]> jfr.im git - irc/rqf/shadowircd.git/blame - doc/sgml/oper-guide/config.sgml
projects / irc / rqf / shadowircd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Automated sync with ssh://hg.atheme.org//hg/charybdis
[irc/rqf/shadowircd.git] / doc / sgml / oper-guide / config.sgml
CommitLineData
212380e3 1 <chapter id="config">
2 <title>Server config file format</title>
3 <sect1>
4 <title>General format</title>
5 <para>
6 The config file consists of a series of BIND-style blocks. Each block consists of a series
7 of values inside it which pertain to configuration settings that apply to the given block.
8 </para>
9 <para>
10 Several values take lists of values and have defaults preset inside
11 them. Prefix a keyword with a tilde (~) to override the default and
12 disable it.
13 </para>
14 <para>
15 A line may also be a .include directive, which is of the form <synopsis>.include "<replaceable>file</replaceable>"</synopsis>
16 and causes <replaceable>file</replaceable> to be read in at that point, before the rest of the current file is
17 processed.
18 Relative paths are first tried relative to PREFIX and then relative
19 to ETCPATH (normally PREFIX/etc).
20 </para>
21 <para>
22 Anything from a # to the end of a line is a comment. Blank lines are ignored. C-style comments are also supported.
23 </para>
24 </sect1>
212380e3 25 <sect2>
26 <title>loadmodule directive</title>
27 <synopsis>
28loadmodule "<replaceable>text</replaceable>";</synopsis>
29 <para>
30 Loads a module into the IRCd. In charybdis 1.1, most modules are automatically loaded in. In future versions, it is
31 intended to remove this behaviour as to allow for easy customization of the IRCd's featureset.
32 </para>
33 </sect2>
34 <sect2>
35 <title>serverinfo {} block</title>
36 <synopsis>
37serverinfo {
38 name = "<replaceable>text</replaceable>";
212380e3 39 sid = "<replaceable>text</replaceable>";
40 description = "<replaceable>text</replaceable>";
41 network_name = "<replaceable>text</replaceable>";
42 network_desc = "<replaceable>text</replaceable>";
43 hub = <replaceable>boolean</replaceable>;
44 vhost = "<replaceable>text</replaceable>";
45 vhost6 = "<replaceable>text</replaceable>";
46};</synopsis>
47 <para>
48 The serverinfo {} block defines the core operational parameters of the IRC server.
49 </para>
50 <variablelist>
51 <title>serverinfo {} variables</title>
52 <varlistentry>
53 <term>name</term>
54 <listitem>
55 <para>
56 The name of the IRC server that you are configuring. This
57 must contain at least one dot. It is not necessarily equal
58 to any DNS name. This must be unique on the IRC network.
59 </para>
60 </listitem>
61 </varlistentry>
212380e3 62 <varlistentry>
63 <term>sid</term>
64 <listitem>
65 <para>
d64fec57 66 A unique ID which describes the server.
212380e3 67 This consists of one digit and two characters which can be
68 digits or letters.
69 </para>
70 </listitem>
71 </varlistentry>
72 <varlistentry>
73 <term>description</term>
74 <listitem>
75 <para>
76 A user-defined field of text which describes the IRC server. This information is used in
77 /links and /whois requests. Geographical location information could be a useful use of
78 this field, but most administrators put a witty saying inside it instead.
79 </para>
80 </listitem>
81 </varlistentry>
82 <varlistentry>
83 <term>network_name</term>
84 <listitem>
85 <para>
86 The name of the IRC network that this server will be a member of.
87 This is used in the welcome message and NETWORK= in 005.
88 </para>
89 </listitem>
90 </varlistentry>
91 <varlistentry>
92 <term>network_desc</term>
93 <listitem>
94 <para>
95 A description of the IRC network that this server will be a member of.
96 This is currently unused.
97 </para>
98 </listitem>
99 </varlistentry>
100 <varlistentry>
101 <term>hub</term>
102 <listitem>
103 <para>
104 A boolean which defines whether or not this IRC server will be serving as a hub, i.e. have multiple servers connected to it.
