]> jfr.im git - irc/evilnet/x3.git/blob - x3.conf.example
projects / irc / evilnet / x3.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix for 'password too weak' error when using SSL fingerprint auth instead of password...
[irc/evilnet/x3.git] / x3.conf.example
1 /* *****************************************************************
2 * X3 Services Example Configuration file.
3 *
4 * Copy it to your x3 runtime dir, and edit to taste.
5 *
6 * This file allows two kinds of comments. Whitespaces between
7 * tokens are ignored. All strings (even if they're just numbers)
8 * MUST be enclosed in double quotes. There must be a semicolon
9 * after every * key/value pair.
10 */
11
12 /* UPLINKS (servers we connect to) *********************************
13 * Each subsection describes one server. X3 will try to connect to
14 * each in turn maxtries times, and then will quit.
15 */
16 "uplinks" {
17 // This first entry connects to an ircd on teh same server an X3..
18 "Hub" { // This can be any string, just used here for your convenience
19 "address" "127.0.0.1"; // The IP address of the server
20 "port" "8888"; // What TCP port to connect to
21 "password" "laoo,rpe"; // Both of these passwords must match
22 "their_password" "laoo,rpe"; // the one in the ircd C line for X3.
23 "enabled" "1"; // Set to 0 to disable connecting to this server
24 "max_tries" "10"; // How many times to attemt reconnect before quitting
25 "bind_address" "127.0.0.1"; // LOCAL IP address we want to connect FROM
26 };
27 // This next one connects to an ircd on another server
28 "Hub-west" {
29 // IP address and port the server listens on
30 "address" "192.168.234.123"; // IP of remote server
31 "port" "8888";
32 "password" "ekrpat"; // C line passwords
33 "their_password" "ekrpat"; // Set same as above
34 "enabled" "0"; // Set this to 1 to use this server..
35 "max_tries" "1";
36 "bind_address" "192.168.1.10";
37 };
38 };
39
40 /* SERVER (Details about our existance) **********************************
41 */
42 "server" {
43 "hostname" "X3.AfterNET.Services"; // The servers name. (Use this in the ircd's C line)
44 "description" "AfterNET Network Services"; // Shows up in /links.
45 "network" "AfterNET";
46 "hidden_host" "Users.AfterNET.Org"; // set this if you enabled Nefarious' +x mode
47 /* hidden_host should match the F:HIDDEN_HOST: line in your ircu's ircd.conf;
48 * x3 does not set the host suffix for users, but must know it when making
49 * things like bans, where it should not show the user's real hostname. */
50 "hidden_host_type" "1"; // change this to 2 if you use Nefarious's style 2 host hiding.
51 "key1" "45432"; // Set these key values to the network KEY values you use
52 "key2" "76934"; // for host hiding style 2. If you are using Nefarious 1.3.0 (type 8)
53 "key3" "98336"; // then these are ignored.
54 "prefix" "AfterNET"; // If you use style 2 then this is the name that is prefixed to hosts.
55 "numeric" "51"; // hint: If you get collisions on link, CHANGE THIS.
56 /* Type handles some changes in Nefarious from version to version.
57 * 4 - nefarious 0.4.x and other ircds
58 * 5 - nefarious 1.0.x and higher (Obselete)
59 * 6 - nefarious 1.1.0 and higher (Obselete)
60 * 7 - nefarious 1.2.0 and higher (Obselete)
61 * 8 - nefarious 1.3.0 and higher (Legacy Version)
62 * 9 - nefarious 2.0.x and higher (Current Version)
63 */
64 "type" "8";
65 "host_in_topic" "1"; //Set to 1 if your Nefarious server have the HOST_IN_TOPIC F:line set to TRUE.
66 "max_users" "256"; // You can save a little memory by setting this to a lower value.
67 "force_n2k" "1"; // Use extended (5-digit) numnick for self, even if 3 are possible.
68 "ping_freq" "60";
69 "ping_timeout" "90";
70 "max_cycles" "30"; // max uplink cycles before giving up
71 // Admin information is traditionally: location, location, email
72 // This shows up on a /admin x3.afternet.services command.
73 "admin" (
74 "AfterNET IRC Network",
75 "www.afternet.org",
76 "Support Staff <support@afternet.org>"
77 );
78 /* extended_accounts -
79 * enable this for nefarious 0.4.x and higher and in ircd.conf add F:EXTENDED_ACCOUNTS:TRUE.
