default.conf

/*
 * example.conf by Daniel Hawton AKA Osiris (osiris@unrealircd.org).
 * $Id$
 * 
 * Works for Unreal3.2 and up
 * 
 * Okay guys.  This is the new example.conf. Its look is much like C++, kinda.
 * Anyway it is time to go over this.  It's hard to pick up at first, but
 * with some pratice and reading you'll understand.
 *
 * Just copy this file to your main unrealircd dir and call it 'unrealircd.conf'.
 * 
 * NOTE:  All lines, except the opening { line, end in an ;, including the
 * closing } line. The IRCd will ignore commented lines.
 *
 * PLEASE READ doc/unreal32docs.html! The online version is also available at:
 * www.vulnscan.org/UnrealIRCd/unreal32docs.html
 * It contains a lot information about the configfile: gives information about
 * every block, variable, etc..
 * If you try to edit this file without reading the documentation properly
 * then you are pretty much guaranteed to fail!
 */

/* Type of comments */
#Comment type 1 (Shell type)
// Comment type 2(C++ style)
/* Comment type 3 (C Style) */
#those lines are ignored by the ircd.

/*
 * UnrealIRCd supports modules, loading some of them is required.
 * You need at least the commands module and a cloaking module.
 */

/* FOR *NIX, uncomment the following 2lines: */
loadmodule "/usr/lib64/unrealircd/modules/commands.so";
loadmodule "/usr/lib64/unrealircd/modules/cloak.so";

/* FOR Windows, uncomment the following 2 lines: */
//loadmodule "modules/commands.dll";
//loadmodule "modules/cloak.dll";

/*
 * You can also include other configuration files.
 * help.conf contains all the /helpop text. The badwords.*.conf
 * files contain all the badword entries for mode +G...
 * spamfilter.conf contains some good rules for current trojans.
 * You probably want to include them:
 */
include "help.conf";
include "badwords.channel.conf";
include "badwords.message.conf";
include "badwords.quit.conf";
include "spamfilter.conf";
include "conf.d/*.conf";

/*
 * NEW: me {} 
 * OLD: M:Line 
 * me {} defines the name, description and unreal server numeric for
 * this server. Syntax is as follows: 
 * me { 
 *  name "server.name"; 
 *  info "Server Description";
 *  numeric (server numeric*);
 * }; 
 * If linking, this numeric may not be used by any other server on the network.
 */
me
{
	name "irc.foonet.com";
	info "FooNet Server";
	numeric 1;
};

/*
 * NEW: admin {} 
 * OLD: A:Line
 * Admin gives information on the server admin. you
 * may put as many lines under admin { as you wish. 
 * Syntax is as follows:
 * admin {
 *   "first line"; 
 *   "second line"; 
 *   [etc]
 * };
 */
admin {
	"Bob Smith";
	"bob";
	"widely@used.name";
};

/*
 * NEW: class {} 
 * OLD: Y:line (old was confusing) 
 * These define settings for classes. A class is a group setting for 
 * connections. Example, server connections, instead of going to a client's
 * class, you direct it to the server class. Syntax is as follows
 * class (class name)
 * {
 *     pingfreq (how often to ping a user/server in seconds);
 *     maxclients (how many connections for this class);
 *     sendq (maximum send queue from a connection);
 *     recvq (maximum receive queue from a connection [flood control]);
 *  };
 */

class           clients
{
	pingfreq 90;
	maxclients 500;
	sendq 100000;
	recvq 8000;
};

class           servers
{
	pingfreq 90;
	maxclients 10;		/* Max servers we can have linked at a time */
	sendq 1000000;
	connfreq 100; /* How many seconds between each connection attempt */
};

/*
 * NEW: allow {} 
 * OLD: I:Line
 * This defines allowing of connections...
 * Basically for clients, it allows them to connect so you can have some
 * control and/or set a password. 
 * Syntax is as follows: 
 * allow {
 *    ip (ip mask to allow);
 *    hostname (host mask);
 *    class (class to send them to [see class {}]);
 *    password "(password)"; (optional)
 *    maxperip (how many connections per ip); (optional) 
 * };
 */

allow {
	ip             *@*;
	hostname       *@*;
	class           clients;
	maxperip 5;
};

/* Passworded allow line */
allow {
	ip             *@255.255.255.255;
	hostname       *@*.passworded.ugly.people;
	class           clients;
	password "f00Ness";
	maxperip 1;
};

