# IRC - Internet Relay Chat, doc/example.conf
# Copyright (C) 1994, Helen Rose
#
# $Id: example.conf,v 1.9 1997/12/19 12:29:53 kalt Exp $
#
# some changes for 294 and cleaning, delta, Fri Dec 19 05:56:07 MEZ 1997
#
#   This program is free software; you can redistribute it and/or modify
#   it under the terms of the GNU General Public License as published by
#   the Free Software Foundation; either version 1, or (at your option)
#   any later version.
#
#   This program is distributed in the hope that it will be useful,
#   but WITHOUT ANY WARRANTY; without even the implied warranty of
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#   GNU General Public License for more details.
#
#   You should have received a copy of the GNU General Public License
#   along with this program; if not, write to the Free Software
#   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# This is an example configuration file for the IRC server.
# It's highly suggested that you also read INSTALL.* in doc/ and talk with
# your uplinks if linking to an already existent IRC network.
# 
# You only need an ircd.conf (IRC server configuration file) if you are
# running an IRC server. If you are running a standalone client this file
# is not necessary.
#
# This file will explain the various lines in the IRC server
# configuration file. Not all lines are mandatory. You can check to make
# sure that your configuration file is correct by using the program
# "chkconf", provided in the server distribution (and when you do "make
# install" this program will be installed in the same directory as the irc
# server). 
# 
# The options for whether a line is needed or not are: 
# MANDATORY: you absolutely MUST have this line
# NETWORKED: you must have this line if you are connecting this irc
#            server to any other server (servers can run standalone).
# SUGGESTED: it is HIGHLY suggested that you use this line
# OPTIONAL: it's completely up to you whether to define this or not
# DISCOURAGED: you really really should not use this line if at all
#              possible. 
# NOT NECESSARY: an old or out of date line that isn't needed.
#
#
# ========================================================================
# NOTE! this entire configuration file is read UPSIDE-DOWN! So if you have
# to put something in a specific order (for example, client-connection
# lines), put them in reverse order!
# ========================================================================
#
#
############################
# M: [MANDATORY]. This line sets your server's name, description and port
# the server listens for UDP pings (used to determine the fastest link in a
# class when autoconnecting)
#
# M:<Server NAME>:<YOUR Internet IP#>:<Geographic Location>:<Port>
#
# Note that 'server name' refers to the name of the irc-server which needs 
# not to be the same as the hostname of the machine it's running on.
#
# this let's ircd use the primary ip of your host to establish connections
M:csa.bu.edu::Boston University Computer Science Department:6667
#
# this let's ircd use the ip 128.197.13.20 to establish connections, useful
# if you're running virtual interfaces
#M:csa.bu.edu:128.197.13.20:Boston University Computer Science Department:6667
#
#
############################
# A: [MANDATORY]. This line lists your administrative information
# (contact address, etc). To view this information, /admin (server) will
# show it to you.
#
# A:<Your Name/Location>:<Your Electronic Mailing Addr>:<other information>::
#
A:Boston University CS Department:Helen Rose <hrose@cs.bu.edu>:Client Server::
#
#
############################
# P: [MANDATORY]. This field allows the server to listen on various ports
# for connections. Any internet domain port that is below 1024 means the
# ircd has to be run as root, or from inetd. The server can listen to ports
# in the UNIX domain or the internet domain. If you wish to create a port
# in the UNIX domain you must compile with UNIXPORT defined in config.h.
#
# P:<YOUR Internet IP#>:<*>:<Internet IP Mask>:<Port>:
# P:<Directory>:<*>:<*>:<Port>:
#
# Note that it's a good idea to open some more ports than 6667 for 
# server-server connections and local clients in case some running wild 
# client blocks the default 6667.
#
# the default, an internet domain socket on port 6667 listening on all
# ip addresses of the machine running ircd 
P::::6667:
#
# an internet domain socket listening on port 6668 on address 206.252.192.20
# (again useful if you're running virtual interfaces)
P:206.252.192.20:::6668:
#
# an internet domain socket listening on port 6669 for connections from
# addresses matching 147.210.18.* :
P:::147.210.18.*:6669:
#
# This line is an example of a UNIX domain socket in /tmp
P:/tmp/.ircd:*:*:6666:
#
#
############################
# Y: [SUGGESTED]. These lines define connection classes. Connection
# classes allow you to fine-tune your client and server connections.
# Since the fields have different meanings for server and client classes
# you shouldn't mix them, and if you have lots of server connections (if 
# you do have lots of servers you shouldn't be reading this file :-) each 
# set of servers (defined arbitrarily by you) should have its own class. 
# If you have clients coming in from lots of different sites, you may want 
# to seperate them out into classes. For instance, you may want to put 
# local users in one class, with remote users in another class. You may also
# want to put limits on some client classes (one client only for indials
# for example).  In any larger network you definitely want to do this.
#
# For SERVER CLASSES, the fields are: 
# Y:<Class>:<Ping Frequency>:<Connect freq>:<Max Links>:<SendQ>::
#    1       2                3              4           5      67
#   1 class number
#   2 ping frequency (in seconds)
#   3 connect frequency (in seconds)
#   4 maximum number of automatically initiated links in this class
#   5 sendq (this overrides any MAXSENDQLENGTH set in config.h)
#   6 unused for server classes
#   7 unused for server classes
#
# The class numbers are not arbitrary.  In auto-connecting servers -- that is,
# servers that you have a port number (e.g. 6667) on the end of the C: line 
# (see below) the higher the number the higher the priority in auto-connecting.
#
# Note that it is a good idea to have ping frequency the same at both ends
# of the link.
#
# this is a normal server connection (normal as of October, 1997)
# Y:<Class>:<Ping Frequencys>:<Connect freq>:<Max Links>:<SendQ>::
Y:2:90:300:1:4000000
#
#
# For CLIENT CLASSES, the fields are:
# Y:<Class>:<Ping Frequency>::<Max Links>:<SendQ>:<Local Limit>:<Global Limit>
#    1       2               3 4           5       6             7
#   1 class number
#   2 ping frequency (in seconds)
#   3 unused for client classes
#   4 maximum number of links in this class (per I line)
#   5 sendQ for each client
#   6 maximum number of links from this [user@]host on the server
#   7 maximum number of links from this [user@]host on the net
#
# local and global limits have the format <x>.<y> where x defines the maximum
# number of clients from the same host (IP) whereas y defines the maximum 
# number of clients from the same user@host (IP) allowed to connect.  the
# latter uses the identd replies to identify a user, falling back to an
# @host limit if no identd runs on the client and fails for identds generating 
# dynamical answers.
#
# Note that any unset values default to zero which means 'unlimited'.
# 
# Y:<Class>:<Ping Frequency>::<Max Links>:<SendQ>:<Local Limit>:<Global Limit>
# this is a class for multiuser systems allowing 10 local clients per host
Y:10:90::100:512000:10:32
#
# this is a class for multiuser systems running a trustworthy identd
Y:11:90::100:512000:0.1:0.2
#
# this is a class for single user systems (PCs, most indials, ...)
Y:12:90::100:512000:1:3
#
# this is a class for remote systems you want to allow as fallback only
# (if you run an open server in a net you might really want this)
Y:13:90::100:512000:1:1
#
#
############################
# i/I: [MANDATORY]. The I: lines are client-authorization lines. Without
# these lines, no clients will be able to connect to your server.
# Wildcards ("*") are permitted. Passwords are also possible (clients can
# be configured to send passwords) but optional.  'I' allows full access,
# 'i' sets restricted mode which forbids nick changes and channel op status.
# 
# I:<TARGET Host Addr>:<Password>:<TARGET Hosts NAME>:<Port>:<Class>
# i:<TARGET Host Addr>:<Password>:<TARGET Hosts NAME>:<Port>:<Class>
#
# NOTE that ircd matches on the *right-most* match and doesn't stop matching 
# after the <TARGET Hosts NAME> didn't match (see also examples below).
