Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
So I installed ircd-hybrid from the Debian repo, and after working my way through the config, I can't seem to connect.
When I connect using mIRC from my Windows box, I get the following:
Quote:
* Connecting to <mydnsname> (6667)
-
Home IRC NOTICE AUTH *** Looking up your hostname...
-
Home IRC NOTICE AUTH *** Checking Ident
-
Home IRC NOTICE AUTH *** Found your hostname
-
Home IRC NOTICE AUTH *** No Ident response
-
Home IRC CAP * LS multi-prefix
-
Closing Link: <hostname> (Registration timed out)
If I try to run a command before the timeout, I get:
Quote:
Home IRC 451 * J0atm0n Register first.
I don’t see the MOTD either. But if I type /motd, it’ll spit out the text before disconnecting me.
So what can I do to make this work?
Here is my conf:
Code:
# ircd-hybrid configuration file [ircd.conf]
/* serverinfo {}: Contains information about the server. (OLD M:) */
serverinfo {
name = "Home IRC";
description = "-";
network_name = "-";
network_desc = "-";
/* hub: allow this server to act as a hub and have multiple servers
* connected to it. This may not be changed if there are active
* LazyLink servers.
*/
hub = no;
/* vhost: the IP to bind to when we connect outward to ipv4 servers.
* This should be an ipv4 IP only.
*/
#vhost = "192.169.0.1";
/* vhost6: the IP to bind to when we connect outward to ipv6 servers.
* This should be an ipv6 IP only.
*/
#vhost6 = "3ffe:80e8:546::2";
/* max clients: the maximum number of clients allowed to connect */
max_clients = 10;
};
/* admin {}: contains admin information about the server. (OLD A:) */
admin {
name = "J0atm0n";
description = "Main Server Administrator";
email = "-";
};
/*
* log {}: contains information about logfiles.
*/
log {
/* Do you want to enable logging to ircd.log? */
use_logging = yes;
/*
* logfiles: the logfiles to use for user connects, /oper uses,
* and failed /oper. These files must exist for logging to be used.
*/
fname_userlog = "logs/userlog";
fname_operlog = "logs/operlog";
fname_killlog = "logs/kill";
fname_klinelog = "logs/kline";
fname_glinelog = "logs/gline";
/*
* log_level: the amount of detail to log in ircd.log. The
* higher, the more information is logged. May be changed
* once the server is running via /quote SET LOG. Either:
* L_CRIT, L_ERROR, L_WARN, L_NOTICE, L_TRACE, L_INFO or L_DEBUG
*/
log_level = L_INFO;
};
/* class {}: contain information about classes for users (OLD Y:) */
class {
/* name: the name of the class. classes are text now */
name = "users";
/* ping time: how often a client must reply to a PING from the
* server before they are dropped.
*/
ping_time = 2 minutes;
/* number per ip: the number of users per host allowed to connect */
number_per_ip = 2;
/* max number: the maximum number of users allowed in this class */
max_number = 100;
/* sendq: the amount of data allowed in a clients queue before
* they are dropped.
*/
sendq = 100 kbytes;
};
class {
name = "restricted";
ping_time = 1 minute 30 seconds;
number_per_ip = 1;
max_number = 100;
sendq = 60kb;
};
class {
name = "opers";
ping_time = 5 minutes;
number_per_ip = 10;
max_number = 100;
sendq = 100kbytes;
};
class {
name = "server";
ping_time = 5 minutes;
/* connectfreq: only used in server classes. specifies the delay
* between autoconnecting to servers.
*/
connectfreq = 5 minutes;
/* max number: the amount of servers to autoconnect to */
max_number = 1;
/* sendq: servers need a higher sendq as they send more data */
sendq=2 megabytes;
};
/* listen {}: contain information about the ports ircd listens on (OLD P:) */
listen {
/* port: the specific port to listen on. if no host is specified
* before, it will listen on all available IPs.
*
* ports are seperated via a comma, a range may be specified using ".."
*/
/* port: listen on all available IPs, ports 6665 to 6669 */
#host = "0.0.0.0"; # change this!
port = 6665 .. 6669;
};
/* auth {}: allow users to connect to the ircd (OLD I:) */
auth {
/* user: the user@host allowed to connect. multiple IPv4/IPv6 user
* lines are permitted per auth block.
