Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
help:technical:ircd [2012/01/26 19:25]
voice Adding byacc to the packages list, otherwise Debian systems will refuse to compile Nefarious.
help:technical:ircd [2020/05/19 10:58] (current)
rubin [gitsync]
Line 3: Line 3:
 ssh into your server. ssh into your server.
  
-Then run: 
-  svn co https://evilnet.svn.sourceforge.net/svnroot/evilnet/branches/nefarious-1.3/ 
  
-The system will begin to download the latest version of the nefarious ircu. 
  
 Before we continue, we'd like to make sure you have the packages needed for a successful install. Before we continue, we'd like to make sure you have the packages needed for a successful install.
Line 18: Line 15:
   libpcre3-dev   libpcre3-dev
   byacc   byacc
 +  gawk 
 +  
 The named packages above can be fetched (on a Debian based system) with apt-get: The named packages above can be fetched (on a Debian based system) with apt-get:
  
-  sudo apt-get install openssl libssl-dev autoconf automake flex libpcre3-dev byacc+  sudo apt-get install git openssl libssl-dev autoconf automake flex libpcre3-dev byacc gawk
  
 Note: The names of the packages above may vary, depending on your distribution. Note: The names of the packages above may vary, depending on your distribution.
 +
 +run:
 +  git clone https://github.com/evilnet/nefarious2.git
 +
 +The system will begin to download the latest version of the nefarious ircu.
  
 With that said, we now move on to getting the server up and running. With that said, we now move on to getting the server up and running.
  
-  cd nefarious-1.3+  cd nefarious2
  
 For your own convenience, we recommend using one centralized directory when running the configure script (it's up to you though). ssl is enabled now by default. The following will install everything into $HOME/ircd/ For your own convenience, we recommend using one centralized directory when running the configure script (it's up to you though). ssl is enabled now by default. The following will install everything into $HOME/ircd/
Line 75: Line 78:
 read the unix manual to crontab for more information. read the unix manual to crontab for more information.
  
-===== Please install the following cronjobs: =====+====== Install iauthd.pl ======
  
-==== linesync ==== +iauthd provides for DNSBL blocking to protect us from drones. This script is include in the source nefarious2 was created when cloning the git repository to your server. 
-linesync updates your server twice a day with the latest k: lines, features, and server connection info. It is required. You should receive it from us when your testlink is approved([[:opers:admin|Opers can get it here...]])+ 
 +Requirements: 
 + 
 +You will need to install some perl dependencies for this script to run. 
 + 
 +Debian/Ubuntu/Mint: 
 + 
 +   sudo apt-get install libpoe-perl libpoe-component-client-dns-perl libterm-readkey-perl libfile-slurp-perl libtime-duration-perl 
 + 
 +Fedora/Redhat/Centos: 
 + 
 +   yum install perl-POE perl-POE-Component-Client-DNS perl-TermReadKey perl-slurp perl-Time-Duration 
 + 
 +Freebsd: 
 + 
 +  ports dns/p5-POE-Component-Client-DNS devel/p5-Time-Duration devel/p5-File-Slurp devel/p5-Term-ReadKey 
 + 
 +CPAN: 
 + 
 +  cpan install Term::ReadKey POE::Component::Client::DNS File::Slurp Time::Duration 
 + 
 +Installation: 
 + 
 +Simply copy the script from the /nefarious2/tools/iauthd.pl into the same directory as your ircd.conf file resides in order to make configuration easier.  
 + 
 +   Example: cp tools/iauthd.pl /home/your_ircd/ircd/lib/ 
 + 
 +Now edit your ircd.conf file and add the following block: 
 + 
 +   IAuth { 
 +       program "/usr/bin/perl" "iauthd.pl" "-v" "-d" "-c" "ircd.conf"; 
 +   }; 
 +    
 +Now, save the file and /rehash.  I all goes well you can verify that the script is functional by running the following command: 
 + 
 +   /stats iauth 
 +    
 +This should show something similar to this: 
 + 
 +   iauthd.pl :Up since Thu Jun 25 06:06:34 2015 (20 hours and 47 minutes) 
 +   iauthd.pl :Cache size: 837/2048 
 +   iauthd.pl :Total Passed: 197 
 +   iauthd.pl :Total Rejected: 14 
 +   iauthd.pl :dnsbl.sorbs.net (2,3,4,5,6,7,9):
 +   iauthd.pl :dnsbl.dronebl.org (2,3,5,6,7,8,9,10,13,14,15):
 +   iauthd.pl :rbl.efnetrbl.org (4): 17 
 +   iauthd.pl :rbl.efnetrbl.org (1,2,3,5): 0 
 +   iauthd.pl :dnsbl-2.uceprotect.net (2): 0 
 +   iauthd.pl :6667.173.122.134.230.173.ip-port.exitlist.torproject.org (2): 0 
 +   iauthd.pl :80.204.128.107.97.ip-port.exitlist.torproject.org (2): 10 
 +   iauthd.pl :443.204.128.107.97.ip-port.exitlist.torproject.org (2): 10 
 +   iauth: End of /STATS report          
 + 
 +If you would like to learn more about iauth please visit our [[https://github.com/evilnet/nefarious2/wiki/Setting-up-iauthd.pl|GitHub Wiki]] 
 +  
 +====== Please install the following cron jobs: ====== 
 + 
 +===== gitsync ===== 
 +gitsync updates your server every hour with the latest k: lines, features, and server connection info. It is required. There is a copy in nefarious2/tools/linesync/gitsync.sh it is best to symlink this to your ircd.conf directory, for example''ln -s /home/your/nefarious2/tools/linesync/gitsync.sh /home/your/ircd/gitsync.sh'' so it is easy to run and keep up to date. 
 + 
 +You must have an SSH key setup for the user that runs ircd. This is normally in ''~/.ssh/id_rsa.pub'' if not, run ''ssh-keygen'' and configure a key with empty password. Then, get an admin a copy of id_rsa.pub contents so he can add it to authorized access list of gitsync repository. 
 + 
 +Once you have been given access, you must initialize the repository: ''./gitsync.sh -i gitolite@afternet.org:gitsync'' 
 + 
 +If that works, you'll have our server list and additions added to your ircd.conf, and a new certificate (.pemfile.
  
