4
mirror of git://git.acid.vegas/unrealircd.git synced 2024-11-23 08:26:42 +00:00

Non-standard ports opened, re-enabled modules that were disabled, remote conf revamped

This commit is contained in:
Dionysus 2023-06-21 01:52:50 -04:00
parent a73cf120b2
commit f36d862cfd
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
5 changed files with 96 additions and 109 deletions

View File

@ -22,7 +22,7 @@ loadmodule "pass";
loadmodule "pingpong";
loadmodule "protoctl";
loadmodule "quit";
#loadmodule "rules";
loadmodule "rules";
loadmodule "topic";
loadmodule "user";
loadmodule "userhost";
@ -84,7 +84,6 @@ loadmodule "creationtime";
loadmodule "eos";
loadmodule "md";
loadmodule "netinfo";
#loadmodule "require-module";
loadmodule "server";
loadmodule "sinfo";
loadmodule "sjoin";
@ -99,7 +98,7 @@ loadmodule "sendsno";
loadmodule "sendumode";
loadmodule "svsjoin";
loadmodule "svskill";
#loadmodule "svslogin";
loadmodule "svslogin";
loadmodule "svslusers";
loadmodule "svsmode";
loadmodule "svsmotd";
@ -149,7 +148,7 @@ loadmodule "chanmodes/topiclimit"; /* +t */
// User Modes
loadmodule "usermodes/bot"; /* +B */
#loadmodule "usermodes/censor"; /* +G */
loadmodule "usermodes/censor"; /* +G */
loadmodule "usermodes/noctcp"; /* +T */
loadmodule "usermodes/nokick"; /* +q */
loadmodule "usermodes/privacy"; /* +p */
@ -168,11 +167,11 @@ loadmodule "extbans/flood"; /* +e ~flood */
loadmodule "extbans/inchannel"; /* +b ~channel */
loadmodule "extbans/join"; /* +b ~join */
loadmodule "extbans/msgbypass"; /* +e ~msgbypass */
#loadmodule "extbans/nickchange"; /* +b ~nickchange */
loadmodule "extbans/nickchange"; /* +b ~nickchange */
#loadmodule "extbans/operclass"; /* +b ~operclass */
#loadmodule "extbans/partmsg"; /* +b ~partmsg */
loadmodule "extbans/quiet"; /* +b ~quiet */
#loadmodule "extbans/realname"; /* +b ~realname */
loadmodule "extbans/realname"; /* +b ~realname */
loadmodule "extbans/textban"; /* +b ~text */
loadmodule "extbans/timedban"; /* +b ~time */
loadmodule "extbans/securitygroup"; /* +b ~security-group */
@ -200,17 +199,17 @@ loadmodule "sts";
loadmodule "typing-indicator";
// RPC
loadmodule "rpc/rpc";
loadmodule "rpc/stats";
loadmodule "rpc/user";
loadmodule "rpc/server";
loadmodule "rpc/channel";
loadmodule "rpc/server_ban";
loadmodule "rpc/server_ban_exception";
loadmodule "rpc/name_ban";
loadmodule "rpc/spamfilter";
loadmodule "rpc/log";
loadmodule "rpc/whowas";
#loadmodule "rpc/rpc";
#loadmodule "rpc/stats";
#loadmodule "rpc/user";
#loadmodule "rpc/server";
#loadmodule "rpc/channel";
#loadmodule "rpc/server_ban";
#loadmodule "rpc/server_ban_exception";
#loadmodule "rpc/name_ban";
#loadmodule "rpc/spamfilter";
#loadmodule "rpc/log";
#loadmodule "rpc/whowas";
// Other
loadmodule "antimixedutf8";