/*
 * NEW: allow channel {} 
 * OLD: chrestrict 
 * Allows a user to join a channel...
 * like an except from deny channel. 
 * Syntax:
 * allow channel {
 *   channel "channel name";
 *   class "clients"; (optional)
 * };
 */
allow channel {
	channel "#WarezSucks";
	class "clients";
};

/*
 * NEW: oper {} 
 * OLD: O:Line 
 * Defines an IRC Operator
 * IRC operators are there to keep sanity to the server and usually keep it
 * maintained and connected to the network. 
 * The syntax is as follows: 
 * oper (login) { 
 *     class (class to put them in, if different from I, moves them to new
 *                class); 
 *     from { 
 *        userhost (ident@host);
 *        userhost (ident@host);
 *     }; 
 *     flags
 *     { 
 *       (flags here*);
 *     };
 *     OR
 *     flags "old type flags, like OAaRD";
 * };
 */


/* For a list of oper flags, see doc/unreal32docs.html#operblock
 * [HIGHLY recommended to read]
 */

oper bobsmith {
	class           clients;
	from {
		userhost bob@smithco.com;
	};
	password "f00";
	flags
	{
		netadmin;
		can_zline;
		can_gzline;
		can_gkline;
		global;
	};
};

/*
 * NEW: listen {}
 * OLD: P:Line
 * This defines a port for the ircd to bind to, to
 * allow users/servers to connect to the server. 
 * Syntax is as follows:
 * listen (ip number):(port number) 
 * { 
 *   options {
 *     (options here);
 *   };
 * };
 * or for a plain
 * listen: listen (ip):(port);
 * 
 * NOTICE: for ipv6 ips (3ffe:b80:2:51d::2 etc), use listen [ip]:port;
 * 
 * That works also.
 */

/* Options for listen:
	OLD	| 	NEW
	S		serversonly
	C		clientsonly
	J		java
	s		ssl
	*		standard
*/

/* NOTE ON SSL PORTS: SSL ports are pretty non-standardized,
 * besides numerous high-SSL ports, some people say you should run
 * it at 994 because that's the official SSL port.. but that
 * requires root! Besides, port 194 is the official irc port and
 * have you ever seen an ircd running on that?
 * So, our suggestion is to use port 6697 for SSL, this is used by
 * quite some networks and is recognized by for example StunTour.
 * You are free to open up as many SSL ports as you want, but
 * by (also) using 6697 you help the world standardize a bit ;).
 */
listen         *:6697
{
	options
	{
		ssl;
		clientsonly;
	};
};

listen         *:8067;
listen         *:6667;

/* NOTE: If you are on an IRCd shell with multiple IP's you are
 *       likely to get 'Address already in use' errors in your log
 *       and the ircd won't start. This means you MUST bind
 *       to a specific IP instead of '*', so for example:
 *       listen 1.2.3.4:6667;
 *       Obviously, replace the IP with the IP that was assigned to you.
 */

/*
 * NEW: link {}
 * OLD: C/N:Lines
 * This defines an okay for a server connection.
 * NOTE: BOTH SERVERS NEED A LINK {} SETTING TO CONNECT PROPERLY!
 * Syntax is as follows:
 * link (server name)
 * {
 *	username	(username, * works too);
 * 	hostname	(ip number/hostmask);
 *	bind-ip		(What IP to bind to when connecting, or *);
 *	port		(port to connect to, if any);
 *	hub (If this is a hub, * works, or servermasks it may bring in);
 *	[or leaf *;]
 *	password-connect "(pass to send)";
 *	password-receive "(pass we should receive)";
 *	class		(class to direct servers into);
 *	options {
 *		(options here*);
 *	};
 *      // If we use SSL, we can choose what cipher to use in SSL mode
 *      // Retrieve a list by "openssl ciphers", separate ciphers with :'s
 *      
 *      ciphers "DES-CBC3-MD5";
 * 
 * };
*/

/*
	options:
	OLD	|	NEW
	S		ssl
	Z		zip
	N/A		autoconnect
	N/A		quarantine
	N/A		nodnscache
*/


link            hub.mynet.com
{
	username	*;
	hostname 	1.2.3.4;
	bind-ip 	*;
	port 		7029;
	hub             *;
	password-connect "LiNk";
	password-receive "LiNk";
	class           servers;
		options {
			/* Note: You should not use autoconnect when linking services */
			autoconnect;
			ssl;
//			zip;
		};
};
/*
 *
 * NEW: ulines {}
 * OLD: U:Line
 * U-lines give servers more power/commands, this should ONLY be set
 * for services/stats servers and NEVER for normal UnrealIRCd servers!
 * Syntax is as follows:
 * ulines {
 *	(server to uline);
 *	(server to uline);
 *  [etc]
 * };
*/
ulines {
	services.roxnet.org;
	stats.roxnet.org;
};