105 </para>
106 </listitem>
107 </varlistentry>
108 <varlistentry>
109 <term>vhost</term>
110 <listitem>
111 <para>
112 An optional text field which defines an IP from which to connect outward to other IRC servers.
113 </para>
114 </listitem>
115 </varlistentry>
116 <varlistentry>
117 <term>vhost6</term>
118 <listitem>
119 <para>
120 An optional text field which defines an IPv6 IP from which to connect outward to other IRC servers.
121 </para>
122 </listitem>
123 </varlistentry>
124 </variablelist>
125 </sect2>
126 <sect2>
127 <title>admin {} block</title>
128 <synopsis>
129admin {
130 name = "<replaceable>text</replaceable>";
131 description = "<replaceable>text</replaceable>";
132 email = "<replaceable>text</replaceable>";
133};</synopsis>
134 <para>
135 This block provides the information which is returned by the ADMIN command.
136 </para>
137 <variablelist>
138 <title>admin {} variables</title>
139 <varlistentry>
140 <term>name</term>
141 <listitem>
142 <para>The name of the administrator running this service.</para>
143 </listitem>
144 </varlistentry>
145 <varlistentry>
146 <term>description</term>
147 <listitem>
148 <para>The description of the administrator's position in the network.</para>
149 </listitem>
150 </varlistentry>
151 <varlistentry>
152 <term>email</term>
153 <listitem>
154 <para>A point of contact for the administrator, usually an e-mail address.</para>
155 </listitem>
156 </varlistentry>
157 </variablelist>
158 </sect2>
159 <sect2>
160 <title>class {} block</title>
161 <synopsis>
162class "<replaceable>name</replaceable>" {
163 ping_time = <replaceable>duration</replaceable>;
164 number_per_ident = <replaceable>number</replaceable>;
165 number_per_ip = <replaceable>number</replaceable>;
166 number_per_ip_global = <replaceable>number</replaceable>;
167 cidr_bitlen = <replaceable>number</replaceable>;
168 number_per_cidr = <replaceable>number</replaceable>;
169 max_number = <replaceable>number</replaceable>;
170 sendq = <replaceable>size</replaceable>;
171};</synopsis>
172 <synopsis>
173class "<replaceable>name</replaceable>" {
174 ping_time = <replaceable>duration</replaceable>;
175 connectfreq = <replaceable>duration</replaceable>;
176 max_number = <replaceable>number</replaceable>;
177 sendq = <replaceable>size</replaceable>;
178};</synopsis>
179 <para>
180 Class blocks define classes of connections for later use.
181 The class name is used to connect them to
182 other blocks in the config file (auth{} and connect{}).
183 They must be defined before they are used.
184 </para>
185 <para>
186 Classes are used both for client and server connections,
187 but most variables are different.
188 </para>
189 <variablelist>
190 <title>class {} variables: client classes</title>
191 <varlistentry>
192 <term>ping_time</term>
193 <listitem>
194 <para>The amount of time between checking pings for clients, e.g.: 2 minutes</para>
195 </listitem>
196 </varlistentry>
197 <varlistentry>
198 <term>number_per_ident</term>
199 <listitem>
200 <para>The amount of clients which may be connected from a single identd username on a per-IP basis, globally. Unidented clients all count as the same username.</para>
201 </listitem>
202 </varlistentry>
203 <varlistentry>
204 <term>number_per_ip</term>
205 <listitem>
206 <para>The amount of clients which may be connected from a single IP address.</para>
207 </listitem>
208 </varlistentry>
209 <varlistentry>
210 <term>number_per_ip_global</term>
211 <listitem>
212 <para>The amount of clients which may be connected globally from a single IP address.</para>
213 </listitem>
214 </varlistentry>
215 <varlistentry>
216 <term>cidr_bitlen</term>
217 <listitem>
218 <para>The netblock length to use with CIDR-based client limiting for this class.</para>
219 </listitem>
220 </varlistentry>
221 <varlistentry>
222 <term>number_per_cidr</term>
223 <listitem>
224 <para>The amount of clients which may be connected from a single netblock.</para>
225 </listitem>
226 </varlistentry>
227 <varlistentry>
228 <term>max_number</term>
229 <listitem>
230 <para>The maximum amount of clients which may use this class at any given time.</para>
231 </listitem>
232 </varlistentry>
233 <varlistentry>
234 <term>sendq</term>
235 <listitem>
236 <para>The maximum size of the queue of data to be sent to a client before it is dropped.</para>
237 </listitem>
238 </varlistentry>
239 </variablelist>
240 <variablelist>
241 <title>class {} variables: server classes</title>
242 <varlistentry>
243 <term>ping_time</term>
244 <listitem>
245 <para>The amount of time between checking pings for servers, e.g.: 2 minutes</para>
246 </listitem>
247 </varlistentry>
248 <varlistentry>
249 <term>connectfreq</term>
250 <listitem>
251 <para>The amount of time between autoconnects. This must at least be one minute, as autoconnects are evaluated with that granularity.</para>
252 </listitem>
253 </varlistentry>
254 <varlistentry>
255 <term>max_number</term>
256 <listitem>
257 <para>The amount of servers to autoconnect to in this class. More precisely, no autoconnects are done if the number of servers in this class is greater than or equal max_number</para>
258 </listitem>
259 </varlistentry>
260 <varlistentry>
261 <term>sendq</term>
262 <listitem>
263 <para>The maximum size of the queue of data to be sent to a server before it is dropped.</para>
264 </listitem>
265 </varlistentry>
266 </variablelist>
267 </sect2>
268 <sect2>
269 <title>auth {} block</title>
270 <synopsis>
271auth {
272 user = "<replaceable>hostmask</replaceable>";
273 password = "<replaceable>text</replaceable>";
274 spoof = "<replaceable>text</replaceable>";
275 flags = <replaceable>list</replaceable>;
276 class = "<replaceable>text</replaceable>";
277};</synopsis>
278 <para>
279 auth {} blocks allow client connections to the server, and set various properties concerning those connections.