View File

@ -1,11 +1,10 @@
oper acidvegas {
auto-login yes;
mask { certfp "REDACTED"; };
class clients;
class local;
mask { certfp "REDACTED"; }
maxlogins 1;
operclass netadmin;
require-modes z;
maxlogins 1;
vhost most.dangerous.motherfuck;
swhois "1,1 1,5 1,1 ";
swhois "1,1 1,5 1,7 1,5 1,7 1,5 1,1 ";
swhois "1,1 1,5 1,7 1,5 1,7 1,5 1,7 1,5 1,1 0 1 ";
@ -65,44 +64,49 @@ oper acidvegas {
swhois "1,1 1,5 1,7 1,5 1,1 ";
swhois "1,1 1,5 1,7 1,5 1,1 ";
swhois "1,1 1,5 1,1 ";
vhost most.dangerous.motherfuck;
}
#oper mate {
# class clients;
# mask localhost;
# password "REDACTED" { sslclientcertfp; }
# auto-login yes;
# class local;
# mask { certfp "REDACTED"; }
# maxlogins 1;
# operclass mate;
# require-modes z;
# maxlogins 1;
# vhost super.nets.link;
#}
oper 5000 {
class clients;
mask localhost;
password "REDACTED";
auto-login yes;
class local;
mask { account FUCKYOU; }
maxlogins 1;
modes BdD;
operclass fuckyou;
require-modes z;
maxlogins 1;
vhost 5000;
}
oper cancer {
class clients;
mask localhost;
password "REDACTED";
auto-login yes;
class local;
mask { account CANCER; }
maxlogins 1;
modes BdD;
operclass cancer;
require-modes z;
maxlogins 1;
vhost RETTE;
}
oper phalanx {
class clients;
auto-login yes;
class local;
mask localhost;
password 'REDACTED';
operclass phalanx;
maxlogins 5000;
modes BdD;
operclass phalanx;
password 'REDACTED';
vhost R;
}

View File

@ -22,11 +22,6 @@ log {
destination { file "ircd.log" { maxsize 1M; } }
}
log {
source { antimixedutf8; antirandom; flood; oper; }
destination { channel "#services"; }
}
ulines { services.supernets.org; }
set {

View File

@ -11,8 +11,8 @@ listen {
port 6697;
options { clientsonly; tls; }
tls-options {
certificate "/etc/letsencrypt/live/irc.supernets.org/fullchain.pem";
key "/etc/letsencrypt/live/irc.supernets.org/privkey.pem";
certificate "tls/irc.crt";
key "tls/irc.key";
}
}
listen {
@ -20,7 +20,7 @@ listen {
port 9000;
options { clientsonly; tls; }
tls-options {
certificate "/etc/letsencrypt/live/irc.supernets.org/fullchain.pem";
key "/etc/letsencrypt/live/irc.supernets.org/privkey.pem";
certificate "tls/irc.crt";
key "tls/irc.key";
}
}

