Commit graph

61 commits

Author SHA1 Message Date
Jilles Tjoelker
2da6f6ebd7 Put back use_forward. 2011-09-25 16:22:29 +02:00
Elizabeth Jennifer Myers
765d839d3c Port ircd-seven banfowards to charybdis.
nenolod gave the thumbs-up to port ircd-seven banfowards to charybdis to spb
for a while, and people have asked about it. Might as well do it since it's a
slow weekend.

Note that as a side effect use_forward is removed from the config and
unconditionally enabled!
2011-08-12 20:33:10 -04:00
Keith Buck
da1b891f9f Pedantry: Make indentation consistent in example and reference confs. 2011-05-13 23:42:27 -07:00
Stephen Bennett
e6e54763d9 Make flood control settings configurable by those who know exactly what they're doing.
From ircd-seven git changeset 29aa4203150337925a4f5c6e7da47be5394c2125 .
2011-03-27 16:35:26 -04:00
Elizabeth Jennifer Myers
0a1e77c27c Support IPv6 blacklists. Also add a conf file option allowing the use of IPv4, IPv6, or both for a blacklist.
Although few blacklists currently support IPv6 lookups, they will likely begin to do so in the near future as more net trash begins using IPv6.
2011-02-27 16:38:05 -05:00
Stephen Bennett
341f971efa Bring across disable_local_channels config option from ircd-seven 2010-12-21 20:38:04 +00:00
William Pitcock
ff0cc1e616 Add support for linking using SSL certificate fingerprints as the link credential rather than the traditional server-password pair. 2010-12-13 23:14:00 -06:00
William Pitcock
429cf1b74f Add oper-override (modehacking only) as a module.
I think if you are going to kick someone from a channel.
2010-12-06 23:44:55 -06:00
Jilles Tjoelker
45a27bf8b9 Change max_bans in reference.conf from 25 to 100, like example.conf. 2010-12-05 16:51:48 +01:00
JD Horelick
f1e5a31775 Change the filenames of the generated SSL key/cert to ssl.* instead of test.* so that they're a bit more descriptive. 2010-11-13 16:07:54 -05:00
Jilles Tjoelker
717238d2a2 Add target change for channels.
This has a separate enabling option channel::channel_target_change.

It applies to PRIVMSG, NOTICE and TOPIC by unvoiced unopped non-opers.

The same slots are used for channels and users.
2010-08-29 01:26:00 +02:00
William Pitcock
40e92fca0e Recommend EFNet's RBL instead of DroneBL due to trustworthiness issues.
(StaticBox policy change as of May 14, 2010.)
2010-05-14 08:49:26 -05:00
JD Horelick
944b0584ea Change config option for ident_timeout to default_ident_timeout as jilles
recommended.
2010-04-05 16:29:11 -04:00
JD Horelick
0ffb810660 Add a configuration option for ident_timeout. 2010-04-05 15:28:44 -04:00
Jilles Tjoelker
dca9e55257 Add propagated resvs, like klines and xlines. 2010-03-27 16:13:57 +01:00
Jilles Tjoelker
3cbbfb2556 Add propagated xlines, like klines. 2010-03-16 23:05:50 +01:00
Jilles Tjoelker
1702b69419 Add option general::use_propagated_bans to allow disabling new KLINE.
If this option is yes (default), KLINE by itself sets global (propagated) bans.
If this option is no, KLINE by itself sets a local kline following cluster{},
compatible with 3.2 and older versions.
2010-03-14 17:21:20 +01:00
William Pitcock
a8560affce Documentation updates for the ip_cloaking_4.0 transition. 2010-02-18 07:34:40 -06:00
William Pitcock
ff31db8473 Add support for client certificate fingerprints in o:lines. 2010-02-17 06:41:41 -06:00
Jilles Tjoelker
fa1a7bef02 Add two more reasons why ssld_count>1 can be useful: bugs and fd limits. 2009-11-18 00:00:07 +01:00
Jilles Tjoelker
b23244702a Note that blacklist{} only accepts host/reason pairs, no host+host+reason. 2009-10-18 21:08:37 +02:00
Jilles Tjoelker
c2c25552ca Force part local users (not resv_exempt) on channel resv.
A notice will be sent to any force parted users that the channel
is temporarily/permanently unavailable on the server.
A new config option channel::resv_forcepart can be used to disable this.