280 </para>
281 <para>
282 Auth blocks are evaluated from top to bottom in priority, so put special blocks first.
283 </para>
284 <variablelist>
285 <title>auth {} variables</title>
286 <varlistentry>
287 <term>user</term>
288 <listitem>
0c304043 289 <para>
290 A hostmask (user@host) that the auth {} block applies to.
291 It is matched against the hostname and IP address (using ::
292 shortening for IPv6 and prepending a 0 if it starts with
293 a colon) and can also use CIDR masks.
294 You can have multiple user entries.
295 </para>
212380e3 296 </listitem>
297 </varlistentry>
298 <varlistentry>
299 <term>password</term>
300 <listitem>
301 <para>
302 An optional password to use for authenticating into this auth{}
303 block. If the password is wrong the user will not be able to
304 connect (will not fall back on another auth{} block).
305 </para>
306 </listitem>
307 </varlistentry>
308 <varlistentry>
309 <term>spoof</term>
310 <listitem>
7c3a2f70 311 <para>An optional fake hostname (or user@host) to apply to users authenticated to this auth{} block. In STATS i and TESTLINE, an equals sign (=) appears before the user@host and the spoof is shown.</para>
212380e3 312 </listitem>
313 </varlistentry>
314 <varlistentry>
315 <term>flags</term>
316 <listitem>
7c3a2f70 317 <para>A list of flags to apply to this auth{} block. They are listed below. Some of the flags appear as a special character, parenthesized in the list, before the user@host in STATS i and TESTLINE.</para>
212380e3 318 </listitem>
319 </varlistentry>
320 <varlistentry>
321 <term>class</term>
322 <listitem>
323 <para>A name of a class to put users matching this auth{} block into.</para>
324 </listitem>
325 </varlistentry>
326 </variablelist>
327 <variablelist>
328 <title>auth {} flags</title>
329 <varlistentry>
330 <term>encrypted</term>
331 <listitem>
332 <para>The password used has been encrypted.</para>
333 </listitem>
334 </varlistentry>
335 <varlistentry>
336 <term>spoof_notice</term>
337 <listitem>
338 <para>Causes the IRCd to send out a server notice when activating a spoof provided by this auth{} block.</para>
339 </listitem>
340 </varlistentry>
341 <varlistentry>
7c3a2f70 342 <term>exceed_limit (&gt;)</term>
212380e3 343 <listitem>
344 <para>Users in this auth{} block can exceed class-wide limitations.</para>
345 </listitem>
346 </varlistentry>
347 <varlistentry>
7c3a2f70 348 <term>dnsbl_exempt ($)</term>
212380e3 349 <listitem>
350 <para>Users in this auth{} block are exempted from DNS blacklist checks. However, they will still be warned if they are listed.</para>
351 </listitem>
352 </varlistentry>
353 <varlistentry>
7c3a2f70 354 <term>kline_exempt (^)</term>
212380e3 355 <listitem>
f3d2fceb 356 <para>Users in this auth{} block are exempted from DNS blacklists, k:lines, g:lines and x:lines.</para>
212380e3 357 </listitem>
358 </varlistentry>
212380e3 359 <varlistentry>
360 <term>spambot_exempt</term>
361 <listitem>
362 <para>Users in this auth{} block are exempted from spambot checks.</para>
363 </listitem>
364 </varlistentry>
365 <varlistentry>
366 <term>shide_exempt</term>
367 <listitem>
368 <para>Users in this auth{} block are exempted from some serverhiding effects.</para>
369 </listitem>
370 </varlistentry>
371 <varlistentry>
372 <term>jupe_exempt</term>
373 <listitem>
374 <para>Users in this auth{} block do not trigger an alarm when joining juped channels.</para>
375 </listitem>
376 </varlistentry>
377 <varlistentry>
378 <term>resv_exempt</term>
379 <listitem>
380 <para>Users in this auth{} block may use reserved nicknames and channels.</para>
381 <note><para>The initial nickname may still not be reserved.</para></note>
382 </listitem>
383 </varlistentry>
384 <varlistentry>
7c3a2f70 385 <term>flood_exempt (|)</term>
212380e3 386 <listitem>
387 <para>
388 Users in this auth{} block may send arbitrary amounts of
389 commands per time unit to the server. This does not exempt
390 them from any other flood limits.
