# Default AfterNET config file # Created by Rubin, 4/4/2006 # # Overview: # All configuration options start with a letter identifying the option, # and a colon separated list of options. Unused fields should be left # blank (some need *). # # AfterNET Admins need only modify M,A,O and P lines, and configure # linesync. You can optionally imploy additional Y lines, and I lines # to make different classes for your users, and setup S: lines to hide # an IP. # # Please note that when ircd puts the configuration lines into practice, # it parses them exactly the other way round than they are listed here. # It reads the lines from bottom to top. # # There is a difference between the "hostname" and the "server name" # of the machine that the server is run on. For example, the host can # have "veer.cs.vu.nl" as its real hostname, and # "Amsterdam.NL.AfterNET.Org" as server name. # # A "server mask" is something like "*.EU.UnderNet.org", which is # matched by "Amsterdam.NL.EU.undernet.org" but not by # "Manhattan.KS.US.undernet.org". # [M:line] # # First some information about the server. # M::::: # # IMPORTANT: *If* your system has more than one IP address, you need to # tell the ircd which one outgoing connections should come from. # If you have only one interface to the internet, you may comment this: F:VIRTUAL_HOST:TRUE # # If above is uncommented (TRUE) then must contain a valid # IPv4 address in dotted quad notation. (192.168.0.1) The address MUST be # the address of a physical interface on the host. This address is used for # outgoing connections only! See P:lines for listener virtual hosting. # Put * otherwise. # # You need to obtain that is unique on the network. It is # not updated on a rehash. M:Newserver.US.AfterNET.Org:*:US Client Server::01 # [A:line] # # This sets information that can be retrieved with the /ADMIN command. # It should contain at least an admin Email contact address. # A::: A:Acme Inc:AfterNET IRC Network:IRC Admin # [Y:lines] # # All connections to the server are associated with a certain "connection # class", be they incoming or outgoing (initiated by the server), be they # clients, servers or Martians. (Note that ircd doesn't have direct support # for Martians (yet?); they will have to register as normal users. ;-) # Take the following Y: lines only as a guide. # Y::::: # # applies only to servers, and specifies the frequency # that the server tries to autoconnect. setting this to 0 will cause # the server to attempt to connect repeatedly with no delay until the # condition is satisfied. This is a Bad Thing(tm). # # should be set at either 0 or 1. # # Server classes: 90 = all your uplinks for who you do not wish to hub; # 80 = leaf servers (only used if your server is a hub) Y:90:90:300:1:9000000 Y:80:90:300:0:9000000 # Client classes. 10 = locals; 2 = for all .net and .com that are not # in Europe; 1 = for everybody. Y:10:90:0:100:160000 Y:2:90:0:5:80000 Y:1:90:0:4000:160000 # [I:lines] # # To allow clients to connect, they need authorization. This can be # done based on hostmask, address mask, and/or with a password. # With intelligent use of classes and the maxconnections field in the # Y: lines, you can let in a specific domain, but get rid of all other # domains in the same toplevel, thus setting up some sort of "reverse # K: line". # I::::: # # Technical description (for examples, see below): # For every connecting client, the IP address is known. A reverse lookup # on this IP-number is done to get the (/all) hostname(s). # Each hostname that belongs to this IP-number is matched to , # and the I: line is used when any matches; the client will then show # with this particular hostname. If none of the hostnames match, then # the IP-number is matched against the field, if this matches # then the I: line is used nevertheless and the client will show with the # first (main) hostname if any; if the IP-number did not resolve then the # client will show with the dot notation of the IP-number. # There is a special case for the UNIX domain sockets and localhost connections # though; in this case the field is compared with the # name of the server (thus not with any IP-number representation). The name # of the server