Installing IRC - The Internet Relay Chat Program SGML version by Christophe Kalt, updated by Piotr Kucharski $Id: INSTALL.txt,v 1.86 2008/06/13 17:55:50 chopin Exp $ This document describes how to install, and configure IRC 2.11 11.. IInnssttaalllliinngg IIRRCC.. 11..11.. TThhee ccoonnffiigguurree ssccrriipptt This package uses a GNU configure script for its configuration. You simply need to untar the distribution and run the ``configure'' script. This will run configure which will probe your system for any peculiarities it has and setup the Makefile and a file of default #define's ($arch/setup.h). There are a few options to ``configure'' to help it out, or change the default behaviour: ----pprreeffiixx==DDIIRR changes the default directory into which ircd will install using ``make install''. This defaults to /usr/local ----ssbbiinnddiirr==DDIIRR changes the default directory where the system admin executable files will go. It is important to set this properly. (default is prefix/sbin) ----ssyyssccoonnffddiirr==DDIIRR changes the default directory where the irc server configuration files will go. (default is prefix/etc) ----llooccaallssttaatteeddiirr==DDIIRR changes the default directory where the irc server state files will go. (default is prefix/var) ----wwiitthh--llooggddiirr==DDIIRR changes the default directory where the irc log files will go. (default is localstatedir/log) ----wwiitthh--rreessccoonnff==FFIILLEE defines the file to be used by ircd to initialize its resolver. (default is /etc/resolv.conf) ----zzlliibb--iinncclluuddee==DDIIRR specifies in which directory the include file from the zlib is located. ----zzlliibb--lliibbrraarryy==DDIIRR specifies in which directory the zlib library is located. ----zzlliibb--pprreeffiixx==DDIIRR specifies the prefix for zlib location. It overrides the 2 previous options. (The include directory is supposed to be in prefix/include, and the library in prefix/lib). ----wwiitthh--zzlliibb is the default. ``configure'' looks on your system to find the zlib. If found, ircd will be linked using it. This does NOT mean you can use server link compression, for this you also need to define ZIP_LINKS (see section below). ----wwiitthhoouutt--zzlliibb tells ``configure'' not to look for the zlib. Defining this will keep you from using server link compression. ----eennaabbllee--iipp66 Enable IPv6 support (See notes below) ----eennaabbllee--ddssmm Enable Dynamically Shared Modules support for iauth 11..22.. NNootteess ffoorr CCyyggwwiinn3322 uusseerrss The daemon of 2.11 release compiles properly on W32 systems which have the GNU-Win32 environment ( ) setup. At the time of the release, tests were made using the version b20.1 of the Cygwin32 library. When compiling on such system, you want to make sure that you have carefully followed the Cygwin32 installation notes. Also, the IRC server needs a rreessoollvv..ccoonnff file in order to initialize the resolver. This file can be anywhere (see configure options), and is typically in //eettcc on UNIX systems. 11..33.. NNootteess ccoonncceerrnniinngg IIPPvv66 ssuuppppoorrtt This version was tested on the following IPv6 systems: BSD/OS+KAME, Digital Unix, FreeBSD+KAME, Linux, NetBSD+INRIA. Because IPv6 numeric addresses contain ``:'' characters, tthhee ddeeffaauulltt sseeppaarraattoorr ffoorr tthhee sseerrvveerr ccoonnffiigguurraattiioonn ffiillee iiss cchhaannggeedd ttoo ````%%''''. You can adjust it to your needs in config.h file. 22.. TThhee ccoonnffiigg..hh ffiillee The second step consists of defining options before the compilation. This is done by editing the ``config.h'' file and changing the various #DEFINE's. 22..11.. DDEEBBUUGGMMOODDEE TThhiiss sshhoouulldd oonnllyy bbee ddeeffiinneedd ffoorr tteesstt ppuurrppoosseess,, aanndd nneevveerr uusseedd oonn aa pprroodduuccttiioonn sseerrvveerr.. Define DEBUGMODE if you want to see the ircd debugging information as the daemon is running. Normally this function will be undefined as ircd produces a considerable amount of output. DEBUGMODE must be defined for either of -t or -x command line options to work. Defining this induces a large overhead for the server as it does a large amount of self diagnostics whilst running. 