unrealircd

- supernets unrealircd source & configuration
git clone git://git.acid.vegas/unrealircd.git
Log | Files | Refs | Archive

unrealircd.remote.conf (8204B)

      1 @define $VOID "8,4   E N T E R   T H E   V O I D   ";
      2 
      3 admin {
      4 	"         4Administrator: Wyatt Deere        14(aka chrono)        6chrono@digitalgangsta.com";
      5 	"           4Retaliation: Brandon McDubai    14(aka MRCHATS)       6branbran89@supernets.org";
      6 	"             4Moderator: Bristopher Manning 14(aka delorean)      6simpsonsfan420@supernets.org";
      7 	"                 4Sales: Branthony Bronson  14(aka pyrex)         6showercaphandgun@supernets.org";
      8 	"      4Public Relations: Bradshaw Wiggins   14(aka Baron Fortuna) 6lovemyrace@dailystormer.in";
      9 	"4Research & Development: Tim Allen-key      14(aka e)             6highschoolmusical@carltonbanksclub.edu";
     10 	"";
     11 	"Feel free to chat with us in #5000 for network help & support!";
     12 }
     13 
     14 alias botserv { type services; }
     15 alias bs { target botserv; type services; }
     16 alias chanserv { type services; }
     17 alias cs { target chanserv; type services; }
     18 alias hostserv { type services; }
     19 alias hs { target hostserv; type services; }
     20 alias nickserv { type services; }
     21 alias ns { target nickserv; type services; }
     22 alias operserv { type services; }
     23 alias os { target operserv; type services; }
     24 
     25 class clients { pingfreq 120; maxclients  100; sendq  25M; recvq 32k; }
     26 class known   { pingfreq 120; maxclients  250; sendq  50M; recvq 32k; }
     27 class local   { pingfreq 300; maxclients 1000; sendq  50M; options { nofakelag; } }
     28 class tor     { pingfreq 300; maxclients  100; sendq  25M; }
     29 class servers { pingfreq 300; maxclients   20; sendq 100M; connfreq 15; }
     30 
     31 allow { mask *;                              class clients; maxperip 2;    global-maxperip 2; }
     32 allow { mask { security-group known-users; } class known;   maxperip 3;    global-maxperip 3; }
     33 allow { mask { 127.0.0.1; ::1;             } class local;   maxperip 1000; global-maxperip 1000; password "simpsonsfan"; }
     34 #allow { mask { 127.0.0.2;                  } class tor;    maxperip 100;  global-maxperip 100; }
     35 
     36 listen { ip *; port 6660–6669; options { clientsonly;      } }
     37 listen { ip *; port 7000;      options { clientsonly;      } }
     38 listen { ip *; port REDACTED;  options { serversonly; tls; } }
     39 
     40 listen { ip *; port 6697; options { clientsonly; tls; } tls-options { certificate "tls/irc.crt"; key "tls/irc.key"; } }
     41 listen { ip *; port 9000; options { clientsonly; tls; } tls-options { certificate "tls/irc.crt"; key "tls/irc.key"; } }
     42 
     43 #listen { file "/etc/tor/unrealircd/tor_ircd.socket"; mode 0777; spoof-ip 127.0.0.2; }
     44 #listen { file "/etc/tor/unrealircd/tor_tls_ircd.socket"; mode 0777; spoof-ip 127.0.0.2; options { tls; } }
     45 
     46 #require authentication { mask { *@127.0.0.2; } reason "$VOID"; }
     47 
     48 deny channel { channel "#help";     reason "This channel has moved to #superbowl"; redirect "#superbowl"; }
     49 deny channel { channel "#pumpcoin"; reason "This channel has moved to #exchange";  redirect "#exchange";  }
     50 
     51 link irc.supernets.org {
     52 	incoming { mask REDACTED; }
     53 	outgoing {
     54 		bind-ip *;
     55 		hostname REDACTED;
     56 		port REDACTED;
     57 		options { tls; autoconnect; }
     58 	}
     59 	password "REDACTED" { spkifp; }
     60 	class servers;
     61 }
     62 
     63 log {
     64 	source { error; fatal; warn; }
     65 	destination { file "ircd.log" { maxsize 5M; } }
     66 }
     67 
     68 log {
     69 	source { !debug; all; }
