DareNET IRCd Configuration/1.5

Revision as of 05:23, 15 September 2010 (view source)

Admin (Talk | contribs)

(→General block)

← Older edit

Current revision as of 18:00, 17 June 2013 (view source)

Nitemare (Talk | contribs)

(→Connect block)

(61 intermediate revisions not shown)

Line 1:

__NOTOC__

-

This is a reference guide for ircd-darenet 1.4.1+'s configuration file.

+

This is a reference guide for ircd-darenet 1.5.x's configuration file.

-

The configuration format consists of various blocks, each containing name-value pairs, tags ~~and/~~or string data. It is designed to be easily readable by both human ~~and~~ ircd.

+

The configuration format consists of various blocks, each containing name-value pairs, tags or string data. It is designed to be easily readable by both human ircd.

-

A block consists of a ~~block~~ name, an opening '{' brace, statements, a closing '}' brace, and a ';' semicolon. A statement consists of a name possibly followed by an '=' equals sign and a value, ending with a semicolon. All strings ~~are~~ surrounded by '"' double quotes.

+

A block consists of a name, an opening '{' brace, statements, a closing '}' brace, and a ';' semicolon. A statement consists of a name possibly followed by an '=' equals sign and a value, ending with a semicolon. All strings must be surrounded by '"' double quotes.

A sample block:

Line 15:

};</pre></html>

-

All elements of the configuration are separated by whitespace, and can be packed on one line, or broken up over several lines. Whitespace is defined as space, tab or carriage return/linefeed. Three ~~form~~ of comments are allowed:

+

All elements of the configuration are separated by whitespace, and can be packed on one line, or broken up over several lines. Whitespace is defined as space, tab or carriage return/linefeed. Three forms of comments are allowed:

-

* C style single/multi-line

+

<pre>/* C style single/multi-line */

-

* ~~C++ style single-line~~

+

-

* Shell style single-line

+

-

'''Important notes:''' When the configuration file is parsed, blocks are used in reverse order than how they are listed. This means you should start multiple block definitions with the "fall through", and end with the most detailed. Class {} blocks MUST be specified before anything that uses them. That means they must be defined before client {}, connect {} and operator {}.

+

// C++ style single-line

-

~~Times~~ / ~~durations are written as:~~

+

# Shell style single-line

+

</pre>

-

* A number in ~~seconds (e.g.~~, ~~60)~~

+

{{info|text=Blocks are used in the reverse order than how they're listed, when the configuration file is parsed. This means you should start multiple block definitions with the "fall through", and end with the most detailed.}}

-

* 1 hours 30 minutes 10 seconds

+

-

* An arithmetic expression (e.~~g., 1*60+20)~~

+

-

+

-

~~Valid units of time:~~

+

-

+

-

* Decade, year, month, week, day, hour, minute, ~~second~~

+

-

+

-

~~Valid units of size:~~

+

-

+

-

* terabyte / tbyte

+

-

* gigabyte / gbyte

+

-

* megabyte / mbyte

+

-

* kilobyte / kbyte

+

-

* byte

+

-

+

-

~~Sizes~~ and ~~times may be specified as singular or plural~~.

+

== General block ==

-

{| class="simpletable"

+

{| class="simpletable" width="100%"

|width="250px"|Requirement:

|REQUIRED

|-

|Old conf format equivalents:

-

|M:name:vhost:description::numeric

+

|<code>M:name:vhost:description::numeric</code>

|}

The General block defines information about the server itself. It is required for the server to start.

-

<html><pre>~~general~~ {

+

<html><pre>General {

/* name: the name of our server. */

name = "test.area.zone.darenet.org";

Line 65:

Line 48:

* digit between 0 and 4095, and is not updated on a rehash.

*/

-

numeric = 999;

+

numeric = 999;

/* vhost: the IP to bind to when we connect outward to other servers.

Line 86:

Line 69:

</pre></html>

-

~~'''Required tokens:''' <code>~~name, description, ~~numeric</code>~~

+

The server name may only be changed by a server restart. The description can be changed on rehash, but will not propagate to other linked servers.

-

~~'''Optional tokens:''' <code>vhost, ssl_pem, ssl_private_key</code>~~

+

There must be exactly one General block.

-

Note that the server <numeric> must be unique on the network the server is linked to, and may be between 0 and 4095. It is not updated on a rehash. If linking to DareNET, you should use the numeric assigned to you by the Infrastructure team.

+

== Admin block ==

-

~~If <vhost> is specified, it must contain either a~~ <code>*</code> ~~or a valid IPv4 address in dotted quad notation (e.g., 127.0.0.1). The address MUST be the address of a physical interface on the host. It is used only for outgoing connections; see Port {~~} ~~blocks for listener virtual hosting. If in doubt what to put here, use the IP of your primary interface.~~

+

{| class="simpletable" width="100%"

+

|width="250px"|Requirement:

+

|SUGGESTED

+

|-

+

|Old conf format equivalents:

+

|<code>A:line1:line2:line3</code>

+

|}

-

~~If SSL is enabled, you MUST specify~~ the ~~path to your pem (containing your cert and private key) and private key files using the ssl_pem and ssl_private_key tokens~~.

+

The Admin block defines information that can be retrieved with the <code>/ADMIN</code> command.

-

~~There may only be one General~~ {~~} block~~.

+

<html><pre>Admin {

+

location = "DareNET - http://www.darenet.org";

+

location = "Infrastructure Team";

+

contact = "<infrastructure@darenet.org>";

+

};

+

</pre></html>

-

~~'''Example~~ block~~:'''~~

+

Not all lines are required. There may only be one Admin block.

-

~~<c>General~~

+

== Class block ==

-

{

+

-

~~name~~ = ~~"servername.area.zone.darenet.org";~~

+

-

~~description~~ = ~~"DareNET Client Server";~~

+

-

~~numeric~~ = ~~10;~~

+

-

~~vhost~~ = ~~"127.0.0.1";~~

+

-

~~ssl_pem = "etc/ircd.pem";~~

+

-

~~ssl_private_key = "etc/ircd.key";~~

+

-

~~};</c>~~

+

-

~~== Admin Block ==~~

+

{| class="simpletable" width="100%"

-

+

|width="250px"|Requirement:

-

{| class="~~wikitable~~" width="40%" ~~style~~="~~font-size~~: ~~97%; text~~-~~align: left;"~~

+

|RECOMMENDED

-

| ~~Requirement~~:

+

|-

-

| ~~SUGGESTED~~

+

|Old conf format equivalents:

+

|<code>Y:class:pingfreq::maxlinks:sendq (clients)</code> <code>Y:class:pingfreq:connectfreq:maxlinks:sendq (servers)</code>

|-

-

~~| Old conf format equivalents:~~

-

~~| A:line~~

|}

-

The ~~Admin {} block defines information that can be retrieved~~ with the ~~/ADMIN command~~.

+

The Class blocks define connection classes. All connections to the server are associated with a "connection class", whether they be incoming or outgoing (initiated by the server), be they clients or servers.

-

~~There may only be one Admin~~ {~~} block~~.

+

<html><pre>Class {

+

/* name: a name for the connection class. */

+

name = "Users";

-

<~~pre>Admin~~

+

/* pingfreq: how often to PING idle connections. */

-

{

+

pingfreq = 1 minute 30 seconds;

-

~~Location~~ = "~~string 1 here~~";

+

-

~~Location~~ = ~~"string 2 here"~~;

+

-

~~Contact = "string 3 here";~~

+

-

~~};</pre>~~

+

-

~~'''Example block~~:'''

+

/* sendq: send buffer limit (i.e., the amount of data allowed in

+

* a client's queue before they are dropped.