22..22.. CCHHRROOOOTTDDIIRR To use the CHROOTDIR feature, make sure it is #define'd and that the server is being run as root. Better use some other (external) way of setting up chroot environment for ircd and run it from there, not requiring to run as root. 22..33.. UUSSEERRSS__RRFFCC11445599,, UUSSEERRSS__SSHHOOWWSS__UUTTMMPP Leaving USERS_RFC1459 undefined makes ircd return RPL_LOCALUSERS and RPL_GLOBALUSERS numerics (part of NAMES). Defining USERS_RFC1459 makes USERS command to behave like it is defined in RFC. If defined, security conscious server admins may still wish to leave USERS_SHOWS_UTMP undefined, effectively disabling the USERS command which can be used to glean information the same as finger can. 22..44.. EENNAABBLLEE__SSUUMMMMOONN ENABLE_SUMMON toggles whether the server will attempt to summon local users to irc by writing a message similar to that from talk(1) to a user's tty. 22..55.. DDEEFFAAUULLTT__IINNVVIISSIIBBLLEE The DEFAULT_INVISIBLE define is used to toggle whether clients are automatically made invisible when they register. 22..66.. OOPPEERR__KKIILLLL,, OOPPEERR__CCOONNNNEECCTT,, OOPPEERR__DDIIEE,, OOPPEERR__RREEHHAASSHH,, OOPPEERR__RREESSTTAARRTT,, OOPPEERR__SSEETT...... Any operator priviledge can be precisely applied to a given user using O:line flags. Some admins may prefer to feel more safe by undefining some of above thus disabling access to corresponding command at all. 22..77.. ZZIIPP__LLIINNKKSS,, ZZIIPP__LLEEVVEELL As of the 2.9.3 version of the server, server-server connections may be compressed using the zlib. In order to compile the server with this feature, you MUST have the zlib package (version 1.0 or higher) already compiled and define ZIP_LINKS in the config.h file. Compression use for server-server connections is separately configured in the ircd.conf file for each server-server link. ZIP_LEVEL allows you to control the compression level that will be used. Values above 5 will noticeably increase the CPU used by the server. The zlib package may be found at . The data format used by the zlib library is described by RFCs (Request for Comments) 1950 to 1952 in the files (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format). 22..88.. SSLLOOWW__AACCCCEEPPTT This option is undefined by default, however is needed on some OSes. It creates an artificial delay in processing incoming connections. On a given port, no more than 1 connection per 2 seconds will be processed. As it is undefined, it lets the server process connections as fast as it can which can cause problems on some OSes (such as SunOS) and be abused (fast massive join of clonebots..), for these reasons, if you decide to keep SLOW_ACCEPT undefined you MUST define CLONE_CHECK. 22..99.. CCLLOONNEE__CCHHEECCKK This option is defined by default and acts as a wrapper, by checking incoming connections early before starting ident query. By default, the server will not accept more than 10 connections from the same host within 2 seconds. 22..1100.. LLOOGG__SSEERRVVEERR__CCHHAANNNNEELLSS This option allows you to log to files server channels (like &NOTICES) chosen via LOG_SCH_* defines. Very handy. 22..1111.. OOtthheerr ##ddeeffiinnee''ss The rest of the user changable #define's should be pretty much self explanatory in the config.h file. It is *NOT* recommended that any of the file under the line with "STOP STOP" in it be changed. 33.. EEddiittiinngg tthhee MMaakkeeffiillee,, aanndd ccoommppiilliinngg This package now uses GNU autoconf to probe your system and generate the correct Makefile. However you may need to read it to check for values generated by the configure script. In particular, all the filenames, and path for binaries, log files, configuration files and so on are defined there. It is recommended to make use of the options described in the ``configure script'' section rather than to edit the generated Makefile. However, these options do not provide a total control over these values, in which case you need to directly edit the Makefile. Now to build the package, type ``make all''. If everything goes will, you can then install it by typing ``make install''. If you have trouble compiling ircd, copy Makefile.in to Makefile and edit Makefile as appropriate. If everything went fine, the default layout of installed files is as follows (note that existing iauth.conf and ircd.motd will not be overwritten): PREFIX/sbin/ircd PREFIX/sbin/iauth PREFIX/sbin/chkconf PREFIX/sbin/ircd-mkpasswd PREFIX/sbin/ircdwatch PREFIX/man/man8/ircd.8 PREFIX/man/man8/iauth.8 PREFIX/man/man8/ircdwatch.8 PREFIX/man/man5/iauth.conf.5 PREFIX/etc/ircd.m4 PREFIX/etc/ircd.conf.example PREFIX/etc/iauth.conf.example PREFIX/etc/iauth.conf PREFIX/etc/ircd.motd PREFIX/var/run/ PREFIX/var/log/ Files created by ircd package during normal execution would be ircd.pid, ircd.tune, iauth.pid, ircdwatch.pid in PREFIX/var/run/ and ircd.users, ircd.rejects, ircd.auth, ircd.opers, ircd.debug, iauth.debug in PREFIX/var/log/. 