*/
user = "*@*";
/* password: an optional password that is required to use this block */
/* spoof: fake the users host to be this. This is free-form,
* just do everyone a favour and dont abuse it. (OLD I: = flag)
*/
spoof = "i.love.debian.org";
/* spoof notice: enable spoofing notification to admins (default yes) */
spoof_notice = yes;
/* exceed limit: allow a user to exceed class limits (OLD I: > flag) */
exceed_limit = yes;
/* kline exempt: exempt this user from k/glines (OLD I: ^ flag) */
kline_exempt = yes;
/* gline exempt: exempt this user from glines (OLD I: _ flag) */
gline_exempt = yes;
/* no tilde: remove ~ from a user with no ident (OLD I: - flag) */
no_tilde = yes;
/* class: the class the user is placed in */
class = "opers";
};
auth {
user = "*@*";
class = "users";
/* restricted: stop the client sending mode changes */
#restricted = yes;
/* have ident: require the user has identd to connect (OLD I: + flag) */
have_ident = no;
};
/* operator {}: defines ircd operators. (OLD O:)
* ircd-hybrid no longer supports local operators, privileges are
* controlled via flags.
*/
operator {
/* name: the name of the oper */
name = "J0atm0n";
/* user: the user@host required for this operator. CIDR is not
* supported. multiple user="" lines are supported.
*/
user = "j0atm0n@localhost";
/* password: the password required to oper. By default this will
* need to be encrypted using '/usr/bin/mkpasswd'.
* WARNING: Please do not mix up the 'mkpasswd' program from
* /usr/sbin with this one. If you are root, typing 'mkpasswd'
* will run that one instead and you will receive a strange error.
*
* MD5 is supported. If you want to use it, use mkpasswd -Hmd5.
*/
password = "zboxqwjZyuXqJY";
#password = "$1$9PTzrFkW$yh3ablZ5DnHeU9yjhj..U/";
/* class: the class the oper joins when they successfully /oper */
class = "opers";
/* privileges: controls the activities and commands an oper are
* allowed to do on the server. All options default to no.
* Available options:
*
* global_kill: allows remote users to be /KILL'd (OLD 'O' flag)
* remote: allows remote SQUIT and CONNECT (OLD 'R' flag)
* kline: allows KILL, KLINE and DLINE (OLD 'K' flag)
* unkline: allows UNKLINE and UNDLINE (OLD 'U' flag)
* gline: allows GLINE (OLD 'G' flag)
* nick_changes: allows oper to see nickchanges (OLD 'N' flag)
* via usermode +n
* rehash: allows oper to REHASH config (OLD 'H' flag)
* die: allows DIE and RESTART (OLD 'D' flag)
* admin: gives admin privileges. admins
* may (un)load modules and see the
* real IPs of servers.
*/
global_kill = yes;
remote = yes;
kline = yes;
unkline = yes;
gline = yes;
nick_changes = yes;
rehash = yes;
die = yes;
admin = yes;
};
/* connect {}: controls servers we connect to (OLD C:, N:, H:, L:) */
#connect {
# /* name: the name of the server */
# name = "dnsaddress";
# /* host: the host or IP to connect to. If a hostname is used it
# * must match the reverse dns of the server. */
# host = "127.0.0.1";
# /* passwords: the passwords we send (OLD C:) and accept (OLD N:).
# * The remote server will have these passwords reversed. */
# send_password = "password";
# accept_password = "password";
# /* compressed: controls whether traffic is compressed via ziplinks.
# * By default this is disabled */
# compressed = no;
# hub_mask = "*";
# class = "server";
#};
/* shared {}: users that are allowed to remote kline (OLD U:) */
shared {
/* name: the server the user must be on to set klines. If this is not
* specified, the user will be allowed to kline from all servers.
*/
name = "Home IRC";
/* user: the user@host mask that is allowed to set klines. If this is
* not specified, all users on the server above will be allowed to set
* a remote kline.