+

*/

+

sendq = 100 kilobytes;

-

<~~c>Admin~~

+

/* maxlinks: the maximum number of connections that may use this

-

{

+

* class. May be between 0 and 4,000,000,000.

-

~~Location~~ = "~~DareNET~~";

+

*/

-

~~Location = "Infrastructure Team";~~

+

maxlinks = 100;

-

~~Contact = "~~<~~infrastructure@darenet.org~~>";

+

-

};</c>

+

-

== ~~Class Block =~~=

+

/* usermode: an optional list of user modes that should set

+

* upon the user while connecting.

+

*/

+

usermode = "+iw";

-

{| class="~~wikitable~~" ~~width~~="~~40%~~" ~~style="font-size: 97%~~; ~~text-align: left;"~~

+

/* maxchans: the maximum number of channels that clients may join.

-

~~| Requirement:~~

+

*/

-

~~| SUGGESTED~~

+

maxchans = 50;

-

|-

+

};

-

~~| Old conf format equivalents:~~

+

-

~~| Y:line~~

+

-

|}

+

-

~~The~~ Class {~~} blocks define connection classes. All connections to the server are associated with a~~ "~~connection~~ class"~~, whether they be incoming or outgoing (initiated by the server), be they clients or servers.~~

+

Class {

+

name = "Opers";

+

pingfreq = 2 minutes;

+

sendq = 100 kilobytes;

+

maxlinks = 10;

+

usermode = "+iw";

+

whox;

+

};

-

<~~pre~~>Class

+

Class {

-

{

+

name = "Server";

-

name = "<class>";

+

pingfreq = 3 minutes;

-

pingfreq = ~~time~~;

+

-

~~connectfreq = time;~~

+

-

~~maxlinks = number;~~

+

-

~~sendq = size;~~

+

-

~~usermode = "+modes";~~

+

-

~~};</pre>~~

+

-

~~'''Required tokens:'''~~ <~~code~~>~~name~~, ~~pingfreq~~, ~~sendq~~</~~code~~>

+

/* connectfreq: this token applies only to servers, and specifies

+

* the frequency that the server tries to auto connect. Setting this to 0 will cause a

+

* server to attempt to connect repeatedly, with no delay until the maxlinks condition

+

* is satisfied (which is not a good thing).

+

*/

+

connectfreq = 5 minutes;

-

~~'''Optional tokens (client classes only):'''~~ <~~code~~>maxlinks, ~~usermode~~</~~code~~>

+

/* maxlinks: for server classes, specifies the maximum number of

+

* servers to autoconnect to. This should be 0 for hubs, and 1 for leafs.

+

*/

+

maxlinks = 0;

-

~~'''Optional tokens (server classes only):''' <code>connectfreq</code>~~

+

sendq = 10 megabytes;

+

};

-

~~For connection classes used on server links,~~ maxlinks ~~should be set to either 0 (for hubs) or~~ 1 ~~(for leafs). Client connection classes may use maxlinks between 0 and approximately 4,000,000,000. A maxlinks of 0 means there is no limit on the number of connections using the class.~~

+

Class {

+

name = "Leaf_Server";

+

pingfreq = 3 minutes;

+

connectfreq = 5 minutes;

+

maxlinks = 1;

+

sendq = 10 megabytes;

+

};

+

</pre></html>

-

~~<connect freq> applies only to servers~~, ~~and specifies~~ the ~~frequency that~~ the ~~server tries to auto connect~~. ~~Setting this to 0 will cause~~ the ~~server to attempt to connect repeatedly with no delay until the <maximum links> condition is satisfied~~. ~~This~~ is ~~a Bad Thing(tm). Time can~~ be specified ~~as a number, or by giving something like: 1 minutes 2 seconds, or 1*60+20~~.

+

For connection classes intended for operator use, you can specify privileges the operator should be granted when the Operator block names the class. The local privilege MUST be defined by either the Class or Operator block. It is highly recommended that most privileges be explicitly specified in the operator's Operator block on DareNET.

-

~~For connection classes intended for operator use, you can specify privileges~~ used when ~~the Operator {} block (see below) names this~~ class~~. The local (aka globally_opered) privilege MUST be defined by either the Class or Operator block. It~~ is ~~highly recommended privileges be~~ specified ~~in the operator's Operator {} block~~, ~~instead of in Class {} blocks~~.

+

A "default" class is created internally. This class is used when no other class is specified, but its settings are not useful for most situations. Custom classes are strongly recommended.

-

~~A "default" class~~ is ~~created internally. This class is used when no other class is specified, but its settings are not useful for most situations. Custom classes are strongly suggested~~.

+

There may be multiple Class blocks; at least one is recommended.

-

~~There may be multiple Class {} blocks.~~

+

== Client block ==

-

~~'''Example blocks~~:~~'''~~

+

{| class="simpletable" width="100%"

+

|width="250px"|Requirement:

+

|RECOMMENDED

+

|-

+

|Old conf format equivalents:

+

|<code>I:ipmask:passwd:hostmask:port:class</code>

+

|}

-

~~Uplinks you~~ are ~~not~~ a ~~hub for:~~

+

The Client blocks define the hosts client connections are allowed from, and places them into classes. While the server will start without a Client block, it will not be usable.

-

~~<c>Class~~

+

-

{

+

-

~~name = "Server";~~

+

-

~~pingfreq = 1 minutes 30 seconds;~~

+

-

~~connectfreq = 5 minutes;~~

+

-

~~maxlinks = 1;~~

+

-

~~sendq = 9000000;~~

+

-

~~};</c>~~

+

-

~~Leaf servers you hub for:~~

+

-

~~<c>Class~~

+

-

{

+

-

~~name = "Leaf Server";~~

+

-

~~pingfreq = 1 minutes 30 seconds;~~

+

-

~~connectfreq = 5 minutes;~~

+

-

~~maxlinks = 0;~~

+

-

~~sendq = 9000000;~~

+

-

~~};</c>~~

+

-

~~All clients:~~

+

-

~~<c>Class~~

+

-

{

+

-

~~name = "Users";~~

+

-

~~pingfreq = 1 minutes 30 seconds;~~

+

-

~~sendq = 60000;~~

+

-

~~usermode = "+iw";~~

+

-

~~};</c>~~

+

-

~~Opers:~~

+

-

~~<c>Class~~

+

-

{

+

-

~~name = "Opers";~~

+

-

~~pingfreq = 1 minutes 30 seconds;~~

+

-

~~sendq = 60000;~~

+

-

~~whox = yes;~~

+

-

~~};</c>~~

+

-

== ~~Client Block =~~=

+

<html><pre>Client {

+

/* host: resolved user@host mask allowed to connect. This is optional

+

* if you are using the ip mask to match against. Additionally, if you specify *@loc for

+

* this field it will match all LOC users.

+

*/

+

host = "*@*.wirehub.net";

-

{| class="~~wikitable~~" ~~width~~="~~40%~~" ~~style=~~"~~font-size: 97%~~; ~~text-align: left;"~~

+

/* ip: unresolved user@ip mask allowed to connect. */

-

~~| Requirement:~~

+

ip = "*@195.86.128.*";

-

~~| SUGGESTED~~

+

-

|-

+

-

~~| Old conf format equivalents:~~

+

-

~~| I:line~~

+

-

|}

+

-

~~To allow clients~~ to ~~connect, they need authorization~~. This ~~can be done based on hostmask, address mask and/or with a~~ password. ~~With intelligent use of classes and the maxlinks field in the Client {} blocks, you can let in a specific domain, but get rid of all other domains in the same top level, thus setting up some sort of~~ "~~reverse Kill {} block.~~"

+

/* password: (optional) password that is required to use this block.

