mirror of
git://git.acid.vegas/unrealircd.git
synced 2024-11-27 10:26:54 +00:00
Hidden service changes
This commit is contained in:
parent
e6a345f083
commit
d266e652b7
@ -6,13 +6,26 @@ except ban {
|
|||||||
type { all; }
|
type { all; }
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Tor Hidden Service
|
||||||
|
except ban {
|
||||||
|
mask { ip 127.0.0.2; }
|
||||||
|
type { blacklist; connect-flood; maxperip; handshake-data-flood; }
|
||||||
|
}
|
||||||
|
|
||||||
# Local
|
# Local
|
||||||
except ban {
|
except ban {
|
||||||
mask {
|
mask {
|
||||||
ip { 127.0.0.1; ::1; }
|
ip { 127.0.0.1; ::1; }
|
||||||
#ip { 0.0.0.0; }
|
ip { 198.251.80.56; } # blackhole
|
||||||
ip { 37.187.119.203; 51.75.161.177; 135.125.132.246; 151.80.60.156; }
|
ip { 149.202.251.251; } # blackflag
|
||||||
ip { 2001:41d0:801:2000::1099; 2001:41d0:302:2200::43c; 2001:41d0:701:1100::5772; }
|
ip { 54.36.102.218; } # contra
|
||||||
|
ip { 45.61.188.116; } # darpa
|
||||||
|
ip { 51.89.151.158; } # gator
|
||||||
|
ip { 198.98.52.138; } # nutty
|
||||||
|
ip { 45.153.48.83; } # scram
|
||||||
|
ip { 107.174.158.185; } # shrimp
|
||||||
|
ip { 65.75.209.67; } # war
|
||||||
|
ip { 139.144.202.79; } # wildwest
|
||||||
}
|
}
|
||||||
type { all; }
|
type { all; }
|
||||||
}
|
}
|
||||||
|
@ -22,18 +22,26 @@ alias os { target operserv; type services; }
|
|||||||
class clients { pingfreq 120; maxclients 100; sendq 25M; recvq 32k; }
|
class clients { pingfreq 120; maxclients 100; sendq 25M; recvq 32k; }
|
||||||
class known { pingfreq 120; maxclients 250; sendq 50M; recvq 32k; }
|
class known { pingfreq 120; maxclients 250; sendq 50M; recvq 32k; }
|
||||||
class local { pingfreq 300; maxclients 1000; sendq 50M; options { nofakelag; } }
|
class local { pingfreq 300; maxclients 1000; sendq 50M; options { nofakelag; } }
|
||||||
class servers { pingfreq 120; maxclients 10; sendq 100M; connfreq 15; }
|
class tor { pingfreq 300; maxclients 100; sendq 25M; }
|
||||||
|
class servers { pingfreq 120; maxclients 10; sendq 100M; connfreq 15; }
|
||||||
|
|
||||||
allow { mask *; class clients; maxperip 2; global-maxperip 2; }
|
allow { mask *; class clients; maxperip 2; global-maxperip 2; }
|
||||||
allow { mask { security-group known-users; } class known; maxperip 3; global-maxperip 3; }
|
allow { mask { security-group known-users; } class known; maxperip 3; global-maxperip 3; }
|
||||||
allow { mask { 127.0.0.1; ::1; } class local; maxperip 1000; global-maxperip 1000; password "simpsonsfan"; }
|
allow { mask { 127.0.0.1; ::1; } class local; maxperip 1000; global-maxperip 1000; password "simpsonsfan"; }
|
||||||
|
allow { mask { 127.0.0.2; } class tor; maxperip 100; global-maxperip 100; }
|
||||||
|
|
||||||
listen { ip *; port 6660–6669; options { clientsonly; } }
|
listen { ip *; port 6660–6669; options { clientsonly; } }
|
||||||
listen { ip *; port 7000; options { clientsonly; } }
|
listen { ip *; port 7000; options { clientsonly; } }
|
||||||
listen { ip *; port REDACTED; options { serversonly; tls; } }
|
listen { ip *; port REDACTED; options { serversonly; tls; } }
|
||||||
|
#listen {
|
||||||
|
# file "/etc/tor/unrealircd/tor_ircd.socket";
|
||||||
|
# mode 0777;
|
||||||
|
# spoof-ip 127.0.0.2;
|
||||||
|
# options { tls; }
|
||||||
|
#}
|
||||||
|
|
||||||
#require authentication {
|
#require authentication {
|
||||||
# mask { ip *; }
|
# mask { *@127.0.0.2; }
|
||||||
# reason "$VOID";
|
# reason "$VOID";
|
||||||
#}
|
#}
|
||||||
|
|
||||||
|
@ -1,209 +0,0 @@
|
|||||||
@define $VOID "8,4 E N T E R T H E V O I D ";
|
|
||||||
|
|
||||||
admin {
|
|
||||||
"4Administrator: Brandon Brown 14(aka MRCHATS) 6branbran89@supernets.org";
|
|
||||||
" 4Moderator: Bristopher Manning 14(aka delorean) 6simpsonsfan95@supernets.org";