80 * Sends 'AC R nick account' instead of 'AC nick account' and allows
81 * for renames, login-on-connect, etc. If you use stock ircu set to 0. */
82 "extended_accounts" "1";
83
84 /* the following two settings are for ircu's HEAD_IN_SAND features, and are equivelent to
85 * the F: lines in ircu's ircd.conf. both can be disabled by commenting them out. */
86 //"his_servername" "*.AfterNET.org"; // hidden server name, shown in remote /whois requests
87 //"his_servercomment" "AfterNET IRC Network";
88 };
89
90 /* SERVICES (Bot nicknames) *******************************************
91 * Each section describes one service nickname and the details of that
92 * bot's features
93 * You may disable a service by commenting out its "nick" config item.
94 */
95 "services" {
96 /* Nickserv is the bot you register with and auth to.
97 * Afternet uses the name "Authserv" without the nickname reservation
98 * features enabled. Some nets call it Nickserv and configure it to
99 * reserve nicks.
100 */
101 "nickserv" {
102 "nick" "AuthServ"; // The bots nick on IRC
103
104 // If you want to have *@* as the default hostmask, set
105 // default_hostmask. I highly reccomend this, and its required
106 // for login-on-connect to work.
107 "default_hostmask" "1";
108
109 // do we warn users when someone new auths to their account?
110 "warn_clone_auth" "1"; // -X3- warning: foobar has authed to your account
111
112 // default max number of logins allowed on new accounts. Users can set it
113 // to something different using authserv commands.
114 "default_maxlogins" "3";
115
116 // hard_maxlogins is the ammount the user cant override.
117 "hard_maxlogins" "10";
118
119 //automatically set the following modes when opers auth:
120 // - if it includes o, then are auto remote-opered.
121 "auto_oper" "+oxwgs";
122 "auto_oper_privs" "CHAN_LIMIT SHOW_INVIS SHOW_ALL_INVIS KILL LOCAL_KILL REHASH RESTART DIE JUPE LOCAL_JUPE OPMODE WHOX SEE_CHAN PROPAGATE DISPLAY SEE_OPERS WIDE_GLINE FORCE_OPMODE REMOTEREHASH CHECK SEE_SECRET_CHAN WIDE_SHUN WIDE_ZLINE LIST_CHAN";
123
124 // This names a file that contains easily guessed passwords.
125 // It always contains "password", "<password>" and the user's
126 // account name.
127 // uncomment if you have a dict file.
128 //"dict_file" "/usr/share/dict/words";
129
130 // Minimum number of various types of characters permitted in
131 // a password. Authserv will enforce these.
132 "password_min_length" "4";
133 "password_min_digits" "0";
134 "password_min_upper" "0";
135 "password_min_lower" "0";
136
137 // What should valid account and nicks look like?
138 // If valid_nick_regex is omitted, valid_account_regex is used
139 // for both nicks and accounts.
140 // Be very carefull changing these. This default is
141 // basically limited to letters, numbers, dash and underscore.
142 "valid_account_regex" "^[-_a-z0-9A-Z]{2,15}$";
143 "valid_nick_regex" "^[-_a-z][-_a-z0-9]*$";
144
145 // Whats a valid hostname look like for fakehosts?
146 "valid_fakehost_regex" "^[-_a-zA-Z0-9.]+$";
147
148 // Force account names to lowercase? 1=yes 0=no
149 // WARNING: this will convert when reading them from the db, too.
150 "force_handles_lowercase" "0";
151
152 // "Nickserv" networks, set this to 0. "Authserv" networks,
153 // set it to 1.
154 "disable_nicks" "1";
155 // One account may only own this many nicks.
156 "nicks_per_account" "4";
157
158 // Send a warning when someone uses a registered nick?
159 "warn_nick_owned" "0";
160
161 // What to do when someone uses the NickServ "reclaim" command?
162 // This can be one of "none", "warn", "svsnick", or "kill", but
163 // stock ircu does not support svsnick -- you need nefarious.
164 "reclaim_action" "none";
165
166 // What (else) to do when someone uses a registered nick?
167 // This can be anything "reclaim_action" can be, but it makes
168 // more sense to use the "warn_nick_owned" instead of "warn".
169 "auto_reclaim_action" "none";
170
171 // How long to wait before doing the auto_reclaim_action?
172 // This is ignored if "auto_reclaim_action" is "none".
173 "auto_reclaim_delay" "0";
174
175 // Expire nicks
176 "expire_nicks" "0";
177
178 // how often should nicks be expired?
179 "nick_expire_freq" "1d";
180
181 // how long until a nick expires?
182 "nick_expire_delay" "900d";
183
184 // access control for who can change account flags
185 // See /msg authserv help account flags
186 "flag_levels" {
187 "g" "800"; // God mode
188 "lc_h" "800"; // support helper (lower case h)
189 "uc_H" "800"; // net helper (upper case H)
190 "S" "999"; // O3 access suspended
191 "b" "1"; // Bot (Hidden from !staff etc)
192 "I" "999"; // User can impersonate another account using SASL authentication
193 };
194
195 // and for who can change epithets for staff
196 // epithets show up in /whois as another line about the person.