+

* This password string is not encrypted.

+

*/

+

password = "letMEHin";

-

<~~pre>Client~~

+

/* class: the class the user should be placed in. */

-

{

+

class = "Users";

-

~~host~~ = "~~host~~";

+

-

~~ip = "127~~.~~0.0.0~~/~~8";~~

+

-

~~password~~ = ~~"password";~~

+

-

class = "~~classname~~";

+

-

~~maxlinks = number;~~

+

-

};</~~pre~~>

+

-

~~Everything in a Client {} block is optional. If a username mask is~~ specified, ~~it must match~~ the clients ~~username from~~ the ~~IDENT protocol. If a hostmask is given,~~ the ~~client's hostname must resolve and match~~ the ~~hostmask. If a CIDR-style~~ IP ~~mask is given, the client must have an IP matching that range~~. If maxlinks ~~is given, it limits the number of matching clients allowed from a particular IP address.~~

+

/* maxlinks: if specified, the server will only accept clients when

+

* the total number of connections to the network from the same IP number doesn't exceed

+

* this number.

+

*/

+

maxlinks = 6;

-

~~'''Technical Description~~:~~'''~~

+

/* port: (optional) a port to limit this block to. */

+

port = 6660;

+

};

+

</pre></html>

-

~~For every connectiong client, the IP address is known~~. ~~A reverse lookup is performed on this IP-number~~ to ~~get the (/all) hostname(s). Each hostname that belongs to this IP-number is matched to <hostmask>, and the~~ Client {} block ~~is used when any matches; the client will then show with this particular hostname. If none of the hostnames match, then the IP-number is matched against the <IP mask ...> field, and~~ if this matches, the Client {} block is used nevertheless and the client will show with the first (main) hostname, if any. If the IP-number does not resolve, then the client will show with the dot notation of the IP-number.

+

The server uses a default deny policy for incoming connections. You need to define at least one Client block if you wish to use your server.

-

~~There is~~ a ~~special case for UNIX domain sockets~~ and ~~localhost~~ connections. ~~In these cases~~, the <IP ~~mask.~~.~~.> field~~ is ~~compared with the name of the server (thus not with any IP-number representation)~~. The ~~name of~~ the ~~server is~~ the ~~one returned in~~ the ~~numeric 002 reply~~. ~~For example:~~

+

The <code>host</code> and <code>ip</code> fields specify which connections the block matches. The server always performs a DNS and ident lookup for connections. If DNS cannot find a hostname, the IP address is used instead. If ident cannot get a valid reply, "unknown" is used during this state. The client's resolved hostname, IP address, ident reply, and username (from the USER line) are used according to the results of the matches described below.

-

<code>002 Your host is 2.darenet.org[jolan.ppro], running version ...</code>

+

'''Note:''' There is a specify case for UNIX domain sockets and localhost connections. In these cases, the <code>ip / host</code> field is compared with the name of the server, and thus not with any IP number representation. The name of the server is that returned in the numeric 002 reply, example: <code>002 Your host is 2.darenet.org[jolan.ppro]. running version ...</code> In this example, "jolan.ppro" is the name used for matching; therefore, UNIX domain sockets and connections to localhost would match a block containing: <code>host = "*@jolan.ppro";</code>.

-

~~In this example, "jolan.ppro" is~~ the ~~name used for matching. Therefore~~, ~~UNIX domain sockets~~, and ~~connections to localhost, would~~ match ~~this block:~~

+

The <code>host</code> field attempts to match first against the resolved hostname, if available, and then against the IP address. To include the connection's ident reply in the match, use a mask in the form "ident@host". If a client matches, it appears on IRC using its resolved hostname.

-

<code>~~host = "*@jolan.ppro";~~</code>

+

The <code>ip</code> field attempts to match against the IP address only. An ident may be specified to match against, as well.

-

~~Example blocks~~:

+

'''Note:''' If the ident portion is specified in a mask (i.e., "ident@host" instead of "host"), and no ident reply is received from the client, it will appear on IRC with its username prefixed with a '~' tilde. If the matching mask used only the "host" form, the client's username is not prefixed. If a valid ident reply is received, it is always used and not prefixed.

-

~~Prevent unresolved clients from connecting:~~

+

You need only specify a <code>host</code> or <code>ip</code> field, not both. If both are used, <code>host</code> is matched against first.

-

<c>~~Client~~

+

-

{

+

-

host ~~= "*@*";~~

+

-

~~class = "Users";~~

+

-

~~maxlinks = 5;~~

+

-

};</c>

+

-

~~Only accept two connections from dial up accounts that have "dial??.*" as host mask:~~

+

There may be multiple Client blocks; at least one is recommended.

-

~~<c>~~Client

+

-

{

+

-

~~host = "*@dial??~~.*";

+

-

~~class = "Users";~~

+

-

~~maxlinks = 2;~~

+

-

~~};</c>~~

+

-

~~Allow anyone to connect:~~

+

== Motd block ==

-

~~<c>Client~~

+

-

{

+

-

~~host~~ = ~~"*@*";~~

+

-

ip = ~~"*@*";~~

+

-

~~class~~ = ~~"Other";~~

+

-

~~maxlinks~~ = 5;

+

-

~~};</c>~~

+

-

~~== motd Block ==~~

+

{| class="simpletable" width="100%"

-

+

|width="250px"|Requirement:

-

{| class="~~wikitable~~" width="40%" ~~style~~="~~font-size: 97%; text-align: left;~~"

+

|OPTIONAL

-

| Requirement:

+

-

| OPTIONAL

+

|-

-

| Old conf format equivalents:

+

|Old conf format equivalents:

-

| T:~~line~~

+

|<code>T:hostmask|classnumber:path</code>

|}

-

~~It is possible to show~~ a different Message of the Day ~~(MOTD)~~ to a connecting ~~client depending~~ on ~~its~~ origin.

+

The Motd blocks allow a different Message of the Day to be shown to connecting clients based on their origin.

-

<pre>~~motd~~

+

<html><pre>Motd {

-

{

+

/* host: a hostmask, class number or class name to match against. */

-

~~host~~ = "~~Users~~";

+

host = "*.jp";

-

~~file = "path~~/to/~~motd~~/~~file";~~

+

-

};</~~pre~~>

+

-

~~More than one~~ <~~code>host~~ = "~~mask~~"~~;</code~~> ~~entry may be present in one block; this has~~ the ~~same effect as one motd {} block for each host entry, but makes it easier~~ to ~~update~~ the ~~message's filename. Additionally, you may specify a the name of a Class {} block~~ to ~~match against in the~~ <~~host~~> ~~portion~~.

+

/* file: the path to the MOTD file to be shown (relative to DPATH). */

+

file = "jp.motd";

+

};

+

</pre></html>

-

~~Example~~ block:

+

More then one <code>host</code> field may be present in an Motd block.

-

~~<c>motd~~

+

There may be multiple Motd blocks.

-

{

+

-

host = "*@*.~~jp";~~

+

-

~~file = "japanese.motd";~~

+

-

~~};</c>~~

+

-

== Connect ~~Block~~ ==

+

== Connect block ==

-

{| class="~~wikitable~~" width="40%" ~~style~~="~~font-size: 97%; text-align: left;~~"

+

{| class="simpletable" width="100%"

-

| Requirement:

+

|width="250px"|Requirement:

-

| OPTIONAL

+

|OPTIONAL

|-

-

| Old conf format equivalents:

+

|Old conf format equivalents:

-

| C:~~line,~~ H:~~line,~~ L:~~line~~

+

|<code>C:host:cpassword:name:port:class</code> <code>N:host:apassword:name:flags:class</code> <code>H:host::name:maxhops</code> <code>L:host::mask:depth</code>

|}

-

Connect {} blocks define ~~what servers the server may connect~~ to~~, and which~~ servers ~~are allowed to connect~~.

