see
- users present. If the destination given by <server> is a nickname,
- they only a reply for that nickname is given.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER
-
- If the TRACE message is destined for another server, all intermediate
- servers must return a RPL_TRACELINK reply to indicate that the TRACE
- passed through it and where its going next.
-
- RPL_TRACELINK
- A TRACE reply may be composed of any number of the following numeric
- replies.
-
- RPL_TRACECONNECTING RPL_TRACEHANDSHAKE
- RPL_TRACEUNKNOWN RPL_TRACEOPERATOR
- RPL_TRACEUSER RPL_TRACESERVER
- RPL_TRACESERVICE RPL_TRACENEWTYPE
- RPL_TRACECLASS
-
- Examples:
-
-TRACE *.oulu.fi ; TRACE to a server matching *.oulu.fi
-
-
-
-
-Oikarinen & Reed [Page 30]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-:WiZ TRACE AngelDust ; TRACE issued by WiZ to nick AngelDust
-
-4.3.7 Admin command
-
- Command: ADMIN
- Parameters: [<server>]
-
- The admin message is used to find the name of the administrator of
- the given server, or current server if <server> parameter is omitted.
- Each server must have the ability to forward ADMIN messages to other
- servers.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER
- RPL_ADMINME RPL_ADMINLOC1
- RPL_ADMINLOC2 RPL_ADMINEMAIL
-
- Examples:
-
- ADMIN tolsun.oulu.fi ; request an ADMIN reply from
- tolsun.oulu.fi
-
- :WiZ ADMIN *.edu ; ADMIN request from WiZ for first
- server found to match *.edu.
-
-4.3.8 Info command
-
- Command: INFO
- Parameters: [<server>]
-
- The INFO command is required to return information which describes
- the server: its version, when it was compiled, the patchlevel, when
- it was started, and any other miscellaneous information which may be
- considered to be relevant.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER
- RPL_INFO RPL_ENDOFINFO
-
- Examples:
-
- INFO csd.bu.edu ; request an INFO reply from
- csd.bu.edu
-
- :Avalon INFO *.fi ; INFO request from Avalon for first
- server found to match *.fi.
-
-
-
-Oikarinen & Reed [Page 31]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- INFO Angel ; request info from the server that
- Angel is connected to.
-
-4.4 Sending messages
-
- The main purpose of the IRC protocol is to provide a base for clients
- to communicate with each other. PRIVMSG and NOTICE are the only
- messages available which actually perform delivery of a text message
- from one client to another - the rest just make it possible and try
- to ensure it happens in a reliable and structured manner.
-
-4.4.1 Private messages
-
- Command: PRIVMSG
- Parameters: <receiver>{,<receiver>} <text to be sent>
-
- PRIVMSG is used to send private messages between users. <receiver>
- is the nickname of the receiver of the message. <receiver> can also
- be a list of names or channels separated with commas.
-
- The <receiver> parameter may also me a host mask (#mask) or server
- mask ($mask). In both cases the server will only send the PRIVMSG
- to those who have a server or host matching the mask. The mask must
- have at least 1 (one) "." in it and no wildcards following the
- last ".". This requirement exists to prevent people sending messages
- to "#*" or "$*", which would broadcast to all users; from
- experience, this is abused more than used responsibly and properly.
- Wildcards are the '*' and '?' characters. This extension to
- the PRIVMSG command is only available to Operators.
-
- Numeric Replies:
-
- ERR_NORECIPIENT ERR_NOTEXTTOSEND
- ERR_CANNOTSENDTOCHAN ERR_NOTOPLEVEL
- ERR_WILDTOPLEVEL ERR_TOOMANYTARGETS
- ERR_NOSUCHNICK
- RPL_AWAY
-
- Examples:
-
-:Angel PRIVMSG Wiz :Hello are you receiving this message ?
- ; Message from Angel to Wiz.
-
-PRIVMSG Angel :yes I'm receiving it !receiving it !'u>(768u+1n) .br ;
- Message to Angel.
-
-PRIVMSG jto@tolsun.oulu.fi :Hello !
- ; Message to a client on server
-
-
-
-Oikarinen & Reed [Page 32]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- tolsun.oulu.fi with username of "jto".
-
-PRIVMSG $*.fi :Server tolsun.oulu.fi rebooting.
- ; Message to everyone on a server which
- has a name matching *.fi.
-
-PRIVMSG #*.edu :NSFNet is undergoing work, expect interruptions
- ; Message to all users who come from a
- host which has a name matching *.edu.
-
-4.4.2 Notice
-
- Command: NOTICE
- Parameters: <nickname> <text>
-
- The NOTICE message is used similarly to PRIVMSG. The difference
- between NOTICE and PRIVMSG is that automatic replies must never be
- sent in response to a NOTICE message. This rule applies to servers
- too - they must not send any error reply back to the client on
- receipt of a notice. The object of this rule is to avoid loops
- between a client automatically sending something in response to
- something it received. This is typically used by automatons (clients
- with either an AI or other interactive program controlling their
- actions) which are always seen to be replying lest they end up in a
- loop with another automaton.
-
- See PRIVMSG for more details on replies and examples.
-
-4.5 User based queries
-
- User queries are a group of commands which are primarily concerned
- with finding details on a particular user or group users. When using
- wildcards with any of these commands, if they match, they will only
- return information on users who are 'visible' to you. The visibility
- of a user is determined as a combination of the user's mode and the
- common set of channels you are both on.
-
-4.5.1 Who query
-
- Command: WHO
- Parameters: [<name> [<o>]]
-
- The WHO message is used by a client to generate a query which returns
- a list of information which 'matches' the <name> parameter given by
- the client. In the absence of the <name> parameter, all visible
- (users who aren't invisible (user mode +i) and who don't have a
- common channel with the requesting client) are listed. The same
- result can be achieved by using a <name> of "0" or any wildcard which
-
-
-
-Oikarinen & Reed [Page 33]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- will end up matching every entry possible.
-
- The <name> passed to WHO is matched against users' host, server, real
- name and nickname if the channel <name> cannot be found.
-
- If the "o" parameter is passed only operators are returned according
- to the name mask supplied.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER
- RPL_WHOREPLY RPL_ENDOFWHO
-
- Examples:
-
- WHO *.fi ; List all users who match against
- "*.fi".
-
- WHO jto* o ; List all users with a match against
- "jto*" if they are an operator.
-
-4.5.2 Whois query
-
- Command: WHOIS
- Parameters: [<server>] <nickmask>[,<nickmask>[,...]]
-
- This message is used to query information about particular user. The
- server will answer this message with several numeric messages
- indicating different statuses of each user which matches the nickmask
- (if you are entitled to see them). If no wildcard is present in the
- <nickmask>, any information about that nick which you are allowed to
- see is presented. A comma (',') separated list of nicknames may be
- given.
-
- The latter version sends the query to a specific server. It is
- useful if you want to know how long the user in question has been
- idle as only local server (ie. the server the user is directly
- connected to) knows that information, while everything else is
- globally known.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER ERR_NONICKNAMEGIVEN
- RPL_WHOISUSER RPL_WHOISCHANNELS
- RPL_WHOISCHANNELS RPL_WHOISSERVER
- RPL_AWAY RPL_WHOISOPERATOR
- RPL_WHOISIDLE ERR_NOSUCHNICK
- RPL_ENDOFWHOIS
-
-
-
-Oikarinen & Reed [Page 34]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- Examples:
-
- WHOIS wiz ; return available user information
- about nick WiZ
-
- WHOIS eff.org trillian ; ask server eff.org for user
- information about trillian
-
-4.5.3 Whowas
-
- Command: WHOWAS
- Parameters: <nickname> [<count> [<server>]]
-
- Whowas asks for information about a nickname which no longer exists.