|
|
||||||
" 4Sales: Branthony Bronson 14(aka pyrex) 6showercaphandgun@supernets.org";
|
|
||||||
"";
|
|
||||||
"Feel free to chat with us in #5000 for network help & support!";
|
|
||||||
}
|
|
||||||
|
|
||||||
alias botserv { type services; }
|
|
||||||
alias bs { target botserv; type services; }
|
|
||||||
alias chanserv { type services; }
|
|
||||||
alias cs { target chanserv; type services; }
|
|
||||||
alias hostserv { type services; }
|
|
||||||
alias hs { target hostserv; type services; }
|
|
||||||
alias nickserv { type services; }
|
|
||||||
alias ns { target nickserv; type services; }
|
|
||||||
alias operserv { type services; }
|
|
||||||
alias os { target operserv; type services; }
|
|
||||||
|
|
||||||
class clients { pingfreq 120; maxclients 100; sendq 1M; options { nofakelag; } }
|
|
||||||
class servers { pingfreq 120; maxclients 10; sendq 50M; connfreq 15; }
|
|
||||||
|
|
||||||
allow { mask { ip 0.0.0.0; class clients; maxperip 100; global-maxperip 100; }
|
|
||||||
|
|
||||||
listen { ip *; port REDACTED; options { serversonly; tls; } }
|
|
||||||
listen { file "/etc/tor/unrealircd/tor_ircd.socket"; mode 0777; spoof-ip 127.0.0.2; options { tls; } }
|
|
||||||
|
|
||||||
#require authentication {
|
|
||||||
# mask { ip 0.0.0.0; }
|
|
||||||
# reason "$VOID";
|
|
||||||
#};
|
|
||||||
|
|
||||||
deny channel { channel "#help"; reason "This channel has moved to #superbowl"; redirect "#superbowl"; }
|
|
||||||
deny channel { channel "#mensa"; reason "This channel has been closed"; redirect "#superbowl"; }
|
|
||||||
deny channel { channel "#pumpcoin"; reason "This channel has moved to #exchange"; redirect "#exchange"; }
|
|
||||||
|
|
||||||
link irc.supernets.org {
|
|
||||||
incoming { mask REDACTED; }
|
|
||||||
outgoing {
|
|
||||||
bind-ip *;
|
|
||||||
hostname REDACTED;
|
|
||||||
port REDACTED;
|
|
||||||
options { tls; autoconnect; }
|
|
||||||
}
|
|
||||||
password "REDACTED" { spkifp; }
|
|
||||||
class servers;
|
|
||||||
}
|
|
||||||
|
|
||||||
log {
|
|
||||||
source { error; fatal; warn; }
|
|
||||||
destination { file "ircd.log" { maxsize 5M; } }
|
|
||||||
}
|
|
||||||
|
|
||||||
log {
|
|
||||||
source { antimixedutf8; antirandom; connthrottle; flood; htm; kill; listen; link; oper; sacmds; }
|
|
||||||
destination { channel "#syslog"; }
|
|
||||||
}
|
|
||||||
|
|
||||||
tld { mask *@*; motd remote.motd; rules remote.motd; options { remote; } }
|
|
||||||
|
|
||||||
ulines { services.supernets.org; }
|
|
||||||
|
|
||||||
set {
|
|
||||||
kline-address "enterthevoid@supernets.org"; # replace with onion address
|
|
||||||
gline-address "enterthevoid@supernets.org"; # replace with onion address
|
|
||||||
modes-on-connect "+iIpTx";
|
|
||||||
modes-on-oper "+Hq";
|
|
||||||
snomask-on-oper "+o";
|
|
||||||
modes-on-join "+ns";
|
|
||||||
level-on-join "op";
|
|
||||||
restrict-usermodes "ips";
|
|
||||||
restrict-channelmodes "nLpPs";
|
|
||||||
restrict-commands {
|
|
||||||
channel-message { except { connect-time 15; identified yes; } }
|
|
||||||
channel-notice { except { connect-time 60; identified yes; } }
|
|
||||||
invite { except { connect-time 300; identified yes; } }
|
|
||||||
join { except { connect-time 15; identified yes; } }
|
|
||||||
list { except { connect-time 30; identified yes; } }
|
|
||||||
private-message { except { connect-time 300; identified yes; } }
|
|
||||||
private-notice { except { connect-time 300; identified yes; } }
|
|
||||||
}
|
|
||||||
auto-join "#tor";
|
|
||||||
who-limit 0;
|
|
||||||
nick-length 20;
|
|
||||||
maxchannelsperuser 10;
|
|
||||||
channel-command-prefix "`!@$.";
|
|
||||||
topic-setter nick;
|
|
||||||
ban-setter nick;
|
|
||||||
options { hide-ulines; flat-map; identd-check; }
|
|
||||||