44.. TThhee iirrccdd..ccoonnff ffiillee After installing the ircd and irc programs, edit the ircd.conf file as per the instructions in this section and install it in the location you specified in the config.h file. There is a sample conf file called ircd.conf.example in the doc/ directory. Appendix A (See INSTALL.appendix) describes the differences between IP addresses and host names. If you are unfamiliar with this, you should probably scan through it before proceeding. The ircd.conf file contains various records that specify configuration options. The record types are as follows: 1. Machine information (M) 2. Administrative info (A) 3. Port connections (P) 4. Connection Classes (Y) 5. Client connections (I,i) 6. Operator privileges (O,o) 7. Excluded accounts (K,k) 8. X Excluded accounts (X) 9. Server connections (C,c,N) 10. Deny auto-connections (D) 11. Hub connections (H) 12. Leaf connections (L) 13. Version limitations (V) 14. Excluded machines (Q) 15. Service connections (S) 16. Bounce server (B) Except for types ``M'' and ``A'', you are allowed to have multiple records of the same type. In some cases, you can have concurrent records. IItt iiss iimmppoorrttaanntt ttoo nnoottee tthhaatt tthhee llaasstt mmaattcchhiinngg rreeccoorrdd wwiillll bbee uusseedd. This is especially useful when setting up I records (client connections). NNEEWW!!!!!! As of the 2.11.0 version of the server, if the server has been compiled with #define CONFIG_DIRECTIVE_INCLUDE, you will be able to use #include directive in ircd.conf to include files without the need of M4, also recursively. #include "filename" For the command to be recognized, `#' MUST be first character in the line and there must be space after "include" word. Quotes around filename are optional. If filename does not start with slash, ircd config directory is prepended. Also note that chkconf will follow such includes. 44..11.. MMaacchhiinnee iinnffoorrmmaattiioonn IInnttrroodduuccttiioonn IRC needs to know a few things about your UNIX site, and the ``M'' command specifies this information for IRC. The fomat of this command is: FFoorrmmaatt M:::::: MM ``M'' specifies a Machine description line SSeerrvveerr NNAAMMEE The name of YOUR server adding any Internet DOMAINNAME that might also be present. If this hostname can be resolved, the IP# found will be used to for outgoing connections. Otherwise the default interface address of the host is used. The server name may not be FQDN of another host. (This means all outgoing connections will be done from the same IP#, even if your host has several IP#). YYOOUURR IInntteerrnneett IIPP## If the machine on which you run the server has several IP addresses, you can define which IP# to use for outgoing connections. This overrides overrides the ``Server NAME''. See Also the ``Port Connections'' and ``Server Connections'' sections. GGeeooggrraapphhiicc LLooccaattiioonn Geographic Location is used to say where your server is, and gives people in other parts of the world a good idea of where you are! If your server is in the USA, it is usually best to say: , USA. Like for Denver I say: ``Denver Colorado, USA''. Finnish sites (like tolsun.oulu.fi generally say something like ``Oulu, Finland''. PPoorrtt Defines the port on which your server will listen for UDP pings from other servers. This should be the port were other servers are set to autoconnect. (Also see the port field description in connect lines). SSIIDD Defines Server ID, network-wide unique identifier of your server. It must begin with a digit. This must be set with cooperation of other servers' admins. On IRCnet you must consult your coord and/or admins of your peers. EExxaammppllee:: M:tolsun.oulu.fi::Oulu, Finland:6667:00PA: This line reads: My Host's name is ``tolsun.oulu.fi'', my site is located in ``Oulu, Finland'' and my SID is ``00PA''. M:orion.cair.du.edu::Denver Colorado, USA:6667:00PS: This line reads: My Hosts name is ``orion.cair.du.edu'', my site is located in ``Denver Colorado, USA'' and my SID is ``00PS''. NNoottee Using ``*'' as allows OS to choose best outgoing source IP. See also SSeerrvveerr CCoonnnneeccttiioonnss section for configuring source IP of outgoing connections. 