- This may either be due to a nickname change or the user leaving IRC.
- In response to this query, the server searches through its nickname
- history, looking for any nicks which are lexically the same (no wild
- card matching here). The history is searched backward, returning the
- most recent entry first. If there are multiple entries, up to
- <count> replies will be returned (or all of them if no <count>
- parameter is given). If a non-positive number is passed as being
- <count>, then a full search is done.
-
- Numeric Replies:
-
- ERR_NONICKNAMEGIVEN ERR_WASNOSUCHNICK
- RPL_WHOWASUSER RPL_WHOISSERVER
- RPL_ENDOFWHOWAS
-
- Examples:
-
- WHOWAS Wiz ; return all information in the nick
- history about nick "WiZ";
-
- WHOWAS Mermaid 9 ; return at most, the 9 most recent
- entries in the nick history for
- "Mermaid";
-
- WHOWAS Trillian 1 *.edu ; return the most recent history for
- "Trillian" from the first server found
- to match "*.edu".
-
-4.6 Miscellaneous messages
-
- Messages in this category do not fit into any of the above categories
- but are nonetheless still a part of and required by the protocol.
-
-
-
-
-
-Oikarinen & Reed [Page 35]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-4.6.1 Kill message
-
- Command: KILL
- Parameters: <nickname> <comment>
-
- The KILL message is used to cause a client-server connection to be
- closed by the server which has the actual connection. KILL is used
- by servers when they encounter a duplicate entry in the list of valid
- nicknames and is used to remove both entries. It is also available
- to operators.
-
- Clients which have automatic reconnect algorithms effectively make
- this command useless since the disconnection is only brief. It does
- however break the flow of data and can be used to stop large amounts
- of being abused, any user may elect to receive KILL messages
- generated for others to keep an 'eye' on would be trouble spots.
-
- In an arena where nicknames are required to be globally unique at all
- times, KILL messages are sent whenever 'duplicates' are detected
- (that is an attempt to register two users with the same nickname) in
- the hope that both of them will disappear and only 1 reappear.
-
- The comment given must reflect the actual reason for the KILL. For
- server-generated KILLs it usually is made up of details concerning
- the origins of the two conflicting nicknames. For users it is left
- up to them to provide an adequate reason to satisfy others who see
- it. To prevent/discourage fake KILLs from being generated to hide
- the identify of the KILLer, the comment also shows a 'kill-path'
- which is updated by each server it passes through, each prepending
- its name to the path.
-
- Numeric Replies:
-
- ERR_NOPRIVILEGES ERR_NEEDMOREPARAMS
- ERR_NOSUCHNICK ERR_CANTKILLSERVER
-
-
- KILL David (csd.bu.edu <- tolsun.oulu.fi)
- ; Nickname collision between csd.bu.edu
- and tolson.oulu.fi
-
-
- NOTE:
- It is recommended that only Operators be allowed to kill other users
- with KILL message. In an ideal world not even operators would need
- to do this and it would be left to servers to deal with.
-
-
-
-
-
-Oikarinen & Reed [Page 36]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-4.6.2 Ping message
-
- Command: PING
- Parameters: <server1> [<server2>]
-
- The PING message is used to test the presence of an active client at
- the other end of the connection. A PING message is sent at regular
- intervals if no other activity detected coming from a connection. If
- a connection fails to respond to a PING command within a set amount
- of time, that connection is closed.
-
- Any client which receives a PING message must respond to <server1>
- (server which sent the PING message out) as quickly as possible with
- an appropriate PONG message to indicate it is still there and alive.
- Servers should not respond to PING commands but rely on PINGs from
- the other end of the connection to indicate the connection is alive.
- If the <server2> parameter is specified, the PING message gets
- forwarded there.
-
- Numeric Replies:
-
- ERR_NOORIGIN ERR_NOSUCHSERVER
-
- Examples:
-
- PING tolsun.oulu.fi ; server sending a PING message to
- another server to indicate it is still
- alive.
-
- PING WiZ ; PING message being sent to nick WiZ
-
-4.6.3 Pong message
-
- Command: PONG
- Parameters: <daemon> [<daemon2>]
-
- PONG message is a reply to ping message. If parameter <daemon2> is
- given this message must be forwarded to given daemon. The <daemon>
- parameter is the name of the daemon who has responded to PING message
- and generated this message.
-
- Numeric Replies:
-
- ERR_NOORIGIN ERR_NOSUCHSERVER
-
- Examples:
-
- PONG csd.bu.edu tolsun.oulu.fi ; PONG message from csd.bu.edu to
-
-
-
-Oikarinen & Reed [Page 37]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- tolsun.oulu.fi
-
-4.6.4 Error
-
- Command: ERROR
- Parameters: <error message>
-
- The ERROR command is for use by servers when reporting a serious or
- fatal error to its operators. It may also be sent from one server to
- another but must not be accepted from any normal unknown clients.
-
- An ERROR message is for use for reporting errors which occur with a
- server-to-server link only. An ERROR message is sent to the server
- at the other end (which sends it to all of its connected operators)
- and to all operators currently connected. It is not to be passed
- onto any other servers by a server if it is received from a server.
-
- When a server sends a received ERROR message to its operators, the
- message should be encapsulated inside a NOTICE message, indicating
- that the client was not responsible for the error.
-
- Numerics:
-
- None.
-
- Examples:
-
- ERROR :Server *.fi already exists; ERROR message to the other server
- which caused this error.
-
- NOTICE WiZ :ERROR from csd.bu.edu -- Server *.fi already exists
- ; Same ERROR message as above but sent
- to user WiZ on the other server.
-
-5. OPTIONALS
-
- This section describes OPTIONAL messages. They are not required in a
- working server implementation of the protocol described herein. In
- the absence of the option, an error reply message must be generated
- or an unknown command error. If the message is destined for another
- server to answer then it must be passed on (elementary parsing
- required) The allocated numerics for this are listed with the
- messages below.
-
-5.1 Away
-
- Command: AWAY
- Parameters: [message]
-
-
-
-Oikarinen & Reed [Page 38]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- With the AWAY message, clients can set an automatic reply string for
- any PRIVMSG commands directed at them (not to a channel they are on).
- The automatic reply is sent by the server to client sending the
- PRIVMSG command. The only replying server is the one to which the
- sending client is connected to.
-
- The AWAY message is used either with one parameter (to set an AWAY
- message) or with no parameters (to remove the AWAY message).
-
- Numeric Replies:
-
- RPL_UNAWAY RPL_NOWAWAY
-
- Examples:
-
- AWAY :Gone to lunch. Back in 5 ; set away message to "Gone to lunch.
- Back in 5".
-
- :WiZ AWAY ; unmark WiZ as being away.
-
-
-5.2 Rehash message
-
- Command: REHASH
- Parameters: None
-
- The rehash message can be used by the operator to force the server to
- re-read and process its configuration file.
-
- Numeric Replies:
-
- RPL_REHASHING ERR_NOPRIVILEGES
-
-Examples:
-
-REHASH ; message from client with operator
- status to server asking it to reread its
- configuration file.