391 You should use this setting with caution.
392 </para>
393 </listitem>
394 </varlistentry>
395 <varlistentry>
7c3a2f70 396 <term>no_tilde (-)</term>
212380e3 397 <listitem>
398 <para>Users in this auth{} block will not have a tilde added to their username if they do not run identd.</para>
399 </listitem>
400 </varlistentry>
401 <varlistentry>
7c3a2f70 402 <term>need_ident (+)</term>
212380e3 403 <listitem>
404 <para>Users in this auth{} block must have identd, otherwise they will be rejected.</para>
405 </listitem>
406 </varlistentry>
407 <varlistentry>
408 <term>need_sasl</term>
409 <listitem>
410 <para>Users in this auth{} block must identify via SASL, otherwise they will be rejected.</para>
411 </listitem>
412 </varlistentry>
413 </variablelist>
414 </sect2>
415 <sect2>
416 <title>exempt {} block</title>
417 <synopsis>
418exempt {
419 ip = "<replaceable>ip</replaceable>";
420};</synopsis>
421 <para>
b808adf9 422 An exempt block specifies IP addresses which are exempt from D:lines
423 and throttling.
212380e3 424 Multiple addresses can be specified in one block.
425 Clients coming from these addresses can still be K/G/X:lined or
426 banned by a DNS blacklist unless
427 they also have appropriate flags in their auth{} block.
428 </para>
429 <variablelist>
430 <title>exempt {} variables</title>
431 <varlistentry>
432 <term>ip</term>
433 <listitem>
434 <para>The IP address or CIDR range to exempt.</para>
435 </listitem>
436 </varlistentry>
437 </variablelist>
438 </sect2>
439 <sect2>
440 <title>operator {} block</title>
441 <synopsis>
442operator "<replaceable>name</replaceable>" {
443 user = "<replaceable>hostmask</replaceable>";
444 password = "<replaceable>text</replaceable>";
445 rsa_public_key_file = "<replaceable>text</replaceable>";
446 umodes = <replaceable>list</replaceable>;
447 snomask = "<replaceable>text</replaceable>";
448 flags = <replaceable>list</replaceable>;
449};</synopsis>
450 <para>
451 Operator blocks define who may use the OPER command to gain extended privileges.
452 </para>
453 <variablelist>
454 <title>operator {} variables</title>
455 <varlistentry>
456 <term>user</term>
457 <listitem>
458 <para>
459 A hostmask that users trying to use this operator {} block
460 must match. This is checked against the original host and IP
461 address; CIDR is also supported. So auth {} spoofs work in
462 operator {} blocks; the real host behind them is not checked.
463 Other kind of spoofs do not work in operator {} blocks; the
464 real host behind them is checked.
465 </para>
466 <para>
467 Note that this is different from charybdis 1.x where all
468 kinds of spoofs worked in operator {} blocks.
469 </para>
470 </listitem>
471 </varlistentry>
472 <varlistentry>
473 <term>password</term>
474 <listitem>
475 <para>
476 A password used with the OPER command to use this operator {} block.
477 Passwords are encrypted by default, but may be unencrypted if ~encrypted is present
478 in the flags list.
479 </para>
480 </listitem>
481 </varlistentry>
482 <varlistentry>
483 <term>rsa_public_key_file</term>
484 <listitem>
485 <para>
486 An optional path to a RSA public key file associated with the operator {} block.
487 This information is used by the CHALLENGE command, which is an alternative authentication
488 scheme to the traditional OPER command.
489 </para>
490 </listitem>
491 </varlistentry>
492 <varlistentry>
493 <term>umodes</term>
494 <listitem>
495 <para>A list of usermodes to apply to successfully opered clients.</para>
496 </listitem>
497 </varlistentry>
498 <varlistentry>
499 <term>snomask</term>
500 <listitem>
501 <para>
502 An snomask to apply to successfully opered clients.
503 </para>
504 </listitem>
505 </varlistentry>
506 <varlistentry>
507 <term>flags</term>
508 <listitem>
509 <para>
510 A listing of privileges granted to operators using this block.
625b1e58
JT		 511 By default, the mass_notice, operwall, remoteban and resv privileges are granted;
512 use ~mass_notice, ~operwall, ~remoteban and ~resv to disable them if necessary.