*/
user = "j0atm0n@localhost";
};
/* kill {}: users that are not allowed to connect (OLD K:)
* Oper issued klines will be added to the specified kline config
*/
#kill {
# user = "bad@*.hacked.edu";
# reason = "Obviously hacked account";
#};
/* deny {}: IPs that are not allowed to connect (before DNS/ident lookup)
* Oper issued dlines will be added to the specified dline config
*/
deny {
ip = "10.0.1.0/24";
reason = "Reconnecting vhosted bots";
};
/* exempt {}: IPs that are exempt from deny {} and Dlines. (OLD d:) */
exempt {
ip = "192.168.0.0/16";
};
/* resv {}: nicks and channels users may not use/join (OLD Q:) */
resv {
/* reason: the reason for the proceeding resv's */
reason = "There are no services on this network";
/* resv: the nicks and channels users may not join/use */
nick = "nickserv";
nick = "chanserv";
channel = "#services";
/* resv: wildcard masks are also supported in nicks only */
reason = "Clone bots";
nick = "clone*";
};
/* gecos {}: The X: replacement, used for banning users based on their
* "realname". The action may be either:
* warn: allow client to connect, but send message to opers
* reject: drop clients but also send message to opers.
* silent: silently drop clients who match.
*/
#gecos {
# name = "*sex*";
# reason = "Possible spambot";
# action = warn;
#};
#gecos {
# name = "sub7server";
# reason = "Trojan drone";
# action = reject;
#};
#gecos {
# name = "*http*";
# reason = "Spambot";
# action = silent;
#};
/* The channel block contains options pertaining to channels */
channel {
/* invex: Enable/disable channel mode +I, a n!u@h list of masks
* that can join a +i channel without an invite.
*/
use_invex = yes;
/* except: Enable/disable channel mode +e, a n!u@h list of masks
* that can join a channel through a ban (+b).
*/
use_except = yes;
/* knock: Allows users to request an invite to a channel that
* is locked somehow (+ikl). If the channel is +p or you are banned
* the knock will not be sent.
*/
use_knock = yes;
/* knock delay: The amount of time a user must wait between issuing
* the knock command.
*/
knock_delay = 5 minutes;
/* knock channel delay: How often a knock to any specific channel
* is permitted, regardless of the user sending the knock.
*/
knock_delay_channel = 1 minute;
/* max chans: The maximum number of channels a user can join/be on. */
max_chans_per_user = 15;
/* quiet on ban: stop banned people talking in channels. */
quiet_on_ban = yes;
/* max bans: maximum number of +b/e/I modes in a channel */
max_bans = 25;
/* splitcode: the ircd will check every 60s as to whether splitmode
* should be disabled or not, so there may be a delay between a
* netsplit ending and splitmode ending.
*
* both split users and split servers must be true to enter splitmode
*
* you may force splitmode to be permanent by /quote set splitmode on
*/
/* split users: when the usercount is lower than this level, consider
* ourselves split. this must be set for automatic splitmode
*/
default_split_user_count = 0;
/* split servers: when the servercount is lower than this, consider
* ourselves split. this must be set for automatic splitmode
*/
default_split_server_count = 0;
/* split no create: disallow users creating channels on split. */
no_create_on_split = no;
/* split: no join: disallow users joining channels at all on a split */
no_join_on_split = no;
/* disable local channels: prevent users from joining &channels.
* This is extreme, but it is still a flaw in serverhide. It will
* however remove far more from users than it will give back in
* security.
*/
disable_local_channels = no;
};
/* The serverhide block contains the options regarding serverhiding */
serverhide {
/* flatten links: this option will show all servers in /links appear
* that they are linked to this current server
*/
flatten_links = no;
/* links delay: how often to update the links file when it is
* flattened.
*/
links_delay = 5 minutes;
/* hidden: hide this server from a /links output on servers that
* support it. this allows hub servers to be hidden etc.
*/
hidden = no;
/* disable hidden: prevent servers hiding themselves from a
* /links ouput.
*/
disable_hidden = no;
/* hide servers: hide remote servernames everywhere and instead use
* network_name and network_desc.
*/
hide_servers = yes;
};
/* The general block contains many of the options that were once compiled
* in options in config.h. The general block is read at start time.
*/
general {
/* oper pass resv: allow opers to over-ride RESVs on nicks/channels */
oper_pass_resv = yes;
/* disable remote: disable users doing commands on remote servers */
disable_remote_commands = no;
/* floodcount: the default value of floodcount that is configurable
* via /quote set floodcount. This is the amount of lines a user
* may send to any other user/channel in one second.