-
-5.3 Restart message
-
- Command: RESTART
- Parameters: None
-
- The restart message can only be used by an operator to force a server
- restart itself. This message is optional since it may be viewed as a
- risk to allow arbitrary people to connect to a server as an operator
- and execute this command, causing (at least) a disruption to service.
-
-
-
-Oikarinen & Reed [Page 39]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- The RESTART command must always be fully processed by the server to
- which the sending client is connected and not be passed onto other
- connected servers.
-
- Numeric Replies:
-
- ERR_NOPRIVILEGES
-
- Examples:
-
- RESTART ; no parameters required.
-
-5.4 Summon message
-
- Command: SUMMON
- Parameters: <user> [<server>]
-
- The SUMMON command can be used to give users who are on a host
- running an IRC server a message asking them to please join IRC. This
- message is only sent if the target server (a) has SUMMON enabled, (b)
- the user is logged in and (c) the server process can write to the
- user's tty (or similar).
-
- If no <server> parameter is given it tries to summon <user> from the
- server the client is connected to is assumed as the target.
-
- If summon is not enabled in a server, it must return the
- ERR_SUMMONDISABLED numeric and pass the summon message onwards.
-
- Numeric Replies:
-
- ERR_NORECIPIENT ERR_FILEERROR
- ERR_NOLOGIN ERR_NOSUCHSERVER
- RPL_SUMMONING
-
- Examples:
-
- SUMMON jto ; summon user jto on the server's host
-
- SUMMON jto tolsun.oulu.fi ; summon user jto on the host which a
- server named "tolsun.oulu.fi" is
- running.
-
-
-5.5 Users
-
- Command: USERS
- Parameters: [<server>]
-
-
-
-Oikarinen & Reed [Page 40]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- The USERS command returns a list of users logged into the server in a
- similar format to who(1), rusers(1) and finger(1). Some people
- may disable this command on their server for security related
- reasons. If disabled, the correct numeric must be returned to
- indicate this.
-
- Numeric Replies:
-
- ERR_NOSUCHSERVER ERR_FILEERROR
- RPL_USERSSTART RPL_USERS
- RPL_NOUSERS RPL_ENDOFUSERS
- ERR_USERSDISABLED
-
- Disabled Reply:
-
- ERR_USERSDISABLED
-
- Examples:
-
-USERS eff.org ; request a list of users logged in on
- server eff.org
-
-:John USERS tolsun.oulu.fi ; request from John for a list of users
- logged in on server tolsun.oulu.fi
-
-5.6 Operwall message
-
- Command: WALLOPS
- Parameters: Text to be sent to all operators currently online
-
- Sends a message to all operators currently online. After
- implementing WALLOPS as a user command it was found that it was
- often and commonly abused as a means of sending a message to a lot
- of people (much similar to WALL). Due to this it is recommended
- that the current implementation of WALLOPS be used as an
- example by allowing and recognising only servers as the senders of
- WALLOPS.
-
- Numeric Replies:
-
- ERR_NEEDMOREPARAMS
-
- Examples:
-
- :csd.bu.edu WALLOPS :Connect '*.uiuc.edu 6667' from Joshua; WALLOPS
- message from csd.bu.edu announcing a
- CONNECT message it received and acted
- upon from Joshua.
-
-
-
-Oikarinen & Reed [Page 41]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-5.7 Userhost message
-
- Command: USERHOST
- Parameters: <nickname>{<space><nickname>}
-
- The USERHOST command takes a list of up to 5 nicknames, each
- separated by a space character and returns a list of information
- about each nickname that it found. The returned list has each reply
- separated by a space.
-
- Numeric Replies:
-
- RPL_USERHOST ERR_NEEDMOREPARAMS
-
- Examples:
-
- USERHOST Wiz Michael Marty p ;USERHOST request for information on
- nicks "Wiz", "Michael", "Marty" and "p"
-
-5.8 Ison message
-
- Command: ISON
- Parameters: <nickname>{<space><nickname>}
-
- The ISON command was implemented to provide a quick and efficient
- means to get a response about whether a given nickname was currently
- on IRC. ISON only takes one (1) parameter: a space-separated list of
- nicks. For each nickname in the list that is present, the server
- adds that to its reply string. Thus the reply string may return
- empty (none of the given nicks are present), an exact copy of the
- parameter string (all of them present) or as any other subset of the
- set of nicks given in the parameter. The only limit on the number
- of nicks that may be checked is that the combined length must not be
- too large as to cause the server to chop it off so it fits in 512
- characters.
-
- ISON is only be processed by the server local to the client sending
- the command and thus not passed onto other servers for further
- processing.
-
- Numeric Replies:
-
- RPL_ISON ERR_NEEDMOREPARAMS
-
- Examples:
-
- ISON phone trillian WiZ jarlek Avalon Angel Monstah
- ; Sample ISON request for 7 nicks.
-
-
-
-Oikarinen & Reed [Page 42]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-6. REPLIES
-
- The following is a list of numeric replies which are generated in
- response to the commands given above. Each numeric is given with its
- number, name and reply string.
-
-6.1 Error Replies.
-
- 401 ERR_NOSUCHNICK
- "<nickname> :No such nick/channel"
-
- - Used to indicate the nickname parameter supplied to a
- command is currently unused.
-
- 402 ERR_NOSUCHSERVER
- "<server name> :No such server"
-
- - Used to indicate the server name given currently
- doesn't exist.
-
- 403 ERR_NOSUCHCHANNEL
- "<channel name> :No such channel"
-
- - Used to indicate the given channel name is invalid.
-
- 404 ERR_CANNOTSENDTOCHAN
- "<channel name> :Cannot send to channel"
-
- - Sent to a user who is either (a) not on a channel
- which is mode +n or (b) not a chanop (or mode +v) on
- a channel which has mode +m set and is trying to send
- a PRIVMSG message to that channel.
-
- 405 ERR_TOOMANYCHANNELS
- "<channel name> :You have joined too many \
- channels"
- - Sent to a user when they have joined the maximum
- number of allowed channels and they try to join
- another channel.
-
- 406 ERR_WASNOSUCHNICK
- "<nickname> :There was no such nickname"
-
- - Returned by WHOWAS to indicate there is no history
- information for that nickname.
-
- 407 ERR_TOOMANYTARGETS
- "<target> :Duplicate recipients. No message \
-
-
-
-Oikarinen & Reed [Page 43]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- delivered"
-
- - Returned to a client which is attempting to send a
- PRIVMSG/NOTICE using the user@host destination format
- and for a user@host which has several occurrences.
-
- 409 ERR_NOORIGIN
- ":No origin specified"
-
- - PING or PONG message missing the originator parameter
- which is required since these commands must work
- without valid prefixes.
-
- 411 ERR_NORECIPIENT
- ":No recipient given (<command>)"
- 412 ERR_NOTEXTTOSEND
- ":No text to send"
- 413 ERR_NOTOPLEVEL
- "<mask> :No toplevel domain specified"
- 414 ERR_WILDTOPLEVEL
- "<mask> :Wildcard in toplevel domain"
-
- - 412 - 414 are returned by PRIVMSG to indicate that
- the message wasn't delivered for some reason.
- ERR_NOTOPLEVEL and ERR_WILDTOPLEVEL are errors that
- are returned when an invalid use of
- "PRIVMSG $<server>" or "PRIVMSG #<host>" is attempted.
-
- 421 ERR_UNKNOWNCOMMAND
- "<command> :Unknown command"
-
- - Returned to a registered client to indicate that the
- command sent is unknown by the server.
