From: Matthew Wiggins Date: Fri, 14 Jan 2005 23:28:09 +0000 (+0000) Subject: re: ssl, fakehost X-Git-Tag: rubiks-ircd-1-0-6~26 X-Git-Url: http://git.pulsar-zone.net/?a=commitdiff_plain;h=0ca2986c095f8a7e6115ee71b0fd23e448e960ef;p=rubiks-ircd.git re: ssl, fakehost Reflected changes made to parsing engine in reference.conf examples in template.conf --- diff --git a/doc/reference.conf b/doc/reference.conf index b522adf..7a5c200 100755 --- a/doc/reference.conf +++ b/doc/reference.conf @@ -2,7 +2,7 @@ * Bahamut IRCd, doc/reference.conf * * Originally written by Trevor Talbot (Quension) in April 2004. - * $Id: reference.conf,v 1.1 2005/01/12 07:44:56 mmondor Exp $ + * $Id: reference.conf,v 1.2 2005/01/14 23:28:08 mwiggins Exp $ * * The configuration format consists of blocks, each containing name-value * pairs, tags, or string data. It is designed to be easily readable by @@ -226,6 +226,7 @@ port { port 6667; # Port to listen on // optional tokens + type SSL; # Sets this port to SSL, if omitted normal is implied bind 127.0.0.1; # IP address to listen on ipmask 127.0.*.*; # Mask to accept connections from }; @@ -326,6 +327,7 @@ allow { ipmask *; # Unresolved IP mask (optional if using host) // optional tokens + mask fake.host; # Apply this fake operhost if they are allowed port 6667; # Apply block to this port only passwd secret; # Require password for connection flags mCFT; # Special flags for this connection @@ -449,6 +451,7 @@ oper { access *Aa; # Access flags // optional tokens + mask fake.host; # Apply this operhost instead of default staff name class opers; # Place authenticated client in this class }; diff --git a/doc/template.conf b/doc/template.conf index a37d7f6..10f2ce4 100644 --- a/doc/template.conf +++ b/doc/template.conf @@ -19,6 +19,8 @@ options { local_kline admin@server; # Contact email for server bans show_links; # Show servers in LINKS allow_split_ops; # Give ops in empty channels + staff_address staff.unconfigured; #default operhost mask (if connect to port with name:pass as password) + // use these options when services is on the network services_name services.name; # Name of services (NS/CS/MS/RS) server @@ -33,16 +35,29 @@ options { /* where to listen for connections */ port { port 6667; # Port to listen on - bind 127.0.0.1; # IP address to listen on + #bind 127.0.0.1; # IP address to listen on }; - /* more listening ports */ -port { port 6668; bind 127.0.0.1; }; -port { port 6669; bind 127.0.0.1; }; -port { port 7000; bind 127.0.0.1; }; +port { port 7029; }; +port { port 9999; type SSL}; + + +/* note that allow blocks are matched in order listed */ + +/* anyone who knows the secret password will get their host masked */ +allow { + port 7029; + passwd secret; + host *@*; + mask this.servers.fakehost; + flags m; + class opers; +}; /* allow clients to connect */ allow { + port 6667; + flags m; # Let oper's who connect to this port get their opermask host *@*; # Allow anyone class users; # Place them in the users class }; @@ -73,24 +88,6 @@ oper { class opers; # Belongs in the opers class }; -/* for services */ -super { - "services.name"; - "stats.name"; - // insert any other special servers here -}; - -/* reserved nicknames */ -restrict { type nick; mask "NickServ"; reason "reserved for services"; }; -restrict { type nick; mask "ChanServ"; reason "reserved for services"; }; -restrict { type nick; mask "MemoServ"; reason "reserved for services"; }; -restrict { type nick; mask "RootServ"; reason "reserved for services"; }; -restrict { type nick; mask "OperServ"; reason "reserved for services"; }; -restrict { type nick; mask "StatServ"; reason "reserved for services"; }; -restrict { type nick; mask "HelpServ"; reason "reserved for services"; }; -restrict { type nick; mask "services"; reason "reserved for services"; }; - - /* === these next two blocks are for linking to a hub === */ /* class for uplink hub */ @@ -115,20 +112,9 @@ connect { }; -/* === these next two blocks are for linking to services === */ +/* dynamic modules to load */ -/* class for services */ -class { - name services; - pingfreq 60; # Idle check every minute - maxsendq 5000000; # 5MB backlog buffer -}; - -/* our services */ -connect { - name services.name; # Services' IRC name - host 127.0.0.1; # IP address services connects from - apasswd secret; # Password services sends - cpasswd secret; # Same password - class services; +modules { + path "/usr/IRCd/modules"; # Directory to search for modules in + autoload auth; # Authload auth module by default };