is the one returned in the numeric 002 reply, for example: # 002 Your host is 2.undernet.org[jolan.ppro], running version ... # Then the "jolan.ppro" is the name used for matching. # Therefore, unix domain sockets, and connections to localhost would # match this I: line: # I:jolan.ppro::foobar::1 # Finally, I: lines with empty or fields are skipped. # # This is the "fallback" entry. All .uk, .nl, and all unresolved are # in these two lines. # By using two different lines, multiple connections from a single IP # are only allowed from hostnames which have both valid forward and # reverse DNS mappings. #I:*@*:1:Unresolved::1 #I:Resolved::*@*::1 # If you don't want unresolved dudes to be able to connect to your # server, use just: # I:NotMatchingCrap::*@*::1 # # Here, take care of all American ISPs. # I:Resolved::*@*.com::2 # I:Resolved::*@*.net::2 # Now list all the .com / .net domains that you wish to have access... # actually it's less work to do it this way than to do it the other # way around - K: lining every single ISP in the US. # I wish people in Holland just got a .nl domain, and not try to be # cool and use .com... #I:Resolved::*@*.wirehub.net::1 #I:Resolved::*@*.planete.net::1 #I:Resolved::*@*.ivg.com::1 #I:Resolved::*@*.ib.com::1 #I:Resolved::*@*.ibm.net::1 #I:Resolved::*@*.hydro.com::1 #I:Resolved::*@*.NL.net::1 # You can request a more complete listing, including the "list of standard # K-lines" from the Routing Committee; it will also be sent to you if # you apply for a server and get accepted. # # Ourselves - this makes sure that we can get in, no matter how full # the server is (hopefully). #I:*@24.*::*@*.rr.com::10 # You can put a digit (0..9) in the password field, which will make ircd # only accept a client when the total number of connections to the network # from the same IP number doesn't exceed this number. # The following example would accept at most one connection per IP number # from "*.swipnet.se" and at most two connections from dial up accounts # that have "dial??.*" as host mask: # I:Resolved:1:*@*.swipnet.se::1 # I:Resolved:2:*@dial??.*::1 # # If you are not worried about who connects, this line will allow everyone # to connect. I:*::*::1 # [T:lines] # # It is possible to show a different Message of the Day to a connecting # client depending on its origin. # T:: # or: # T:: # # DPATH/net_com.motd contains a special MOTD where users are encouraged # to register their domains and get their own I: lines if they're in # Europe, or move to US.UnderNet.org if they're in the USA. #T:*.net:net_com.motd #T:*.com:net_com.motd #T:2:net_com.motd # A different MOTD for ourselves, where we point out that the helpdesk # better not be bothered with questions regarding irc... # T:*.london.ac.uk:london.motd # [K:lines] # # While running your server, you will most probably encounter individuals # or groups of persons that you do not wish to have access to your server. # # Usually this is handled via network services ("G-lines") but in limited # cases you just want them off YOUR server. *NOTE* If you ban a lot of # people here, without an acceptable reason, you may be removed from # DNS rotation. Use this sparringly. # # For this purpose, the ircd understands "kill lines". # K::"": # # It is possible to use a file as comment for the ban. # K::!: # # The default reason is: "You are banned from this server" # Note that K: lines are local to the server; if you ban a person or a # whole domain from your server, they can get on IRC via any other server # that doesn't have them K: lined (yet). # # With a simple comment, using quotes: #K:*.au:"Please use a nearer server":* #K:*.edu:"Please use a nearer server":* # With a file, prepending a '!' before the filename. # The file can contain for example, a reason, a link to the # server rules and a contact address. #K:unixbox.flooder.co.uk:!kline/youflooded.txt:*luser # # IP-based kill lines are designated with a lowercase 'k'. These lines # use the same format as normal K: lines, except they apply to all hosts, # even if an IP address has a properly resolving host name. #k:192.168.