#
# Not that if <TARGET Hosts NAME> is empty ircd will show clients matching
# the <TARGET Host Addr> and do resolve as user@host.  if an I:-line has both
# NAME and Addr defined and a client matches only the Addr part it will be
# shown as user@ip-address regardless if it does resolv or not.
#
# this would allow access for any client reaching this line which doesn't
# already have at least one connection to the net.  if you run an open server
# in a net this might be the right choice, talk to your uplinks first anyway.
# resolving clients matching this line would be shown as user@host since 
# the field <TARGET Hosts NAME> is empty.
# Note listing this i: line first, it will be read *last*, meaning it is 
# the "fall-through". 
#i:*@*::::13
# With the password 'foobar'
#i:*@*:foobar:::13
# Note that I:*::*.bu.edu:10 would also allow _all_ clients regardless
# if they're from *.bu.edu or not since ircd doesn't stop matching after the
# <TARGET Hosts NAME> didn't match.
#
# this would allow access for any client coming from *.net, *.org, *.com or
# other 3 char TLD
#i:::*@*.???:13
#
# this allows access for any client from the ip block 192.168.0.0/16
# regardless of its domain.  if it's resolvable it will be shown as
# user@host since the field <TARGET Hosts NAME> is empty (useful to
# allow whole provider's blocks).
I:*@192.168.*::::12
#
# This is a standard vanilla I: line which will permit anyone with an IP
# address starting with 128.197 OR with a hostname ending in .bu.edu to
# connect to the server. NOTE, the ircd matches on the *right-most* match,
# so if I connect as hrose@csa.bu.edu (which is hrose@128.197.10.3) I will
# show up on irc as hrose@csa.bu.edu since that is the first match it
# found. (Even though the second match is valid). 
I:*@128.197.*::*@*.bu.edu::10
#
# and you can even specify just certain usernames as long as the client's 
# site is running a trustworthy ident daemon:
I:::hrose@csa.bu.edu::10
# 
# this will limit access for indials to one client per host
I:::*@ppp*.bu.edu::12
I:::*@indial*.bu.edu::12
#
#
############################
# O: [OPTIONAL]. These lines define operator access. You do not need to
# have an operator to run a server. A well configured leaf site should not
# need an operator online, if it's connections are well defined, the irc
# administrator can use 'kill -HUP' on the ircd to reload the configuration
# file. 
#
# O:<TARGET Host NAME>:<Password>:<Nickname>:<Port>:<Class>
#
# If the person in "Nickname" is not coming from the hostname defined in
# the first field then the person will get the error message "No O: lines
# for your host". 
#
# Note that you don't need to use 'Nickname' to become operator, if you're
# using some other nick at that moment '/op Nickname' will do also.
#
O:*.bu.edu:Zaphod:Trillian::10
#
# and this line forces ident match:
O:hrose@csa.bu.edu:Zaphod:Trillian::10
# 
# This line is a "local operator", it is specified with a lower-case "o"
#
# this line permits the nickname "jhs" with the password of "ITBites" to
# be a local operator only (be able to issue commands locally -- can /kill
# and /squit and /connect -- but *only* locally)
#
o:*.bu.edu:ITBites:jhs::10
#
# a crypted password line (NOTE that if you have crypted passwords, *all*
# of you passwords must be crypted! In fact, if you are getting an error
# "Incorrect Password" it may well be because crypted passwords are
# defined and you have used plaintext.  So my example of plaintext and
# crypted strings in the same IRC server configuration file is an
# impossibility (but it is just theoretical, which is why I explained both).
#
O:rocker@csa.bu.edu:T0eiVgHrqeKTQ:Rocker::10
#
#
############################