212380e3 513 </para>
514 <para>
515 In addition, a flag designating if the password is encrypted is here.
516 Privileges are documented elsewhere in this guide.
517 </para>
518 </listitem>
519 </varlistentry>
520 </variablelist>
521 </sect2>
522 <sect2>
523 <title>connect {} block</title>
524 <synopsis>
525connect "<replaceable>name</replaceable>" {
526 host = "<replaceable>text</replaceable>";
527 send_password = "<replaceable>text</replaceable>";
528 accept_password = "<replaceable>text</replaceable>";
529 port = <replaceable>number</replaceable>;
530 hub_mask = "<replaceable>mask</replaceable>";
531 leaf_mask = "<replaceable>mask</replaceable>";
532 class = "<replaceable>text</replaceable>";
533 flags = <replaceable>list</replaceable>;
534 aftype = <replaceable>protocol</replaceable>;
535};</synopsis>
536 <para>
537 Connect blocks define what servers may connect or be connected to.
538 </para>
539 <variablelist>
540 <title>connect {} variables</title>
541 <varlistentry>
542 <term>host</term>
543 <listitem>
544 <para>The hostname or IP to connect to.</para>
545 <note><para>
546 Charybdis uses solely DNS for all hostname/address lookups
547 (no <filename>/etc/hosts</filename> or anything else).
548 Furthermore, if a hostname is used, it must have an A or AAAA
549 record (no CNAME) and it must be the primary
550 hostname for inbound connections to work.
0c304043 551 </para><para>
552 IPv6 addresses must be in :: shortened form; addresses which
553 then start with a colon must be prepended with a zero,
554 for example 0::1.
212380e3 555 </para></note>
556 </listitem>
557 </varlistentry>
558 <varlistentry>
559 <term>send_password</term>
560 <listitem>
561 <para>The password to send to the other server.</para>
562 </listitem>
563 </varlistentry>
564 <varlistentry>
565 <term>accept_password</term>
566 <listitem>
567 <para>The password that should be accepted from the other server.</para>
568 </listitem>
569 </varlistentry>
570 <varlistentry>
571 <term>port</term>
572 <listitem>
573 <para>The port on the other server to connect to.</para>
574 </listitem>
575 </varlistentry>
576 <varlistentry>
577 <term>hub_mask</term>
578 <listitem>
579 <para>
580 An optional domain mask of servers allowed to be introduced
581 by this link. Usually, "*" is fine. Multiple hub_masks may be
582 specified, and any of them may be introduced.
583 Violation of hub_mask and leaf_mask restrictions will
584 cause the local link to be closed.
585 </para>
586 </listitem>
587 </varlistentry>
588 <varlistentry>
589 <term>leaf_mask</term>
590 <listitem>
591 <para>
592 An optional domain mask of servers not allowed to be
593 introduced by this link. Multiple leaf_masks may be specified,
594 and none of them may be introduced. leaf_mask has priority
595 over hub_mask.
596 </para>
597 </listitem>
598 </varlistentry>
599 <varlistentry>
600 <term>class</term>
601 <listitem>
602 <para>The name of the class this server should be placed into.</para>
603 </listitem>
604 </varlistentry>
605 <varlistentry>
606 <term>flags</term>
607 <listitem>
608 <para>A list of flags concerning the connect block. They are listed below.</para>
609 </listitem>
610 </varlistentry>
611 <varlistentry>
612 <term>aftype</term>
613 <listitem>
614 <para>The protocol that should be used to connect with, either ipv4 or ipv6. This defaults to ipv4 unless host is a numeric IPv6 address.</para>
615 </listitem>
616 </varlistentry>
617 </variablelist>
618 <variablelist>
619 <title>connect {} flags</title>
620 <varlistentry>
621 <term>encrypted</term>
622 <listitem>
623 <para>The value for accept_password has been encrypted.</para>
624 </listitem>
625 </varlistentry>
626 <varlistentry>
627 <term>autoconn</term>
628 <listitem>
629 <para>
630 The server should automatically try to connect to the server defined in this
631 connect {} block if it's not connected already and max_number
632 in the class is not reached yet.
633 </para>
634 </listitem>
635 </varlistentry>
636 <varlistentry>
637 <term>compressed</term>
638 <listitem>
639 <para>Ziplinks should be used with this server connection.