/*
 * NEW: drpass {}
 * OLD: X:Line
 * This defines the passwords for /die and /restart.
 * Syntax is as follows:
 * drpass { 
 *  restart		"(password for restarting)";
 *  die		        "(password for die)";
 * };
 */
drpass {
	restart "I-love-to-restart";
	die "die-you-stupid";
};

/*
 * NEW: log {} OLD: N/A Tells the ircd where and what to log(s). You can have
 * as many as you wish.
 * 
 * FLAGS: errors, kills, tkl, connects, server-connects, oper
 * 
 * Syntax: 
 * log "log file" 
 * {
 *    flags
 *    {
 *        flag;
 *        flag; 
 *        etc.. 
 *    }; 
 * };
 */

log "/var/log/unrealircd/server.log" {
	maxsize 2097152;
	flags {
		oper;
		connects;
		server-connects;
		kills;
		errors;
		sadmin-commands;
		chg-commands;
		oper-override;
		spamfilter;
	};
};

/*
 * NEW: alias {}
 * OLD: N/A
 * This allows you to set command aliases such as /nickserv, /chanserv etc
 * FLAGS: services, stats, normal
 *
 * Syntax:
 * alias "name" {
 *	target "points to";
 *	type aliastype;
 * };
 *
 * [NOTE: You could also include a pre-defined alias file here, see doc/unreal32docs.html section 2.9]
 */

// This points the command /nickserv to the user NickServ who is connected to the set::services-server server
/*alias NickServ {
	target "NickServ";
	type services;
};*/

// If you want the command to point to the same nick as the command, you can leave the nick entry out
//alias ChanServ { type services; };

// Points the /statserv command to the user StatServ on the set::stats-server server
//alias StatServ { type stats; };

// Points the /superbot command to the user SuperBot
//alias SuperBot { type normal; };


/* Standard aliases */
alias NickServ { type services; };
alias ChanServ { type services; };
alias OperServ { type services; };
alias HelpServ { type services; };
alias StatServ { type stats; };

/*
 * NEW: alias {}
 * OLD: N/A
 * This allows you to set command aliases such as /identify, /services, etc
 *
 * Syntax:
 * alias "name" {
 *	format "format string" {
 *		target "points to";
 *              type aliastype;
 *		parameters "parameters to send";
 *	};
 *	type command;
 * };
 */
/* This is shown seperately because even though it has teh same name as the previous directive, it is very
 * different in syntax, although it provides a similar function and relys on the standard aliases to work.
 */
/*
alias "identify" {
	format "^#" {
		target "chanserv";
		type services;
		parameters "IDENTIFY %1-";
	};
	format "^[^#]" {
		target "nickserv";
		type services;
		parameters "IDENTIFY %1-";
	};
	type command;
};
*/
/* The alias::format directive is a regular expression. The first format matches the /identify command when
 * the first character is a #. It then passes this along to the chanserv alias with the parameters IDENTIFY
 * %1-. The second format matches then /identify command when the first character is not a #. It then
 * passes the command to the nickserv alias with parameters IDENTIFY %1-.
 */

/* The alias::format::parameters is similar to scripting languages. %N (where N is a number) represents a
 * parameter sent to the command (in this case /identify). If you specify %N- it means all parameters from
 * N until the last parameter in the string. You may also specify %n which is replaced by
 * the user's nickname.
*/

/* Standard aliases */
alias "services" {
	format "^#" {
		target "chanserv";
		type services;
		parameters "%1-";
	};
	format "^[^#]" {
		target "nickserv";
		type services;
		parameters "%1-";
	};
	type command;
};

alias "identify" {
	format "^#" {
		target "chanserv";
		type services;
		parameters "IDENTIFY %1-";
	};
	format "^[^#]" {
		target "nickserv";
		type services;
		parameters "IDENTIFY %1-";
	};
	type command;
};

/* This is an example of a real command alias */
/* This maps /GLINEBOT to /GLINE <parameter> 2d etc... */
alias "glinebot" {
	format ".+" {
		command "gline";
		type real;
		parameters "%1 2d Bots are not allowed on this server, please read the faq at http://www.example.com/faq/123";
	};
	type command;
};

