* Server bans (+b $s:mask) -- extb_server
* SSL bans (+b $z) -- extb_ssl
* User mode bans (+b $u:modes) -- extb_usermode
- * Helpops system (umode +H) -- helpops
+ * Helpops system (umode +h) -- helpops
* HURT system -- hurt
* New host mangling (umode +x) -- ip_cloaking_4.0
* Old host mangling (umode +h) -- ip_cloaking
* auspex:hostname: shows hidden hostnames/ips
* oper:privs: allows /stats o/O and seeing privset in /whois
* oper:testline: allows /testline and /testgecos
- * oper:local_kill: allows local users to be /KILL'd
- * oper:global_kill: allows local and remote users to be /KILL'd
+ * oper:kill: allows local and remote users to be /KILL'd
* oper:routing: allows remote SQUIT and CONNECT
* oper:kline: allows KLINE and DLINE
* oper:unkline: allows UNKLINE and UNDLINE
* oper:override: enables oper override via umode +p (from extensions/override)
* oper:receive_immunity:
* confers the benefits of chmode +M (operpeace) (from extensions/chm_operpeace)
- * usermode:helpops allows setting +H (from extensions/helpops)
+ * usermode:helpops allows setting +h (from extensions/helpops)
*/
- privs = oper:general, oper:privs, oper:testline, oper:local_kill, oper:operwall, usermode:servnotice,
+ privs = oper:general, oper:privs, oper:testline, oper:kill, oper:operwall, usermode:servnotice,
auspex:oper, auspex:hostname, auspex:umodes, auspex:cmodes;
};
privset "global_op" {
extends = "local_op";
- privs = oper:global_kill, oper:routing, oper:kline, oper:unkline, oper:xline,
+ privs = oper:routing, oper:kline, oper:unkline, oper:xline,
oper:resv, oper:cmodes, oper:mass_notice, oper:remoteban;
};
flags = ssl, topicburst;
};
-/* cluster {}; servers that we propagate things to automatically.
- * NOTE: This does NOT grant them privileges to apply anything locally,
- * you must add a seperate shared block for that. Clustering will
- * only be done for actions by LOCAL opers, that arent directed
- * remotely.
- */
+/* cluster {}; servers that we propagate things to automatically. */
cluster {
/* name: the server to share with, this can be a wildcard and may be
* stacked.
/* service{}: privileged servers (services). These servers have extra
* privileges such as setting login names on users and introducing clients
- * with umode +S (unkickable, hide channels, etc). This does not allow them
- * to set bans, you need a separate shared{} for that.
+ * with umode +S (unkickable, hide channels, etc).
* Do not place normal servers here.
* There may be only one service{} block.
*/
name = "services.int";
};
-/* shared {}: users that are allowed to place remote bans on our server.
- * NOTE: These are ordered top down. The first one the user@host and server
- * matches will be used. Their access will then be decided on that
- * block and will not fall back to another block that matches.
- */
-shared {
- /* oper: the user@host and server the user must be on to set klines.
- * The first field must be a user@host, the second field is an
- * optional server. These may be stacked.
- */
- /* flags: list of what to allow them to place, all the oper lines
- * above this (up until another flags entry) will receive these
- * flags. This *must* be present.
- *
- * kline - allow setting perm/temp klines
- * tkline - allow setting temp klines
- * unkline - allow removing klines
- * xline - allow setting perm/temp xlines
- * txline - allow setting temp xlines
- * unxline - allow removing xlines
- * resv - allow setting perm/temp resvs
- * tresv - allow setting temp resvs
- * unresv - allow removing xlines
- * all - allow oper/server to do all of above.
- * locops - allow locops - only used for servers who cluster
- * rehash - allow rehashing
- * dline - allow setting perm/temp dlines
- * tdline - allow setting temp dlines
- * undline - allow removing dlines
- * grant - allow granting operator status
- * die - allow remote DIE/RESTART
- * module - allow remote module commands
- * none - disallow everything
- */
-
- /* allow flame@*.leeh.co.uk on server irc.ircd-ratbox.org and
- * allow leeh@*.leeh.co.uk on server ircd.ircd-ratbox.org to kline
- */
- oper = "flame@*.leeh.co.uk", "irc.ircd-ratbox.org";
- oper = "leeh@*.leeh.co.uk", "ircd.ircd-ratbox.org";
- flags = kline;
-
- /* you may forbid certain opers/servers from doing anything */
- oper = "irc@vanity.oper", "*";
- oper = "*@*", "irc.vanity.server";
- oper = "irc@another.vanity.oper", "bigger.vanity.server";
- flags = none;
-
- /* or allow everyone to place temp klines */
- oper = "*@*";
- flags = tkline;
-};
-
/* exempt {}: IPs that are exempt from Dlines and rejectcache. (OLD d:) */
exempt {
ip = "192.0.2.0/24";
ip = "127.0.0.1";
};
+/* secure {}: IPs that are considered to be secure networks, and get
+ * +Z without using TLS */
+secure {
+ ip = "127.0.0.1";
+};
+
/* The channel block contains options pertaining to channels */
channel {
/* invex: Enable/disable channel mode +I, a n!u@h list of masks
/* usermodes configurable: a list of usermodes for the options below
*
- * +g - callerid - Server Side Ignore
+ * +g - callerid - Server-side private message allow list
* +D - deaf - Don't see channel messages
* +i - invisible - Not shown in NAMES or WHO unless you share a
* a channel
projects / solanum.git / blobdiff