640 This compresses traffic using zlib, saving some bandwidth
641 and speeding up netbursts.</para>
642 <para>If you have trouble setting up a link, you should
643 turn this off as it often hides error messages.</para>
644 </listitem>
645 </varlistentry>
646 <varlistentry>
647 <term>topicburst</term>
648 <listitem>
649 <para>Topics should be bursted to this server.</para>
c4b513f3 650 <para>This is enabled by default.</para>
212380e3 651 </listitem>
652 </varlistentry>
653 </variablelist>
654 </sect2>
655 <sect2>
656 <title>listen {} block</title>
657 <synopsis>
658listen {
659 host = "<replaceable>text</replaceable>";
660 port = <replaceable>number</replaceable>;
661};</synopsis>
662 <para>
663 A listen block specifies what ports a server should listen on.
664 </para>
665 <variablelist>
666 <title>listen {} variables</title>
667 <varlistentry>
668 <term>host</term>
669 <listitem>
670 <para>An optional host to bind to. Otherwise, the ircd will listen on all available hosts.</para>
671 </listitem>
672 </varlistentry>
673 <varlistentry>
674 <term>port</term>
675 <listitem>
676 <para>
677 A port to listen on. You can specify multiple ports via commas, and define a range by seperating
678 the start and end ports with two dots (..).
679 </para>
680 </listitem>
681 </varlistentry>
682 </variablelist>
683 </sect2>
684 <sect2>
685 <title>modules {} block</title>
686 <synopsis>
687modules {
688 path = "<replaceable>text</replaceable>";
689 module = <replaceable>text</replaceable>;
690};</synopsis>
691 <para>
692 The modules block specifies information for loadable modules.
693 </para>
694 <variablelist>
695 <title>modules {} variables</title>
696 <varlistentry>
697 <term>path</term>
698 <listitem>
699 <para>Specifies a path to search for loadable modules.</para>
700 </listitem>
701 </varlistentry>
702 <varlistentry>
703 <term>module</term>
704 <listitem>
705 <para>
706 Specifies a module to load, similar to loadmodule.
707 </para>
708 </listitem>
709 </varlistentry>
710 </variablelist>
711 </sect2>
712 <sect2>
713 <title>general {} block</title>
714 <synopsis>
715modules {
716 <replaceable>values</replaceable>
717};</synopsis>
718 <para>
719 The general block specifies a variety of options, many of which
720 were in <filename>config.h</filename> in older daemons.
721 The options are documented in <filename>reference.conf</filename>.
722 </para>
723 </sect2>
724 <sect2>
725 <title>channel {} block</title>
726 <synopsis>
727modules {
728 <replaceable>values</replaceable>
729};</synopsis>
730 <para>
731 The channel block specifies a variety of channel-related options,
732 many of which were in <filename>config.h</filename> in older daemons.
733 The options are documented in <filename>reference.conf</filename>.
734 </para>
735 </sect2>
736 <sect2>
737 <title>serverhide {} block</title>
738 <synopsis>
739modules {
740 <replaceable>values</replaceable>
741};</synopsis>
742 <para>
743 The serverhide block specifies options related to server hiding.
744 The options are documented in <filename>reference.conf</filename>.
745 </para>
746 </sect2>
747 <sect2>
748 <title>blacklist {} block</title>
749 <synopsis>
750blacklist {
751 host = "<replaceable>text</replaceable>";
752 reject_reason = "<replaceable>text</replaceable>";
753};</synopsis>
754 <para>
755 The blacklist block specifies DNS blacklists to check.
756 Listed clients will not be allowed to connect.
757 IPv6 clients are not checked against these.
758 </para>
759 <para>
760 Multiple blacklists can be specified, in pairs with first host
761 then reject_reason.
762 </para>
763 <variablelist>
764 <title>blacklist {} variables</title>
765 <varlistentry>
766 <term>host</term>
767 <listitem>
768 <para>The DNSBL to use.</para>
769 </listitem>
770 </varlistentry>
771 <varlistentry>
772 <term>reject_reason</term>
773 <listitem>
774 <para>The reason to send to listed clients when disconnecting them.</para>
775 </listitem>
776 </varlistentry>
777 </variablelist>
778 </sect2>
779 <sect2>
780 <title>alias {} block</title>
781 <synopsis>
782alias "<replaceable>name</replaceable>" {
783 target = "<replaceable>text</replaceable>";
784};</synopsis>
785 <para>
786 Alias blocks allow the definition of custom commands.
787 These commands send PRIVMSG to the given target. A real
788 command takes precedence above an alias.
789 </para>
790 <variablelist>
791 <title>alias {} variables</title>
792 <varlistentry>
793 <term>target</term>
794 <listitem>
795 <para>
796 The target nick (must be a network service (umode +S)) or
797 user@server.