# c/C: [NETWORKED]. These lines define what servers your server tries to
# connect to.  'c' means your server will support compression for this link
# if you've compiled with zlib, 'C' will enforce an uncompressed link.
# N: [NETWORKED]. These lines define what servers your server permits
# to connect.
#
# c/N lines MUST be used in pairs. You cannot have one without the other. 
#
# C:<TARGET Host Addr>:<Password>:<TARGET Server NAME>:<TARGET PORT>:<Class>
# c:<TARGET Host Addr>:<Password>:<TARGET Server NAME>:<TARGET PORT>:<Class>
#
# if the target server listens on different ports you can use for <TARGET PORT>
# <port_to_connect_to>.<port_target_server_listens_for_udp_pings>.
# <TARGET Host Addr> can be also an ip address or CNAME.
#
# N:<TARGET Host Addr>:<Password>:<TARGET Server NAME>:<Domain Mask>:<Class>
#
# "domain mask" is the number of parts in *your* hostname to mask to. For
# instance, with my servername being "csa.bu.edu", if I wanted to present
# my servername to be "*.bu.edu" I would have a host-mask portion of "1". 
#
# it is *strongly* advised that your c/N line passwords be different for
# security's sake.
#
# ident is allowed in the server's hostname part of the field.
# these lines tell the server to automatically (note the port number, that
# means automatic connection) connect to cs-ftp.bu.edu:
C:hrose@cs-ftp.bu.edu:bigspark:cs-ftp.bu.edu:6667:2
N:hrose@cs-ftp.bu.edu:bigalpha:cs-ftp.bu.edu::2
#
# This server's connection lines are more vanilla, masking the host to
# *.bu.edu (as described above):
C:irc-2.mit.edu:camelsrk00l:irc-2.mit.edu::2
N:irc-2.mit.edu:andsoarellamas:irc-2.mit.edu:1:2
#
# If you have defined ZIP_LINKS and wish the connection to irc-2.mit.edu to
# be compressed, you need to use a lowercase c.  If the other server refuses
# or doesn't support compression it will fall back to an uncompressed link.
c:irc-2.mit.edu:camelsrk00l:irc-2.mit.edu::2
N:irc-2.mit.edu:andsoarellamas:irc-2.mit.edu:1:2
#
#
############################
# K: [OPTIONAL]. These lines define user@host patterns to be banned from
# this particular server (with an optional time field). Note that K: lines
# are *not* global, and if you ban a user they can still use any other IRC
# server (unless they have specifically been banned there as well).
# 'K' uses the the type unix reply from the client's identd if available or
# the USER information supplied by the client if not.  'k' uses the reply from
# the client's identd also if it's type other (it's prefixed with '-' then).
# 
# K:<Host Name or IP>:<time interval(s)|comment>:<User>:<port>:
# k:<Host Name or IP>:<time interval(s)|comment>:<Auth>:<port>:
#
# wildcards are permitted in any one of the fields, in other words, you can
# K:*::* if you wanted (but your server wouldn't be used much ;-)
#
# Note that if you specify an IP address, or IP mask, it will match clients
# connecting from the matching addresses, no matter if they resolve or not.
# You can prefix an IP address or IP mask by '=' in which case only non 
# resolving matching hosts will be banned.
#
# This k: line bans the username "FSSPR" (the wildcard is used to make
# sure that any ident-checking character will match) on any machine from
# the University of Alaska.
k:*.alaska.edu::*FSSPR:0
#
# This K: line bans any users from acs*.bu.edu between the hours of 8am
# and 12pm and 1pm and 5pm (the time is always the server's local time):
# Note that 24 hour time is used (no "AM" or "PM").
K:acs*.bu.edu:0800-1200,1300-1700:*:0
#
# This K: line bans any users from *foo.edu sending them the notice
# "Use server irc.bar" instead of the default notice
# "You are not welcome to this server"
K:*foo.edu:Use server irc.bar:*:0
#
# This K: line bans any users from *toto.fr from using the port 6667,
# and tells them to use port 6666 instead.
K:*toto.fr:Use port 6666:*:6667:
#
# This K: line bans any user from 129.69.0.0/16 as long the host doesn't run
# identd (no matter if it replies type unix or other) from all ports.
k:129.69.*:identd (rfc1413) required:unknown::
#
# This does the same but only for unresolvable clients
k:=129.69.*:identd (rfc1413) required:unknown::