     70 	destination { channel "#syslog"; }
     71 }
     72 
     73 tld { mask *@*; motd remote.motd; rules remote.motd; options { remote; } }
     74 
     75 ulines { services.supernets.org; }
     76 
     77 blacklist dronebl {
     78 	dns {
     79 		name dnsbl.dronebl.org;
     80 		type record;
     81 		reply { 3; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14; 15; 16; }
     82 	}
     83 	action gzline;
     84 	ban-time 30d;
     85 	reason "$VOID";
     86 }
     87 
     88 blacklist efnetrbl {
     89 	dns {
     90 		name rbl.efnetrbl.org;
     91 		type record;
     92 		reply { 1; 4; 5; }
     93 	}
     94 	action gzline;
     95 	ban-time 30d;
     96 	reason "$VOID";
     97 }
     98 
     99 blacklist torbl {
    100 	dns {
    101 		name torexit.dan.me.uk;
    102 		type record;
    103 		reply { 100; }
    104 	}
    105 	action gzline;
    106 	ban-time 30d;
    107 	reason "$VOID";
    108 }
    109 
    110 set {
    111 	kline-address "enterthevoid@supernets.org";
    112 	gline-address "enterthevoid@supernets.org";
    113 	modes-on-connect "+iIpTx";
    114 	modes-on-oper "+Hq";
    115 	snomask-on-oper "+o";
    116 	modes-on-join "+ns";
    117 	level-on-join "op";
    118 	restrict-usermodes "ips";
    119 	restrict-channelmodes "nLpPs";
    120 	restrict-commands {
    121 		channel-message { except { connect-time 5;   identified yes; reputation-score 100; } }
    122 		channel-notice  { except { connect-time 15;  identified yes; reputation-score 100; } }
    123 		invite          { except { connect-time 300; identified yes; reputation-score 100; } }
    124 		join            { except { connect-time 5;   identified yes; reputation-score 100; } }
    125 		list            { except { connect-time 5;   identified yes; reputation-score 100; } }
    126 		private-message { except { connect-time 300; identified yes; reputation-score 100; } }
    127 		private-notice  { except { connect-time 300; identified yes; reputation-score 100; } }
    128 	}
    129 	oper-auto-join "#syslog";
    130 	who-limit 1;
    131 	nick-length 20;
    132 	maxchannelsperuser 10;
    133 	channel-command-prefix "`!@$.";
    134 	topic-setter nick;
    135 	ban-setter nick;
    136 	options { hide-ulines; flat-map; identd-check; }
    137 	network-name "SuperNETs";
    138 	default-server "irc.supernets.org";
    139 	services-server "services.supernets.org";
    140 	sasl-server "services.supernets.org";
    141 	help-channel "#superbowl";
    142 	cloak-method ip;
    143 	cloak-keys {
    144 		"REDACTED";
    145 		"REDACTED";
    146 		"REDACTED";
    147 	}
    148 	cloak-prefix "SUPER";
    149 	plaintext-policy {
    150 		user warn;
    151 		oper deny;
    152 		server deny;
    153 		user-message "4WARNING: You are not on a secure TLS connection";
    154 		oper-message "Network operators must be on a secure TLS connection";
    155 	}
    156 	outdated-tls-policy {
    157 		user warn;
    158 		oper deny;
    159 		server deny;
    160 		user-message "4WARNING: You are using an outdated TLS protocol or cipher";
    161 		oper-message "Network operators must be using an up-to-date TLS protocol & cipher";
    162 	}
    163 	anti-flood {
    164 		channel {
    165 			profile defcon { flood-mode "[10j#R5,500m#M5,10n#N5,10k#K5]:15"; }
    166 			boot-delay 75;
    167 			split-delay 75;
    168 		}
    169 		everyone {
    170 			connect-flood 3:60;
    171 			handshake-data-flood {
    172 				amount 4k;
    173 				ban-action kill;
    174 			}
    175 		}
    176 		known-users {
    177 			away-flood    10:300;
    178 			invite-flood  10:300;
    179 			knock-flood   10:300;
    180 			join-flood	  10:300;
    181 			nick-flood    10:300;
    182 			max-concurrent-conversations { users 5; new-user-every 60s; }
    183 			lag-penalty 10; # update?