from ircd-ratbox (dubkat)
2009-09-19 21:24:35 +02:00
Jilles Tjoelker
6865c0b099 Add channel::only_ascii_channels config option
to restrict channel names to printable ascii only.
Like disable_fake_channels this only applies to joins
by local users; unlike disable_fake_channels it applies
to opers as well.
2009-02-22 00:12:21 +01:00
Jilles Tjoelker
d9e7ca4960 BOPM/TCM do not need the ability to global kill, so remove it from server_bot
privset.
2008-12-28 23:24:43 +01:00
Jilles Tjoelker
bc7c44dc48 Update reference.conf for cidr change as well. 2008-11-30 13:33:43 +01:00
Jilles Tjoelker
3eae266ca3 Fix oper:remote in reference.conf. 2008-09-13 00:34:52 +02:00
Jilles Tjoelker
da77b103ef Document privsets in the example confs. 2008-09-13 00:32:22 +02:00
Jilles Tjoelker
10847f65d3 Remove old oper privilege flags. 2008-09-09 21:51:26 +02:00
Jilles Tjoelker
b159441429 Add need_ssl to auth{} and operator{}.
Specifying need_ssl on auth{} denies the connection if
it is not SSL/TLS, much like need_ident or need_sasl.
Specifying need_ssl on operator{} refuses opering with
ERR_NOOPERHOST if the connection is not SSL/TLS.
from ircd-ratbox
2008-09-07 01:18:58 +02:00
Valery V Yatsko
33e65f0004 no more servlink - removed 'servlink_path' from reference.conf and source files 2008-08-16 22:23:56 +04:00
Valery V Yatsko
67e6f4df3b Updated reference.conf 2008-08-13 23:17:43 +04:00
Jilles Tjoelker
43946961df Move to ratbox3 reject and throttle code.
Throttle replaces max_unknown_ip, reject is like before
(including the charybdis-specific unkline handling).
Both of these now apply before SSL negotiation.

This commit does not include the global_cidr and new dline code.

m_webirc is a bit nasty with throttling (unlike before
with max_unknown_ip), this may be fixed later (or
the webirc IP needs to be exempt{}ed).
2008-08-01 01:59:08 +02:00
Jilles Tjoelker
d8d2cb0a62 Mention shared dline flags in reference.conf. 2008-04-21 01:42:19 +02:00
Valery Yatsko
bf870ceb50 Hope these were the last things left from glines 2008-04-11 19:16:43 +04:00
Valery Yatsko
170703fe3a Removing glines 2008-04-11 18:47:03 +04:00
Valery Yatsko
dbbe26fa00 New extensions documented + typo fixed 2008-04-08 23:24:47 +04:00
Valery Yatsko
b8730cbf86 SSL options added to configuration files 2008-04-07 15:45:15 +04:00
Valery Yatsko
c6d7203732 ssl sync with http://hg.angelforce.ru/charybdis-old 2008-04-06 18:52:42 +04:00
Valery Yatsko
101db4c443 Much clear maxconnections stuff - ported from ratbox3. 2008-04-05 23:56:15 +04:00
Jilles Tjoelker
cdd5b26189 Remove idle time checking (auto disconnecting users idle too long). 2008-01-01 23:04:34 +01:00
Jilles Tjoelker
922aa82644 More helpful ERROR server notices.
- Do not use hide_error_messages for certain "safe" ERRORs.
- If hide_error_messages hides an ERROR from a handshake,
  send a server notice anyway, but without the message
  text.
- Send server notices about ERRORs from handshakes network
  wide if it was a remote connect.
2007-12-28 01:31:56 +01:00
Jilles Tjoelker
a6f4368b96 Add mass_notice oper priv, enabled by default for compatibility.
Controls /wallops and masked notices/privmsgs.
2007-12-24 21:47:05 +01:00
Jilles Tjoelker
420b2c9a10 Remove dot_in_ip6_addr config option. 2007-12-24 18:24:23 +01:00
Jilles Tjoelker
1ef5b43053 Require resv oper privilege to set cmode +L or +P. 2007-12-18 00:24:05 +01:00
Jilles Tjoelker
1ebe6ffc92 Add resv oper priv, enabled by default for compatibility. 2007-12-17 02:20:14 +01:00
Jilles Tjoelker
994544c294 Merge links_cache into scache and rework scache.
This changes flattened /links output to disclose less
routing information and slightly increases memory "leak"
from server names that do not come back anymore.
2007-11-23 22:11:25 +01:00
Jilles Tjoelker
4acf228113 Clarify meaning of some serverhide options. 2007-11-23 21:51:00 +01:00
jilles
407b1826e6 [svn] Update description of oper privileges a bit. 2007-11-17 13:55:48 -08:00
jilles
b0dc8e031c [svn] Clarify format of IPv6 addresses in auth{} and connect{}. 2007-08-29 15:04:45 -07:00
nenolod
cda8e9b8db [svn] - TS6 is always enabled now.
There is no reason for it to not be enabled on a proper charybdis network.
2007-08-08 23:47:26 -07:00