-
- 422 ERR_NOMOTD
- ":MOTD File is missing"
-
- - Server's MOTD file could not be opened by the server.
-
- 423 ERR_NOADMININFO
- "<server> :No administrative info available"
-
- - Returned by a server in response to an ADMIN message
- when there is an error in finding the appropriate
- information.
-
- 424 ERR_FILEERROR
- ":File error doing <file op> on <file>"
-
-
-
-Oikarinen & Reed [Page 44]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- - Generic error message used to report a failed file
- operation during the processing of a message.
-
- 431 ERR_NONICKNAMEGIVEN
- ":No nickname given"
-
- - Returned when a nickname parameter expected for a
- command and isn't found.
-
- 432 ERR_ERRONEUSNICKNAME
- "<nick> :Erroneus nickname"
-
- - Returned after receiving a NICK message which contains
- characters which do not fall in the defined set. See
- section x.x.x for details on valid nicknames.
-
- 433 ERR_NICKNAMEINUSE
- "<nick> :Nickname is already in use"
-
- - Returned when a NICK message is processed that results
- in an attempt to change to a currently existing
- nickname.
-
- 436 ERR_NICKCOLLISION
- "<nick> :Nickname collision KILL"
-
- - Returned by a server to a client when it detects a
- nickname collision (registered of a NICK that
- already exists by another server).
-
- 441 ERR_USERNOTINCHANNEL
- "<nick> <channel> :They aren't on that channel"
-
- - Returned by the server to indicate that the target
- user of the command is not on the given channel.
-
- 442 ERR_NOTONCHANNEL
- "<channel> :You're not on that channel"
-
- - Returned by the server whenever a client tries to
- perform a channel effecting command for which the
- client isn't a member.
-
- 443 ERR_USERONCHANNEL
- "<user> <channel> :is already on channel"
-
- - Returned when a client tries to invite a user to a
- channel they are already on.
-
-
-
-Oikarinen & Reed [Page 45]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- 444 ERR_NOLOGIN
- "<user> :User not logged in"
-
- - Returned by the summon after a SUMMON command for a
- user was unable to be performed since they were not
- logged in.
-
- 445 ERR_SUMMONDISABLED
- ":SUMMON has been disabled"
-
- - Returned as a response to the SUMMON command. Must be
- returned by any server which does not implement it.
-
- 446 ERR_USERSDISABLED
- ":USERS has been disabled"
-
- - Returned as a response to the USERS command. Must be
- returned by any server which does not implement it.
-
- 451 ERR_NOTREGISTERED
- ":You have not registered"
-
- - Returned by the server to indicate that the client
- must be registered before the server will allow it
- to be parsed in detail.
-
- 461 ERR_NEEDMOREPARAMS
- "<command> :Not enough parameters"
-
- - Returned by the server by numerous commands to
- indicate to the client that it didn't supply enough
- parameters.
-
- 462 ERR_ALREADYREGISTRED
- ":You may not reregister"
-
- - Returned by the server to any link which tries to
- change part of the registered details (such as
- password or user details from second USER message).
-
-
- 463 ERR_NOPERMFORHOST
- ":Your host isn't among the privileged"
-
- - Returned to a client which attempts to register with
- a server which does not been setup to allow
- connections from the host the attempted connection
- is tried.
-
-
-
-Oikarinen & Reed [Page 46]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- 464 ERR_PASSWDMISMATCH
- ":Password incorrect"
-
- - Returned to indicate a failed attempt at registering
- a connection for which a password was required and
- was either not given or incorrect.
-
- 465 ERR_YOUREBANNEDCREEP
- ":You are banned from this server"
-
- - Returned after an attempt to connect and register
- yourself with a server which has been setup to
- explicitly deny connections to you.
-
- 467 ERR_KEYSET
- "<channel> :Channel key already set"
- 471 ERR_CHANNELISFULL
- "<channel> :Cannot join channel (+l)"
- 472 ERR_UNKNOWNMODE
- "<char> :is unknown mode char to me"
- 473 ERR_INVITEONLYCHAN
- "<channel> :Cannot join channel (+i)"
- 474 ERR_BANNEDFROMCHAN
- "<channel> :Cannot join channel (+b)"
- 475 ERR_BADCHANNELKEY
- "<channel> :Cannot join channel (+k)"
- 481 ERR_NOPRIVILEGES
- ":Permission Denied- You're not an IRC operator"
-
- - Any command requiring operator privileges to operate
- must return this error to indicate the attempt was
- unsuccessful.
-
- 482 ERR_CHANOPRIVSNEEDED
- "<channel> :You're not channel operator"
-
- - Any command requiring 'chanop' privileges (such as
- MODE messages) must return this error if the client
- making the attempt is not a chanop on the specified
- channel.
-
- 483 ERR_CANTKILLSERVER
- ":You cant kill a server!"
-
- - Any attempts to use the KILL command on a server
- are to be refused and this error returned directly
- to the client.
-
-
-
-
-Oikarinen & Reed [Page 47]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- 491 ERR_NOOPERHOST
- ":No O-lines for your host"
-
- - If a client sends an OPER message and the server has
- not been configured to allow connections from the
- client's host as an operator, this error must be
- returned.
-
- 501 ERR_UMODEUNKNOWNFLAG
- ":Unknown MODE flag"
-
- - Returned by the server to indicate that a MODE
- message was sent with a nickname parameter and that
- the a mode flag sent was not recognized.
-
- 502 ERR_USERSDONTMATCH
- ":Cant change mode for other users"
-
- - Error sent to any user trying to view or change the
- user mode for a user other than themselves.
-
-6.2 Command responses.
-
- 300 RPL_NONE
- Dummy reply number. Not used.
-
- 302 RPL_USERHOST
- ":[<reply>{<space><reply>}]"
-
- - Reply format used by USERHOST to list replies to
- the query list. The reply string is composed as
- follows:
-
- <reply> ::= <nick>['*'] '=' <'+'|'-'><hostname>
-
- The '*' indicates whether the client has registered
- as an Operator. The '-' or '+' characters represent
- whether the client has set an AWAY message or not
- respectively.
-
- 303 RPL_ISON
- ":[<nick> {<space><nick>}]"
-
- - Reply format used by ISON to list replies to the
- query list.
-
- 301 RPL_AWAY
- "<nick> :<away message>"
-
-
-
-Oikarinen & Reed [Page 48]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- 305 RPL_UNAWAY
- ":You are no longer marked as being away"
- 306 RPL_NOWAWAY
- ":You have been marked as being away"
-
- - These replies are used with the AWAY command (if
- allowed). RPL_AWAY is sent to any client sending a
- PRIVMSG to a client which is away. RPL_AWAY is only
- sent by the server to which the client is connected.
- Replies RPL_UNAWAY and RPL_NOWAWAY are sent when the
- client removes and sets an AWAY message.
-
- 311 RPL_WHOISUSER
- "<nick> <user> <host> * :<real name>"
- 312 RPL_WHOISSERVER
- "<nick> <server> :<server info>"
- 313 RPL_WHOISOPERATOR
- "<nick> :is an IRC operator"
- 317 RPL_WHOISIDLE
- "<nick> <integer> :seconds idle"
- 318 RPL_ENDOFWHOIS
- "<nick> :End of /WHOIS list"
- 319 RPL_WHOISCHANNELS
- "<nick> :{[@|+]<channel><space>}"
-
- - Replies 311 - 313, 317 - 319 are all replies
- generated in response to a WHOIS message. Given that
- there are enough parameters present, the answering
- server must either formulate a reply out of the above
- numerics (if the query nick is found) or return an
- error reply. The '*' in RPL_WHOISUSER is there as
- the literal character and not as a wild card. For
- each reply set, only RPL_WHOISCHANNELS may appear
- more than once (for long lists of channel names).