44..22.. AAddmmiinniissttrraattiivvee iinnffoo IInnttrroodduuccttiioonn The ``A'' line is used for administrative information about a site. The e-mail address of the person running the server should be included here in case problems arise. FFoorrmmaatt A:::::: AA This specifies an Admin record. YYoouurr NNaammee && LLooccaattiioonn Use this field to say tell your FULL NAME and where in the world your machine is. Be sure to add your City, State/Province and Country. YYoouurr EElleeccttrroonniixx MMaaiilliinngg AAddddrr Use this field to specify your Electronic Mailing Address preferably your Internet Mailing Address. If you have a UUCP or ARAPnet address - please add that as well. Be sure to add any extra DOMAIN information that is needed, for example ``mail jtrim@orion'' probably won't work as a mail address to me if you happen to be in Alaska. But ``mail jtrim@orion.cair.du.edu'' would work because you know that ``orion'' is part of the DOMAIN ``cair.du.edu''. So be sure to add your DOMAINNAMES to your mailing addresses. OOtthheerr This is really an OTHER field - you can add what you want here. NNeettwwoorrkk nnaammee Use this field to announce your network name in 005 numerics. Use only one word! EExxaammppllee (the line is just one line in the confuration file, here it is cut into two lines to make it clearer to read): A:Jeff Trim - Denver Colorado, USA:INET jtrim@orion.cair.du.edu UUCP {hao,isis}!udenva!jtrim:Terve! Heippa! Have you said hello in Finnish today?;)::IRCnet: Would look like this when printed out with the /admin command: Jeff Trim - Denver Colorado, USA INET jtrim@orion.cair.du.edu UUCP {hao,isis}!udenva!jtrim Terve! Hei! Heippa! Have you said hello in Finnish today? ;) Note that the A record cannot be split across multiple lines; it will typically be longer than 80 characters and will therefore wrap around the screen. 44..33.. PPoorrtt ccoonnnneeccttiioonnss IInnttrroodduuccttiioonn The port line adds flexibility to the server's ability to accept connections. By use of this line in the ircd.conf file, it is easy to setup both Unix Domain ports for the server to accept connections on as well as extra internet ports. FFoorrmmaatt P::::::: P::::::: +o Internet Ports IInntteerrnneett IIPP## If the host on which the server runs has several IP addresses, you can define for which IP address connections will be accepted. If none is defined here, server will bind to all interfaces (INADDR_ANY). See also MMaacchhiinnee ccoonnffiigguurraattiioonn and SSeerrvveerr CCoonnnneeccttiioonnss sections to properly configure outgoing connections. PPoorrtt The port number field tells the server which port number it should listen on for incoming connections. EExxaammppllee P:192.168.1.194:::6664: Listens for incoming connections on IP 192.168.1.194, port 6664. +o Unix Socket Ports. DDiirreeccttoorryy The path set in this field should be the directory name in which to create the unix socket for later listening to. The server will attempt to create the directory before creating the unix socket. PPoorrtt The port field when used in combination with a pathname in a P- line is the filename created in the directory set in the first field. EExxaammppllee P:/tmp/.ircd:::6667: Creates a unix socket in the /tmp/.ircd directory called ``6667''. The unix socket (file) must be a numerical. FFllaaggss Flags changing behaviour of a given P-line. It can be empty or one of: +o D - delayed accept (not active until first netjoin) +o S - server-only (user connections are rejected) Using 'D' flag is a nice way to help network not get invaded after restart. It does not enable listening socket on a given port before server has a chance to join a network. Note that you can change state of the listening sockets using SET CACCEPT oper command. Current state of sockets can be seen with STATS P (case sensitive). NNoottee You need at least one P-line or server won't start. (Unless you run it from inetd.) 