*/
default_floodcount = 10;
/* failed oper notice: send a notice to all opers on the server when
* someone tries to OPER and uses the wrong password, host or ident.
*/
failed_oper_notice = yes;
# If failed_oper_notice is set to "yes", also notify when someone
# fails to OPER because of an identity mismatch (wrong host or nick)
show_failed_oper_id=yes;
/* dots in ident: the amount of '.' characters permitted in an ident
* reply before the user is rejected.
*/
dots_in_ident=2;
/* dot in ipv6: ircd-hybrid-6.0 and earlier will disallow hosts
* without a '.' in them. this will add one to the end. only needed
* for older servers.
*/
dot_in_ip6_addr = yes;
/* min nonwildcard: the minimum non wildcard characters in k/d/g lines
* placed via the server. klines hand placed are exempt from limits.
* wildcard chars: '.' '*' '?' '@'
*/
min_nonwildcard = 4;
/* max accept: maximum allowed /accept's for +g usermode */
max_accept = 20;
/* nick flood: enable the nickflood control code */
anti_nick_flood = yes;
/* nick flood: the nick changes allowed in the specified period */
max_nick_time = 20 seconds;
max_nick_changes = 5;
# When a user QUIT's, prepend their QUIT message with "Client exit:"
# in order to help prevent against faking server error messages (ie.
# ping timeout, connection reset by peer)
client_exit=yes;
/* anti spam time: the minimum time a user must be connected before
* custom quit messages are allowed.
*
* The upstream default is 2 minutes.
*/
anti_spam_exit_message_time = 0 minutes;
/* ts delta: the time delta allowed between server clocks before
* a warning is given, or before the link is dropped. all servers
* should run ntpdate/rdate to keep clocks in sync
*/
ts_warn_delta = 30 seconds;
ts_max_delta = 5 minutes;
/* kline reason: show the user the reason why they are k/d/glined
* on exit. may give away who set k/dline when set via tcm.
*/
kline_with_reason = yes;
/* kline connection closed: make the users quit message on channels
* to be "Connection closed", instead of the kline reason.
*/
# kline_with_connection_closed = no;
/* warn no nline: warn opers about servers that try to connect but
* we dont have a connect {} block for. Twits with misconfigured
* servers can get really annoying with this enabled.
*/
warn_no_nline = yes;
/* stats o oper only: make stats o (opers) oper only */
stats_o_oper_only=yes;
/* stats P oper only: make stats P (ports) oper only */
stats_P_oper_only=no;
/* stats i oper only: make stats i (auth {}) oper only. set to:
* yes: show users no auth blocks, made oper only.
* masked: show users first matching auth block
* no: show users all auth blocks.
*/
stats_i_oper_only=masked;
/* stats k/K oper only: make stats k/K (klines) oper only. set to:
* yes: show users no auth blocks, made oper only
* masked: show users first matching auth block
* no: show users all auth blocks.
*/
stats_k_oper_only=masked;
# Set these lines to be oper only. The reasoning behind this is that
# people with exceed_limit or kline_exempt can almost always get on
# the server.
e_lines_oper_only=yes;
f_lines_oper_only=yes;
# Set STATS o to be oper only
o_lines_oper_only=yes;
# See a NOTICE when a user issues a STATS command
stats_notice=yes;
# See a NOTICE when a user issues a STATS p. By enabling this, opers
# can see when users need them, but not invade their privacy by spying
# on other STATS requests
stats_p_notice=yes;
# See a NOTICE when a user issues a LINKS command
links_notice=no;
# The minimum number of seconds between uses of remote WHOIS before
# the counter is reset.
whois_wait=10;
/* caller id wait: time between notifying a +g user that somebody
* is messaging them.
*/
caller_id_wait = 1 minute;
/* pace wait simple: time between use of less intensive commands
* (HELP, remote WHOIS, WHOWAS)
*/
pace_wait_simple = 1 second;
/* pace wait: time between more intensive commands
* (ADMIN, INFO, LIST, LUSERS, MOTD, STATS, VERSION)
*/
pace_wait = 10 seconds;
/* short motd: send clients a notice telling them to read the motd
* instead of forcing a motd to clients who may simply ignore it.
*/
short_motd = no;
/* ping cookies: require clients to respond exactly to a ping command,
* can help block certain types of drones and FTP PASV mode spoofing.