+

The Connect blocks define links to other servers.

-

~~IRC servers connect to other servers forming a network with a star or tree topology~~. ~~Loops are not allowed. In this network, two servers can be distinguished:~~ "~~hub~~" ~~and~~ "~~leaf~~"~~. Leaf servers connect to hubs~~; hubs connect to each other. Of course, many servers can't be directly classified in either of these categories. Both a fixed and a rule-based decision making system for server links exists to aide ircd in deciding what links to allow, what to let humans do themselves and what links to (forcefully) disallow.

+

<html><pre>Connect {

+

/* name: the name of the server. */

+

name = "uplink.darenet.org";

-

<~~pre>Connect~~

+

/* host: the host or IP to connect to. If a hostname is used it

-

{

+

* must match the reverse dns of the server.

-

~~name~~ = "~~servername~~";

+

*/

-

host ~~= "hostnameORip";~~

+

host = "192.168.0.1";

-

~~password = "passwd";~~

+

-

~~port~~ = ~~portno;~~

+

-

class = "~~classname~~";

+

-

~~maxhops = 2;~~

+

-

~~hub;~~

+

-

~~leaf = no;~~

+

-

~~autoconnect = no;~~

+

-

};</~~pre~~>

+

-

~~The~~ "~~port~~" ~~field defines the default port the server tries to connect to if an operator uses~~ /~~CONNECT without specifying a port. This is also~~ the ~~port used when the server attempts to auto-connect to the remote server~~. ~~You may tell ircd-darenet to not automatically connect to a server by adding~~ <~~code~~>~~"autoconnect~~ = ~~no;~~"</~~code~~>; ~~the default is to auto connect.~~

+

/* password: the password we send and accept. */

+

password = "somepass";

-

~~The maxhops field causes an SQUIT if a hub tries to introduce servers farther away than that;~~ the ~~element 'leaf;' is an alias for a maxhops of 0~~. ~~The hub field limits~~ the ~~names of servers that may be introduced by a hub;~~ the ~~element 'hub;' is an alias for~~ <~~code~~>~~hub~~ = "*";</~~code~~>.

+

/* port: the port to connect to this server on. This is also the

+

* port used when the server attempts to auto-connect (if enabled).

+

*/

+

port = 7325;

-

~~Example block~~:

+

/* class: the class this server should be placed in. */

+

class = "Server";

-

~~Our primary uplink:~~

+

/* maxhops: the max number of hops a hub may introduce. If a hub

-

<~~c>Connect~~

+

* tries to introduce servers farther away than what is specified here, an SQUIT is

-

{

+

* issued. The 'leaf' token is an alias for "maxhops = 0;".

-

~~name~~ = "~~servername~~.hub.~~darenet.org~~";

+

*/

-

~~host =~~ "1.~~2.3.4";~~

+

maxhops = 2;

-

~~password = "passwd";~~

+

-

~~port~~ = ~~7325;~~

+

-

class = "~~Server~~";

+

-

~~hub;~~

+

-

};</c>

+

-

== ~~CRULE Block~~ ==

+

/* hub: (optional) the mask of servers that this server may hub

+

* for. The tag 'hub' is an alias for 'hub = "*";'.

+

*/

+

hub = "*.us.darenet.org";

-

{| class="~~wikitable~~" width="40%" ~~style~~="~~font-size: 97%; text-align: left;~~"

+

/* autoconnect: (optional) determines if we should try to

-

| Requirement:

+

* automatically connect to this server. The default is to autoconnect.

-

| OPTIONAL

+

*/

+

autoconnect = no;

+

};

+

</pre></html>

+

There may be multiple Connect blocks.

+

== CRule block ==

+

{| class="simpletable" width="100%"

+

|width="250px"|Requirement:

+

|OPTIONAL

|-

-

| Old conf format equivalents:

+

|Old conf format equivalents:

-

| D:~~line,~~ d:~~line~~

+

|<code>D:servermask::rule</code> <code>d:servermask::rule</code>

|}

-

~~For an~~ advanced, real-time rule-based routing decision making system~~, you can use the crule {} blocks. For more information, see doc/readme.crules. If more than one server mask is present in a single rule, the rule applies to all servers~~.

+

The CRule (connection rule) blocks control ircd-darenet's advanced, real-time rule-based routing decision making system.

-

~~Using~~ <~~code~~>~~all~~ = ~~yes;~~</~~code~~> ~~makes the rule always apply; otherwise, it only applies to auto connects~~.

+

<html><pre>CRule {

+

/* server: rules will be applied towards servers matching this mask. */

+

server = "*.eu.darenet.org";

-

<~~pre>CRULE~~

+

/* rule: the connection rule. */

-

{

+

rule = "connected(amsterdam.eu.*)";

-

~~server~~ = "~~servermask~~";

+

-

rule = "~~connectrule~~";

+

-

~~all = yes;~~

+

-

};</~~pre~~>

+

-

~~Example blocks~~:

+

/* all: (optional) setting this to 'yes' will make the rule always

+

* apply; otherwise, it only applies to autoconnects.

+

*/

+

all = yes;

+

};

+

</pre></html>

-

~~<c>CRULE~~

+

If more than one server mask is present in a single crule, the rule will apply to all servers.

-

{

+

-

server ~~= "*.us.darenet.org";~~

+

-

rule ~~= "connected(*.us.darenet~~.~~org)";~~

+

-

~~};</c>~~

+

-

~~Recommended~~ for ~~all leafs:~~

+

See doc/readme.crules for more information on the crule system, including examples of allowed rules.

-

~~<c>CRULE~~

+

-

{

+

There may be multiple CRule blocks.

-

~~server = "*";~~

+

-

~~rule = "directcon(*)";~~

+

-

~~};</c>~~

+

== Port Block ==

-

{| class="~~wikitable~~" width="40%" ~~style~~="~~font-size: 97%; text-align: left;~~"

+

{| class="simpletable" width="100%"

-

| Requirement:

+

|width="250px"|Requirement:

-

| ~~SUGGESTED~~

+

|REQUIRED

|-

-

| Old conf format equivalents:

+

|Old conf format equivalents:

-

| P:~~line~~

+

|<code>P:hostmask:interface:<[CES][H]>:port</code>

|}

-

~~As more users use~~ the server~~, you~~ will ~~notice delays when trying to connect to the primary listening~~ port~~. It~~ is ~~possible, via Port {} blocks,~~ to specify additional ports for the ircd to listen for connections on. De facto ports are: 6667 - standard; 6660-6669, 7000 - additional client ports; 6697 & 9999 = SSL. DareNET uses 7325 for server listener ports.

+

The Port blocks define where the server will accept connections. At least one port block is required to start.

-

~~These are just hints, they are in no way official IANA or IETF policies. IANA says we should use~~ port ~~194, but that requires us~~ to ~~run as root, so we don't do that~~.

+

<html><pre>Port {

+

/* port: the specific port to listen on. */

+

port = 7325;

-

<~~pre>Port~~

+

/* mask: (optional) the IP address (or a range of IP addresses) that

-

{

+

* the server will allow connections from.

-

~~port = number;~~

+

*/

-

~~mask~~ = "~~ipmask~~";

+

mask = "127.0.*.*";

-

/~~/ Use this to control~~ the ~~interface you bind to~~.