- The '@' and '+' characters next to the channel name
- indicate whether a client is a channel operator or
- has been granted permission to speak on a moderated
- channel. The RPL_ENDOFWHOIS reply is used to mark
- the end of processing a WHOIS message.
-
- 314 RPL_WHOWASUSER
- "<nick> <user> <host> * :<real name>"
- 369 RPL_ENDOFWHOWAS
- "<nick> :End of WHOWAS"
-
- - When replying to a WHOWAS message, a server must use
- the replies RPL_WHOWASUSER, RPL_WHOISSERVER or
- ERR_WASNOSUCHNICK for each nickname in the presented
-
-
-
-Oikarinen & Reed [Page 49]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- list. At the end of all reply batches, there must
- be RPL_ENDOFWHOWAS (even if there was only one reply
- and it was an error).
-
- 321 RPL_LISTSTART
- "Channel :Users Name"
- 322 RPL_LIST
- "<channel> <# visible> :<topic>"
- 323 RPL_LISTEND
- ":End of /LIST"
-
- - Replies RPL_LISTSTART, RPL_LIST, RPL_LISTEND mark
- the start, actual replies with data and end of the
- server's response to a LIST command. If there are
- no channels available to return, only the start
- and end reply must be sent.
-
- 324 RPL_CHANNELMODEIS
- "<channel> <mode> <mode params>"
-
- 331 RPL_NOTOPIC
- "<channel> :No topic is set"
- 332 RPL_TOPIC
- "<channel> :<topic>"
-
- - When sending a TOPIC message to determine the
- channel topic, one of two replies is sent. If
- the topic is set, RPL_TOPIC is sent back else
- RPL_NOTOPIC.
-
- 341 RPL_INVITING
- "<channel> <nick>"
-
- - Returned by the server to indicate that the
- attempted INVITE message was successful and is
- being passed onto the end client.
-
- 342 RPL_SUMMONING
- "<user> :Summoning user to IRC"
-
- - Returned by a server answering a SUMMON message to
- indicate that it is summoning that user.
-
- 351 RPL_VERSION
- "<version>.<debuglevel> <server> :<comments>"
-
- - Reply by the server showing its version details.
- The <version> is the version of the software being
-
-
-
-Oikarinen & Reed [Page 50]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- used (including any patchlevel revisions) and the
- <debuglevel> is used to indicate if the server is
- running in "debug mode".
-
- The "comments" field may contain any comments about
- the version or further version details.
-
- 352 RPL_WHOREPLY
- "<channel> <user> <host> <server> <nick> \
- <H|G>[*][@|+] :<hopcount> <real name>"
- 315 RPL_ENDOFWHO
- "<name> :End of /WHO list"
-
- - The RPL_WHOREPLY and RPL_ENDOFWHO pair are used
- to answer a WHO message. The RPL_WHOREPLY is only
- sent if there is an appropriate match to the WHO
- query. If there is a list of parameters supplied
- with a WHO message, a RPL_ENDOFWHO must be sent
- after processing each list item with <name> being
- the item.
-
- 353 RPL_NAMREPLY
- "<channel> :[[@|+]<nick> [[@|+]<nick> [...]]]"
- 366 RPL_ENDOFNAMES
- "<channel> :End of /NAMES list"
-
- - To reply to a NAMES message, a reply pair consisting
- of RPL_NAMREPLY and RPL_ENDOFNAMES is sent by the
- server back to the client. If there is no channel
- found as in the query, then only RPL_ENDOFNAMES is
- returned. The exception to this is when a NAMES
- message is sent with no parameters and all visible
- channels and contents are sent back in a series of
- RPL_NAMEREPLY messages with a RPL_ENDOFNAMES to mark
- the end.
-
- 364 RPL_LINKS
- "<mask> <server> :<hopcount> <server info>"
- 365 RPL_ENDOFLINKS
- "<mask> :End of /LINKS list"
-
- - In replying to the LINKS message, a server must send
- replies back using the RPL_LINKS numeric and mark the
- end of the list using an RPL_ENDOFLINKS reply.
-
- 367 RPL_BANLIST
- "<channel> <banid>"
- 368 RPL_ENDOFBANLIST
-
-
-
-Oikarinen & Reed [Page 51]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- "<channel> :End of channel ban list"
-
- - When listing the active 'bans' for a given channel,
- a server is required to send the list back using the
- RPL_BANLIST and RPL_ENDOFBANLIST messages. A separate
- RPL_BANLIST is sent for each active banid. After the
- banids have been listed (or if none present) a
- RPL_ENDOFBANLIST must be sent.
-
- 371 RPL_INFO
- ":<string>"
- 374 RPL_ENDOFINFO
- ":End of /INFO list"
-
- - A server responding to an INFO message is required to
- send all its 'info' in a series of RPL_INFO messages
- with a RPL_ENDOFINFO reply to indicate the end of the
- replies.
-
- 375 RPL_MOTDSTART
- ":- <server> Message of the day - "
- 372 RPL_MOTD
- ":- <text>"
- 376 RPL_ENDOFMOTD
- ":End of /MOTD command"
-
- - When responding to the MOTD message and the MOTD file
- is found, the file is displayed line by line, with
- each line no longer than 80 characters, using
- RPL_MOTD format replies. These should be surrounded
- by a RPL_MOTDSTART (before the RPL_MOTDs) and an
- RPL_ENDOFMOTD (after).
-
- 381 RPL_YOUREOPER
- ":You are now an IRC operator"
-
- - RPL_YOUREOPER is sent back to a client which has
- just successfully issued an OPER message and gained
- operator status.
-
- 382 RPL_REHASHING
- "<config file> :Rehashing"
-
- - If the REHASH option is used and an operator sends
- a REHASH message, an RPL_REHASHING is sent back to
- the operator.
-
- 391 RPL_TIME
-
-
-
-Oikarinen & Reed [Page 52]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- "<server> :<string showing server's local time>"
-
- - When replying to the TIME message, a server must send
- the reply using the RPL_TIME format above. The string
- showing the time need only contain the correct day and
- time there. There is no further requirement for the
- time string.
-
- 392 RPL_USERSSTART
- ":UserID Terminal Host"
- 393 RPL_USERS
- ":%-8s %-9s %-8s"
- 394 RPL_ENDOFUSERS
- ":End of users"
- 395 RPL_NOUSERS
- ":Nobody logged in"
-
- - If the USERS message is handled by a server, the
- replies RPL_USERSTART, RPL_USERS, RPL_ENDOFUSERS and
- RPL_NOUSERS are used. RPL_USERSSTART must be sent
- first, following by either a sequence of RPL_USERS
- or a single RPL_NOUSER. Following this is
- RPL_ENDOFUSERS.