44..44.. CCoonnnneeccttiioonn CCllaasssseess IInnttrroodduuccttiioonn To enable more efficient use of MAXIMUM_LINKS, connection classes were implemented. All clients belong to a connection class. Each line for a server should have the same number as the sixth field. If it is absent, the server deaults it to 0, using the defaults from the config.h file. To define a connection class, you need to include a Y: line in the ircd.conf file. This enables you to define the ping frequency, connection frequency (for servers) and maximum number of links that class should have. Currently, the Y: line MMUUSSTT appear in the ircd.conf file BBEEFFOORREE it is used in any other way. FFoorrmmaatt Y:::::::: YY This specifies a Class record. CCllaassss This is the class number which gains the following attributes and should match that which is on the end of the C/c/N/I/O/S line. PPiinngg FFrreeqquueennccyy This field defines how long the server will let the connection remain ``silent'' before sending a PING message to make sure it is still alive. Unless you are sure of what you are doing, use the default value which is in your config.h file. CCoonnnneecctt FFrreeqquueennccyy By changing this number, you change how often your server checks to see if it can connect to this server. If you want to check very occasionally, use a large value, but if it is an important connection, you might want a smaller value so that you autoconnect to it as soon as possible. MMaaxx LLiinnkkss This field defines the maximum number of links this class will allow from automatic connections (C lines). Using /CONNECT overrides this feature. Also defines the maximum number of users in this class for all I/O lines being in that class (or per I/O line, if defined). SSeennddQQ This field defines the ``SendQ'' (data awaiting to be sent to the client) value for this class. The format is . +o x: defines maximum size of sendq, defaults to QUEUELEN if unset. +o y: defines maximum size of sendq during burst, defaults to x if unset. LLooccaall lliimmiitt This field is used to limit the number of local concurrent connections. The format is . +o x: defines the maximum number of clients from the same host (IP) will be allowed. +o y: defines the maximum number of clients from the same user@host (IP) will be allowed. Read note below. Any unset value defaults to 1 (one). GGlloobbaall lliimmiitt This field has the same use as the ``Local limit'' field. But, the connection counts are done for all clients present on the net instead of only counting local clients. CCIIDDRR LLiimmiitt This field is used to limit the number of local host counts within a given IP network. The format is / +o x: defines the maximum number of clients from the same network +o y: defines the length of the network in CIDR format NNoottee leaving any of the fields (except SendQ and limits) out means their value is 0 (ZERO)!! The SendQ field default value is dynamically determined. Limits default to 1.1 (one connection) except CIDR limit, which doesn't apply at all if left empty. NNoottee If you plan to use the local user@host limit, please read the following very carefully. The ``user'' value is the ident reply for the connection. If no reply was given then it defaults to ``unknown'' and thus the effective limit will be per host, not per user@host. Also, some ident servers return encrypted data which changes for every connection making the limit void. If you think limits do not work, check ircd logs, the auth reply can be longer than what ircd shows on-line. NNoottee Only the local limitation is accurate. NNoottee If you define a gobal limit, you should also define a local limit (same or lower) as it won't take more CPU and will make the global limit more accurate. NNoottee The local and global limits only affect users (I lines), not servers nor services. EExxaammppllee Y:23:120:300:5:800000:0:0: (server class) This defines class 23 to allow 5 auto-connections, which are checked every 300 seconds. The connection is allowed to remain silent for 120 seconds before a PING is sent. NOTE: fields 3 & 4 are in seconds. The SendQ is set to 800000 bytes. Y:1:60:0:50:20000:2:5: (client class) In case of a client class, the fields are interpreted a bit differently. This class (number 1) can be used by up to 50 users. The connections are allowed to remain silent for 60 seconds before a PING is set. The SendQ is set to 20000 bytes. A new connection in this class will only be allowed if there aren't more than 2 other local connections from the same IP address, or more than 5 other connections on the net from the same hostname. NNoottee The default maxlinks behaviour has changed in 2.11.2, see config.h for details. Y:2:60:0:50:20000:2.1:5: (client class) In case of a client class, the fields are interpreted a bit differently. This class (number 2) can be used by up to 50 users. The connections are allowed to remain silent for 60 seconds before a PING is set. The SendQ is set to 20000 bytes. A new connection in this class will only be allowed if there aren't more than 2 other local connections from the same IP address, 1 local connection from the same user from the same IP address, or more than 5 other connections on the net from the same hostname. Y:2:60:0:50:20000:2.1:5:4/24 (client class) Other numbers are exactly the same as previous. Last field limits connections within the same /24 to 4 hosts. It does not matter how many different /24 networks are using this Y:line, each will have separate count. 