network-name "SuperNETs";
|
|
||||||
default-server "irc.supernets.org";
|
|
||||||
services-server "services.supernets.org";
|
|
||||||
sasl-server "services.supernets.org";
|
|
||||||
help-channel "#superbowl";
|
|
||||||
cloak-method ip;
|
|
||||||
cloak-keys {
|
|
||||||
"REDACTED";
|
|
||||||
"REDACTED";
|
|
||||||
"REDACTED";
|
|
||||||
}
|
|
||||||
cloak-prefix "ONION";
|
|
||||||
#tls {
|
|
||||||
# options { fail-if-no-clientcert; }
|
|
||||||
#}
|
|
||||||
outdated-tls-policy {
|
|
||||||
user warn;
|
|
||||||
oper deny;
|
|
||||||
server deny;
|
|
||||||
user-message "4WARNING: You are using an outdated TLS protocol or cipher";
|
|
||||||
oper-message "Network operators must be using an up-to-date TLS protocol & cipher";
|
|
||||||
}
|
|
||||||
anti-flood {
|
|
||||||
channel {
|
|
||||||
profile defcon { flood-mode "[10j#R5,500m#M5,10n#N5,10k#K5]:15"; }
|
|
||||||
boot-delay 75;
|
|
||||||
split-delay 75;
|
|
||||||
}
|
|
||||||
everyone {
|
|
||||||
away-flood 3:300;
|
|
||||||
invite-flood 3:300;
|
|
||||||
knock-flood 3:300;
|
|
||||||
handshake-data-flood {
|
|
||||||
amount 4k;
|
|
||||||
ban-action gzline;
|
|
||||||
ban-time 1h;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
known-users {
|
|
||||||
connect-flood 10:300;
|
|
||||||
join-flood 10:300;
|
|
||||||
nick-flood 10:300;
|
|
||||||
max-concurrent-conversations { users 5; new-user-every 60s; }
|
|
||||||
lag-penalty 10; # update?
|
|
||||||
lag-penalty-bytes 0;
|
|
||||||
}
|
|
||||||
unknown-users {
|
|
||||||
connect-flood 3:300;
|
|
||||||
join-flood 3:300;
|
|
||||||
nick-flood 3:300;
|
|
||||||
max-concurrent-conversations { users 2; new-user-every 120s; }
|
|
||||||
lag-penalty 1000;
|
|
||||||
lag-penalty-bytes 90;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
default-bantime 30d;
|
|
||||||
modef-default-unsettime 5;
|
|
||||||
spamfilter {
|
|
||||||
ban-time 30d;
|
|
||||||
ban-reason "$VOID";
|
|
||||||
utf8 yes;
|
|
||||||
except "#anythinggoes";
|
|
||||||
}
|
|
||||||
max-targets-per-command { kick 1; part 1; privmsg 1; }
|
|
||||||
hide-ban-reason yes;
|
|
||||||
reject-message {
|
|
||||||
gline "$VOID";
|
|
||||||
kline "$VOID";
|
|
||||||
password-mismatch "$VOID";
|
|
||||||
server-full "$VOID";
|
|
||||||
too-many-connections "$VOID";
|
|
||||||
unauthorized "$VOID";
|
|
||||||
}
|
|
||||||
antimixedutf8 {
|
|
||||||
score 8;
|
|
||||||
ban-action block;
|
|
||||||
ban-reason "$VOID";
|
|
||||||
}
|
|
||||||
connthrottle {
|
|
||||||
except { reputation-score 100; identified yes; webirc yes; }
|
|
||||||
new-users { local-throttle 20:60; global-throttle 30:60; }
|
|
||||||
disabled-when { reputation-gathering 1w; start-delay 3m; }
|
|
||||||
reason "$VOID";
|
|
||||||
}
|
|
||||||
history {
|
|
||||||
channel {
|
|
||||||
playback-on-join { lines 1000; time 1d; }
|
|
||||||
max-storage-per-channel {
|
|
||||||
registered { lines 1000; time 1d; }
|
|
||||||
unregistered { lines 100; time 1h; }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
manual-ban-target ip;
|
|
||||||
hide-idle-time { policy always; }
|
|
||||||
whois-details {
|
|
||||||
channels { everyone none; self full; oper full; }
|
|
||||||
reputation { everyone full; }
|
|
||||||
server { everyone none; self full; oper full; }
|
|
||||||
swhois { everyone full; }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
set unknown-users {
|
|
||||||
static-quit "EMO-QUIT";
|
|
||||||
static-part "EMO-PART";
|
|
||||||
}
|
|
||||||
|
|
||||||
hideserver {
|
|
||||||
disable-map yes;
|
|
||||||
disable-links yes;
|
|
||||||
map-deny-message "$VOID";
|
|
||||||
links-deny-message "$VOID";
|
|
||||||
}
|
|
||||||
|
|
||||||
security-group known-users {
|
|
||||||
identified yes;
|
|
||||||
}
|
|
Loading…
Reference in New Issue
Block a user