/*
 * NEW: files {}
 * OLD: include/config.h
 *
 * This block overrides the IRCd's default paths for loading things
 * like the MOTD, saving its PID, or writing/loading its tunefile. The
 * existence of this block allows one UnrealIRCd installation to
 * support multiple running instances when combined with the -c
 * commandline option.
 *
 * As usual, relative paths are interpreted relative to the directory
 * where UnrealIRCd would find unrealircd.conf if -c is _not_
 * specified on the commandline.
 */
files
{
	/* The Message Of The Day shown to users who log in: */
	/* motd ircd.motd; */

	/*
	 * A short MOTD. If this file exists, it will be displayed to
	 * the user in place of the MOTD. Users can still view the
	 * full MOTD by using the /MOTD command.
	 */
	/* shortmotd ircd.smotd; */

	/* Shown when an operator /OPERs up */
	/* opermotd oper.motd; */

	/* Services MOTD append. */
	/* svsmotd ircd.svsmotd; */

	/* Bot MOTD */
	/* botmotd bot.motd; */

	/* Shown upon /RULES */
	/* rules ircd.rules; */

	/*
	 * Where the IRCd stores and loads a few values which should
	 * be persistent across server restarts. Must point to an
	 * existing file which the IRCd has permission to alter or to
	 * a file in a folder within which the IRCd may create files.
	 */
	/* tunefile ircd.tune; */

	/* Where to save the IRCd's pid. Should be writable by the IRCd. */
	/* pidfile ircd.pid; */
};

/*
 * NEW: tld {}
 * OLD: T:Line
 * This sets a different motd and rules files
 * depending on the clients hostmask.
 * Syntax is as follows: 
 * tld {
 *    mask (ident@host);
 *    motd "(motd file)";
 *    rules "(rules file)";
 * };
 */

//tld {
//	mask *@*.fr;
//	motd "ircd.motd.fr";
//	rules "ircd.rules.fr";
//};

/* note: you can just delete the example block above,
 * in which case the defaults motd/rules files (ircd.motd, ircd.rules)
 * will be used for everyone.
 */

/*
 * NEW: ban nick {}
 * OLD: Q:Line
 * Bans a nickname, so it can't be used.
 * Syntax is as follows:
 * ban nick {
 *	mask "(nick to ban)";
 *	reason "(reason)";
 * };
*/
ban nick {
	mask "*C*h*a*n*S*e*r*v*";
	reason "Reserved for Services";
};
/*
 * NEW: ban ip {}
 * OLD: Z:Line
 * Bans an ip from connecting to the network.
 * Syntax:
 * ban ip { mask (ip number/hostmask); reason "(reason)"; };
*/
ban ip {
	mask 195.86.232.81;
	reason "Delinked server";
};
/*
 * NEW: ban server {}
 * OLD: Server Q:Line
 * Disables a server from connecting to the network.
 * if the server links to a remote server, local server
 * will disconnect from the network.
 * Syntax is as follows:
 * ban server {
 *	mask "(server name)";
 *	reason "(reason to give)";
 * };
*/

ban server {
	mask eris.berkeley.edu;
	reason "Get out of here.";
};
/*
 * NEW: ban user {}
 * OLD: K:Line
 * This makes it so a user from a certain mask can't connect
 * to your server.
 * Syntax:
 * ban user { mask (hostmask/ip number); reason "(reason)"; };
*/

ban user {
	mask *tirc@*.saturn.bbn.com;
        reason "Idiot";
};

/*
 * NEW: ban realname {}
 * OLD: n:Line
 * This bans a certain realname from being used.
 * Syntax:
 * ban realname {
 *	mask "(real name)";
 * 	reason "(reason)";
 * };
*/

ban realname {
	mask "Swat Team";
	reason "mIRKFORCE";
};

ban realname {
	mask "sub7server";
	reason "sub7";
};

/*
 * NOTE FOR ALL BANS, they may be repeated for addition entries!
 * 
 * NEW: except ban {} 
 * OLD: E:Line
 * This makes it so you can't get banned. 
 * Syntax:
 * except ban { mask (ident@host); };
 * Repeat the except ban {} as many times
 * as you want for different hosts.
 */

except ban {
	/* don't ban stskeeps */
	mask           *stskeeps@212.*;
};

/*
 * NEW: deny dcc {} 
 * OLD: dccdeny.conf
 * Use this to block dcc send's... stops
 * viruses better. 
 * Syntax: 
 * deny dcc 
 * { 
 *   filename "file to block (ie, *exe)";
 *   reason "reason";
 * };
 */
deny dcc {
	filename "*sub7*";
	reason "Possible Sub7 Virus";
};