 <code> <code>
-*/12 * * * /home/user/ircd/linesync.sh /home/user/ircd/ircd.conf /home/user/ircd/ircd.pid+* * * /home/user/ircd/gitsync.sh -s /home/user/.ssh/id_rsa -c yourserver.afternet.org-cert /home/user/ircd/ircd.conf /home/user/ircd/ircd.pid
 </code> </code>
  
-==== checkircd.sh ====+===== checkircd.sh =====
 This gem checks if the irc server is running, and if it isnt, starts it up. This will keep the ircd up after reboots, or in the case of a crash. Create the file using a text editor, pasting this code in: This gem checks if the irc server is running, and if it isnt, starts it up. This will keep the ircd up after reboots, or in the case of a crash. Create the file using a text editor, pasting this code in:
 <code> <code>
Line 90: Line 157:
 # don't start the server if it is already running # don't start the server if it is already running
 procs=`ps x` procs=`ps x`
-if echo "$procs" | grep ./ircd > /dev/null; then+if echo "$procs" | grep /home/user/ircd/ircd > /dev/null; then
    exit    exit
 fi fi
-cd /home/irc/ircd +/home/user/ircd/ircd
-./ircd +
-</code> +
-(be careful to use the right kind of `` ticks!) +
- +
-For unknown reasons (and particularly on Ubuntu), using cd to change directories and then starting the script via ./ircd sometimes doesn't work, so try this: +
- +
-<code> +
-#!/bin/sh +
-# don't start the server if it is already running +
-procs=`ps x` +
-if echo "$procs" | grep /home/irc/ircd/ircd > /dev/null; then +
-   exit +
-fi +
-/home/irc/ircd/ircd+
 </code> </code>
 (be careful to use the right kind of `` ticks!) (be careful to use the right kind of `` ticks!)
Line 122: Line 175:
 */5 * * * * /home/user/checkircd.sh */5 * * * * /home/user/checkircd.sh
 </code> </code>
-==== syncheck ==== 
  
-syncheck is our anti-ddos attack tool, you should have received from us on successful testlink. It requires iptables, and thus root access: Put it in /root (or wherever you want) and as root run: 
- 
-  crontab -e 
- 
-And install the following cronjob: 
-<code> 
-*/5 * * * * sh /root/syncheck 
-</code> 
 With these cronjobs installed, you are now ready to link your server to the network.  With these cronjobs installed, you are now ready to link your server to the network.