798 In the latter case, the server cannot be this server,
799 only opers can use user starting with "opers" reliably and
800 the user is interpreted on the target server only
801 so you may need to use nick@server instead).
802 </para>
803 </listitem>
804 </varlistentry>
805 </variablelist>
806 </sect2>
807 <sect2>
808 <title>cluster {} block</title>
809 <synopsis>
810cluster {
811 name = "<replaceable>text</replaceable>";
812 flags = <replaceable>list</replaceable>;
813};</synopsis>
814 <para>
815 The cluster block specifies servers we propagate things to
816 automatically.
817 This does not allow them to set bans, you need a separate shared{}
818 block for that.
819 </para>
820 <para>
821 Having overlapping cluster{} items will cause the command to
822 be executed twice on the target servers. This is particularly
823 undesirable for ban removals.
824 </para>
825 <para>
826 The letters in parentheses denote the flags in /stats U.
827 </para>
828 <variablelist>
829 <title>cluster {} variables</title>
830 <varlistentry>
831 <term>name</term>
832 <listitem>
833 <para>The server name to share with, this may contain wildcards
834 and may be stacked.</para>
835 </listitem>
836 </varlistentry>
837 <varlistentry>
838 <term>flags</term>
839 <listitem>
840 <para>The list of what to share, all the name lines above this
841 (up to another flags entry) will receive these flags.
842 They are listed below.</para>
843 </listitem>
844 </varlistentry>
845 </variablelist>
846 <variablelist>
847 <title>cluster {} flags</title>
848 <varlistentry>
849 <term>kline (K)</term>
850 <listitem>
851 <para>Permanent K:lines</para>
852 </listitem>
853 </varlistentry>
854 <varlistentry>
855 <term>tkline (k)</term>
856 <listitem>
857 <para>Temporary K:lines</para>
858 </listitem>
859 </varlistentry>
860 <varlistentry>
861 <term>unkline (U)</term>
862 <listitem>
863 <para>K:line removals</para>
864 </listitem>
865 </varlistentry>
866 <varlistentry>
867 <term>xline (X)</term>
868 <listitem>
869 <para>Permanent X:lines</para>
870 </listitem>
871 </varlistentry>
872 <varlistentry>
873 <term>txline (x)</term>
874 <listitem>
875 <para>Temporary X:lines</para>
876 </listitem>
877 </varlistentry>
878 <varlistentry>
879 <term>unxline (Y)</term>
880 <listitem>
881 <para>X:line removals</para>
882 </listitem>
883 </varlistentry>
884 <varlistentry>
885 <term>resv (Q)</term>
886 <listitem>
887 <para>Permanently reserved nicks/channels</para>
888 </listitem>
889 </varlistentry>
890 <varlistentry>
891 <term>tresv (q)</term>
892 <listitem>
893 <para>Temporarily reserved nicks/channels</para>
894 </listitem>
895 </varlistentry>
896 <varlistentry>
897 <term>unresv (R)</term>
898 <listitem>
899 <para>RESV removals</para>
900 </listitem>
901 </varlistentry>
902 <varlistentry>
903 <term>locops (L)</term>
904 <listitem>
905 <para>LOCOPS messages (sharing this with * makes LOCOPS rather
906 similar to OPERWALL which is not useful)</para>
907 </listitem>
908 </varlistentry>
909 <varlistentry>
910 <term>all</term>
911 <listitem>
912 <para>All of the above</para>
913 </listitem>
914 </varlistentry>
915 </variablelist>
916 </sect2>
917 <sect2>
918 <title>shared {} block</title>
919 <synopsis>
920shared {
921 oper = "<replaceable>user@host</replaceable>", "<replaceable>server</replaceable>";
922 flags = <replaceable>list</replaceable>;
923};</synopsis>
924 <para>
925 The shared block specifies opers allowed to perform certain actions
926 on our server remotely.
927 These are ordered top down. The first one matching will determine
928 the oper's access.
929 If access is denied, the command will be silently ignored.
930 </para>
931 <para>
932 The letters in parentheses denote the flags in /stats U.
933 </para>
934 <variablelist>
935 <title>shared {} variables</title>
936 <varlistentry>
937 <term>oper</term>
938 <listitem>
939 <para>The user@host the oper must have, and the server they must
940 be on. This may contain wildcards.</para>
941 </listitem>
942 </varlistentry>
943 <varlistentry>
944 <term>flags</term>
945 <listitem>
946 <para>The list of what to allow, all the oper lines above this
947 (up to another flags entry) will receive these flags.