197 "set_epithet_level" "800";
198
199 // what opserv access level do you need to set somebody else's level?
200 "modoper_level" "850";
201
202 // how often should accounts be expired?
203 "account_expire_freq" "1d";
204
205 // how long until an account with access to any channel(s) expires?
206 "account_expire_delay" "900d";
207
208 // how long until an account with no access to any channels expires?
209 "nochan_account_expire_delay" "365d";
210
211 // how long must an account be inactive so it can be ounregistered without force?
212 "ounregister_inactive" "1M";
213
214 // which flags on an account require the ounregister to be used with force?
215 "ounregister_flags" "ShgsfnHbu";
216
217 // If somebody keeps guessing passwords incorrectly, do we gag them?
218 "autogag_enabled" "1";
219 "autogag_duration" "30m";
220 "auth_policer" {
221 "size" "5";
222 "drain-rate" "0.05";
223 };
224
225 // How to integrate with email cookies?
226 // In order to use mail, mail must be enabled and configured
227 // down below in the mail section of this config file.
228 "email_enabled" "1"; // Allow account verification and password reset by email.
229 "email_required" "1"; // if above is 1, require verification to authenticate.
230 "cookie_timeout" "2d"; // how long before we expire cookies?
231 "accounts_per_email" "1"; // How many people can use the same email account.
232
233 "email_search_level" "600"; // minimum OpServ level to search based on email address (search print email *foo*)
234 "email_visible_level" "800"; // minimum OpServ level to see somebody's email address
235 "titlehost_suffix" "AfterNET.Org"; // 'USET title' sets a fake hostname of name.title.titlehost on a user.
236 "set_title_level" "900"; // Access to use 'uset title'.
237 "set_fakehost_level" "1000"; //Access to set a freeform fakehost. (uset fakehost)
238
239 // A list of denied words in the fakehosts
240 "denied_fakehost_words" ("sex",
241 "fuck",
242 "asshole");
243
244 // This is a hacked in feature which exports every account change to a file sync.log. Afternet uses this and
245 // a bunch of custom PHP scripts to make our websites SQL user db the same as authserv, every 5 minutes.
246 // You have to be a pretty handy person with the shell commands and programming to make use of this..
247 "sync_log" "0"; // Log account changes to a file for syncing w/ a website?
248
249 // Nickserv 'style' setting affects .userlist and other outputs.
250 "default_style" "n"; // can be: n = normal, c = clean, or a = advanced.
251
252
253 // LDAP configuration(s)
254 // THIS IS EXPERIMENTAL! DO NOT USE IT IF YOU ARNT'T A DEVELOPER!!
255 // LDAP stands for light directory access protocol. its what many larger orgs use for central user/password management. Its also the core technology behind windows active directory.
256 // If you have an ldap server, you can configure X3 to use it instead of saving passwords locally.
257
258 //"ldap_enable" "0";
259 //"ldap_uri" "ldaps://ldap.yournetwork.server:636";
260 //"ldap_base" "ou=Users,dc=afternet,dc=org";
261 //"ldap_dn_fmt" "uid=%s,ou=Users,dc=afternet,dc=org";
262 //"ldap_autocreate" "1"; // automatically create accounts if they exist in ldap but not x3
263 //// If you will be allowing users to register on IRC you need these:
264 //"ldap_admin_dn" "cn=Admin,dc=afternet,dc=org";
265 //"ldap_admin_pass" "xxxxxxxxxxx";
266 //"ldap_object_classes" ( "top", "inetOrgAnonAccount" );
267 //// NOTE: inetOrgAnon is something I made up. its schema
268 //// can be found in the tools/ directory. ldap servers wont
269 //// know what that is by default.
270 //// These configure what I store, and where.
271 //"ldap_field_account" "uid";
272 //"ldap_field_password" "userPassword";
273 //"ldap_field_email" "mail";
274 //"ldap_field_oslevel" "X3AccountLevel";
275 //// NOTE: X3AccountLevel is a custom LDAP attribute
276 //// that LDAP servers will not know by default. A custom
277 //// schema is required to provide it.
278 //// This bit is needed if you want to put ircops into a group:
279 //"ldap_oper_group_dn" "cn=Opers,ou=Groups,dc=afternet,dc=org";
280 //"ldap_oper_group_level" "99"; // must be above this level to be added to oper ldap group
281 //"ldap_field_group_member" "memberUid"; // what field group members are in
282 //"ldap_timeout" "10"; // seconds
283
284 };
285
286 /*
287 * OpServ is the bot opers use to do glines, look at info etc.