+

-

~~vhost = "virtual host ip";~~

+

-

// ~~Setting to yes makes this server only.~~

+

-

~~server~~ = ~~yes;~~

+

-

~~// Setting to yes makes the port~~ "~~hidden~~" ~~from stats~~.

+

-

~~hidden = yes;~~

+

-

~~// Setting to yes makes the port accept SSL connections from clients~~.

+

-

~~crypt = yes;~~

+

-

~~// Setting to yes makes the port exempt from connection restrictions~~

+

-

~~// during a timed /restart or /die~~.

+

-

~~exempt = yes;~~

+

-

};</~~pre~~>

+

-

~~The mask setting allows you to specify~~ a ~~range of~~ IP ~~addresses that you will allow connections from. This should only contain IP addresses and '~~*' ~~if used. This field only uses IP addresses. This does not use DNS in any way, so you can~~'t use it to allow *.~~jp or~~ *.~~uk, and so on~~. ~~Attemptinh to specify anything other than numbers, dots and starts [~~0~~-9.*] will result in the port allowing connections from anyone~~.

+

/* vhost: (optional) set a specific IP/host the port (listed after

+

* the 'port' token) will listen for.

+

*/

+

vhost = "127.0.0.1";

-

~~The~~ <~~virtual host~~> setting ~~allows multiple homed hosts~~ to ~~specify which interface to use on~~ a port ~~by port basis~~. If an interface is not specified, the default interface will be used. The interface MUST be the complete IP address for a real hardware interface on the machine running ircd. If you want to use virtual hosting YOU MUST USE THIS; ~~otherwise, it WILL bind to all interfaces -- not what most people seem to expect.~~

+

/* server: setting this to yes makes this a server only port. */

+

server = yes;

-

~~Example blocks~~:

+

/* hidden: (optional) setting this to 'yes' makes the port

+

* "hidden" from stats replies.

+

*/

+

hidden = yes;

-

<c>~~Port~~

+

/* crypt: (optional) setting this to 'yes' makes the port accept

-

{

+

* SSL connections.

-

port ~~= 7325;~~

+

*/

-

~~vhost = "127~~.~~0.0.1";~~

+

crypt = yes;