*/
ping_cookie = no;
/* no oper flood: increase flood limits for opers. */
no_oper_flood = yes;
/* true no oper flood: completely eliminate flood limits for opers
* and for clients with can_flood = yes in their auth {} blocks
*/
true_no_oper_flood = yes;
/* idletime: the maximum amount of time a user may idle before
* they are disconnected
*/
idletime = 0;
/* max targets: the maximum amount of targets in a single
* PRIVMSG/NOTICE. set to 999 NOT 0 for unlimited.
*/
max_targets = 4;
/* client flood: maximum number of lines in a clients queue before
* they are dropped for flooding.
*/
client_flood = 20;
/* message locale: the default message locale if gettext() is enabled
* and working.
* Use "custom" for the (in)famous Hybrid custom messages.
* Use "standard" for the compiled in defaults.
*/
message_locale = "standard";
/* usermodes configurable: a list of usermodes for the options below
*
* +b - bots - See bot and drone flooding notices
* +c - cconn - Client connection/quit notices
* +d - debug - See debugging notices
* +f - full - See I: line full notices
* +g - callerid - Server Side Ignore
* +i - invisible - Not shown in NAMES or WHO unless you share a
* a channel
* +k - skill - See server generated KILL messages
* +l - locops - See LOCOPS messages
* +n - nchange - See client nick changes
* +r - rej - See rejected client notices
* +s - servnotice - See general server notices
* +u - unauth - See unauthorized client notices
* +w - wallop - See server generated WALLOPS
* +x - external - See remote server connection and split notices
* +y - spy - See LINKS, STATS, TRACE notices etc.
* +z - operwall - See oper generated WALLOPS
*/
/* oper only umodes: usermodes only opers may set */
oper_only_umodes = bots, cconn, debug, full, skill, nchange,
rej, spy, external, operwall, locops, unauth;
/* oper umodes: default usermodes opers get when they /oper */
oper_umodes = locops, servnotice, operwall, wallop;
/* servlink path: path to 'servlink' program used by ircd to handle
* encrypted/compressed server <-> server links.
*
* unless you move servlink around (???), you shouldn't define this.
*/
#servlink_path = "/usr/lib/ircd-hybrid/servlink";
/* default cipher: default cipher to use for cryptlink when none is
* specified in connect block.
*/
default_cipher_preference = "BF/128";
/* use egd: if your system does not have *random devices yet you
* want to use OpenSSL and encrypted links, enable this. Beware -
* EGD is *very* CPU intensive when gathering data for its pool
*/
#use_egd = yes;
/* egdpool path: path to EGD pool. Not necessary for OpenSSL >= 0.9.7
* which automatically finds the path.
*/
#egdpool_path = "/var/run/egd-pool";
/* compression level: level of compression for compressed links between
* servers.
*
* values are between: 1 (least compression, fastest)
* and: 9 (most compression, slowest).
*/
#compression_level = 6;
/* throttle time: the minimum amount of time between connections from
* the same ip. exempt {} blocks are excluded from this throttling.
* Offers protection against flooders who reconnect quickly.
* Set to 0 to disable.
*/
throttle_time = 10;
};
glines {
/* enable: enable glines, network wide temp klines */
enable = yes;
/*
* duration: the amount of time a gline will remain on your
* server before expiring
*/
duration = 1 day;
/*
* logging: which types of rules you want to log when triggered
* (choose reject or block)
*/
logging = reject, block;
/*
* NOTE: gline ACLs can cause a desync of glines throughout the
* network, meaning some servers may have a gline triggered, and
* others may not. Also, you only need insert rules for glines
* that you want to block and/or reject. If you want to accept and
* propagate the gline, do NOT put a rule for it.
*/
/* user@host for rule to apply to */
user = "god@I.still.hate.packets";
/* server for rule to apply to */
name = "hades.arpa";
/*
* action: action to take when a matching gline is found. options are:
* reject - do not apply the gline locally
* block - do not propagate the gline
*/
action = reject, block;
user = "god@*";
name = "*";
action = block;
};
modules {
/* module path: paths to search for modules specified below and
* in /modload.
*/
path = "/usr/lib/ircd-hybrid/modules";
path = "/usr/lib/ircd-hybrid/modules/autoload";
/* module: the name of a module to load on startup/rehash */
module = "m_tburst.so";
};
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
