DareNET IRCd Configuration
(→Clients) |
(→Clients) |
||
Line 137: | Line 137: | ||
<code>host = "*@jolan.ppro";</code> | <code>host = "*@jolan.ppro";</code> | ||
+ | |||
+ | Example blocks: | ||
+ | |||
+ | Prevent unresolved clients from connecting: | ||
+ | <source lang="perl">Client | ||
+ | { | ||
+ | host = "*@*"; | ||
+ | class = "Users"; | ||
+ | maxlinks = 5; | ||
+ | };</source> | ||
+ | |||
+ | Only accept two connections from dial up accounts that have "dial??.*" as host mask: | ||
+ | <source lang="perl">Client | ||
+ | { | ||
+ | host = "*@dial??.*"; | ||
+ | class = "Users"; | ||
+ | maxlinks = 2; | ||
+ | };</source> | ||
+ | |||
+ | Allow anyone to connect: | ||
+ | <source lang="perl">Client | ||
+ | { | ||
+ | host = "*@*"; | ||
+ | ip = "*@*"; | ||
+ | class = "Other"; | ||
+ | maxlinks = 2; | ||
+ | };</source> |
Revision as of 02:55, 4 May 2009
General
Old M:line
The General {} block defines some information about the server itself.
General { name = "servername"; vhost = "ipv4vhost"; description = "description"; numeric = numericnumber; };
<virtual host> must contain either a * or a valid IPv4 address in dotted quad notation (e.g. 127.0.0.1). The address MUST be the address of a physical interface on the host. This address is used for outgoing connections only; see Port {} blocks for listener virtual hosting. If in doubt what to put here, use the IP of your primary interface here.
Note that <server numeric> must be unique on the network the server is running, and may be between 0 and 4095. It is not updated on a rehash. If linking to DareNET, you should use the numeric assigned to you by the Server Management team.
Example block:
<source lang="perl">General {
name = "servername.area.zone.darenet.org"; description = "DareNET Client Server"; vhost = "127.0.0.1"; numeric = 10;
};</source>
Admin
Old A:line
The Admin {} block defines information that can be retrieved with the /ADMIN command.
Admin { Location = "string 1 here"; Location = "string 2 here"; Contact = "string 3 here"; };
Example block:
<source lang="perl">Admin {
Location = "DareNET"; Location = "Server Management Team"; Contact = "<routing@darenet.org>";
};</source>
Classes
Old Y:lines
All connections to the server are associated with a "connection class", whether they be incoming or outgoing (initiated by the server), be they clients or servers.
Class { name = "<class>"; pingfreq = time; connectfreq = time; maxlinks = number; sendq = size; usermode = "+modes"; };
For connection classes used on server links, maxlinks should be set to either 0 (for hubs) or 1 (for leafs). Client connection classes may use maxlinks between 0 and approximately 4,000,000,000. A maxlinks of 0 means there is no limit on the number of connections using the class.
<connect freq> applies only to servers, and specifies the frequency that the server tries to auto connect. Setting this to 0 will cause the server to attempt to connect repeatedly with no delay until the <maximum links> condition is satisfied. This is a Bad Thing(tm). Time can be specified as a number, or by giving something like: 1 minutes 2 seconds, or 1*60+20.
For connection classes intended for operator use, you can specify privileges used when the Operator {} block (see below) names this class. The local (aka globally_opered) privilege MUST be defined by either the Class or Operator block. It is highly recommended privileges be specified in the operator's Operator {} block, instead of in Class {} blocks.
Example blocks:
Uplinks you are not a hub for: <source lang="perl">Class {
name = "Server" pingfreq = 1 minutes 30 seconds; connectfreq = 5 minutes; maxlinks = 1; sendq = 9000000;
};</source> Leaf servers you hub for: <source lang="perl">Class {
name = "Leaf Server" pingfreq = 1 minutes 30 seconds; connectfreq = 5 minutes; maxlinks = 0; sendq = 9000000;
};</source> All clients: <source lang="perl">Class {
name = "Users" pingfreq = 1 minutes 30 seconds; sendq = 60000; usermode = "+iw";
};</source> Opers: <source lang="perl">Class {
name = "Opers" pingfreq = 1 minutes 30 seconds; sendq = 60000; whox = yes;
};</source>
Clients
Old I:lines
To allow clients to connect, they need authorization. This can be done based on hostmask, address mask and/or with a password. With intelligent use of classes and the maxlinks field in the Client {} blocks, you can let in a specific domain, but get rid of all other domains in the same top level, this setting up some sort of "reverse Kill {} block."
Client { host = "host"; ip = "127.0.0.0/8"; password = "password"; class = "classname"; maxlinks = number; };
Everything in a Client {} block is optional. If a username mask is specified, it must match the clients username from the IDENT protocol. If a hostmask is given, the client's hostname must resolve and match the hostmask. If a CIDR-style IP mask is given, the client must have an IP matching that range. If maxlinks is given, it limits the number of matching clients allowed from a particular IP address.
Technical Description:
For every connectiong client, the IP address is known. A reverse lookup is performed on this IP-number to get the (/all) hostname(s). Each hostname that belongs to this IP-number is matched to <hostmask>, and the Client {} block is used when any matches; the client will then show with this particular hostname. If none of the hostnames match, then the IP-number is matched against the <IP mask ...> field, and if this matches, the Client {} block is used nevertheless and the client will show with the first (main) hostname, if any. If the IP-number does not resolve, then the client will show with the dot notation of the IP-number.
There is a special case for UNIX domain sockets and localhost connections. In these cases, the <IP mask...> field is compared with the name of the server (thus not with any IP-number representation). The name of the server is the one returned in the numeric 002 reply. For example:
002 Your host is 2.darenet.org[jolan.ppro], running version ...
In this example, "jolan.ppro" is the name used for matching. Therefore, UNIX domain sockets, and connections to localhost, would match this block:
host = "*@jolan.ppro";
Example blocks:
Prevent unresolved clients from connecting: <source lang="perl">Client {
host = "*@*"; class = "Users"; maxlinks = 5;
};</source>
Only accept two connections from dial up accounts that have "dial??.*" as host mask: <source lang="perl">Client {
host = "*@dial??.*"; class = "Users"; maxlinks = 2;
};</source>
Allow anyone to connect: <source lang="perl">Client {
host = "*@*"; ip = "*@*"; class = "Other"; maxlinks = 2;
};</source>