@@ Line 1: / Line 1: @@
 __NOTOC__
-This is a reference guide for ircd-darenet 1.4.1+'s configuration file.
+This is a reference guide for ircd-darenet 1.5.x's configuration file.
-The configuration format consists of various blocks, each containing name-value pairs, tags and/or string data. It is designed to be easily readable by both human and ircd.
+The configuration format consists of various blocks, each containing name-value pairs, tags or string data. It is designed to be easily readable by both human ircd.
-A block consists of a block name, an opening '{' brace, statements, a closing '}' brace, and a ';' semicolon. A statement consists of a name possibly followed by an '=' equals sign and a value, ending with a semicolon. All strings are surrounded by '"' double quotes.
+A block consists of a name, an opening '{' brace, statements, a closing '}' brace, and a ';' semicolon. A statement consists of a name possibly followed by an '=' equals sign and a value, ending with a semicolon. All strings must be surrounded by '"' double quotes.
 A sample block:
@@ Line 15: / Line 15: @@
 };</pre></html>
-All elements of the configuration are separated by whitespace, and can be packed on one line, or broken up over several lines. Whitespace is defined as space, tab or carriage return/linefeed. Three form of comments are allowed:
+All elements of the configuration are separated by whitespace, and can be packed on one line, or broken up over several lines. Whitespace is defined as space, tab or carriage return/linefeed. Three forms of comments are allowed:
-* C style single/multi-line
+<pre>/* C style single/multi-line */
-* C++ style single-line
-* Shell style single-line
-'''Important notes:''' When the configuration file is parsed, blocks are used in reverse order than how they are listed. This means you should start multiple block definitions with the "fall through", and end with the most detailed. Class {} blocks MUST be specified before anything that uses them. That means they must be defined before client {}, connect {} and operator {}.
+// C++ style single-line
-Times / durations are written as:
+# Shell style single-line
+</pre>
-* A number in seconds (e.g., 60)
+{{info|text=Blocks are used in the reverse order than how they're listed, when the configuration file is parsed. This means you should start multiple block definitions with the "fall through", and end with the most detailed.}}
-* 1 hours 30 minutes 10 seconds
-* An arithmetic expression (e.g., 1*60+20)
-Valid units of time:
-* Decade, year, month, week, day, hour, minute, second
-Valid units of size:
-* terabyte / tbyte
-* gigabyte / gbyte
-* megabyte / mbyte
-* kilobyte / kbyte
-* byte
-Sizes and times may be specified as singular or plural.
 == General block ==
-{| class="simpletable"
+{| class="simpletable" width="100%"
 |width="250px"|Requirement:
 |REQUIRED
 |-
 |Old conf format equivalents:
-|M:name:vhost:description::numeric
+|<code>M:name:vhost:description::numeric</code>
 |}
 The General block defines information about the server itself. It is required for the server to start.
-<html><pre><strong>general</strong> {
+<html><pre><strong>General</strong> {
      <span class="comment">/* name: the name of our server. */</span>
      name = <span class="qstring">"test.area.zone.darenet.org"</span>;
@@ Line 65: / Line 48: @@
       * digit between 0 and 4095, and is not updated on a rehash.
       */</span>
-     numeric = <span class="integer"> 999</span>;
+     numeric = <span class="integer">999</span>;
      <span class="comment">/* vhost: the IP to bind to when we connect outward to other servers.
@@ Line 86: / Line 69: @@
 </pre></html>
-'''Required tokens:''' <code>name, description, numeric</code>
+The server name may only be changed by a server restart. The description can be changed on rehash, but will not propagate to other linked servers.
-'''Optional tokens:''' <code>vhost, ssl_pem, ssl_private_key</code>
+There must be exactly one General block.
-Note that the server <numeric> must be unique on the network the server is linked to, and may be between 0 and 4095. It is not updated on a rehash. If linking to DareNET, you should use the numeric assigned to you by the Infrastructure team.
+== Admin block ==
-If <vhost> is specified, it must contain either a <code>*</code> or a valid IPv4 address in dotted quad notation (e.g., 127.0.0.1). The address MUST be the address of a physical interface on the host. It is used only for outgoing connections; see Port {} blocks for listener virtual hosting. If in doubt what to put here, use the IP of your primary interface.
+{| class="simpletable" width="100%"
+|width="250px"|Requirement:
+|SUGGESTED
+|-
+|Old conf format equivalents:
+|<code>A:line1:line2:line3</code>
+|}
-If SSL is enabled, you MUST specify the path to your pem (containing your cert and private key) and private key files using the ssl_pem and ssl_private_key tokens.
+The Admin block defines information that can be retrieved with the <code>/ADMIN</code> command.
-There may only be one General {} block.
+<html><pre><strong>Admin</strong> {
+    location = <span class="qstring">"DareNET - http://www.darenet.org"</span>;
+    location = <span class="qstring">"Infrastructure Team"</span>;
+    contact = <span class="qstring">"&lt;infrastructure@darenet.org&gt;"</span>;
+};
+</pre></html>
-'''Example block:'''
+Not all lines are required. There may only be one Admin block.
-<c>General
+== Class block ==
-{
-  name = "servername.area.zone.darenet.org";
-  description = "DareNET Client Server";
-  numeric = 10;
-  vhost = "127.0.0.1";
-  ssl_pem = "etc/ircd.pem";
-  ssl_private_key = "etc/ircd.key";
-};</c>
-== Admin Block ==
+{| class="simpletable" width="100%"
+|width="250px"|Requirement:
-{| class="wikitable" width="40%" style="font-size: 97%; text-align: left;"
+|RECOMMENDED
-| Requirement:
+|-
-| SUGGESTED
+|Old conf format equivalents:
+|<code>Y:class:pingfreq::maxlinks:sendq (clients)</code><br /><code>Y:class:pingfreq:connectfreq:maxlinks:sendq (servers)</code>
 |-
-| Old conf format equivalents:
-| A:line
 |}
-The Admin {} block defines information that can be retrieved with the /ADMIN command.
+The Class blocks define connection classes. All connections to the server are associated with a "connection class", whether they be incoming or outgoing (initiated by the server), be they clients or servers.
-There may only be one Admin {} block.
+<html><pre><strong>Class</strong> {
+    <span class="comment">/* name: a name for the connection class. */</span>
+    name = <span class="qstring">"Users"</span>;
-<pre>Admin
+    <span class="comment">/* pingfreq: how often to PING idle connections. */</span>
-{
+    pingfreq = 1 minute 30 seconds;
-  Location = "string 1 here";
-  Location = "string 2 here";
-  Contact = "string 3 here";
-};</pre>
-'''Example block:'''
+    <span class="comment">/* sendq: send buffer limit (i.e., the amount of data allowed in
+     * a client's queue before they are dropped.
+     */</span>
+    sendq = 100 kilobytes;
-<c>Admin
+    <span class="comment">/* maxlinks: the maximum number of connections that may use this
-{
+     * class. May be between 0 and 4,000,000,000.
-  Location = "DareNET";
+     */</span>
-  Location = "Infrastructure Team";
+    maxlinks = <span class="integer">100</span>;
-  Contact = "<infrastructure@darenet.org>";
-};</c>
-== Class Block ==
+    <span class="comment">/* usermode: an optional list of user modes that should set
+     * upon the user while connecting.
+     */</span>
+    usermode = <span class="qstring">"+iw"</span>;
-{| class="wikitable" width="40%" style="font-size: 97%; text-align: left;"
+    <span class="comment">/* maxchans: the maximum number of channels that clients may join.
-| Requirement:
+    */</span>
-| SUGGESTED
+    maxchans = <span class="integer">50</span>;
-|-
+};
-| Old conf format equivalents:
-| Y:line
-|}
-The Class {} blocks define connection classes. All connections to the server are associated with a "connection class", whether they be incoming or outgoing (initiated by the server), be they clients or servers.
+<strong>Class</strong> {
+    name = <span class="qstring">"Opers"</span>;
+    pingfreq = 2 minutes;
+    sendq = 100 kilobytes;
+    maxlinks = <span class="integer">10</span>;
+    usermode = <span class="qstring">"+iw"</span>;
+    whox;
+};
-<pre>Class
+<strong>Class</strong> {
-{
+    name = <span class="qstring">"Server"</span>;
-  name = "<class>";
+    pingfreq = 3 minutes;
-  pingfreq = time;
-  connectfreq = time;
-  maxlinks = number;
-  sendq = size;
-  usermode = "+modes";
-};</pre>
-'''Required tokens:''' <code>name, pingfreq, sendq</code>
+    <span class="comment">/* connectfreq: this token applies only to servers, and specifies
+     * the frequency that the server tries to auto connect. Setting this to 0 will cause a
+     * server to attempt to connect repeatedly, with no delay until the maxlinks condition
+     * is satisfied (which is not a good thing).
+     */</span>
+    connectfreq = 5 minutes;
-'''Optional tokens (client classes only):''' <code>maxlinks, usermode</code>
+    <span class="comment">/* maxlinks: for server classes, specifies the maximum number of
+     * servers to autoconnect to. This should be 0 for hubs, and 1 for leafs.
+     */</span>
+    maxlinks = <span class="integer">0</span>;
-'''Optional tokens (server classes only):''' <code>connectfreq</code>
+    sendq = 10 megabytes;
+};
-For connection classes used on server links, maxlinks should be set to either 0 (for hubs) or 1 (for leafs). Client connection classes may use maxlinks between 0 and approximately 4,000,000,000. A maxlinks of 0 means there is no limit on the number of connections using the class.
+<strong>Class</strong> {