948 They are listed below.</para>
949 </listitem>
950 </varlistentry>
951 </variablelist>
952 <note><para>
953 While they have the same names, the flags have subtly different
954 meanings from those in the cluster{} block.
955 </para></note>
956 <variablelist>
957 <title>shared {} flags</title>
958 <varlistentry>
959 <term>kline (K)</term>
960 <listitem>
961 <para>Permanent and temporary K:lines</para>
962 </listitem>
963 </varlistentry>
964 <varlistentry>
965 <term>tkline (k)</term>
966 <listitem>
967 <para>Temporary K:lines</para>
968 </listitem>
969 </varlistentry>
970 <varlistentry>
971 <term>unkline (U)</term>
972 <listitem>
973 <para>K:line removals</para>
974 </listitem>
975 </varlistentry>
976 <varlistentry>
977 <term>xline (X)</term>
978 <listitem>
979 <para>Permanent and temporary X:lines</para>
980 </listitem>
981 </varlistentry>
982 <varlistentry>
983 <term>txline (x)</term>
984 <listitem>
985 <para>Temporary X:lines</para>
986 </listitem>
987 </varlistentry>
988 <varlistentry>
989 <term>unxline (Y)</term>
990 <listitem>
991 <para>X:line removals</para>
992 </listitem>
993 </varlistentry>
994 <varlistentry>
995 <term>resv (Q)</term>
996 <listitem>
997 <para>Permanently and temporarily reserved nicks/channels</para>
998 </listitem>
999 </varlistentry>
1000 <varlistentry>
1001 <term>tresv (q)</term>
1002 <listitem>
1003 <para>Temporarily reserved nicks/channels</para>
1004 </listitem>
1005 </varlistentry>
1006 <varlistentry>
1007 <term>unresv (R)</term>
1008 <listitem>
1009 <para>RESV removals</para>
1010 </listitem>
1011 </varlistentry>
1012 <varlistentry>
1013 <term>all</term>
1014 <listitem>
1015 <para>All of the above; this does not include locops or rehash</para>
1016 </listitem>
1017 </varlistentry>
1018 <varlistentry>
1019 <term>locops (L)</term>
1020 <listitem>
1021 <para>LOCOPS messages (accepting this from * makes LOCOPS rather
1022 similar to OPERWALL which is not useful); unlike the other flags,
1023 this can only be accepted from *@* although it can be
1024 restricted based on source server.</para>
1025 </listitem>
1026 </varlistentry>
1027 <varlistentry>
1028 <term>rehash (H)</term>
1029 <listitem>
1030 <para>REHASH commands; all options can be used</para>
1031 </listitem>
1032 </varlistentry>
1033 <varlistentry>
1034 <term>none</term>
1035 <listitem>
1036 <para>Allow nothing to be done</para>
1037 </listitem>
1038 </varlistentry>
1039 </variablelist>
1040 </sect2>
1041 <sect2>
1042 <title>service {} block</title>
1043 <synopsis>
1044service {
1045 name = "<replaceable>text</replaceable>";
1046};</synopsis>
1047 <para>
1048 The service block specifies privileged servers (services). These
1049 servers have extra privileges such as setting login names on users
1050 and introducing clients with umode +S (unkickable, hide channels, etc).
1051 This does not allow them to set bans, you need a separate shared{}
1052 block for that.
1053 </para>
1054 <para>
1055 Do not place normal servers here.
1056 </para>
1057 <para>
1058 Multiple names may be specified but there may be only one service{}
1059 block.
1060 </para>
1061 <variablelist>
1062 <title>service {} variables</title>
1063 <varlistentry>
1064 <term>name</term>
1065 <listitem>
1066 <para>The server name to grant special privileges. This may not
1067 contain wildcards.</para>
1068 </listitem>
1069 </varlistentry>
1070 </variablelist>
1071 </sect2>
1072 </sect1>
1073 </chapter>
1074<!-- Keep this comment at the end of the file
1075Local variables:
1076mode: sgml
1077sgml-omittag:t
1078sgml-shorttag:t
1079sgml-namecase-general:t
1080sgml-general-insert-case:lower
1081sgml-minimize-attributes:nil
1082sgml-always-quote-attributes:t
1083sgml-indent-step:2
1084sgml-indent-data:t
1085sgml-parent-document: ("dancer-oper-guide.sgml" "book")
1086sgml-exposed-tags:nil
1087fill-column:105
1088sgml-validate-command: "nsgmls -e -g -s -u dancer-oper-guide.sgml"
1089End:
1090-->
Unnamed repository; edit this file 'description' to name the repository.