-
- 200 RPL_TRACELINK
- "Link <version & debug level> <destination> \
- <next server>"
- 201 RPL_TRACECONNECTING
- "Try. <class> <server>"
- 202 RPL_TRACEHANDSHAKE
- "H.S. <class> <server>"
- 203 RPL_TRACEUNKNOWN
- "???? <class> [<client IP address in dot form>]"
- 204 RPL_TRACEOPERATOR
- "Oper <class> <nick>"
- 205 RPL_TRACEUSER
- "User <class> <nick>"
- 206 RPL_TRACESERVER
- "Serv <class> <int>S <int>C <server> \
- <nick!user|*!*>@<host|server>"
- 208 RPL_TRACENEWTYPE
- "<newtype> 0 <client name>"
- 261 RPL_TRACELOG
- "File <logfile> <debug level>"
-
- - The RPL_TRACE* are all returned by the server in
- response to the TRACE message. How many are
- returned is dependent on the the TRACE message and
-
-
-
-Oikarinen & Reed [Page 53]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- whether it was sent by an operator or not. There
- is no predefined order for which occurs first.
- Replies RPL_TRACEUNKNOWN, RPL_TRACECONNECTING and
- RPL_TRACEHANDSHAKE are all used for connections
- which have not been fully established and are either
- unknown, still attempting to connect or in the
- process of completing the 'server handshake'.
- RPL_TRACELINK is sent by any server which handles
- a TRACE message and has to pass it on to another
- server. The list of RPL_TRACELINKs sent in
- response to a TRACE command traversing the IRC
- network should reflect the actual connectivity of
- the servers themselves along that path.
- RPL_TRACENEWTYPE is to be used for any connection
- which does not fit in the other categories but is
- being displayed anyway.
-
- 211 RPL_STATSLINKINFO
- "<linkname> <sendq> <sent messages> \
- <sent bytes> <received messages> \
- <received bytes> <time open>"
- 212 RPL_STATSCOMMANDS
- "<command> <count>"
- 213 RPL_STATSCLINE
- "C <host> * <name> <port> <class>"
- 214 RPL_STATSNLINE
- "N <host> * <name> <port> <class>"
- 215 RPL_STATSILINE
- "I <host> * <host> <port> <class>"
- 216 RPL_STATSKLINE
- "K <host> * <username> <port> <class>"
- 218 RPL_STATSYLINE
- "Y <class> <ping frequency> <connect \
- frequency> <max sendq>"
- 219 RPL_ENDOFSTATS
- "<stats letter> :End of /STATS report"
- 241 RPL_STATSLLINE
- "L <hostmask> * <servername> <maxdepth>"
- 242 RPL_STATSUPTIME
- ":Server Up %d days %d:%02d:%02d"
- 243 RPL_STATSOLINE
- "O <hostmask> * <name>"
- 244 RPL_STATSHLINE
- "H <hostmask> * <servername>"
-
- 221 RPL_UMODEIS
- "<user mode string>"
-
-
-
-
-Oikarinen & Reed [Page 54]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- - To answer a query about a client's own mode,
- RPL_UMODEIS is sent back.
-
- 251 RPL_LUSERCLIENT
- ":There are <integer> users and <integer> \
- invisible on <integer> servers"
- 252 RPL_LUSEROP
- "<integer> :operator(s) online"
- 253 RPL_LUSERUNKNOWN
- "<integer> :unknown connection(s)"
- 254 RPL_LUSERCHANNELS
- "<integer> :channels formed"
- 255 RPL_LUSERME
- ":I have <integer> clients and <integer> \
- servers"
-
- - In processing an LUSERS message, the server
- sends a set of replies from RPL_LUSERCLIENT,
- RPL_LUSEROP, RPL_USERUNKNOWN,
- RPL_LUSERCHANNELS and RPL_LUSERME. When
- replying, a server must send back
- RPL_LUSERCLIENT and RPL_LUSERME. The other
- replies are only sent back if a non-zero count
- is found for them.
-
- 256 RPL_ADMINME
- "<server> :Administrative info"
- 257 RPL_ADMINLOC1
- ":<admin info>"
- 258 RPL_ADMINLOC2
- ":<admin info>"
- 259 RPL_ADMINEMAIL
- ":<admin info>"
-
- - When replying to an ADMIN message, a server
- is expected to use replies RLP_ADMINME
- through to RPL_ADMINEMAIL and provide a text
- message with each. For RPL_ADMINLOC1 a
- description of what city, state and country
- the server is in is expected, followed by
- details of the university and department
- (RPL_ADMINLOC2) and finally the administrative
- contact for the server (an email address here
- is required) in RPL_ADMINEMAIL.
-
-
-
-
-
-
-
-Oikarinen & Reed [Page 55]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-6.3 Reserved numerics.
-
- These numerics are not described above since they fall into one of
- the following categories:
-
- 1. no longer in use;
-
- 2. reserved for future planned use;
-
- 3. in current use but are part of a non-generic 'feature' of
- the current IRC server.
-
- 209 RPL_TRACECLASS 217 RPL_STATSQLINE
- 231 RPL_SERVICEINFO 232 RPL_ENDOFSERVICES
- 233 RPL_SERVICE 234 RPL_SERVLIST
- 235 RPL_SERVLISTEND
- 316 RPL_WHOISCHANOP 361 RPL_KILLDONE
- 362 RPL_CLOSING 363 RPL_CLOSEEND
- 373 RPL_INFOSTART 384 RPL_MYPORTIS
- 466 ERR_YOUWILLBEBANNED 476 ERR_BADCHANMASK
- 492 ERR_NOSERVICEHOST
-
-7. Client and server authentication
-
- Clients and servers are both subject to the same level of
- authentication. For both, an IP number to hostname lookup (and
- reverse check on this) is performed for all connections made to the
- server. Both connections are then subject to a password check (if
- there is a password set for that connection). These checks are
- possible on all connections although the password check is only
- commonly used with servers.
-
- An additional check that is becoming of more and more common is that
- of the username responsible for making the connection. Finding the
- username of the other end of the connection typically involves
- connecting to an authentication server such as IDENT as described in
- RFC 1413.
-
- Given that without passwords it is not easy to reliably determine who
- is on the other end of a network connection, use of passwords is
- strongly recommended on inter-server connections in addition to any
- other measures such as using an ident server.
-
-8. Current implementations
-
- The only current implementation of this protocol is the IRC server,
- version 2.8. Earlier versions may implement some or all of the
- commands described by this document with NOTICE messages replacing
-
-
-
-Oikarinen & Reed [Page 56]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- many of the numeric replies. Unfortunately, due to backward
- compatibility requirements, the implementation of some parts of this
- document varies with what is laid out. On notable difference is:
-
- * recognition that any LF or CR anywhere in a message marks the
- end of that message (instead of requiring CR-LF);
-
- The rest of this section deals with issues that are mostly of
- importance to those who wish to implement a server but some parts
- also apply directly to clients as well.
-
-8.1 Network protocol: TCP - why it is best used here.
-
- IRC has been implemented on top of TCP since TCP supplies a reliable
- network protocol which is well suited to this scale of conferencing.
- The use of multicast IP is an alternative, but it is not widely
- available or supported at the present time.
-
-8.1.1 Support of Unix sockets
-
- Given that Unix domain sockets allow listen/connect operations, the
- current implementation can be configured to listen and accept both
- client and server connections on a Unix domain socket. These are
- recognized as sockets where the hostname starts with a '/'.
-
- When providing any information about the connections on a Unix domain
- socket, the server is required to supplant the actual hostname in
- place of the pathname unless the actual socket name is being asked
- for.
-
-8.2 Command Parsing
-
- To provide useful 'non-buffered' network IO for clients and servers,
- each connection is given its own private 'input buffer' in which the
- results of the most recent read and parsing are kept. A buffer size
- of 512 bytes is used so as to hold 1 full message, although, this
- will usually hold several commands. The private buffer is parsed
- after every read operation for valid messages. When dealing with
- multiple messages from one client in the buffer, care should be taken
- in case one happens to cause the client to be 'removed'.