+    name = <span class="qstring">"Leaf_Server"</span>;
+    pingfreq = 3 minutes;
+    connectfreq = 5 minutes;
+    maxlinks = 1;
+    sendq = 10 megabytes;
+};
+</pre></html>
-<connect freq> applies only to servers, and specifies the frequency that the server tries to auto connect. Setting this to 0 will cause the server to attempt to connect repeatedly with no delay until the <maximum links> condition is satisfied. This is a Bad Thing(tm). Time can be specified as a number, or by giving something like: 1 minutes 2 seconds, or 1*60+20.
+For connection classes intended for operator use, you can specify privileges the operator should be granted when the Operator block names the class. The local privilege MUST be defined by either the Class or Operator block. It is highly recommended that most privileges be explicitly specified in the operator's Operator block on DareNET.
-For connection classes intended for operator use, you can specify privileges used when the Operator {} block (see below) names this class. The local (aka globally_opered) privilege MUST be defined by either the Class or Operator block. It is highly recommended privileges be specified in the operator's Operator {} block, instead of in Class {} blocks.
+A "default" class is created internally. This class is used when no other class is specified, but its settings are not useful for most situations. Custom classes are strongly recommended.
-A "default" class is created internally. This class is used when no other class is specified, but its settings are not useful for most situations. Custom classes are strongly suggested.
+There may be multiple Class blocks; at least one is recommended.
-There may be multiple Class {} blocks.
+== Client block ==
-'''Example blocks:'''
+{| class="simpletable" width="100%"
+|width="250px"|Requirement:
+|RECOMMENDED
+|-
+|Old conf format equivalents:
+|<code>I:ipmask:passwd:hostmask:port:class</code>
+|}
-Uplinks you are not a hub for:
+The Client blocks define the hosts client connections are allowed from, and places them into classes. While the server will start without a Client block, it will not be usable.
-<c>Class
-{
-  name = "Server";
-  pingfreq = 1 minutes 30 seconds;
-  connectfreq = 5 minutes;
-  maxlinks = 1;
-  sendq = 9000000;
-};</c>
-Leaf servers you hub for:
-<c>Class
-{
-  name = "Leaf Server";
-  pingfreq = 1 minutes 30 seconds;
-  connectfreq = 5 minutes;
-  maxlinks = 0;
-  sendq = 9000000;
-};</c>
-All clients:
-<c>Class
-{
-  name = "Users";
-  pingfreq = 1 minutes 30 seconds;
-  sendq = 60000;
-  usermode = "+iw";
-};</c>
-Opers:
-<c>Class
-{
-  name = "Opers";
-  pingfreq = 1 minutes 30 seconds;
-  sendq = 60000;
-  whox = yes;
-};</c>
-== Client Block ==
+<html><pre><strong>Client</strong> {
+    <span class="comment">/* host: resolved user@host mask allowed to connect. This is optional
+     * if you are using the ip mask to match against.  Additionally, if you specify *@loc for
+     * this field it will match all LOC users.
+     */</span>
+    host = <span class="qstring">"*@*.wirehub.net"</span>;
-{| class="wikitable" width="40%" style="font-size: 97%; text-align: left;"
+    <span class="comment">/* ip: unresolved user@ip mask allowed to connect. */</span>
-| Requirement:
+    ip = <span class="qstring">"*@195.86.128.*"</span>;
-| SUGGESTED
-|-
-| Old conf format equivalents:
-| I:line
-|}
-To allow clients to connect, they need authorization. This can be done based on hostmask, address mask and/or with a password. With intelligent use of classes and the maxlinks field in the Client {} blocks, you can let in a specific domain, but get rid of all other domains in the same top level, thus setting up some sort of "reverse Kill {} block."
+    <span class="comment">/* password: (optional) password that is required to use this block.
+     * This password string is not encrypted.
+     */</span>
+    password = <span class="qstring">"letMEHin"</span>;
-<pre>Client
+    <span class="comment">/* class: the class the user should be placed in. */</span>
-{
+    class = <span class="qstring">"Users"</span>;
-  host = "host";
-  ip = "127.0.0.0/8";
-  password = "password";
-  class = "classname";
-  maxlinks = number;
-};</pre>
-Everything in a Client {} block is optional. If a username mask is specified, it must match the clients username from the IDENT protocol. If a hostmask is given, the client's hostname must resolve and match the hostmask. If a CIDR-style IP mask is given, the client must have an IP matching that range. If maxlinks is given, it limits the number of matching clients allowed from a particular IP address.
+    <span class="comment">/* maxlinks: if specified, the server will only accept clients when
+     * the total number of connections to the network from the same IP number doesn't exceed
+     * this number.
+     */</span>
+    maxlinks = <span class="integer">6</span>;
-'''Technical Description:'''
+    <span class="comment">/* port: (optional) a port to limit this block to. */</span>
+    port = <span class="integer">6660</span>;
+};
+</pre></html>
-For every connectiong client, the IP address is known. A reverse lookup is performed on this IP-number to get the (/all) hostname(s). Each hostname that belongs to this IP-number is matched to <hostmask>, and the Client {} block is used when any matches; the client will then show with this particular hostname. If none of the hostnames match, then the IP-number is matched against the <IP mask ...> field, and if this matches, the Client {} block is used nevertheless and the client will show with the first (main) hostname, if any. If the IP-number does not resolve, then the client will show with the dot notation of the IP-number.
+The server uses a default deny policy for incoming connections. You need to define at least one Client block if you wish to use your server.
-There is a special case for UNIX domain sockets and localhost connections. In these cases, the <IP mask...> field is compared with the name of the server (thus not with any IP-number representation). The name of the server is the one returned in the numeric 002 reply. For example:
+The <code>host</code> and <code>ip</code> fields specify which connections the block matches. The server always performs a DNS and ident lookup for connections. If DNS cannot find a hostname, the IP address is used instead. If ident cannot get a valid reply, "unknown" is used during this state. The client's resolved hostname, IP address, ident reply, and username (from the USER line) are used according to the results of the matches described below.
-<code>002 Your host is 2.darenet.org[jolan.ppro], running version ...</code>
+'''Note:''' There is a specify case for UNIX domain sockets and localhost connections. In these cases, the <code>ip / host</code> field is compared with the name of the server, and thus not with any IP number representation. The name of the server is that returned in the numeric 002 reply, example: <code>002 Your host is 2.darenet.org[jolan.ppro]. running version ...</code> In this example, "jolan.ppro" is the name used for matching; therefore, UNIX domain sockets and connections to localhost would match a block containing: <code>host = "*@jolan.ppro";</code>.
-In this example, "jolan.ppro" is the name used for matching. Therefore, UNIX domain sockets, and connections to localhost, would match this block:
+The <code>host</code> field attempts to match first against the resolved hostname, if available, and then against the IP address. To include the connection's ident reply in the match, use a mask in the form "ident@host". If a client matches, it appears on IRC using its resolved hostname.
-<code>host = "*@jolan.ppro";</code>
+The <code>ip</code> field attempts to match against the IP address only. An ident may be specified to match against, as well.
-Example blocks:
+'''Note:''' If the ident portion is specified in a mask (i.e., "ident@host" instead of "host"), and no ident reply is received from the client, it will appear on IRC with its username prefixed with a '~' tilde. If the matching mask used only the "host" form, the client's username is not prefixed. If a valid ident reply is received, it is always used and not prefixed.
-Prevent unresolved clients from connecting:
+You need only specify a <code>host</code> or <code>ip</code> field, not both. If both are used, <code>host</code> is matched against first.
-<c>Client
-{
-  host = "*@*";
-  class = "Users";
-  maxlinks = 5;
-};</c>
-Only accept two connections from dial up accounts that have "dial??.*" as host mask:
+There may be multiple Client blocks; at least one is recommended.
-<c>Client
-{
-  host = "*@dial??.*";
-  class = "Users";
-  maxlinks = 2;
-};</c>
-Allow anyone to connect:
+== Motd block ==
-<c>Client
-{
-  host = "*@*";
-  ip = "*@*";
-  class = "Other";
-  maxlinks = 5;
-};</c>
-== motd Block ==
+{| class="simpletable" width="100%"
+|width="250px"|Requirement:
-{| class="wikitable" width="40%" style="font-size: 97%; text-align: left;"
+|OPTIONAL
-| Requirement:
-| OPTIONAL
 |-
-| Old conf format equivalents:
+|Old conf format equivalents:
-| T:line
+|<code>T:hostmask&#124;classnumber:path</code>
 |}
-It is possible to show a different Message of the Day (MOTD) to a connecting client depending on its origin.
+The Motd blocks allow a different Message of the Day to be shown to connecting clients based on their origin.
-<pre>motd
+<html><pre><strong>Motd</strong> {
-{
+    <span class="comment">/* host: a hostmask, class number or class name to match against. */</span>
-  host = "Users";
+    host = <span class="qstring">"*.jp"</span>;
-  file = "path/to/motd/file";
-};</pre>
