X-Git-Url: https://jfr.im/git/irc/rqf/shadowircd.git/blobdiff_plain/212380e3f42f585dc1ea927402252eb943f91f7b..7c3a2f708162dce297826dd689b9ac3f7fd28414:/doc/sgml/oper-guide/config.sgml
diff --git a/doc/sgml/oper-guide/config.sgml b/doc/sgml/oper-guide/config.sgml
index e3c0950..ab92862 100644
--- a/doc/sgml/oper-guide/config.sgml
+++ b/doc/sgml/oper-guide/config.sgml
@@ -42,7 +42,6 @@ loadmodule "text";
serverinfo {
name = "text";
- use_ts6 = boolean;
sid = "text";
description = "text";
network_name = "text";
@@ -66,21 +65,11 @@ serverinfo {
-
- use_ts6
-
-
- A boolean which defines whether or not you want to use the new TS6 protocol, which provides
- many improvements over the old protocol, TS5, which is used in Hyperion.
-
-
-
sid
- A unique ID which describes the server. This is required regardless of whether you are using
- TS6 or not.
+ A unique ID which describes the server.
This consists of one digit and two characters which can be
digits or letters.
@@ -303,7 +292,13 @@ auth {
user
- A hostmask (user@host) that the auth{} block is matched against. You can have multiple user entries.
+
+ A hostmask (user@host) that the auth {} block applies to.
+ It is matched against the hostname and IP address (using ::
+ shortening for IPv6 and prepending a 0 if it starts with
+ a colon) and can also use CIDR masks.
+ You can have multiple user entries.
+
@@ -319,13 +314,13 @@ auth {
spoof
- An optional fake hostname (or user@host) to apply to users authenticated to this auth{} block.
+ An optional fake hostname (or user@host) to apply to users authenticated to this auth{} block. In STATS i and TESTLINE, an equals sign (=) appears before the user@host and the spoof is shown.
flags
- A list of flags to apply to this auth{} block. They are listed below.
+ A list of flags to apply to this auth{} block. They are listed below. Some of the flags appear as a special character, parenthesized in the list, before the user@host in STATS i and TESTLINE.
@@ -350,25 +345,25 @@ auth {
- exceed_limit
+ exceed_limit (>)
Users in this auth{} block can exceed class-wide limitations.
- dnsbl_exempt
+ dnsbl_exempt ($)
Users in this auth{} block are exempted from DNS blacklist checks. However, they will still be warned if they are listed.
- kline_exempt
+ kline_exempt (^)
Users in this auth{} block are exempted from DNS blacklists, k:lines, g:lines and x:lines, and will not be disconnected because of d:lines.
- gline_exempt
+ gline_exempt (_)
Users in this auth{} block are exempted from g:lines.
@@ -399,7 +394,7 @@ auth {
- flood_exempt
+ flood_exempt (|)
Users in this auth{} block may send arbitrary amounts of
@@ -410,13 +405,13 @@ auth {
- no_tilde
+ no_tilde (-)
Users in this auth{} block will not have a tilde added to their username if they do not run identd.
- need_ident
+ need_ident (+)
Users in this auth{} block must have identd, otherwise they will be rejected.
@@ -436,7 +431,8 @@ exempt {
ip = "ip";
};
- An exempt block specifies IP addresses which are exempt from D:lines.
+ An exempt block specifies IP addresses which are exempt from D:lines
+ and throttling.
Multiple addresses can be specified in one block.
Clients coming from these addresses can still be K/G/X:lined or
banned by a DNS blacklist unless
@@ -524,8 +520,8 @@ operator "name" {
A listing of privileges granted to operators using this block.
- By default, the operwall and remoteban privileges are granted;
- use ~operwall and ~remoteban to disable them if necessary.
+ By default, the mass_notice, operwall, remoteban and resv privileges are granted;
+ use ~mass_notice, ~operwall, ~remoteban and ~resv to disable them if necessary.
In addition, a flag designating if the password is encrypted is here.
@@ -564,6 +560,10 @@ connect "name" {
Furthermore, if a hostname is used, it must have an A or AAAA
record (no CNAME) and it must be the primary
hostname for inbound connections to work.
+
+ IPv6 addresses must be in :: shortened form; addresses which
+ then start with a colon must be prepended with a zero,
+ for example 0::1.