288 * Afternet uses the nickname "O3" for this as its easier to type.
289 */
290 "opserv" {
291 "nick" "O3";
292 // should use of this service be limited to global opers?
293 "privileged" "1";
294
295 // fullname for service
296 "description" "Oper Service Bot"; // (for /whois)
297
298 // hostname for service; only used if "description" is also set
299 "hostname" "X3.AfterNET.Services"; // (for /whois)
300
301 // What channel should opserv send debug output to?
302 // I don't have any idea what debug info goes here. You can configure
303 // debugging logs in the log section to go to any channel.
304 // Probably safest to set to your oper channel.
305 "debug_channel" "#TheOps"; // Bot will join this channel, also.
306 "debug_channel_modes" "+tnOS"; // Modes get set every time X3 starts up
307
308 // where to send general alerts (e.g. flood alerts)?
309 "alert_channel" "#TheOps"; // Bot will join this channel, also.
310 "alert_channel_modes" "+"; // Modes get set every time X3 starts up
311
312 // who to tell about staff auths?
313 "staff_auth_channel" "#OperServ"; // Bot will join this channel, also.
314 "staff_auth_channel_modes" "+tnOs"; // modes get set every time X3 starts up
315
316 // which channels should all services autojoin?
317 "autojoin_channels" ("#TheOps", "#OperServ");
318
319 // how many clones to allow from an untrusted host?
320 // Use this carefully, users with half the # of clones will trigger this
321 // when a server pings out and they reconnect before the old connection is noticed
322 // to be dead by the server.. so set it at about twice the # you want to allow to
323 // avoid false positives.
324 "untrusted_max" "6"; // 3 connections and 3 ghosts, 7th connection causes a gline.
325
326 // how long of a g-line should be issued if the max hosts is exceeded?
327 "clone_gline_duration" "2h"; // durations are smhdmy
328
329 // how long to g-line for ?block (or, by default, for trace gline)?
330 "block_gline_duration" "12h";
331
332 // how long to shun for ?sblock (or, by default, for trace shun)?
333 "block_shun_duration" "12h";
334
335 // When a user joins an illegal channel, O3 joins it and locks it down.
336 // how long to keep an illegal channel locked down (seconds)?
337 "purge_lock_delay" "60";
338
339 // ------------------------------------------------------------------
340 // Defcon Settings
341 //
342 // No new channel registrations 1
343 // No New Nick Registrations 2
344 // No Channel Mode changes 4
345 // Force Chan Mode 8
346 // Use Reduced Session Limit 16
347 // KILL any new clients trying to connect 32
348 // Services will ignore everyone but opers 64
349 // Services will silently ignore everyone but opers 128
350 // GLINE all new clients trying to connect 256
351 // No new memos sent to block MemoServ attacks 512
352 // SHUN all new clients trying to connect 1024
353 //
354 // These are the values are added together to determine each defcon setting:
355 "DefCon1" "415";
356 "DefCon2" "159";
357 "DefCon3" "31";
358 "DefCon4" "23";
359
360 // Default defcon level, 5 is running all normally
361 "DefConLevel" "5";
362
363 // If defcon is limiting sessions then how many sessions should O3 allow?
364 "DefConSessionLimit" "2";
365
366 // Length of glines and shuns set on newly connecting clients, if defcon is glining
367 // or shunning newly connecting clients
368 "DefConGlineExpire" "5m";
369
370 // Mode to set on all channels if defcon is forcing channel modes on all channels
371 "DefConChanModes" "+r";
372
373 // If not set to 0, defcon will set back to level 5 after this time
374 "DefConTimeOut" "15m";
375
376 // Set to 1 to send a notice to all users when defcon levels are changed
377 "GlobalOnDefcon" "0";
378
379 // If set to 1 along with the notice that the levels are changing an extra
380 // notice will be sent
381 "GlobalOnDefconMore" "0";
382
383 // GlobalOnDefconMore notice.
384 "DefconMessage" "Put your message to send your users here. Dont forget to uncomment GlobalOnDefconMore";
385
386 // This notice will be used if GlobalOnDefcon and GlobalOnDefconMore are off
387 "DefConOffMessage" "Services are now back to normal, sorry for any inconvenience";
388
389 // Reason placed in defcon Glines and Shuns.
390 "DefConGlineReason" "This network is currently not accepting connections, please try again later";
391
392 // ------------------------------------------------------------------
393
394 // To use geoip support in Opserv WHOIS then you will need to install
395 // the c GeoIP api. Its available on http://www.maxmind.com, also on
396 // apt on debian and ubuntu. The dat files can also be obtained
397 // from the earlier URL. Place them in your X3 dir and away you go.