-
-8.3 Message delivery
-
- It is common to find network links saturated or hosts to which you
- are sending data unable to send data. Although Unix typically
- handles this through the TCP window and internal buffers, the server
- often has large amounts of data to send (especially when a new
- server-server link forms) and the small buffers provided in the
-
-
-
-Oikarinen & Reed [Page 57]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- kernel are not enough for the outgoing queue. To alleviate this
- problem, a "send queue" is used as a FIFO queue for data to be sent.
- A typical "send queue" may grow to 200 Kbytes on a large IRC network
- with a slow network connection when a new server connects.
-
- When polling its connections, a server will first read and parse all
- incoming data, queuing any data to be sent out. When all available
- input is processed, the queued data is sent. This reduces the number
- of write() system calls and helps TCP make bigger packets.
-
-8.4 Connection 'Liveness'
-
- To detect when a connection has died or become unresponsive, the
- server must ping each of its connections that it doesn't get a
- response from in a given amount of time.
-
- If a connection doesn't respond in time, its connection is closed
- using the appropriate procedures. A connection is also dropped if
- its sendq grows beyond the maximum allowed, because it is better to
- close a slow connection than have a server process block.
-
-8.5 Establishing a server to client connection
-
- Upon connecting to an IRC server, a client is sent the MOTD (if
- present) as well as the current user/server count (as per the LUSER
- command). The server is also required to give an unambiguous message
- to the client which states its name and version as well as any other
- introductory messages which may be deemed appropriate.
-
- After dealing with this, the server must then send out the new user's
- nickname and other information as supplied by itself (USER command)
- and as the server could discover (from DNS/authentication servers).
- The server must send this information out with NICK first followed by
- USER.
-
-8.6 Establishing a server-server connection.
-
- The process of establishing of a server-to-server connection is
- fraught with danger since there are many possible areas where
- problems can occur - the least of which are race conditions.
-
- After a server has received a connection following by a PASS/SERVER
- pair which were recognised as being valid, the server should then
- reply with its own PASS/SERVER information for that connection as
- well as all of the other state information it knows about as
- described below.
-
- When the initiating server receives a PASS/SERVER pair, it too then
-
-
-
-Oikarinen & Reed [Page 58]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- checks that the server responding is authenticated properly before
- accepting the connection to be that server.
-
-8.6.1 Server exchange of state information when connecting
-
- The order of state information being exchanged between servers is
- essential. The required order is as follows:
-
- * all known other servers;
-
- * all known user information;
-
- * all known channel information.
-
- Information regarding servers is sent via extra SERVER messages, user
- information with NICK/USER/MODE/JOIN messages and channels with MODE
- messages.
-
- NOTE: channel topics are *NOT* exchanged here because the TOPIC
- command overwrites any old topic information, so at best, the two
- sides of the connection would exchange topics.
-
- By passing the state information about servers first, any collisions
- with servers that already exist occur before nickname collisions due
- to a second server introducing a particular nickname. Due to the IRC
- network only being able to exist as an acyclic graph, it may be
- possible that the network has already reconnected in another
- location, the place where the collision occurs indicating where the
- net needs to split.
-
-8.7 Terminating server-client connections
-
- When a client connection closes, a QUIT message is generated on
- behalf of the client by the server to which the client connected. No
- other message is to be generated or used.
-
-8.8 Terminating server-server connections
-
- If a server-server connection is closed, either via a remotely
- generated SQUIT or 'natural' causes, the rest of the connected IRC
- network must have its information updated with by the server which
- detected the closure. The server then sends a list of SQUITs (one
- for each server behind that connection) and a list of QUITs (again,
- one for each client behind that connection).
-
-
-
-
-
-
-
-Oikarinen & Reed [Page 59]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-8.9 Tracking nickname changes
-
- All IRC servers are required to keep a history of recent nickname
- changes. This is required to allow the server to have a chance of
- keeping in touch of things when nick-change race conditions occur
- with commands which manipulate them. Commands which must trace nick
- changes are:
-
- * KILL (the nick being killed)
-
- * MODE (+/- o,v)
-
- * KICK (the nick being kicked)
-
- No other commands are to have nick changes checked for.
-
- In the above cases, the server is required to first check for the
- existence of the nickname, then check its history to see who that
- nick currently belongs to (if anyone!). This reduces the chances of
- race conditions but they can still occur with the server ending up
- affecting the wrong client. When performing a change trace for an
- above command it is recommended that a time range be given and
- entries which are too old ignored.
-
- For a reasonable history, a server should be able to keep previous
- nickname for every client it knows about if they all decided to
- change. This size is limited by other factors (such as memory, etc).
-
-8.10 Flood control of clients
-
- With a large network of interconnected IRC servers, it is quite easy
- for any single client attached to the network to supply a continuous
- stream of messages that result in not only flooding the network, but
- also degrading the level of service provided to others. Rather than
- require every 'victim' to be provide their own protection, flood
- protection was written into the server and is applied to all clients
- except services. The current algorithm is as follows:
-
- * check to see if client's `message timer' is less than
- current time (set to be equal if it is);
-
- * read any data present from the client;
-
- * while the timer is less than ten seconds ahead of the current
- time, parse any present messages and penalize the client by
- 2 seconds for each message;
-
- which in essence means that the client may send 1 message every 2
-
-
-
-Oikarinen & Reed [Page 60]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- seconds without being adversely affected.
-
-8.11 Non-blocking lookups
-
- In a real-time environment, it is essential that a server process do
- as little waiting as possible so that all the clients are serviced
- fairly. Obviously this requires non-blocking IO on all network
- read/write operations. For normal server connections, this was not
- difficult, but there are other support operations that may cause the
- server to block (such as disk reads). Where possible, such activity
- should be performed with a short timeout.
-
-8.11.1 Hostname (DNS) lookups
-
- Using the standard resolver libraries from Berkeley and others has
- meant large delays in some cases where replies have timed out. To
- avoid this, a separate set of DNS routines were written which were
- setup for non-blocking IO operations and then polled from within the
- main server IO loop.
-
-8.11.2 Username (Ident) lookups
-
- Although there are numerous ident libraries for use and inclusion
- into other programs, these caused problems since they operated in a
- synchronous manner and resulted in frequent delays. Again the
- solution was to write a set of routines which would cooperate with
- the rest of the server and work using non-blocking IO.
-
-8.12 Configuration File
-
- To provide a flexible way of setting up and running the server, it is
- recommended that a configuration file be used which contains
- instructions to the server on the following:
-
- * which hosts to accept client connections from;
-
- * which hosts to allow to connect as servers;
-
- * which hosts to connect to (both actively and
- passively);
-
- * information about where the server is (university,
- city/state, company are examples of this);
-
- * who is responsible for the server and an email address
- at which they can be contacted;
-
- * hostnames and passwords for clients which wish to be given
-
-
-
-Oikarinen & Reed [Page 61]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- access to restricted operator commands.
-
- In specifying hostnames, both domain names and use of the 'dot'
- notation (127.0.0.1) should both be accepted. It must be possible to
- specify the password to be used/accepted for all outgoing and
- incoming connections (although the only outgoing connections are
- those to other servers).
-
- The above list is the minimum requirement for any server which wishes
- to make a connection with another server. Other items which may be
- of use are:
-
- * specifying which servers other server may introduce;
-
- * how deep a server branch is allowed to become;
-
- * hours during which clients may connect.