-More than one <code>host = "mask";</code> entry may be present in one block; this has the same effect as one motd {} block for each host entry, but makes it easier to update the message's filename. Additionally, you may specify a the name of a Class {} block to match against in the <host> portion.
+    <span class="comment">/* file: the path to the MOTD file to be shown (relative to DPATH). */</span>
+    file = <span class="qstring">"jp.motd"</span>;
+};
+</pre></html>
-Example block:
+More then one <code>host</code> field may be present in an Motd block.
-<c>motd
+There may be multiple Motd blocks.
-{
-  host = "*@*.jp";
-  file = "japanese.motd";
-};</c>
-== Connect Block ==
+== Connect block ==
-{| class="wikitable" width="40%" style="font-size: 97%; text-align: left;"
+{| class="simpletable" width="100%"
-| Requirement:
+|width="250px"|Requirement:
-| OPTIONAL
+|OPTIONAL
 |-
-| Old conf format equivalents:
+|Old conf format equivalents:
-| C:line, H:line, L:line
+|<code>C:host:cpassword:name:port:class</code><br /><code>N:host:apassword:name:flags:class</code><br /><code>H:host::name:maxhops</code><br /><code>L:host::mask:depth</code>
 |}
-Connect {} blocks define what servers the server may connect to, and which servers are allowed to connect.
+The Connect blocks define links to other servers.
-IRC servers connect to other servers forming a network with a star or tree topology. Loops are not allowed. In this network, two servers can be distinguished: "hub" and "leaf". Leaf servers connect to hubs; hubs connect to each other. Of course, many servers can't be directly classified in either of these categories. Both a fixed and a rule-based decision making system for server links exists to aide ircd in deciding what links to allow, what to let humans do themselves and what links to (forcefully) disallow.
+<html><pre><strong>Connect</strong> {
+    <span class="comment">/* name: the name of the server. */</span>
+    name = <span class="qstring">"uplink.darenet.org"</span>;
-<pre>Connect
+    <span class="comment">/* host: the host or IP to connect to. If a hostname is used it
-{
+     * must match the reverse dns of the server.
-  name = "servername";
+     */</span>
-  host = "hostnameORip";
+    host = <span class="qstring">"192.168.0.1"</span>;
-  password = "passwd";
-  port = portno;
-  class = "classname";
-  maxhops = 2;
-  hub;
-  leaf = no;
-  autoconnect = no;
-};</pre>
-The "port" field defines the default port the server tries to connect to if an operator uses /CONNECT without specifying a port. This is also the port used when the server attempts to auto-connect to the remote server. You may tell ircd-darenet to not automatically connect to a server by adding <code>"autoconnect = no;"</code>; the default is to auto connect.
+    <span class="comment">/* password: the password we send and accept. */</span>
+    password = <span class="qstring">"somepass"</span>;
-The maxhops field causes an SQUIT if a hub tries to introduce servers farther away than that; the element 'leaf;' is an alias for a maxhops of 0. The hub field limits the names of servers that may be introduced by a hub; the element 'hub;' is an alias for <code>hub = "*";</code>.
+    <span class="comment">/* port: the port to connect to this server on. This is also the
+     * port used when the server attempts to auto-connect (if enabled).
+     */</span>
+    port = <span class="integer">7325</span>;
-Example block:
+    <span class="comment">/* class: the class this server should be placed in. */</span>
+    class = <span class="qstring">"Server"</span>;
-Our primary uplink:
+    <span class="comment">/* maxhops: the max number of hops a hub may introduce. If a hub
-<c>Connect
+     * tries to introduce servers farther away than what is specified here, an SQUIT is
-{
+     * issued. The 'leaf' token is an alias for "maxhops = 0;".
-  name = "servername.hub.darenet.org";
+     */</span>
-  host = "1.2.3.4";
+    maxhops = <span class="integer">2</span>;
-  password = "passwd";
-  port = 7325;
-  class = "Server";
-  hub;
-};</c>
-== CRULE Block ==
+    <span class="comment">/* hub: (optional) the mask of servers that this server may hub
+     * for. The tag 'hub' is an alias for 'hub = "*";'.
+     */</span>
+    hub = <span class="qstring">"*.us.darenet.org"</span>;
-{| class="wikitable" width="40%" style="font-size: 97%; text-align: left;"
+    <span class="comment">/* autoconnect: (optional) determines if we should try to
-| Requirement:
+    * automatically connect to this server. The default is to autoconnect.
-| OPTIONAL
+    */</span>
+    autoconnect = no;
+};
+</pre></html>
+There may be multiple Connect blocks.
+== CRule block ==
+{| class="simpletable" width="100%"
+|width="250px"|Requirement:
+|OPTIONAL
 |-
-| Old conf format equivalents:
+|Old conf format equivalents:
-| D:line, d:line
+|<code>D:servermask::rule</code><br /><code>d:servermask::rule</code>
 |}
-For an advanced, real-time rule-based routing decision making system, you can use the crule {} blocks. For more information, see doc/readme.crules. If more than one server mask is present in a single rule, the rule applies to all servers.
+The CRule (connection rule) blocks control ircd-darenet's advanced, real-time rule-based routing decision making system.
-Using <code>all = yes;</code> makes the rule always apply; otherwise, it only applies to auto connects.
+<html><pre><strong>CRule</strong> {
+    <span class="comment">/* server: rules will be applied towards servers matching this mask. */</span>
+    server = <span class="qstring">"*.eu.darenet.org"</span>;
-<pre>CRULE
+    <span class="comment">/* rule: the connection rule. */</span>
-{
+    rule = <span class="qstring">"connected(amsterdam.eu.*)"</span>;
-  server = "servermask";
-  rule = "connectrule";
-  all = yes;
-};</pre>
-Example blocks:
+    <span class="comment">/* all: (optional) setting this to 'yes' will make the rule always
+     * apply; otherwise, it only applies to autoconnects.
+     */</span>
+    all = yes;
+};
+</pre></html>
-<c>CRULE
+If more than one server mask is present in a single crule, the rule will apply to all servers.
-{
-  server = "*.us.darenet.org";
-  rule = "connected(*.us.darenet.org)";
-};</c>
-Recommended for all leafs:
+See doc/readme.crules for more information on the crule system, including examples of allowed rules.
-<c>CRULE
-{
+There may be multiple CRule blocks.
-  server = "*";
-  rule = "directcon(*)";
-};</c>
 == Port Block ==
-{| class="wikitable" width="40%" style="font-size: 97%; text-align: left;"
+{| class="simpletable" width="100%"
-| Requirement:
+|width="250px"|Requirement:
-| SUGGESTED
+|REQUIRED
 |-
-| Old conf format equivalents:
+|Old conf format equivalents:
-| P:line
+|<code>P:hostmask:interface:<[CES][H]>:port</code>
 |}
-As more users use the server, you will notice delays when trying to connect to the primary listening port. It is possible, via Port {} blocks, to specify additional ports for the ircd to listen for connections on. De facto ports are: 6667 - standard; 6660-6669, 7000 - additional client ports; 6697 & 9999 = SSL. DareNET uses 7325 for server listener ports.
+The Port blocks define where the server will accept connections. At least one port block is required to start.
-These are just hints, they are in no way official IANA or IETF policies. IANA says we should use port 194, but that requires us to run as root, so we don't do that.
+<html><pre><strong>Port</strong> {
+    <span class="comment">/* port: the specific port to listen on. */</span>
+    port = <span class="integer">7325</span>;
-<pre>Port
+    <span class="comment">/* mask: (optional) the IP address (or a range of IP addresses) that
-{
+     * the server will allow connections from.
-  port = number;
+     */</span>
-  mask = "ipmask";
+    mask = <span class="qstring">"127.0.*.*"</span>;
-  // Use this to control the interface you bind to.
-  vhost = "virtual host ip";
-  // Setting to yes makes this server only.
-  server = yes;
-  // Setting to yes makes the port "hidden" from stats.
-  hidden = yes;
-  // Setting to yes makes the port accept SSL connections from clients.
-  crypt = yes;
-  // Setting to yes makes the port exempt from connection restrictions
-  // during a timed /restart or /die.
-  exempt = yes;
-};</pre>
-The mask setting allows you to specify a range of IP addresses that you will allow connections from. This should only contain IP addresses and '*' if used. This field only uses IP addresses. This does not use DNS in any way, so you can't use it to allow *.jp or *.uk, and so on. Attemptinh to specify anything other than numbers, dots and starts [0-9.*] will result in the port allowing connections from anyone.
+    <span class="comment">/* vhost: (optional) set a specific IP/host the port (listed after
+     * the 'port' token) will listen for.
+     */</span>
+    vhost = <span class="qstring">"127.0.0.1"</span>;
-The <virtual host> setting allows multiple homed hosts to specify which interface to use on a port by port basis. If an interface is not specified, the default interface will be used. The interface MUST be the complete IP address for a real hardware interface on the machine running ircd. If you want to use virtual hosting YOU MUST USE THIS; otherwise, it WILL bind to all interfaces -- not what most people seem to expect.
+    <span class="comment">/* server: setting this to yes makes this a server only port. */</span>
+    server = yes;
-Example blocks:
+    <span class="comment">/* hidden: (optional) setting this to 'yes' makes the port
+     * "hidden" from stats replies.
+     */</span>
+    hidden = yes;
-<c>Port
+    <span class="comment">/* crypt: (optional) setting this to 'yes' makes the port accept
-{
+     * SSL connections.
-  port = 7325;
+     */</span>
-  vhost = "127.0.0.1";
+    crypt = yes;