398 // X3 will need a recompile once you install the c api. If there is a
399 // GeoIP City Data file then the GeoIP data file will be ignored. However
400 // bear in mind that the city data file is a lot larger than the plain
401 // country data file so does take a bit longer to query. If you are
402 // expieriencing ping timeouts you may need to tweak X3's I:line.
403 "geoip_data_file" "./GeoIP.dat";
404 "geoip_city_data_file" "";
405
406 // The join-flood policer code goes off all the time when a server
407 // goes down (and everyone reconnects) so i don't reccomend using it.
408 // Automatically moderate join flooded channels?
409 "join_flood_moderate" "0";
410 // channel join flood policer params?
411 "join_policer" {
412 "size" "20";
413 "drain-rate" "1";
414 };
415 // Don't moderate and warn channels unless there are more than
416 // join_flood_moderate_threshold users in the channel. the
417 // value 0 will disable the threshold.
418 "join_flood_moderate_threshold" "50";
419 // new user flood policer params
420 "new_user_policer" {
421 "size" "200";
422 "drain-rate" "3";
423 };
424 // Min opserv level needed to set 'silent' glines in trace/addalert
425 // (nefarious only)
426 "silent_level" "700";
427 };
428
429 "chanserv" {
430 "nick" "X3";
431
432 // The umodes - add +d if you use nefarious 1.0 and you added 'b:lines'
433 // to pass cmdchar through to chanserv anyway.
434 "modes" "+iok";
435
436 // The off_channel setting takes one of three numerical values:
437 // 0 = off
438 // 1 = use a registered channel mode, have services op themselves
439 // 2 = all of the above, and a channel setting to have ChanServ not
440 // idle in the channel
441 // NOTE: +z mode, needed for this to work. X3 contains modifications to
442 // try and prevent desynchs. If you use this mode do not use any other service
443 // that uses this mode.
444 "off_channel" "no";
445
446 // Infolines are sent when channel users join the channel. Users set them with USET INFO in X3.
447 // how long should a person be unseen before resending infoline?
448 "info_delay" "120";
449
450 // Greetings can be configured by the channel manager(s) and sent to users who join the channel.
451 // Many people (rightly) find this annoying, so keep them short.
452 // maximum greeting length
453 "max_greetlen" "120";
454
455 // maximum users in a channel userlist
456 "max_chan_users" "512";
457 // maximum bans on a channel banlist
458 "max_chan_bans" "512";
459 // maximum length of a user's infoline
460 "max_userinfo_length" "400"; // hard limit for infolines. This is also the default value.
461
462 // If SET DynLimit is on and there are N users in the channel, ChanServ will
463 // try to keep the limit at N+<adjust_threshold>. This makes the channel
464 // somewhat protected from clone attacks.
465 "adjust_threshold" "5";
466 // .. but ChanServ will only increment or decrement the limit this often.
467 "adjust_delay" "30"; // (seconds)
468
469 // How often to look for expired bans?
470 "ban_timeout_freq" "2m";
471
472 // How often to look for channels that have expired?
473 "chan_expire_freq" "1d";
474
475 // How long is a channel unvisited (by masters or above) before it can be expired?
476 "chan_expire_delay" "30d";
477
478 // How often to look for dnrs that have expired?
479 "dnr_expire_freq" "1h";
480
481 // what !set options should we show when user calls "!set" with no arguments?
482 "set_shows" ("DefaultTopic", "TopicMask", "Greeting", "UserGreeting", "Modes", "PubCmd", "InviteMe", "UserInfo", "EnfOps", "EnfModes", "EnfTopic", "TopicSnarf", "Setters", "CtcpReaction", "BanTimeout", "Protect", "Toys", "DynLimit", "NoDelete");
483
484 // A list of !8ball responses
485 "8ball" (
486 "Are you out of your MIND?",
487 "It won't happen, not a chance, definitely no.",
488 "Outlook seems bleak.",
489 "My sources say no.",
490 "You bet!",
491 "It is decidedly so.",
492 "It's hard to be sure.",
493 "Most definitely.",
494 "In your dreams...",
495 "If the prophets wish it...",
496 "Forecast hazy, try again later.",
497 "I don't know!",
498 "Absolutely!",
499 "Never.",
500 "Yes.",
501 "No.",
502 "Maybe.");
503
504 // This is a list of wheel-of-misfortune results. Remove them to disable.
505 // You must make sure your ircd supports, and has enabled, the features needed
506 // for these.
507 "wheel" (
508 "peer",
509 // "partall", // needs svspart
510 "gline",
511 // "shun", // needs shun
512 "nothing",
513 // "randjoin", // needs svsjoin and svspart
514 // "abusewhois", // needs epitaph in /whois support
515 "kickall",
516 // "nickchange", // needs svsnick
517 "kill",
518 "svsignore",
519 "kickbanall" );
520
521 // channel(s) that support helpers must be in to be helping
522 // if this is a list, any one by itself will do
523 "support_channel" ("#Operations", "#Help");
524
525 // maximum number of channels a user may have. ( FORCE can override )
526 "max_owned" "2";
527
528 // how long between automatic topic and userlist refreshes with TopicRefresh/Resync
529 "refresh_period" "10h";
530
531 // what should !access say for various staff?
532 "irc_operator_epithet" "AfterNET IRC Operator";
533 "network_helper_epithet" "AfterNET Network Helper";
534 "support_helper_epithet" "AfterNET Support Helper";
535
536 // what should a newly registered channel get as its modes?
537 "default_modes" "+nt";
538
539 // minimum opserv access to set, clear or override channel nodelete setting?
540 "nodelete_level" "1";
541
542 // when does god mode time out?
543 "god_timeout" "30m";
544
545 // What should valid registered channels look like?
546 // Be very carefull changing these. This default is
547 // basically limited to letters, numbers, dash and underscore.
548 "valid_channel_regex" "^#[-_a-z][-_a-z0-9]*$";
549 };
550
551 /* Global is a service bot that can send out network-wide messages for you. I
552 * like to set ours' nick to 'AfterNET', but some people use 'Global'
553 */
554 "global" {
555 "nick" "Global";
556 // should users get community announcements by default or not?
557 // community announcements are a type of global that users may
558 // opt into (or out of, depending on this setting)
559 "announcements_default" "on";
560 };
561
562
563 "spamserv" {
564 // You may enable this service by removing the double slashes from the config
565 // item. To disable it again add the double slashes back.
566 // "nick" "SpamServ";
567
568 // debug channel
569 "debug_channel" "#operserv";
570 "debug_channel_modes" "+tinms";
571
572 // url of the network rules. if you don't have network rules, remove this key.
573 "network_rules" "http://www.afternet.org/aup";
574
575 // trigger for spamserv; remove this key to disable the trigger
576 "trigger" "%";
577
578 // ban duration of a short timedban.
579 "short_ban_duration" "15m";
580
581 // ban duration of a long timedban.
582 "long_ban_duration" "1h";
583
584 // duration of a gline. SpamServ will issue it after several violations and a kill.
585 "gline_duration" "1h";
586
587 // users may add "exception_max" exceptions to the list. IRCOps can override "exception_max".
588 "exception_max" "10";
589
590 // minimum & maximum length of an exception.
591 "exception_min_len" "4";
592 "exception_max_len" "12";
593
594 // users may add "badword_max" badwords to the list. IRCOps can override badword_max".
595 "badword_max" "10";
596
597 // minimum & maximum length of an badword.
598 "badword_min_len" "4";
599 "badword_max_len" "12";
600
601 // if someone advertises a channel, which doesn't exist (channel is empty, no users),
602 // SpamServ doesn't punish the user.
603 // enable this setting, if SpamServ has to ignore advertisements of channels, which do not exist.
604 // disable this setting, if SpamServ has to punish the users whenever they advertise.
605 "adv_chan_must_exist" "1";
606
607 // remove all mirc codes from messages before checking for advertisements.
608 // if this setting is disabled and someone spams a url which
609 // contains a bold char, SpamServ doesn't punish him.
610 "strip_mirc_codes" "1";
611
612 // enable this, if SpamServ has to "follow" ChanServ, when a channel moves or merges.
613 // disable it, if it shouldn't be possible to move or merge SpamServ with /msg chanserv move|merge.
614 "allow_move_merge" "1";
615 };
616 };
617
618 /* MODULES (optional components) *************************************************
619 * These must be explicitly compiled in (see ./configure --help)
620 * When enabled, they are configured here..
621 */
622 "modules" {
623 /* Helpserv is a help-queue tracker module for your #support channels, if
624 * they are busy. It issues users tickets, and tracks the next available helper.
625 */
626 "helpserv" {
627 // The description/fullname field
628 "description" "Help Queue Manager"; // (for whois)
629
630 // HelpServ bots log all of their requests to this file, with
631 // details on when they were opened, closed, their contents,
632 // helper, etc. The file is written in saxdb format for easy
633 // parsing by external programs. Please note that you cannot
634 // use ?set to change this value while x3 is running.
635 "reqlogfile" "helpservreq.log";
636
637 // How long should a helpserv be inactive (no requests assigned)
638 // before it can be unregistered by the expire command?
639 "expiration" "60d";
640
641 // If a user prefix's this before their helpserv commands then instead
642 // of a request being opened, they will be able to use helpserv commands.
643 "user_escape" "@";
644 };
645 /* SockCheck reads sockcheck.conf and can do configurable scans
646 * to probe for open relays in an attempt to stop drones from using
647 * the network. DO NOT enable this unless you have permission from
648 * your ISP.. the probes will show up as attacks on everyones firewalls
649 * and you will get a lot of complaints.
650 */
651 "sockcheck" {
652 // disabling this hopefully
653 "max_sockets" "0"; // 64 is a good # of concurrent clients to be checked
654 "max_read" "1024"; // don't read more than 1024 bytes from any client
655 "gline_duration" "1d"; // issue G-lines lasting one hour
656 "max_cache_age" "60"; // only cache results for 60 seconds
657 "bind_address" "192.168.0.10"; // do proxy tests from this address
658 };
659 /* Snoop sends connect, quit, join, and part messages for every user
660 * on the network, and helps in finding drones. Put it somewhere secure
661 * so your users privacy is honored.
662 */
663 "snoop" {
664 // Where to send snoop messages?
665 "channel" "#MrSnoopy";
666 "channel_modes" "+sntim";
667 // Which bot?
668 "bot" "O3";
669 // Show new users and joins from net joins? (off by default)
670 "show_bursts" "0";
671 };
672 /* Track works just like Snoop except it only sends events for users
673 * who have been specified
674 * DANGER: track is currently very broken, and will crash x3 and possibly corrupt your db file.
675 * Unless your a developer, dont even compile it in!
676 */
677 "track" {
678 // What to track by default?
679 "snomask" "nick,join,part,kick,new,del,auth,chanmode,umode";
680 // Where to send snoop messages?
681 "channel" "#MrPeanuts";
682 "channel_modes" "+sntOm";
683 // Which bot?
684 "bot" "O3";
685 // Show new users and joins from net joins? (off by default)
686 "show_bursts" "0";
687 };
688 /* Memoserv lets users send messages to other users accounts.
689 */
690 "memoserv" {
691 "bot" "MemoServ";
692 "modes" "+k";
693 "message_expiry" "30d"; // age when messages are deleted; set
694 // to 0 to disable message expiration
695 "limit" "30"; // Max amount of messages a person can get.
696 };
697 "qserver" {
698 "bind_address" "127.0.0.1";
699 "port" "7702";
700 "password" "hello";
701 };
702 "blacklist" {
703 // File containing blacklisted client addresses.
704 // "file" "blacklist.txt";
705 // Each line in the file should start with an IP or hostname.
706 // If there is whitespace and a message after that, the
707 // message will override this one:
708 "file_reason" "client is blacklisted";
709 // How long should a blacklist G-line last?
710 "gline_duration" "1h";
711 // If you want to use DNS blacklists, add them here:
712 "dnsbl" {
713 // This DNSBL zone does not exist - you'll have to pick your own.
714 "dnsbl.example.org" {
715 "description" "Example DNSBL entry";
716 "reason" "busted by a dns blacklist";
717 "duration" "1h";
718 // You can stick the client's IP in the G-line message.
719 "reason_2" "Example DNSBL reported %ip%'s address as 127.0.0.2";
720 // .. or the contents of a DNS TXT.
721 "reason_3" "%txt%";
722 };
723 };
724 };
725 "sar" {
726 // You generally will not want to override these defaults.
727 // "resolv_conf" "/etc/resolv.conf";
728 // "services" "/etc/services";
729 // "bind_address" "0.0.0.0";
730 // "bind_port" "0";
731 // The defaults for these are derived from the system config files (above).
732 // "domain" "example.org";
733 // "timeout" "3"; // base timeout for a DNS reply
734 // "retries" "3"; // number of times to retry on different servers or longer timeouts
735 // "ndots" "1"; // number of dots needed in a hostname to bypass search path
736 // "edns0" "0"; // if set, enable EDNS0 extended message sizes
737 // "search" ("example.org", "example.net");
738 // "nameservers" ("127.0.0.1");
739 };
740 /* WebTV allows webtv clients to use common IRC commands.
741 */
742 "webtv" {
743 "bot" "IRC";
744 "modes" "+k";
745
746 // Should clients need to be marked to use this service?
747 "required_mark" "1";
748 // which marks are valid webtv marks?
749 "valid_marks" ("webtv", "msntv", "msntv2");
750 };
751 };
752
753 "policers" {
754 "commands-luser" {
755 "size" "5";
756 "drain-rate" "0.5";
757 };
758 };
759
760 "rlimits" {
761 "data" "50M";
762 "stack" "6M";
763 "vmem" "100M";
764 };
765
766 /* MAIL (if and how X3 sends mail ) *********************************
767 * Mainly Authserv/Nickserv send mail, See the Nickserv
768 * section for additional mail settings also.
769 */
770 "mail" {
771 "enable" "1";
772 "mailer" "/usr/sbin/sendmail";
773 // OR Afternet uses a custom script to keep the services IP hidden:
774 // "mailer" "/home/x3user/x3/sendmail.sh";
775 "from_address" "supportrobot@afternet.org";
776 "extra_headers" ("AfterNET-Services: x3");
777 "body_prefix_first" ("Welcome to AfterNET, looks like this is your first email from us.");
778 "body_prefix" ("AfterNET Support - User and Channel registration system");
779 "body_suffix_first" ("", "AfterNET IRC Network", "http://www.afternet.org");
780 "body_suffix" ("", "AfterNET IRC Network", "http://www.afternet.org", "support@afternet.org","irc://irc.afternet.org/afternet");
781 // If you are using the smtp mail back-end, you may need to set these:
782 "smtp_server" "localhost";
783 "smtp_service" "smtp";
784 // "smtp_myname" "localhost.domain";
785 };
786
787 /* DBS (Databases) *************************************************
788 * let you configure what databases go in what files.
789 *
790 * This default sets up everything in one big x3.db file.
791 *
792 * If you leave this section out, each database will be in its own file,
793 * and they will be written out every half hour.
794 */
795 "dbs" {
796 // This just illustrates how you can jam every database into one huge ("mondo") file.
797 "ChanServ" { "mondo_section" "ChanServ"; };
798 "gline" { "mondo_section" "gline"; };
799 "shun" { "mondo_section" "shun"; };
800 "Global" { "mondo_section" "Global"; };
801 "HelpServ" { "mondo_section" "HelpServ"; };
802 "modcmd" { "mondo_section" "modcmd"; };
803 "NickServ" { "mondo_section" "NickServ"; };
804 "OpServ" { "mondo_section" "OpServ"; };
805 "sendmail" { "mondo_section" "sendmail"; };
806 "SpamServ" { "mondo_section" "SpamServ"; };
807
808 // These are the options if you want a database to be in its own file.
809 "mondo" {
810 // Where to put it?
811 "filename" "x3.db";
812 // How often should it be saved?
813 // (You can disable automatic saves by setting this to 0.)
814 "frequency" "30m";
815 };
816 };
817
818 /* LOGS (If and how X3 logs data ) ***********************************
819 * LOGS sets up where X3 logs various kinds of info to.
820 */
821 "logs" {
822 // Two kinds of items exist in this section.
823
824 // One is a facility configuration subsection. These have the
825 // name of a log facility (one of "ChanServ", "Global",
826 // "HelpServ", "NickServ", "OpServ", "ProxyCheck", or "x3") and
827 // the value is a subsection. The "x3" log facility is a
828 // catch-all/fall-back facility.
829 "x3" {
830 // The "max_age" option says how long to keep log audit entries.
831 "max_age" "10h";
832 // The "max_count" option says how many log audit entries to keep.
833 "max_count" "1024";
834 // Audit (command tracking) entries are discarded if they exceed
835 // either limit: for example, if entry 500 is 10 minutes old, it
836 // will be discarded next time any audit command is logged.
837 };
838
839 // The other kind of item is a target list. The name of each is a
840 // description of facility-and-severity combinations, and the value
841 // is a string (or list of strings) that describe where matching
842 // events should be logged. As a special case, the facility * will
843 // specify how to log events regardless of their true facility, and
844 // the severity * will match all severities for a facility.
845 // Log targets use a psuedo-URI syntax: one of "file:filename",
846 // "std:[out|err|n]" where n is a valid file descriptor, or
847 // "irc:#channel" (nicknames or server masks can be used instead
848 // of channel names, but should be used with care).
849 // The severity is one of "replay", "debug", "command", "info",
850 // "override", "staff", "warning", "error", or "fatal".
851 // WARNING: If any severity except "replay" for a facility is left
852 // unspecified, it will use the default target (for example,
853 // "file:chanserv.log"). For "replay" severity, you must ALWAYS
854 // list a target to log it -- this is because it is very rarely
855 // useful.
856 "*.*" ("std:out", "file:everything.log"); // does NOT suppress any defaults
857 "*.override,error,fatal" "irc:#TheOps"; // report all uses of staff commands
858 "*.staff" "irc:#MrSnoopy"; // report all uses of staff commands
859 "ChanServ.*" "file:chanserv.log"; // duplicates the default behavior
860 "ProxyCheck.*" (); // stop it from logging anything
861 };
Unnamed repository; edit this file 'description' to name the repository.