#
#
############################
# L: [OPTIONAL]. These lines "Leaf" specified servers. They are only
# useful if you are a non-leaf site yourself. There are two ways you can
# use L: lines. The first will limit one particular site to a particular
# tree depth (including 0, which would mean the server has to connect with
# no servers linked behind it otherwise the connection will fail). The
# second will allow you to be selective about which other servers you wish
# the connecting server to behave as a leaf towards.
#
# The fields are as follows:
# L:disallow connections to this hostmask::server name:depth
# For example, this will force kaja.gi.alaska.edu to connect only as a
# leaf (if it is not a leaf, the link will be dropped):
L:::kaja.gi.alaska.edu::
# This line will force cm5.eng.umd.edu to have a depth of only 1 below it
# (that is, it is allowed to have only leaves connected to it):
L:::cm5.eng.umd.edu:1:
#
# This line will prohibit anything matching *.edu to be connected behind
# any server matching *.au:
L:*.edu::*.au::
#
#
############################
# H: [OPTIONAL]. These lines define who you permit to act as a "hub" to
# you (that is, who you permit to connect non-leafed servers to you).
#
# the first field may use wildcards, the third field *must* be an exact
# match for a server's name (NOT a server's hostname, if they differ, the
# server's name must be used). If the servername is a wildcard (e.g. *.au)
# that is an acceptable name for the third field. 
#
# The fields are as follows:
# H:servers which are permitted entry::hub server
#
# Example, permit cs-ftp.bu.edu to allow any servers behind it to connect:
H:*::cs-ftp.bu.edu::
#
# Example, permit irc-2.mit.edu to allow any MIT servers behind it to
# connect: 
H:*.mit.edu::irc-2.mit.edu::
#
#
############################
# V: [OPTIONAL]. These lines define restrictions on servers connecting to
# you.
#
# The first and third fields accept wildcards.  The fields are as follow:
# V:<Version Mask>:<Flags>:<Server Mask>::
#
# Example, you believe 2.9.1 is a really old version, and you want your
# peers to upgrade:
V:020901*::*::
#
# If you are running a production network, you most likely don't want to
# allow servers compiled in DEBUGMODE which is a threat for the net
# as well as for the privacy of the users:
V:*:D:*::
#
# Finally, you don't want *.edu servers to be version 2.9.2 *OR* to be
# compiled with remote oper kills enabled:
V:020902*:K:*.edu::
#
#
############################
# B: [SUGGESTED]. These lines define the alternate servers that the users
# will be redirected to if your server is full.
#
# The fiels are as follow:
# B:<Class|Host Mask>::<Server Name>:<Port>:
#
# For example, if you want to redirect your users to irc.stealth.net on port
# 6667 when your server is full, use:
B:-1::irc.stealth.net:6667:
#
# To redirect *.fi users when your server cannot accept any new user with
# a hostname matching *.fi, use:
B:*.fi::irc.funet.fi:6667:
#
#
############################
# S: [OPTIONAL]. These lines define services allowed to connect to your
# server.  Each service needs a separate line which only allows him to
# connect once.
#
# The fields are as follow:
# S:<TARGET Host Mask>:<Password>:<Service Name>:<Service Type>:<Class>
#
# Example, you want to allow a local information service:
S:eep.local.net:thisisapassword:EepInfo:0:1
#
#
############################
# U: [NOT NECESSARY]. This line defines the default server for the IRC
# client that ships with the server -- the default client is in irc/irc
# You should not use U: lines but instead use the UPHOST definition in
# config.h 
U:csa.bu.edu:foobar:csa.bu.edu
#
#
############################
# R: [DISCOURAGED]. These lines restrict user access based on a more
# stringent checking system than is available in the K: line. It looks for
# a match (based on hostname and username) and then runs an outside
# program (which MUST be specified using a full pathname). The output of
# the program should be a string in the form "Y <message>" (which permits
# access for the user) or "N <message>" (which denies access for the
# user). If "Y <message>" is received by the server, the server ignores
# the message and permits access for the user. If "N <message>" is
# returned, the server tells the user that he/she is not permitted to
# access that irc server, and gives the reason.
#
# Again, like K: lines, R: lines are local and thus not very effective in
# blocking certain machines from having IRC access.
#
# Use of R: requires that you have defined R_LINES in config.h
#
# The fields are as follows:
# R:hostmask:/full/path/to/program:username
# you can use wildcards in either the hostmask or username portion
#
R:csl.bu.edu:/home/hrose/bin.sun3/sun3access:*::
#
#
############################
# Q: [DISCOURAGED]. These lines "quarantine" specified servers.  Because
# of the way they operates, the same Q: lines MUST be installed by
# everyone or the net will keep breaking. I CANNOT EMPHASIZE THIS ENOUGH.
# Do NOT use Q: lines lightly!
#
# The fields are as follows:
# Q:*:reason why quarantine is in place:servername
#
Q::this server is too slow and lags the net:cm5.eng.umd.edu::