X-Git-Url: https://jfr.im/git/irc/rqf/shadowircd.git/blobdiff_plain/625b1e582d79e2e8dd3e863fb85cc95b54364bde..40a53c07b415d1dcec3d1e10d3b67e31b5c2cefa:/doc/sgml/oper-guide/config.sgml
diff --git a/doc/sgml/oper-guide/config.sgml b/doc/sgml/oper-guide/config.sgml
index fdc1859..fc44fb7 100644
--- a/doc/sgml/oper-guide/config.sgml
+++ b/doc/sgml/oper-guide/config.sgml
@@ -25,8 +25,8 @@
Specific blocks and directives
- Not all configuration blocks and directives are listed here, only the most common ones. More blocks and directives will
- be documented in later revisions of this manual.
+ Not all configuration blocks and directives are listed here, only the most common ones. More blocks and directives will
+ be documented in later revisions of this manual.
loadmodule directive
@@ -314,13 +314,13 @@ auth {
spoof
- An optional fake hostname (or user@host) to apply to users authenticated to this auth{} block.
+ An optional fake hostname (or user@host) to apply to users authenticated to this auth{} block. In STATS i and TESTLINE, an equals sign (=) appears before the user@host and the spoof is shown.
flags
- A list of flags to apply to this auth{} block. They are listed below.
+ A list of flags to apply to this auth{} block. They are listed below. Some of the flags appear as a special character, parenthesized in the list, before the user@host in STATS i and TESTLINE.
@@ -345,27 +345,21 @@ auth {
- exceed_limit
+ exceed_limit (>)
Users in this auth{} block can exceed class-wide limitations.
- dnsbl_exempt
+ dnsbl_exempt ($)
Users in this auth{} block are exempted from DNS blacklist checks. However, they will still be warned if they are listed.
- kline_exempt
+ kline_exempt (^)
- Users in this auth{} block are exempted from DNS blacklists, k:lines, g:lines and x:lines, and will not be disconnected because of d:lines.
-
-
-
- gline_exempt
-
- Users in this auth{} block are exempted from g:lines.
+ Users in this auth{} block are exempted from DNS blacklists, k:lines and x:lines.
@@ -394,7 +388,7 @@ auth {
- flood_exempt
+ flood_exempt (|)
Users in this auth{} block may send arbitrary amounts of
@@ -405,13 +399,13 @@ auth {
- no_tilde
+ no_tilde (-)
Users in this auth{} block will not have a tilde added to their username if they do not run identd.
- need_ident
+ need_ident (+)
Users in this auth{} block must have identd, otherwise they will be rejected.
@@ -555,8 +549,6 @@ connect "name" {
The hostname or IP to connect to.
- Charybdis uses solely DNS for all hostname/address lookups
- (no /etc/hosts or anything else).
Furthermore, if a hostname is used, it must have an A or AAAA
record (no CNAME) and it must be the primary
hostname for inbound connections to work.
@@ -659,6 +651,7 @@ connect "name" {
topicburst
Topics should be bursted to this server.
+ This is enabled by default.
@@ -1023,7 +1016,7 @@ shared {
all
- All of the above; this does not include locops or rehash
+ All of the above; this does not include locops, rehash, dline, tdline or undline.
@@ -1041,6 +1034,24 @@ shared {
REHASH commands; all options can be used
+
+ dline (D)
+
+ Permanent and temporary D:lines
+
+
+
+ tdline (d)
+
+ Temporary D:lines
+
+
+
+ undline (E)
+
+ D:line removals
+
+
none
@@ -1081,6 +1092,28 @@ service {
+
+ Hostname resolution (DNS)
+
+ Charybdis uses solely DNS for all hostname/address lookups
+ (no /etc/hosts or anything else).
+ The DNS servers are taken from /etc/resolv.conf.
+ If this file does not exist or no valid IP addresses are listed in it,
+ the local host (127.0.0.1) is used. (Note that the latter part
+ did not work in older versions of Charybdis.)
+
+
+ IPv4 as well as IPv6 DNS servers are supported, but it is not
+ possible to use both IPv4 and IPv6 in
+ /etc/resolv.conf.
+
+
+ For both security and performance reasons, it is recommended
+ that a caching nameserver such as BIND be run on the same machine
+ as Charybdis and that /etc/resolv.conf only
+ list 127.0.0.1.
+
+