    184 			lag-penalty-bytes 0;
    185 		}
    186 		unknown-users {
    187 			away-flood    3:300;
    188 			invite-flood  3:300;
    189 			knock-flood   3:300;
    190 			join-flood    3:300;
    191 			nick-flood    3:300;
    192 			max-concurrent-conversations { users 2; new-user-every 120s; }
    193 			lag-penalty 25;
    194 			lag-penalty-bytes 90;
    195 		}
    196 	}
    197 	default-bantime 30d;
    198 	modef-default-unsettime 5;
    199 	spamfilter {
    200 		ban-time 30d;
    201 		ban-reason "$VOID";
    202 		utf8 yes;
    203 		except "#anythinggoes";
    204 	}
    205 	max-targets-per-command { kick 1; part 1; privmsg 1; }
    206 	hide-ban-reason yes;
    207 	reject-message {
    208 		gline                "$VOID";
    209 		kline                "$VOID";
    210 		password-mismatch    "$VOID";
    211 		server-full          "$VOID";
    212 		too-many-connections "$VOID";
    213 		unauthorized         "$VOID";
    214 	}
    215 	antimixedutf8 {
    216 		score 8;
    217 		ban-action block;
    218 		ban-reason "$VOID";
    219 	}
    220 	connthrottle {
    221 		except        { reputation-score 100; identified yes; webirc yes; }
    222 		new-users     { local-throttle 20:60; global-throttle 30:60;      }
    223 		disabled-when { reputation-gathering 1w; start-delay 3m;          }
    224 		reason "$VOID";
    225 	}
    226 	history {
    227 		channel {
    228 			playback-on-join { lines 1000; time 1d; }
    229 			max-storage-per-channel {
    230 				registered   { lines 1000; time 1d; } 
    231 				unregistered { lines 100;  time 1h; } 
    232 			}
    233 		}
    234 	}
    235 	manual-ban-target ip;
    236 	hide-idle-time { policy always; }
    237 	whois-details {
    238 		bot         { everyone none; self full; oper full; } 
    239 		channels    { everyone none; self full; oper full; }
    240 		oper        { everyone none; self full; oper full; } 
    241 		reputation  { everyone full; self full; oper full; }
    242 		server      { everyone none; self full; oper full; }
    243 		swhois      { everyone full; self full; oper full; }
    244 	}
    245 }
    246 
    247 hideserver {
    248 	disable-map yes;
    249 	disable-links yes;
    250 	map-deny-message "$VOID";
    251 	links-deny-message "$VOID";
    252 }
    253 
    254 security-group known-users {
    255 	identified yes;
    256 	reputation-score 10000;
    257 }
    258 
    259 security-group tor {
    260 	ip 127.0.0.2;
    261 }
    262 
    263 set known-users {
    264 	auto-join "#superbowl";
    265 }
    266 
    267 set unknown-users {
    268 	auto-join "#blackhole";
    269 	static-quit "EMO-QUIT";
    270 	static-part "EMO-PART";
    271 }
    272 
    273 set tor {
    274 	auto-join "#tor";
    275 	static-quit "EMO-QUIT";
    276 	static-part "EMO-PART";
    277 }