*:!klines/martians:* # Additionally, you may specify a hostmask prefixed with $R to indicate # a match should be performed against the "real-name" / "info" field # instead of the host/IP. #K:$R*sub7*:"You are infected with a Trojan":* # [O:lines] # # Inevitably, you have reached the part about "IRC Operators". Oper status # grants some special privileges to a user, like the power to make the # server break or (try to) establish a connection with another server, # and to "kill" users off IRC. # # AfterNET - Before you may add an oper, you must announce your intentions # to the mailing list and wait a day or two to see if anyone has an objection. # You may add any opers who were listed on your server application right away. # (and of course, yourself) http://www.afternet.org/operguidelines # # O::::: # # If you need a tool to encrypt your password, there is a utility in the ircd: # in the tools folder, compile it with 'gcc -o mkpasswd mkpasswd.c -lcrpyt' # then execute ./mkpasswd #O:*@*.cs.vu.nl:VRKLKuGKn0jLs:Niels::10 # Note that the 10 references Y:10 above. # # Once you OPER your connection class changes no matter where you are or # your previous connection classes. If the defined connection class is 10 # for the O:line, then your new connection class is 10. # Y:10:90:0:100:160000 # [S:lines] # # These make a 'spoof' host on IRC, either by command, or automatically # for a givin host/ip mask. You may only use impossible, or domains # whose owner has granted you permission. (eg, microsoft.com is NOT OK, # but microsoft.sucks is OK) # # S:::<*.host.cc|a.b.c.*|CIDR>: # A hostname to be spoofed # A password for this spoof host. Used if SETHOST_USER is enabled. # A hostmask for matching against users that are to be auto # spoofed. Used if SETHOST_AUTO is enabled. Can be of form: # host.domain.cc, 127.0.0.1 or 127.0.0.0/24, supports wildcards # for non-CIDR. # A mask for matching against the user's ident reply. # # #S:newbie.oper::*yourdomain.net:john # Oper sethost for 'moo.fish.moo' #S:moo.fish.moo::: # User & Oper sethost for 'moo.fish.moo' #S:moo.fish.moo:elitepassword:: # Oper sethost for 'moo.fish.moo' with auto on 'ident@*.example.com" #S:moo.fish.moo::*.example.com:ident # Oper sethost for 'moo.fish.moo' with auto on 'user*@*.example.com" #S:moo.fish.moo::*.example.com:user* # [P:lines] # # P lines define what ports the server listens for users and servers on. # # P:::<[CES][H]>: # # The hostmask setting allows you to specify a range of IP addresses that # you will allow connections from. This should only contain IP addresses # and '*' if used. This field only uses IP addresses. This does not use # DNS in any way so you can't use it to allow *.nl or *.uk. Attempting # to specify anything other than numbers, dots and stars [0-9.*] will result # in the port allowing connections from anyone. # # The interface setting allows multiply homed hosts to specify which # network interface to use on a port by port basis, if an interface is not # specified the default interface will be used. The interface MUST be the # complete IP address for a real hardware interface on the machine running # ircd. If you want to use virtual hosting *YOU* *MUST* *USE* *THIS* otherwise it # WILL bind to all interfaces - not what most people seem to expect. # # The [CES][H] field is to specify that a port is a # server port or a client port and whether it's hidden or not. # If used the first character MUST be either a C, E, or S. # If you want to hide a port from /stats p from non-opers follow the C # or S with an H # # C = Client (Ports 6660-6669) # E = Encrypted SSL (Port 7000) # S = Server (Port 4400) # # Encrypted SSL connections are for client connections ONLY! # # P:::<[CES][H]>: # # AfterNET _REQUIRES_ server port 4400: P::*:S:4400 # AfterNET _REQUIRES the following client ports: P::*:C:60667 P::*:C:6667 P::*:C:7000 P::*:E:9998 # This is a client port, listening on the interface associated # with the IP address 168.8.21.107 (port 6666) #P:*:168.8.21.107:C:6666 # [F:lines] # # IRC servers have a large number of options and features. Most of these # are set at compile time through the use of #define's--see "make config" # for more details--but we are working to move many of these into the # configuration file. Feature lines are the hook we're using for this. # F: