-// services configuration file (example)
-/* It allows two kinds of comments. Whitespaces between tokens are
- * ignored. All strings (even if they're just numbers) MUST be
- * enclosed in double quotes. There must be a semicolon after every
- * key/value pair.
+/* *****************************************************************
+ * X3 Services Example Configuration file.
+ *
+ * Copy it to your x3 runtime dir, and edit to taste.
+ *
+ * This file allows two kinds of comments. Whitespaces between
+ * tokens are ignored. All strings (even if they're just numbers)
+ * MUST be enclosed in double quotes. There must be a semicolon
+ * after every * key/value pair.
*/
-// The "uplinks" section describes what servers we can possibly link
-// to. Each subsection describes one server.
+/* UPLINKS (servers we connect to) *********************************
+ * Each subsection describes one server. X3 will try to connect to
+ * each in turn maxtries times, and then will quit.
+ */
"uplinks" {
- "private-network" {
+ // This first entry connects to an ircd on teh same server an X3..
+ "Hub" { // This can be any string, just used here for your convenience
+ "address" "127.0.0.1"; // The IP address of the server
+ "port" "8888"; // What TCP port to connect to
+ "password" "laoo,rpe"; // Both of these passwords must match
+ "their_password" "laoo,rpe"; // the one in the ircd C line for X3.
+ "enabled" "1"; // Set to 0 to disable connecting to this server
+ "max_tries" "10"; // How many times to attemt reconnect before quitting
+ "bind_address" "127.0.0.1"; // LOCAL IP address we want to connect FROM
+ };
+ // This next one connects to an ircd on another server
+ "Hub-west" {
// IP address and port the server listens on
- "address" "10.0.0.3";
- "port" "6660";
- // What password should we send when we connect?
- "password" "passwordtoconnect";
- // What password should we require our peer to send?
- // (If it is blank, we do not require a specific password.)
- "their_password" "passwordtorequire";
- "enabled" "1";
- // How many times should we try to connect before giving up?
- "max_tries" "3";
- // What IP should we bind to?
- // If you do not specify bind_address, the default is used.
- // "bind_address" "192.168.0.10"; // use this ip to link
+ "address" "192.168.234.123"; // IP of remote server
+ "port" "8888";
+ "password" "ekrpat"; // C line passwords
+ "their_password" "ekrpat"; // Set same as above
+ "enabled" "0"; // Set this to 1 to use this server..
+ "max_tries" "1";
+ "bind_address" "192.168.1.10";
};
+};
- /* unused-uplink is just an example to show you how you can
- * define more than one uplink (and how you can disable one or
- * more of them.) */
- "unused-uplink" {
- "address" "10.0.0.4";
- "port" "6660";
- "password" "passwordtoconnect";
- "their_password" "passwordtorequire";
- // If "enabled" is 0, we will not try to use this uplink.
- "enabled" "0";
- "max_tries" "3";
- };
+/* SERVER (Details about our existance) **********************************
+ */
+"server" {
+ "hostname" "X3.AfterNET.Services"; // The servers name. (Use this in the ircd's C line)
+ "description" "AfterNET Network Services"; // Shows up in /links.
+ "network" "AfterNET";
+ "hidden_host" "Users.AfterNET.Org"; // set this if you enabled Nefarious' +x mode
+ /* hidden_host should match the F:HIDDEN_HOST: line in your ircu's ircd.conf;
+ * x3 does not set the host suffix for users, but must know it when making
+ * things like bans, where it should not show the user's real hostname. */
+ "hidden_host_type" "1"; // change this to 2 if you use Nefarious's style 2 host hiding.
+ "key1" "45432"; // Set these key values to the network KEY values you use
+ "key2" "76934"; // for host hiding style 2. If you are using Nefarious 1.3.0 (type 8)
+ "key3" "98336"; // then these are ignored.
+ "prefix" "AfterNET"; // If you use style 2 then this is the name that is prefixed to hosts.
+ "numeric" "51"; // hint: If you get collisions on link, CHANGE THIS.
+ /* Type handles some changes in Nefarious from version to version.
+ * 4 - nefarious 0.4.x and other ircds
+ * 5 - nefarious 1.0.x and higher (Obselete)
+ * 6 - nefarious 1.1.0 and higher (Obselete)
+ * 7 - nefarious 1.2.0 and higher (Branch Revsion)
+ * 8 - nefarious 1.3.0 and higher (Trunk Revsions)
+ */
+ "type" "8";
+ "host_in_topic" "1"; //Set to 1 if your Nefarious server have the HOST_IN_TOPIC F:line set to TRUE.
+ "max_users" "256"; // You can save a little memory by setting this to a lower value.
+ "force_n2k" "1"; // Use extended (5-digit) numnick for self, even if 3 are possible.
+ "ping_freq" "60";
+ "ping_timeout" "90";
+ "max_cycles" "30"; // max uplink cycles before giving up
+ // Admin information is traditionally: location, location, email
+ // This shows up on a /admin x3.afternet.services command.
+ "admin" (
+ "AfterNET IRC Network",
+ "www.afternet.org",
+ "Support Staff <support@afternet.org>"
+ );
+ /* extended_accounts -
+ * enable this for nefarious 0.4.x and higher and in ircd.conf add F:EXTENDED_ACCOUNTS:TRUE.
+ * Sends 'AC R nick account' instead of 'AC nick account' and allows
+ * for renames, login-on-connect, etc. If you use stock ircu set to 0. */
+ "extended_accounts" "1";
+
+ /* the following two settings are for ircu's HEAD_IN_SAND features, and are equivelent to
+ * the F: lines in ircu's ircd.conf. both can be disabled by commenting them out. */
+ //"his_servername" "*.AfterNET.org"; // hidden server name, shown in remote /whois requests
+ //"his_servercomment" "AfterNET IRC Network";
};
-// The "services" section configures the services that make up X3.
+/* SERVICES (Bot nicknames) *******************************************
+ * Each section describes one service nickname and the details of that
+ * bot's features
+ * You may disable a service by commenting out its "nick" config item.
+ */
"services" {
+ /* Nickserv is the bot you register with and auth to.
+ * Afternet uses the name "Authserv" without the nickname reservation
+ * features enabled. Some nets call it Nickserv and configure it to
+ * reserve nicks.
+ */
"nickserv" {
- "nick" "NickServ";
- // What user modes do you want this service to have? Please keep in
- // mind which ircd software you are using here, and that all of the
- // services need to be at least +o.
- // "modes" "+iok";
- // If you want to by have *@* as the default hostmask for all
- // new accounts, set default_hostmask. This is discouraged
- // for security reasons.
- // "default_hostmask" "1";
+ "nick" "AuthServ"; // The bots nick on IRC
+
+ // If you want to have *@* as the default hostmask, set
+ // default_hostmask. I highly reccomend this, and its required
+ // for login-on-connect to work.
+ "default_hostmask" "1";
+
// do we warn users when someone new auths to their account?
- "warn_clone_auth" "1";
- // what is the default maxlogins value?
- "default_maxlogins" "2";
- // what is the absolute maxlogins value?
+ "warn_clone_auth" "1"; // -X3- warning: foobar has authed to your account
+
+ // default max number of logins allowed on new accounts. Users can set it
+ // to something different using authserv commands.
+ "default_maxlogins" "3";
+
+ // hard_maxlogins is the ammount the user cant override.
"hard_maxlogins" "10";
+
// This names a file that contains easily guessed passwords.
// It always contains "password", "<password>" and the user's
// account name.
- "dict_file" "/usr/share/dict/words";
+ // uncomment if you have a dict file.
+ //"dict_file" "/usr/share/dict/words";
+
// Minimum number of various types of characters permitted in
- // a password.
+ // a password. Authserv will enforce these.
"password_min_length" "4";
- "password_min_digits" "1";
+ "password_min_digits" "0";
"password_min_upper" "0";
"password_min_lower" "0";
+
// What should valid account and nicks look like?
// If valid_nick_regex is omitted, valid_account_regex is used
// for both nicks and accounts.
- // These look funny because "[][-]" is the only way to write the
- // character class containing the characters ']', '[' and '-'.
- "valid_account_regex" "^[][_a-z^`'{}|-][][_a-z0-9^`'{}|-]*$";
+ // Be very carefull changing these. This default is
+ // basically limited to letters, numbers, dash and underscore.
+ "valid_account_regex" "^[-_a-z0-9A-Z]{2,15}$";
"valid_nick_regex" "^[-_a-z][-_a-z0-9]*$";
- // Should nick ownership be disabled?
- "disable_nicks" "0";
- // One account may only own this many nicks.
- "nicks_per_account" "4";
- // Send a warning when someone uses a registered nick?
- "warn_nick_owned" "0";
- // What to do when someone uses the NickServ "reclaim" command?
- // This can be one of "none", "warn", "svsnick", or "kill", but
- // stock ircu does not support svsnick -- you need Bahamut or a
- // patch for ircu. no, don't ask X3 developers for the patch.
- "reclaim_action" "none";
- // What (else) to do when someone uses a registered nick?
- // This can be anything "reclaim_action" can be, but it makes
- // more sense to use the "warn_nick_owned" instead of "warn".
- "auto_reclaim_action" "none";
- // How long to wait before doing the auto_reclaim_action?
- // This is ignored if "auto_reclaim_action" is "none".
- "auto_reclaim_delay" "0";
+ // Whats a valid hostname look like for fakehosts?
+ "valid_fakehost_regex" "^[-_a-zA-Z0-9.]+$";
+
+ // Force account names to lowercase? 1=yes 0=no
+ // WARNING: this will convert when reading them from the db, too.
+ "force_handles_lowercase" "0";
+
+ // "Nickserv" networks, set this to 0. "Authserv" networks,
+ // set it to 1.
+ "disable_nicks" "1";
+ // One account may only own this many nicks.
+ "nicks_per_account" "4";
+
+ // Send a warning when someone uses a registered nick?
+ "warn_nick_owned" "0";
+
+ // What to do when someone uses the NickServ "reclaim" command?
+ // This can be one of "none", "warn", "svsnick", or "kill", but
+ // stock ircu does not support svsnick -- you need nefarious.
+ "reclaim_action" "none";
+
+ // What (else) to do when someone uses a registered nick?
+ // This can be anything "reclaim_action" can be, but it makes
+ // more sense to use the "warn_nick_owned" instead of "warn".
+ "auto_reclaim_action" "none";
+
+ // How long to wait before doing the auto_reclaim_action?
+ // This is ignored if "auto_reclaim_action" is "none".
+ "auto_reclaim_delay" "0";
// access control for who can change account flags
+ // See /msg authserv help account flags
"flag_levels" {
- "g" "800";
- "lc_h" "800"; // specifically lower case h
- "uc_H" "800"; // .. and upper case H
- "S" "999";
- "b" "1";
+ "g" "800"; // God mode
+ "lc_h" "800"; // support helper (lower case h)
+ "uc_H" "800"; // net helper (upper case H)
+ "S" "999"; // O3 access suspended
+ "b" "1"; // Bot (Hidden from !staff etc)
};
+
// and for who can change epithets for staff
+ // epithets show up in /whois as another line about the person.
"set_epithet_level" "800";
+
// what opserv access level do you need to set somebody else's level?
"modoper_level" "850";
// how often should accounts be expired?
"account_expire_freq" "1d";
+
// how long until an account with access to any channel(s) expires?
- "account_expire_delay" "35d";
+ "account_expire_delay" "900d";
+
// how long until an account with no access to any channels expires?
- "nochan_account_expire_delay" "14d";
- /* "require_qualified" has been removed. It is now
- * integrated into the modcmd command authorization
- * and dispatch mechanism. "/msg OpServ help modcmd"
- * for details.
- */
+ "nochan_account_expire_delay" "365d";
+
+ // how long must an account be inactive so it can be ounregistered without force?
+ "ounregister_inactive" "1M";
+
+ // which flags on an account require the ounregister to be used with force?
+ "ounregister_flags" "ShgsfnHbu";
+
// If somebody keeps guessing passwords incorrectly, do we gag them?
"autogag_enabled" "1";
"autogag_duration" "30m";
"size" "5";
"drain-rate" "0.05";
};
+
// How to integrate with email cookies?
- "email_enabled" "0"; // if set, /mail/enable MUST be set too
- "email_required" "0"; // ignored unless email_enabled is non-zero
- "cookie_timeout" "1d"; // how long before we expire cookies?
- "accounts_per_email" "1"; // you may want to increase this; or not
- "email_search_level" "600"; // minimum OpServ level to search based on email address
+ // In order to use mail, mail must be enabled and configured
+ // down below in the mail section of this config file.
+ "email_enabled" "1"; // Allow account verification and password reset by email.
+ "email_required" "1"; // if above is 1, require verification to authenticate.
+ "cookie_timeout" "2d"; // how long before we expire cookies?
+ "accounts_per_email" "1"; // How many people can use the same email account.
+
+ "email_search_level" "600"; // minimum OpServ level to search based on email address (search print email *foo*)
"email_visible_level" "800"; // minimum OpServ level to see somebody's email address
- "sync_log" "1"; // Output password and email changes, plus registration to sync.log
- "set_title_level" "900"; // min opserv level to set a title on an account
- "set_fakehost_level" "1000"; //min opserv level to set a freeform fakehost
- "titlehost_suffix" "AfterNET.Org"; // suffix to use with automatically generated fakehosts
+ "titlehost_suffix" "AfterNET.Org"; // 'USET title' sets a fake hostname of name.title.titlehost on a user.
+ "set_title_level" "900"; // Access to use 'uset title'.
+ "set_fakehost_level" "1000"; //Access to set a freeform fakehost. (uset fakehost)
+
+ // A list of denied words in the fakehosts
+ "denied_fakehost_words" ("sex",
+ "fuck",
+ "asshole");
+
+ // This is a hacked in feature which exports every account change to a file sync.log. Afternet uses this and
+ // a bunch of custom PHP scripts to make our websites SQL user db the same as authserv, every 5 minutes.
+ // You have to be a pretty handy person with the shell commands and programming to make use of this..
+ "sync_log" "0"; // Log account changes to a file for syncing w/ a website?
+
+ // Nickserv 'style' setting affects .userlist and other outputs.
+ "default_style" "n"; // can be: n = normal, c = clean, or a = advanced.
+
+
+ // LDAP configuration(s)
+ // THIS IS EXPERIMENTAL! DO NOT USE IT IF YOU ARNT'T A DEVELOPER!!
+ // LDAP stands for light directory access protocol. its what many larger orgs use for central user/password management. Its also the core technology behind windows active directory.
+ // If you have an ldap server, you can configure X3 to use it instead of saving passwords locally.
+
+ //"ldap_enable" "0";
+ //"ldap_uri" "ldaps://ldap.yournetwork.server:636";
+ //"ldap_base" "ou=Users,dc=afternet,dc=org";
+ //"ldap_dn_fmt" "uid=%s,ou=Users,dc=afternet,dc=org";
+ //"ldap_autocreate" "1"; // automatically create accounts if they exist in ldap but not x3
+ //// If you will be allowing users to register on IRC you need these:
+ //"ldap_admin_dn" "cn=Admin,dc=afternet,dc=org";
+ //"ldap_admin_pass" "xxxxxxxxxxx";
+ //"ldap_object_classes" ( "top", "inetOrgAnonAccount" );
+ //// NOTE: inetOrgAnon is something I made up. its schema
+ //// can be found in the tools/ directory. ldap servers wont
+ //// know what that is by default.
+ //// These configure what I store, and where.
+ //"ldap_field_account" "uid";
+ //"ldap_field_password" "userPassword";
+ //"ldap_field_email" "mail";
+ //"ldap_field_oslevel" "X3AccountLevel";
+ //// NOTE: X3AccountLevel is a custom LDAP attribute
+ //// that LDAP servers will not know by default. A custom
+ //// schema is required to provide it.
+ //// This bit is needed if you want to put ircops into a group:
+ //"ldap_oper_group_dn" "cn=Opers,ou=Groups,dc=afternet,dc=org";
+ //"ldap_oper_group_level" "99"; // must be above this level to be added to oper ldap group
+ //"ldap_field_group_member" "memberUid"; // what field group members are in
+ //"ldap_timeout" "10"; // seconds
};
+ /*
+ * OpServ is the bot opers use to do glines, look at info etc.
+ * Afternet uses the nickname "O3" for this as its easier to type.
+ */
"opserv" {
- "nick" "OpServ";
- // What user modes do you want this service to have? Please keep in
- // mind which ircd software you are using here, and that all of the
- // services need to be at least +o.
- // "modes" "+iok";
+ "nick" "O3";
// should use of this service be limited to global opers?
- "privileged" "1";
+ "privileged" "1";
+
// fullname for service
- "description" "Oper Service Bot";
+ "description" "Oper Service Bot"; // (for /whois)
+
// hostname for service; only used if "description" is also set
- "hostname" "dances-all-night-with.x3.net";
- // what channel should opserv send debug output to?
- "debug_channel" "#opserv";
- "debug_channel_modes" "+tinms";
+ "hostname" "X3.AfterNET.Services"; // (for /whois)
+
+ // What channel should opserv send debug output to?
+ // I don't have any idea what debug info goes here. You can configure
+ // debugging logs in the log section to go to any channel.
+ // Probably safest to set to your oper channel.
+ "debug_channel" "#TheOps"; // Bot will join this channel, also.
+ "debug_channel_modes" "+tnOS"; // Modes get set every time X3 starts up
+
// where to send general alerts (e.g. flood alerts)?
- "alert_channel" "#ircops";
- "alert_channel_modes" "+tns";
+ "alert_channel" "#TheOps"; // Bot will join this channel, also.
+ "alert_channel_modes" "+"; // Modes get set every time X3 starts up
+
// who to tell about staff auths?
- "staff_auth_channel" "#opserv";
- "staff_auth_channel_modes" "+tinms";
+ "staff_auth_channel" "#OperServ"; // Bot will join this channel, also.
+ "staff_auth_channel_modes" "+tnOs"; // modes get set every time X3 starts up
+
+ // which channels should all services autojoin?
+ "autojoin_channels" ("#TheOps", "#OperServ");
+
// how many clones to allow from an untrusted host?
- "untrusted_max" "4";
+ // Use this carefully, users with half the # of clones will trigger this
+ // when a server pings out and they reconnect before the old connection is noticed
+ // to be dead by the server.. so set it at about twice the # you want to allow to
+ // avoid false positives.
+ "untrusted_max" "6"; // 3 connections and 3 ghosts, 7th connection causes a gline.
+
// how long of a g-line should be issued if the max hosts is exceeded?
- "clone_gline_duration" "1h";
- // how long to g-line for ?block (or, by default, for ?trace gline)?
- "block_gline_duration" "1h";
+ "clone_gline_duration" "2h"; // durations are smhdmy
+
+ // how long to g-line for ?block (or, by default, for trace gline)?
+ "block_gline_duration" "12h";
+
+ // how long to shun for ?sblock (or, by default, for trace shun)?
+ "block_shun_duration" "12h";
+
+ // When a user joins an illegal channel, O3 joins it and locks it down.
// how long to keep an illegal channel locked down (seconds)?
"purge_lock_delay" "60";
- // channel join flood policer params?
- "join_policer" {
- "size" "20";
- "drain-rate" "1";
- };
- // automatically moderate join flooded channels?
- "join_flood_moderate" "1";
- // Don't moderate and warn channels unless there are more than
- // join_flood_moderate_threshold users in the channel. the
- // value 0 will disable the threshold.
- "join_flood_moderate_threshold" "50";
- // new user flood policer params
- "new_user_policer" {
- "size" "200";
- "drain-rate" "3";
- };
+
+ // ------------------------------------------------------------------
+ // Defcon Settings
+ //
+ // No new channel registrations 1
+ // No New Nick Registrations 2
+ // No Channel Mode changes 4
+ // Force Chan Mode 8
+ // Use Reduced Session Limit 16
+ // KILL any new clients trying to connect 32
+ // Services will ignore everyone but opers 64
+ // Services will silently ignore everyone but opers 128
+ // GLINE all new clients trying to connect 256
+ // No new memos sent to block MemoServ attacks 512
+ // SHUN all new clients trying to connect 1024
+ //
+ // These are the values are added together to determine each defcon setting:
+ "DefCon1" "415";
+ "DefCon2" "159";
+ "DefCon3" "31";
+ "DefCon4" "23";
+
+ // Default defcon level, 5 is running all normally
+ "DefConLevel" "5";
+
+ // If defcon is limiting sessions then how many sessions should O3 allow?
+ "DefConSessionLimit" "2";
+
+ // Length of glines and shuns set on newly connecting clients, if defcon is glining
+ // or shunning newly connecting clients
+ "DefConGlineExpire" "5m";
+
+ // Mode to set on all channels if defcon is forcing channel modes on all channels
+ "DefConChanModes" "+r";
+
+ // If not set to 0, defcon will set back to level 5 after this time
+ "DefConTimeOut" "15m";
+
+ // Set to 1 to send a notice to all users when defcon levels are changed
+ "GlobalOnDefcon" "0";
+
+ // If set to 1 along with the notice that the levels are changing an extra
+ // notice will be sent
+ "GlobalOnDefconMore" "0";
+
+ // GlobalOnDefconMore notice.
+ "DefconMessage" "Put your message to send your users here. Dont forget to uncomment GlobalOnDefconMore";
+
+ // This notice will be used if GlobalOnDefcon and GlobalOnDefconMore are off
+ "DefConOffMessage" "Services are now back to normal, sorry for any inconvenience";
+
+ // Reason placed in defcon Glines and Shuns.
+ "DefConGlineReason" "This network is currently not accepting connections, please try again later";
+
+ // ------------------------------------------------------------------
+
+ // To use geoip support in Opserv WHOIS then you will need to install
+ // the c GeoIP api. Its available on http://www.maxmind.com, also on
+ // apt on debian and ubuntu. The dat files can also be obtained
+ // from the earlier URL. Place them in your X3 dir and away you go.
+ // X3 will need a recompile once you install the c api. If there is a
+ // GeoIP City Data file then the GeoIP data file will be ignored. However
+ // bear in mind that the city data file is a lot larger than the plain
+ // country data file so does take a bit longer to query. If you are
+ // expieriencing ping timeouts you may need to tweak X3's I:line.
+ "geoip_data_file" "./GeoIP.dat";
+ "geoip_city_data_file" "";
+
+ // The join-flood policer code goes off all the time when a server
+ // goes down (and everyone reconnects) so i don't reccomend using it.
+ // Automatically moderate join flooded channels?
+ "join_flood_moderate" "0";
+ // channel join flood policer params?
+ "join_policer" {
+ "size" "20";
+ "drain-rate" "1";
+ };
+ // Don't moderate and warn channels unless there are more than
+ // join_flood_moderate_threshold users in the channel. the
+ // value 0 will disable the threshold.
+ "join_flood_moderate_threshold" "50";
+ // new user flood policer params
+ "new_user_policer" {
+ "size" "200";
+ "drain-rate" "3";
+ };
+ // Min opserv level needed to set 'silent' glines in trace/addalert
+ // (nefarious only)
+ "silent_level" "700";
};
"chanserv" {
- // You may disable a service by removing its "nick" config item.
- // That means: SERVICES WILL ONLY WORK IF YOU DEFINE THEIR NICK.
- "nick" "ChanServ";
- // What user modes do you want this service to have? Please keep in
- // mind which ircd software you are using here, and that all of the
- // services need to be at least +o.
- // "modes" "+iok";
- // Does your ircd have off-channel services support? Does it have
- // a registered channel mode? Does it support services opping themselves?
- // Bahamut has these things; ircu2.10.11 does not.
- // This setting takes three numerical values:
- // 0 = off
- // 1 = use a registered channel mode, have services op themselves
- // 2 = all of the above, and a channel setting to have ChanServ not
- // idle in the channel
- "off_channel" "0";
+ "nick" "X3";
+
+ // The umodes - add +d if you use nefarious 1.0 and you added 'b:lines'
+ // to pass cmdchar through to chanserv anyway.
+ "modes" "+iok";
+
+ // The off_channel setting takes one of three numerical values:
+ // 0 = off
+ // 1 = use a registered channel mode, have services op themselves
+ // 2 = all of the above, and a channel setting to have ChanServ not
+ // idle in the channel
+ // NOTE: +z mode, needed for this to work. X3 contains modifications to
+ // try and prevent desynchs. If you use this mode do not use any other service
+ // that uses this mode.
+ "off_channel" "no";
+
+ // Infolines are sent when channel users join the channel. Users set them with USET INFO in X3.
// how long should a person be unseen before resending infoline?
"info_delay" "120";
+
+ // Greetings can be configured by the channel manager(s) and sent to users who join the channel.
+ // Many people (rightly) find this annoying, so keep them short.
// maximum greeting length
- "max_greetlen" "200";
+ "max_greetlen" "120";
+
// maximum users in a channel userlist
"max_chan_users" "512";
// maximum bans on a channel banlist
"max_chan_bans" "512";
// maximum length of a user's infoline
- "max_userinfo_length" "400";
- // If DynLimit is on and there are N users in the channel, ChanServ will
- // try to keep the limit at N+<adjust_threshold>.
- "adjust_threshold" "15";
+ "max_userinfo_length" "400"; // hard limit for infolines. This is also the default value.
+
+ // If SET DynLimit is on and there are N users in the channel, ChanServ will
+ // try to keep the limit at N+<adjust_threshold>. This makes the channel
+ // somewhat protected from clone attacks.
+ "adjust_threshold" "5";
// .. but ChanServ will only increment or decrement the limit this often.
- "adjust_delay" "30";
+ "adjust_delay" "30"; // (seconds)
+
+ // How often to look for expired bans?
+ "ban_timeout_freq" "2m";
+
// How often to look for channels that have expired?
- "chan_expire_freq" "3d";
+ "chan_expire_freq" "1d";
+
// How long is a channel unvisited (by masters or above) before it can be expired?
"chan_expire_delay" "30d";
+
+ // How often to look for dnrs that have expired?
+ "dnr_expire_freq" "1h";
+
// what !set options should we show when user calls "!set" with no arguments?
- "set_shows" ("DefaultTopic", "TopicMask", "Greeting", "UserGreeting", "Modes", "PubCmd", "InviteMe", "StrictOp", "AutoOp", "EnfModes", "EnfTopic", "TopicSnarf", "UserInfo", "GiveVoice", "GiveOps", "EnfOps", "Setters", "CtcpUser", "CtcpReaction", "Protect", "Toys", "DynLimit", "NoDelete");
-
+ "set_shows" ("DefaultTopic", "TopicMask", "Greeting", "UserGreeting", "Modes", "PubCmd", "InviteMe", "UserInfo", "EnfOps", "EnfModes", "EnfTopic", "TopicSnarf", "Setters", "CtcpReaction", "BanTimeout", "Protect", "Toys", "DynLimit", "NoDelete");
+
// A list of !8ball responses
- "8ball" ("Not a chance.",
- "In your dreams.",
+ "8ball" (
+ "Are you out of your MIND?",
+ "It won't happen, not a chance, definitely no.",
+ "Outlook seems bleak.",
+ "My sources say no.",
+ "You bet!",
+ "It is decidedly so.",
+ "It's hard to be sure.",
+ "Most definitely.",
+ "In your dreams...",
+ "If the prophets wish it...",
+ "Forecast hazy, try again later.",
+ "I don't know!",
"Absolutely!",
- "Could be, could be.");
+ "Never.",
+ "Yes.",
+ "No.",
+ "Maybe.");
+
+ // This is a list of wheel-of-misfortune results. Remove them to disable.
+ // You must make sure your ircd supports, and has enabled, the features needed
+ // for these.
+ "wheel" (
+ "peer",
+ // "partall", // needs svspart
+ "gline",
+ // "shun", // needs shun
+ "nothing",
+ // "randjoin", // needs svsjoin and svspart
+ // "abusewhois", // needs epitaph in /whois support
+ "kickall",
+ // "nickchange", // needs svsnick
+ "kill",
+ "svsignore",
+ "kickbanall" );
+
// channel(s) that support helpers must be in to be helping
// if this is a list, any one by itself will do
- "support_channel" ("#support", "#registration");
- // maximum number of channels owned by one account before FORCE is required
- "max_owned" "5";
- // how long between automatic topic refreshes with TopicRefresh 0
- "refresh_period" "3h";
+ "support_channel" ("#Operations", "#Help");
+
+ // maximum number of channels a user may have. ( FORCE can override )
+ "max_owned" "2";
+
+ // how long between automatic topic and userlist refreshes with TopicRefresh/Resync
+ "refresh_period" "10h";
+
// what should !access say for various staff?
- "irc_operator_epithet" "a megalomaniacal power hungry tyrant";
- "network_helper_epithet" "a wannabe tyrant";
- "support_helper_epithet" "a wannabe tyrant";
+ "irc_operator_epithet" "AfterNET IRC Operator";
+ "network_helper_epithet" "AfterNET Network Helper";
+ "support_helper_epithet" "AfterNET Support Helper";
+
// what should a newly registered channel get as its modes?
"default_modes" "+nt";
- // minimum opserv access to set, clear or override nodelete setting?
+
+ // minimum opserv access to set, clear or override channel nodelete setting?
"nodelete_level" "1";
- // how long before a new channel owner can give ownership away?
- "giveownership_timeout" "1w";
+
+ // when does god mode time out?
+ "god_timeout" "30m";
+
+ // What should valid registered channels look like?
+ // Be very carefull changing these. This default is
+ // basically limited to letters, numbers, dash and underscore.
+ "valid_channel_regex" "^#[-_a-z][-_a-z0-9]*$";
};
+ /* Global is a service bot that can send out network-wide messages for you. I
+ * like to set ours' nick to 'AfterNET', but some people use 'Global'
+ */
"global" {
"nick" "Global";
- // What user modes do you want this service to have? Please keep in
- // mind which ircd software you are using here, and that all of the
- // services need to be at least +o.
- // "modes" "+iok";
// should users get community announcements by default or not?
+ // community announcements are a type of global that users may
+ // opt into (or out of, depending on this setting)
"announcements_default" "on";
};
+
+
+ "spamserv" {
+ // You may enable this service by removing the double slashes from the config
+ // item. To disable it again add the double slashes back.
+ // "nick" "SpamServ";
+
+ // debug channel
+ "debug_channel" "#operserv";
+
+ // url of the network rules. if you don't have network rules, remove this key.
+ "network_rules" "http://www.afternet.org/aup";
+
+ // trigger for spamserv; remove this key to disable the trigger
+ "trigger" "%";
+
+ // ban duration of a short timedban.
+ "short_ban_duration" "15m";
+
+ // ban duration of a long timedban.
+ "long_ban_duration" "1h";
+
+ // duration of a gline. SpamServ will issue it after several violations and a kill.
+ "gline_duration" "1h";
+
+ // users may add "exception_max" exceptions to the list. IRCOps can override "exception_max".
+ "exception_max" "10";
+
+ // minimum & maximum length of an exception.
+ "exception_min_len" "4";
+ "exception_max_len" "12";
+
+ // users may add "badword_max" badwords to the list. IRCOps can override badword_max".
+ "badword_max" "10";
+
+ // minimum & maximum length of an badword.
+ "badword_min_len" "4";
+ "badword_max_len" "12";
+
+ // if someone advertises a channel, which doesn't exist (channel is empty, no users),
+ // SpamServ doesn't punish the user.
+ // enable this setting, if SpamServ has to ignore advertisements of channels, which do not exist.
+ // disable this setting, if SpamServ has to punish the users whenever they advertise.
+ "adv_chan_must_exist" "1";
+
+ // remove all mirc codes from messages before checking for advertisements.
+ // if this setting is disabled and someone spams a url which
+ // contains a bold char, SpamServ doesn't punish him.
+ "strip_mirc_codes" "1";
+
+ // enable this, if SpamServ has to "follow" ChanServ, when a channel moves or merges.
+ // disable it, if it shouldn't be possible to move or merge SpamServ with /msg chanserv move|merge.
+ "allow_move_merge" "1";
+ };
};
-// The modules section gives configuration information to optional modules.
+/* MODULES (optional components) *************************************************
+ * These must be explicitly compiled in (see ./configure --help)
+ * When enabled, they are configured here..
+ */
"modules" {
+ /* Helpserv is a help-queue tracker module for your #support channels, if
+ * they are busy. It issues users tickets, and tracks the next available helper.
+ */
"helpserv" {
// The description/fullname field
- "description" "Help Queue Manager";
+ "description" "Help Queue Manager"; // (for whois)
+
// HelpServ bots log all of their requests to this file, with
// details on when they were opened, closed, their contents,
// helper, etc. The file is written in saxdb format for easy
// parsing by external programs. Please note that you cannot
- // use ?set to change this value while X3 is running.
+ // use ?set to change this value while x3 is running.
"reqlogfile" "helpservreq.log";
+
// How long should a helpserv be inactive (no requests assigned)
// before it can be unregistered by the expire command?
"expiration" "60d";
+
+ // If a user prefix's this before their helpserv commands then instead
+ // of a request being opened, they will be able to use helpserv commands.
+ "user_escape" "@";
};
+ /* SockCheck reads sockcheck.conf and can do configurable scans
+ * to probe for open relays in an attempt to stop drones from using
+ * the network. DO NOT enable this unless you have permission from
+ * your ISP.. the probes will show up as attacks on everyones firewalls
+ * and you will get a lot of complaints.
+ */
"sockcheck" {
- "max_sockets" "64"; // allow 64 concurrent clients to be checked
+ // disabling this hopefully
+ "max_sockets" "0"; // 64 is a good # of concurrent clients to be checked
"max_read" "1024"; // don't read more than 1024 bytes from any client
- "gline_duration" "1h"; // issue G-lines lasting one hour
+ "gline_duration" "1d"; // issue G-lines lasting one hour
"max_cache_age" "60"; // only cache results for 60 seconds
- // "address" "192.168.0.10"; // do proxy tests from this address
+ "bind_address" "192.168.0.10"; // do proxy tests from this address
};
+ /* Snoop sends connect, quit, join, and part messages for every user
+ * on the network, and helps in finding drones. Put it somewhere secure
+ * so your users privacy is honored.
+ */
"snoop" {
// Where to send snoop messages?
- "channel" "#wherever";
- // Which bot? If this is not set to your bots nick, X3 will Segfault...
- "bot" "OpServ";
+ "channel" "#MrSnoopy";
+ // Which bot?
+ "bot" "O3";
// Show new users and joins from net joins? (off by default)
"show_bursts" "0";
};
+ /* Track works just like Snoop except it only sends events for users
+ * who have been specified
+ * DANGER: track is currently very broken, and will crash x3 and possibly corrupt your db file.
+ * Unless your a developer, dont even compile it in!
+ */
+ "track" {
+ // What to track by default?
+ "snomask" "nick,join,part,kick,new,del,auth,chanmode,umode";
+ // Where to send snoop messages?
+ "channel" "#MrPeanuts";
+ // Which bot?
+ "bot" "O3";
+ // Show new users and joins from net joins? (off by default)
+ "show_bursts" "0";
+ };
+ /* Memoserv lets users send messages to other users accounts.
+ */
"memoserv" {
- "bot" "NickServ";
+ "bot" "MemoServ";
+ "modes" "+k";
"message_expiry" "30d"; // age when messages are deleted; set
// to 0 to disable message expiration
+ "limit" "30"; // Max amount of messages a person can get.
+ };
+ "qserver" {
+ "bind_address" "127.0.0.1";
+ "port" "7702";
+ "password" "hello";
+ };
+ "blacklist" {
+ // File containing blacklisted client addresses.
+ // "file" "blacklist.txt";
+ // Each line in the file should start with an IP or hostname.
+ // If there is whitespace and a message after that, the
+ // message will override this one:
+ "file_reason" "client is blacklisted";
+ // How long should a blacklist G-line last?
+ "gline_duration" "1h";
+ // If you want to use DNS blacklists, add them here:
+ "dnsbl" {
+ // This DNSBL zone does not exist - you'll have to pick your own.
+ "dnsbl.example.org" {
+ "description" "Example DNSBL entry";
+ "reason" "busted by a dns blacklist";
+ "duration" "1h";
+ // You can stick the client's IP in the G-line message.
+ "reason_2" "Example DNSBL reported %ip%'s address as 127.0.0.2";
+ // .. or the contents of a DNS TXT.
+ "reason_3" "%txt%";
+ };
+ };
+ };
+ "sar" {
+ // You generally will not want to override these defaults.
+ // "resolv_conf" "/etc/resolv.conf";
+ // "services" "/etc/services";
+ // "bind_address" "0.0.0.0";
+ // "bind_port" "0";
+ // The defaults for these are derived from the system config files (above).
+ // "domain" "example.org";
+ // "timeout" "3"; // base timeout for a DNS reply
+ // "retries" "3"; // number of times to retry on different servers or longer timeouts
+ // "ndots" "1"; // number of dots needed in a hostname to bypass search path
+ // "edns0" "0"; // if set, enable EDNS0 extended message sizes
+ // "search" ("example.org", "example.net");
+ // "nameservers" ("127.0.0.1");
+ };
+ /* WebTV allows webtv clients to use common IRC commands.
+ */
+ "webtv" {
+ "bot" "IRC";
+ "modes" "+k";
+
+ // Should clients need to be marked to use this service?
+ "required_mark" "1";
+ // which marks are valid webtv marks?
+ "valid_marks" ("webtv", "msntv", "msntv2");
};
};
"vmem" "100M";
};
-"server" {
- "hostname" "localhost.domain";
- "description" "Network Services";
- "network" "GenericNET";
- "hidden_host" "users.Generic.NET"; // set this if you enabled ircd/Undernet's +x mode
- /* hidden_host should match the F:HIDDEN_HOST: line in your ircu's ircd.conf;
- * X3 does not set the host suffix for users, but must know it when making
- * things like bans, where it should not show the user's real hostname. */
- "numeric" "10"; // hint: If you get collisions on link, CHANGE THIS.
- "max_users" "256"; // You can save a little memory by setting this to a lower value.
- "force_n2k" "1"; // Use extended (5-digit) numnick for self, even if 3 are possible.
- "ping_freq" "60";
- "ping_timeout" "90";
- "max_cycles" "30"; // max uplink cycles before giving up
- // Admin information is traditionally: location, location, email
- "admin" ("IRC Network", "Gotham City, GO", "Mr Commissioner <james.gordon@police.gov>");
- /* the following two settings are for ircu's HEAD_IN_SAND features, and are equivelent to
- * the F: lines in ircu's ircd.conf. both can be disabled by commenting them out. */
- "his_servername" "*.Generic.NET"; // hidden server name, shown in remote /whois requests
- "his_servercomment" "The Generic, Boring IRC Network";
-};
-
-// controlling how services (mostly NickServ) send mail
+/* MAIL (if and how X3 sends mail ) *********************************
+ * Mainly Authserv/Nickserv send mail, See the Nickserv
+ * section for additional mail settings also.
+ */
"mail" {
- // These options are the defaults.
- "enable" "0";
+ "enable" "1";
"mailer" "/usr/sbin/sendmail";
- "from_address" "admin@poorly.configured.server";
- // These are not :>
- "extra_headers" ("X-Ereet-Services: X3 r reet");
- "body_prefix_first" ("Welcome to our network. This prefix is used whenever X3 thinks this may be the first time we send email to your address.");
- "body_prefix" ("This goes before the mail text.", "Each string here is treated as a separate \"paragraph\" for line wrapping.");
- "body_suffix_first" ("We care a lot about spam. If you did not request this email, bitch and moan loudly at our opers, and tell our ISP to gank our connection.");
- "body_suffix" ("PLEASE DO NOT BE ALARMED. CALMLY BOARD THE AIRCRAFT, STRAP YOUR ARMS ACROSS YOUR BODY, AND JUMP THE HELL OUT OF THE PLANE.", "Yaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaatta!");
+ // OR Afternet uses a custom script to keep the services IP hidden:
+ // "mailer" "/home/x3user/x3/sendmail.sh";
+ "from_address" "supportrobot@afternet.org";
+ "extra_headers" ("AfterNET-Services: x3");
+ "body_prefix_first" ("Welcome to AfterNET, looks like this is your first email from us.");
+ "body_prefix" ("AfterNET Support - User and Channel registration system");
+ "body_suffix_first" ("", "AfterNET IRC Network", "http://www.afternet.org");
+ "body_suffix" ("", "AfterNET IRC Network", "http://www.afternet.org", "support@afternet.org","irc://irc.afternet.org/afternet");
+ // If you are using the smtp mail back-end, you may need to set these:
+ "smtp_server" "localhost";
+ "smtp_service" "smtp";
+ // "smtp_myname" "localhost.domain";
};
-// If you leave this section out, each database will be in its own file,
-// and they will be written out every half hour.
+/* DBS (Databases) *************************************************
+ * let you configure what databases go in what files.
+ *
+ * This default sets up everything in one big x3.db file.
+ *
+ * If you leave this section out, each database will be in its own file,
+ * and they will be written out every half hour.
+ */
"dbs" {
// This just illustrates how you can jam every database into one huge ("mondo") file.
"ChanServ" { "mondo_section" "ChanServ"; };
"gline" { "mondo_section" "gline"; };
+ "shun" { "mondo_section" "shun"; };
"Global" { "mondo_section" "Global"; };
"HelpServ" { "mondo_section" "HelpServ"; };
"modcmd" { "mondo_section" "modcmd"; };
"NickServ" { "mondo_section" "NickServ"; };
"OpServ" { "mondo_section" "OpServ"; };
"sendmail" { "mondo_section" "sendmail"; };
+ "SpamServ" { "mondo_section" "SpamServ"; };
// These are the options if you want a database to be in its own file.
"mondo" {
};
};
-// If you leave this section out, each service (technically, each log
-// facility) will be in its own file, just like before.
+/* LOGS (If and how X3 logs data ) ***********************************
+ * LOGS sets up where X3 logs various kinds of info to.
+ */
"logs" {
// Two kinds of items exist in this section.
// catch-all/fall-back facility.
"x3" {
// The "max_age" option says how long to keep log audit entries.
- "max_age" "10m";
+ "max_age" "10h";
// The "max_count" option says how many log audit entries to keep.
"max_count" "1024";
// Audit (command tracking) entries are discarded if they exceed
// list a target to log it -- this is because it is very rarely
// useful.
"*.*" ("std:out", "file:everything.log"); // does NOT suppress any defaults
- "*.override,staff" "irc:#big-brother"; // report all uses of staff commands
+ "*.override,error,fatal" "irc:#TheOps"; // report all uses of staff commands
+ "*.staff" "irc:#MrSnoopy"; // report all uses of staff commands
"ChanServ.*" "file:chanserv.log"; // duplicates the default behavior
"ProxyCheck.*" (); // stop it from logging anything
};
projects / irc / evilnet / x3.git / blobdiff