/*
 * NEW: deny channel {}
 * OLD: N/A (NEW)
 * This blocks channels from being joined.
 * Syntax:
 * deny channel {
 * 	channel "(channel)";
 * 	reason "reason";
 *      class "clients"; (optional)
 * };
*/
deny channel {
	channel "*warez*";
	reason "Warez is illegal";
	class "clients";
};

/*
 * NEW: vhost {}
 * OLD: Vhost.conf file
 * This sets a fake ip for non-opers, or
 * opers too lazy to /sethost :P
 * Syntax:  
 *   vhost { 
 *       vhost (vhost.com); 
 *       from {
 *            userhost (ident@host to allow to use it);
 *       };
 *       login (login name);
 *       password (password);
 *   };
 *        then to use this vhost, do /vhost (login) (password) in IRC
 */
vhost {
	vhost           i.hate.microsefrs.com;
	from {
		userhost       *@*.image.dk;
	};
	login           stskeeps;
	password        moocowsrulemyworld;
};

/* You can include other configuration files */
/* include "klines.conf"; */

/* Network configuration */
set {
	network-name 		"ROXnet";
	default-server 		"irc.roxnet.org";
	services-server 	"services.roxnet.org";
	stats-server 		"stats.roxnet.org";
	help-channel 		"#ROXnet";
	hiddenhost-prefix	"rox";
	/* prefix-quit 		"no"; */
	/* Cloak keys should be the same at all servers on the network.
	 * They are used for generating masked hosts and should be kept secret.
	 * The keys should be 3 random strings of 5-100 characters
	 * (10-20 chars is just fine) and must consist of lowcase (a-z),
	 * upcase (A-Z) and digits (0-9) [see first key example].
	 * HINT: On *NIX, you can run './unreal gencloak' in your shell to let
	 *       Unreal generate 3 random strings for you.
	 */
	cloak-keys {
		"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";
		"eechooL1bae5Teg9ji4di1fohR0u";
		"ohwae5nose6KiBohLaiph8neej6h";
	};
	/* on-oper host */
	hosts {
		local		"locop.roxnet.org";
		global		"ircop.roxnet.org";
		coadmin		"coadmin.roxnet.org";
		admin		"admin.roxnet.org";
		servicesadmin 	"csops.roxnet.org";
		netadmin 	"netadmin.roxnet.org";
		host-on-oper-up "no";
	};
};

/* Server specific configuration */

set {
	kline-address "support@domain.com";
	modes-on-connect "+ixw";
	modes-on-oper	 "+xwgs";
	oper-auto-join "#opers";
	options {
		hide-ulines;
		/* You can enable ident checking here if you want */
		/* identd-check; */
		show-connect-info;
	};

	maxchannelsperuser 10;
	/* The minimum time a user must be connected before being allowed to use a QUIT message,
	 * This will hopefully help stop spam */
	anti-spam-quit-message-time 10s;
	/* Make the message in static-quit show in all quits - meaning no
           custom quits are allowed on local server */
	/* static-quit "Client quit";	*/

	/* You can also block all part reasons by uncommenting this and say 'yes',
	 * or specify some other text (eg: "Bye bye!") to always use as a comment.. */
	/* static-part yes; */

	/* This allows you to make certain stats oper only, use * for all stats,
	 * leave it out to allow users to see all stats. Type '/stats' for a full list.
	 * Some admins might want to remove the 'kGs' to allow normal users to list
	 * klines, glines and shuns.
	 */
	oper-only-stats "okfGsMRUEelLCXzdD";

	/* Throttling: this example sets a limit of 3 connection attempts per 60s (per host). */
	throttle {
		connections 3;
		period 60s;
	};

	/* Anti flood protection */
	anti-flood {
		nick-flood 3:60;	/* 3 nickchanges per 60 seconds (the default) */
	};

	/* Spam filter */
	spamfilter {
		ban-time 1d; /* default duration of a *line ban set by spamfilter */
		ban-reason "Spam/Advertising"; /* default reason */
		virus-help-channel "#help"; /* channel to use for 'viruschan' action */
		/* except "#help"; channel to exempt from filtering */
	};
};



/*
 * Problems or need more help?
 * 1) www.vulnscan.org/UnrealIRCd/unreal32docs.html
 * 2) www.vulnscan.org/UnrealIRCd/faq/ <- contains 80% of your questions!
 * 3) If you still have problems you can go irc.unrealircd.org #unreal-support,
 *    note that we require you to READ THE DOCUMENTATION and FAQ first!
 */