-
-8.12.1 Allowing clients to connect
-
- A server should use some sort of 'access control list' (either in the
- configuration file or elsewhere) that is read at startup and used to
- decide what hosts clients may use to connect to it.
-
- Both 'deny' and 'allow' should be implemented to provide the required
- flexibility for host access control.
-
-8.12.2 Operators
-
- The granting of operator privileges to a disruptive person can have
- dire consequences for the well-being of the IRC net in general due to
- the powers given to them. Thus, the acquisition of such powers
- should not be very easy. The current setup requires two 'passwords'
- to be used although one of them is usually easy guessed. Storage of
- oper passwords in configuration files is preferable to hard coding
- them in and should be stored in a crypted format (ie using crypt(3)
- from Unix) to prevent easy theft.
-
-8.12.3 Allowing servers to connect
-
- The interconnection of server is not a trivial matter: a bad
- connection can have a large impact on the usefulness of IRC. Thus,
- each server should have a list of servers to which it may connect and
- which servers may connect to it. Under no circumstances should a
- server allow an arbitrary host to connect as a server. In addition
- to which servers may and may not connect, the configuration file
- should also store the password and other characteristics of that
- link.
-
-
-
-Oikarinen & Reed [Page 62]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-8.12.4 Administrivia
-
- To provide accurate and valid replies to the ADMIN command (see
- section 4.3.7), the server should find the relevant details in the
- configuration.
-
-8.13 Channel membership
-
- The current server allows any registered local user to join upto 10
- different channels. There is no limit imposed on non-local users so
- that the server remains (reasonably) consistant with all others on a
- channel membership basis
-
-9. Current problems
-
- There are a number of recognized problems with this protocol, all of
- which hope to be solved sometime in the near future during its
- rewrite. Currently, work is underway to find working solutions to
- these problems.
-
-9.1 Scalability
-
- It is widely recognized that this protocol does not scale
- sufficiently well when used in a large arena. The main problem comes
- from the requirement that all servers know about all other servers
- and users and that information regarding them be updated as soon as
- it changes. It is also desirable to keep the number of servers low
- so that the path length between any two points is kept minimal and
- the spanning tree as strongly branched as possible.
-
-9.2 Labels
-
- The current IRC protocol has 3 types of labels: the nickname, the
- channel name and the server name. Each of the three types has its
- own domain and no duplicates are allowed inside that domain.
- Currently, it is possible for users to pick the label for any of the
- three, resulting in collisions. It is widely recognized that this
- needs reworking, with a plan for unique names for channels and nicks
- that don't collide being desirable as well as a solution allowing a
- cyclic tree.
-
-9.2.1 Nicknames
-
- The idea of the nickname on IRC is very convenient for users to use
- when talking to each other outside of a channel, but there is only a
- finite nickname space and being what they are, its not uncommon for
- several people to want to use the same nick. If a nickname is chosen
- by two people using this protocol, either one will not succeed or
-
-
-
-Oikarinen & Reed [Page 63]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
- both will removed by use of KILL (4.6.1).
-
-9.2.2 Channels
-
- The current channel layout requires that all servers know about all
- channels, their inhabitants and properties. Besides not scaling
- well, the issue of privacy is also a concern. A collision of
- channels is treated as an inclusive event (both people who create the
- new channel are considered to be members of it) rather than an
- exclusive one such as used to solve nickname collisions.
-
-9.2.3 Servers
-
- Although the number of servers is usually small relative to the
- number of users and channels, they two currently required to be known
- globally, either each one separately or hidden behind a mask.
-
-9.3 Algorithms
-
- In some places within the server code, it has not been possible to
- avoid N^2 algorithms such as checking the channel list of a set
- of clients.
-
- In current server versions, there are no database consistency checks,
- each server assumes that a neighbouring server is correct. This
- opens the door to large problems if a connecting server is buggy or
- otherwise tries to introduce contradictions to the existing net.
-
- Currently, because of the lack of unique internal and global labels,
- there are a multitude of race conditions that exist. These race
- conditions generally arise from the problem of it taking time for
- messages to traverse and effect the IRC network. Even by changing to
- unique labels, there are problems with channel-related commands being
- disrupted.
-
-10. Current support and availability
-
- Mailing lists for IRC related discussion:
- Future protocol: ircd-three-request@eff.org
- General discussion: operlist-request@eff.org
-
- Software implemenations
- cs.bu.edu:/irc
- nic.funet.fi:/pub/irc
- coombs.anu.edu.au:/pub/irc
-
- Newsgroup: alt.irc
-
-
-
-
-Oikarinen & Reed [Page 64]
-
-RFC 1459 Internet Relay Chat Protocol May 1993
-
-
-Security Considerations
-
- Security issues are discussed in sections 4.1, 4.1.1, 4.1.3, 5.5, and
- 7.
-
-12. Authors' Addresses
-
- Jarkko Oikarinen
- Tuirantie 17 as 9
- 90500 OULU
- FINLAND
-
- Email: jto@tolsun.oulu.fi
-
-
- Darren Reed
- 4 Pateman Street
- Watsonia, Victoria 3087
- Australia
-
- Email: avalon@coombs.anu.edu.au
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Oikarinen & Reed [Page 65]
- \ No newline at end of file
diff --git a/docs/sql/sqloper.mysql.sql b/docs/sql/sqloper.mysql.sql
new file mode 100644
index 000000000..a8a2b7e1d
--- /dev/null
+++ b/docs/sql/sqloper.mysql.sql
@@ -0,0 +1,12 @@
+CREATE TABLE ircd_opers (
+ id bigint(20) NOT NULL auto_increment,
+ name text NOT NULL,
+ password text NOT NULL,
+ hash text,
+ host text NOT NULL,
+ type text NOT NULL,
+ fingerprint text,
+ autologin tinyint(1) NOT NULL DEFAULT 0,
+ active tinyint(1) NOT NULL DEFAULT 1,
+ PRIMARY KEY (id)
+) ENGINE=MyISAM;
diff --git a/docs/sql/sqloper.pgsql.sql b/docs/sql/sqloper.pgsql.sql
new file mode 100644
index 000000000..0b3cdb8dc
--- /dev/null
+++ b/docs/sql/sqloper.pgsql.sql
@@ -0,0 +1,13 @@
+CREATE TABLE ircd_opers (
+ "id" serial NOT NULL,
+ "name" text NOT NULL,
+ "password" text NOT NULL,
+ "hash" text,
+ "host" text NOT NULL,
+ "type" text NOT NULL,
+ "fingerprint" text,
+ "autologin" boolean NOT NULL DEFAULT 0,
+ "active" boolean NOT NULL DEFAULT 1
+);
+ALTER TABLE ONLY ircd_opers
+ ADD CONSTRAINT ircd_opers_pkey PRIMARY KEY (id);
diff --git a/docs/sql/sqloper.sqlite3.sql b/docs/sql/sqloper.sqlite3.sql
new file mode 100644
index 000000000..6aec5a118
--- /dev/null
+++ b/docs/sql/sqloper.sqlite3.sql
@@ -0,0 +1,10 @@
+CREATE TABLE ircd_opers (
+id integer primary key,
+name text NOT NULL,
+password text NOT NULL,
+hash text,
+host text NOT NULL,
+type text NOT NULL,
+fingerprint text,
+autologin integer NOT NULL DEFAULT 0,
+active integer NOT NULL DEFAULT 1);