Use RFC5737 and RFC3849 addresses in example confs.
There are IPv4 and IPv6 ranges reserved for documentation and example code; use these to minimize the risk if someone accidentally uses an unmodified example conf.
This commit is contained in:
Jilles Tjoelker
parent
b647efa045
commit
cba8bbc3fc
2 changed files with 21 additions and 22 deletions
|
|
@ -54,9 +54,9 @@ serverinfo {
|
|||
/* On multi-homed hosts you may need the following. These define
|
||||
* the addresses we connect from to other servers. */
|
||||
/* for IPv4 */
|
||||
#vhost = "192.169.0.1";
|
||||
#vhost = "192.0.2.6";
|
||||
/* for IPv6 */
|
||||
#vhost6 = "3ffe:80e8:546::2";
|
||||
#vhost6 = "2001:db8:2::6";
|
||||
|
||||
/* ssl_private_key: our ssl private key */
|
||||
ssl_private_key = "etc/ssl.key";
|
||||
|
|
@ -146,12 +146,12 @@ listen {
|
|||
/* If you want to listen on a specific IP only, specify host.
|
||||
* host definitions apply only to the following port line.
|
||||
*/
|
||||
#host = "192.169.0.1";
|
||||
#host = "192.0.2.6";
|
||||
port = 5000, 6665 .. 6669;
|
||||
sslport = 6697;
|
||||
|
||||
/* Listen on IPv6 (if you used host= above). */
|
||||
#host = "3ffe:1234:a:b:c::d";
|
||||
#host = "2001:db8:2::6";
|
||||
#port = 5000, 6665 .. 6669;
|
||||
#sslport = 9999;
|
||||
};
|
||||
|
|
@ -168,8 +168,8 @@ auth {
|
|||
* prepending a 0 if it starts with a colon) and can also use CIDR
|
||||
* masks.
|
||||
*/
|
||||
user = "*@172.16.0.0/12";
|
||||
user = "*test@123D:B567:*";
|
||||
user = "*@198.51.100.0/24";
|
||||
user = "*test@2001:db8:1:*";
|
||||
|
||||
/* password: an optional password that is required to use this block.
|
||||
* By default this is not encrypted, specify the flag "encrypted" in
|
||||
|
|
@ -291,7 +291,7 @@ operator "god" {
|
|||
};
|
||||
|
||||
connect "irc.uplink.com" {
|
||||
host = "192.168.0.1";
|
||||
host = "203.0.113.3";
|
||||
send_password = "password";
|
||||
accept_password = "anotherpassword";
|
||||
port = 6666;
|
||||
|
|
@ -307,7 +307,7 @@ connect "irc.uplink.com" {
|
|||
};
|
||||
|
||||
connect "ssl.uplink.com" {
|
||||
host = "192.168.0.1";
|
||||
host = "203.0.113.129";
|
||||
send_password = "password";
|
||||
accept_password = "anotherpassword";
|
||||
port = 9999;
|
||||
|
|
|
|||
|
|
@ -132,12 +132,12 @@ serverinfo {
|
|||
/* vhost: the IP to bind to when we connect outward to ipv4 servers.
|
||||
* This should be an ipv4 IP only.
|
||||
*/
|
||||
#vhost = "192.169.0.1";
|
||||
#vhost = "192.0.2.6";
|
||||
|
||||
/* vhost6: the IP to bind to when we connect outward to ipv6 servers.
|
||||
* This should be an ipv6 IP only.
|
||||
*/
|
||||
#vhost6 = "3ffe:80e8:546::2";
|
||||
#vhost6 = "2001:db7:2::6";
|
||||
|
||||
/* ssl_private_key: our ssl private key */
|
||||
ssl_private_key = "etc/ssl.key";
|
||||
|
|
@ -314,11 +314,11 @@ listen {
|
|||
/* host: set a specific IP/host the ports after the line will listen
|
||||
* on. This may be ipv4 or ipv6.
|
||||
*/
|
||||
host = "1.2.3.4";
|
||||
host = "192.0.2.6";
|
||||
port = 7000, 7001;
|
||||
sslport = 9000, 9001;
|
||||
|
||||
host = "3ffe:1234:a:b:c::d";
|
||||
host = "2001:db8:2::6";
|
||||
port = 7002;
|
||||
sslport = 9002;
|
||||
};
|
||||
|
|
@ -331,8 +331,8 @@ auth {
|
|||
* prepending a 0 if it starts with a colon) and can also use CIDR
|
||||
* masks.
|
||||
*/
|
||||
user = "*@172.16.0.0/12";
|
||||
user = "*test@123D:B567:*";
|
||||
user = "*@198.51.100.0/24";
|
||||
user = "*test@2001:db8:1:*";
|
||||
|
||||
/* auth_user: This allows specifying a username:password instead of
|
||||
* just a password in PASS, so that a fixed user@host is not
|
||||
|
|
@ -382,10 +382,10 @@ auth {
|
|||
* not have to obey the redirection, the ircd just suggests to them
|
||||
* an alternative server.
|
||||
*/
|
||||
redirserv = "irc.some.domain";
|
||||
redirserv = "irc.example.net";
|
||||
redirport = 6667;
|
||||
|
||||
user = "*.some.domain";
|
||||
user = "*.example.com";
|
||||
|
||||
/* class: a class is required even though it is not used */
|
||||
class = "users";
|
||||
|
|
@ -509,12 +509,12 @@ connect "irc.uplink.com" {
|
|||
/* host: the host or IP to connect to. If a hostname is used it
|
||||
* must match the reverse dns of the server.
|
||||
*/
|
||||
host = "192.168.0.1";
|
||||
host = "203.0.113.3";
|
||||
|
||||
/* vhost: the host or IP to bind to for this connection. If this
|
||||
* is not specified, the default vhost (in serverinfo {}) is used.
|
||||
*/
|
||||
#vhost = "192.168.0.50";
|
||||
#vhost = "192.0.2.131";
|
||||
|
||||
/* passwords: the passwords we send (OLD C:) and accept (OLD N:).
|
||||
* The remote server will have these passwords reversed.
|
||||
|
|
@ -559,7 +559,7 @@ connect "ipv6.some.server" {
|
|||
* if applicable. Addresses starting with a colon get an extra
|
||||
* zero prepended, for example: 0::1
|
||||
*/
|
||||
host = "3ffd:dead:beef::1";
|
||||
host = "2001:db8:3::8";
|
||||
send_password = "password";
|
||||
accept_password = "password";
|
||||
port = 6666;
|
||||
|
|
@ -575,7 +575,7 @@ connect "ssl.uplink.com" {
|
|||
/* Example of ssl server-to-server connection, ssl flag doesn't need
|
||||
* compressed flag, 'cause it uses own compression
|
||||
*/
|
||||
host = "192.168.0.1";
|
||||
host = "203.0.113.129";
|
||||
send_password = "password";
|
||||
accept_password = "anotherpassword";
|
||||
port = 9999;
|
||||
|
|
@ -684,11 +684,10 @@ shared {
|
|||
|
||||
/* exempt {}: IPs that are exempt from Dlines and rejectcache. (OLD d:) */
|
||||
exempt {
|
||||
ip = "192.168.0.0/16";
|
||||
ip = "192.0.2.0/24";
|
||||
|
||||
/* these may be stacked */
|
||||
ip = "127.0.0.1";
|
||||
ip = "10.0.0.0/8";
|
||||
};
|
||||
|
||||
/* The channel block contains options pertaining to channels */
|
||||
|
|
|
|||
Loading…
Reference in a new issue