44..55.. CClliieenntt ccoonnnneeccttiioonnss How to let clients connect to your IRCD. IInnttrroodduuccttiioonn A client is a program that connects to the ircd daemon (ircd). There are clients written in C, GNU Emacs Lisp and many other languages. The ``irc'' program is the C client. Each person that talks via IRC is running their own client. The ircd.conf files contains entries that specify which clients are allowed to connect to your irc daemon. Obviously you want to allow your own machine's clients to connect. You may want to allow clients from other sites to connect. These remote clients will use your server as a connection point. All messages sent by these clients will pass through your machine. FFoorrmmaatt I:::::: NNoottee Lower case ``i'' is equal to an ``R'' flag in plain ``I''. Lower case ``i'' will be removed in the next version. TTAARRGGEETT HHoosstt AAddddrr Specifies the IP address(es) of the machine(s) that are allowed to connect. If ``user@'' prefixes the actual IP address the server will require that the remote username returned by the ident server be the same as the one given before the ``@''. Wildcards are permitted unless using a bitmask (e.g. 1.2.3.0/24). Note that bitmask are encouraged over wildcards, as they are more accurate. Empty field is equal to '*' (matches any). PPaasssswwoorrdd The password that must be given by the client to be allowed on the server. TTAARRGGEETT HHoosstt NNAAMMEE Specifies the host name(s) of the machines allowed to connect to the server. If ``user@'' prefixes the actual name the server will require that the remote username returned by the ident server be the same as the one given before the ``@''. Wildcards are permitted, but pplleeaassee rather leave this field empty and use bitmask in HHoosstt AAddddrr field. Empty field matches any. ``*'' also matches any, but it requires working DNS for a client. Using this field to enforce that clients have no Host Name set is not working (they will rather be denied connection). Use ``N'' ffllaagg. PPoorrtt Specifies the port number for which this configuration line is valid. An empty field, or ``0'' matches all ports. CCllaassss This field should refer to an existing class. Connections classes are usefull to limit the number of users allowed on the server. FFllaaggss This field contains flags of an I:line; flags are one character in size, can be combined and their order does not matter. +o D - restricted, when client has no reverse DNS +o E - client is exempted from K-lines +o e - client is exempted from X-lines +o F - fall-through to next I-line if password did not match +o I - restricted, when client has no ident. +o M - disable resolved host name to be shown +o N - disable resolved host name to be used +o R - restricted NNoottee Restricted I: line means that clients matching such I line will not be able to use their operator privileges (no nick/mode change, no kick). Such users will also have their username prefixed by +, = or - depending on the ident reply. NNoottee The server checks if the client hostname matches the TTAARRGGEETT HHoosstt NNAAMMEE field. If a match is found, server checks TTAARRGGEETT HHoosstt AAddddrr field. If a match is found, the client is accepted. Clients host is set either to its hostname (if available) or, using ``N'' or ``M'' flag, to its IP. NNoottee The difference between ``M'' and ``N'' flags is simple: after host resolving and I:line matching is done, ``M'' keeps hostname and uses it for matching in beIR modes and printing in logs, while ``N'' discards it completely. EExxaammpplleess For example, if you were installing IRC on tolsun.oulu.fi and you wanted to let your own clients to connect to your server, you would add this entry to the file: I:::tolsun.oulu.fi::1 If you wanted to let remote clients connect, you could add the following line: I:::*.edu.edu::1 and allow any clients from machines whose names end in ``.edu.edu'' to connect with no password. I:128.214.6.100::nic.funet.fi::1 Allow clients from a machine with that IP number aanndd that hostname to connect. I::secret:*.tut.fi::1 Allow clients from machines matching ``*.tut.fi'' to connect with the password ``secret''. I:::*::1 Allow anyone from anywhere to connect to your server. I:::*.fi:6667:1 Allow clients from machines matching ``*.fi'' to connect on the port 6667. I:135.11.35.0/24::*.net::1 Allows clients from machines which host name matches ``*.net'' aanndd which IP address is within block ``135.11.35.0/24'' to connect to the server. I:135.11.35.0/24::::1:N I:135.11.35.0/24::*.net::1 This set of two I:lines allows clients from machines which host name matches ``*.net'' aanndd which IP address is within block ``135.11.35.0/24'' to connect to the server. If the host name does not match ``*.net'' then another I:line is used and because of ``N'' flag, the IP address is used for these clients, even if the host name is known. I:135.11.35.0/24::::1 Allows clients from machines which IP address is within block ``135.11.35.0/24'' to connect to the server. If the host name is known, is it used as address for these clients. NNEEWW!!!!!! As of the 2.11.0 version of the server, I: line flags are introduced. 44..66.. OOppeerraattoorr pprriivviilliiggeess How to become the IRC administrator on your site IInnttrroodduuccttiioonn To become an IRC Administrator, IRC must know who is authorized to become an operator and what their ``Nickname'' and ``Password'' is. FFoorrmmaatt O:::::: OO Specifies Operator record. NNoottee If you use small letter (``o'') in it, it specifies a local operator. This is deprecated behaviour, use O:line flags. Operator rights can be specified in config.h and fine-tuned in ircd.conf. TTAARRGGEETT HHoosstt NNAAMMEE Tells IRC which host you have the privileges FROM. This means that you should be logged into this host when you ask for the priviliges. If you specify ``tolsun.oulu.fi'' then IRC will expect your CLIENT to be connected at ``tolsun.oulu.fi'' - when you ask for OPERATOR privileges from ``tolsun.oulu.fi''. You cannot be logged in at any other host and be able to use your OPERATOR privileges at tolsun, only when you are connected at TOLSUN will this work - this is a safeguard against unauthorized sites. PPaasssswwoorrdd If your AUTHORIZATION Password - this is the password that let's IRC know you are who you say you are! Never tell anyone your password and always keep the ``ircd.conf'' file protected from all of the other users. NNiicckknnaammee The Nickname you usually go by - but you can make this what you want. PPoorrtt Unused. CCllaassss The class field should refer to an existing class (preferably having a lower number than that for the relevant I-line) and determines the maximum number of simultaneous uses of the O-line allowable through the max. links field in the Y-line. FFllaaggss This field contains flags of an O:line; flags are one character in size, can be combined and their order does not matter. They define privileges of an operator. +o L - local operator (disables all remote functions) +o P - removes penalty +o p - allows flooding +o & - allows joining &CLIENTS +o A - enables all flags below +o C - allows local and remote CONNECT +o c - allows local CONNECT +o D - allows DIE +o d - allows DNS +o e - allows SET +o h - allows HAZH +o K - allows local and remote KILL +o k - allows local KILL +o l - allows CLOSE +o R - allows RESTART +o r - allows REHASH +o S - allows local and remote SQUIT +o s - allows local SQUIT +o T - allows TKLINE +o q - allows KLINE +o t - enables full TRACE and STATS L +o v - allows SIDTRACE ``L'' flag cannot be overridden by other flags. If field is left empty, no privileges will be granted. EExxaammppllee O:orion.cair.du.edu:pyunxc:Jeff::1:A There is an OPERATOR at ``orion.cair.du.edu'' that can get Operator priviliges if he specifies a password of ``pyunxc'' and uses a NICKNAME of ``Jeff'' and is granted all possible privileges. NNoottee Host NAME accepts IP bitmasks. NNoottee Some privileges may be disabled during compilation time in config.h. 44..77.. EExxcclluuddeedd aaccccoouunnttss Remove an errant user from IRC on your site. IInnttrroodduuccttiioonn Obviously it is hoped that you wouldn't have to use this command. Unfortunately sometimes a user can become unmanageable and this is your only recourse - the KILL USER command. THIS COMMAND ONLY AFFECTS YOUR SERVER - if this user can connect to another server somewhere else in the IRC network then you would have to talk to the administrator on that site to disable his access from that IRCD server as well. FFoorrmmaatt K::