View File

@ -19,17 +19,24 @@ alias ns { target nickserv; type services; }
alias operserv { type services; }
alias os { target operserv; type services; }
class clients { pingfreq 120; maxclients 100; sendq 1M; options { nofakelag; } }
class local { pingfreq 300; maxclients 1000; sendq 5M; options { nofakelag; } }
class servers { pingfreq 120; maxclients 10; sendq 1M; connfreq 30; }
class clients { pingfreq 120; maxclients 100; sendq 1M; options { nofakelag; } }
class known { pingfreq 120; maxclients 250; sendq 5M; options { nofakelag; } }
class local { pingfreq 300; maxclients 1000; sendq 10M; options { nofakelag; } }
class servers { pingfreq 120; maxclients 10; sendq 50M; connfreq 15; }
allow { mask *; class clients; maxperip 2; global-maxperip 2; }
allow { mask 127.0.0.1; class local; maxperip 1000; global-maxperip 1000; }
allow { mask *; class clients; maxperip 2; global-maxperip 2; }
allow { mask { security-group known-users; } class known; maxperip 3; global-maxperip 3; }
allow { mask { 127.0.0.1; ::1; } class local; maxperip 1000; global-maxperip 1000; password "simpsonsfan"; }
listen { ip *; port 66606669; options { clientsonly; } }
listen { ip *; port 7000; options { clientsonly; } }
listen { ip *; port REDACTED; options { serversonly; tls; } }
#require authentication {
# mask { ip *; }
# reason "$VOID";
#}
deny channel { channel "#help"; reason "This channel has moved to #superbowl"; redirect "#superbowl"; }
deny channel { channel "#mensa"; reason "This channel has been closed"; redirect "#superbowl"; }
deny channel { channel "#pumpcoin"; reason "This channel has moved to #exchange"; redirect "#exchange"; }
@ -52,8 +59,8 @@ log {
}
log {
source { antimixedutf8; antirandom; flood; oper; }
destination { channel "#services"; }
source { antimixedutf8; antirandom; connthrottle; flood; htm; kill; listen; link; oper; sacmds; }
destination { channel "#syslog"; }
}
tld { mask *@*; motd remote.motd; rules remote.motd; options { remote; } }
@ -105,22 +112,20 @@ set {
restrict-channelmodes "nLpPs";
restrict-commands {
channel-message { except { connect-time 5; identified yes; reputation-score 100; } }
channel-notice { except { connect-time 30; identified yes; reputation-score 100; } }
channel-notice { except { connect-time 15; identified yes; reputation-score 100; } }
invite { except { connect-time 300; identified yes; reputation-score 100; } }
join { except { connect-time 5; identified yes; reputation-score 100; } }
list { except { connect-time 5; identified yes; reputation-score 100; } }
private-message { except { connect-time 300; identified yes; reputation-score 100; } }
private-notice { except { connect-time 300; identified yes; reputation-score 100; } }
}
auto-join "#superbowl";
oper-auto-join "#services";
static-quit "EMO-QUIT";
static-part "EMO-PART";
oper-auto-join "#syslog";
who-limit 0;
nick-length 20;
maxchannelsperuser 10;
channel-command-prefix "`!@$.";
ban-setter nick;
topic-setter nick;
ban-setter nick;
options { hide-ulines; flat-map; identd-check; }
network-name "SuperNETs";
default-server "irc.supernets.org";
@ -134,6 +139,9 @@ set {
"REDACTED";
}
cloak-prefix "SUPER";
#tls {
# options { fail-if-no-clientcert; }
#}
plaintext-policy {
user warn;
oper deny;
@ -150,49 +158,33 @@ set {
}
anti-flood {
channel {
profile defcon { flood-mode "[10j#R5,200m#M5,10n#N5]:15"; }
profile defcon { flood-mode "[10j#R5,500m#M5,10n#N5,10k#K5]:15"; }
boot-delay 75;
split-delay 75;
}
everyone {
connect-flood 3:300;
away-flood 3:300;
invite-flood 3:300;
knock-flood 3:300;
handshake-data-flood {
amount 4k;
ban-action gzline;
ban-time 1h;
}
target-flood {
channel-notice 15:5;
channel-privmsg 45:5;
channel-tagmsg 15:5;
private-notice 10:5;
private-privmsg 30:5;
private-tagmsg 10:5;
}
}
known-users {
away-flood 3:300;
invite-flood 3:300;
join-flood 3:300;
knock-flood 3:300;
nick-flood 3:300;
max-concurrent-conversations {
users 5;
new-user-every 60s;
}
connect-flood 10:300;
join-flood 10:300;
nick-flood 10:300;
max-concurrent-conversations { users 5; new-user-every 60s; }
lag-penalty 10; # update?
lag-penalty-bytes 0;
}
unknown-users {
away-flood 3:300;
invite-flood 3:300;
join-flood 3:300;
knock-flood 3:300;
nick-flood 3:300;
max-concurrent-conversations {
users 3;
new-user-every 60s;
}
connect-flood 3:300;
join-flood 3:300;
nick-flood 3:300;
max-concurrent-conversations { users 2; new-user-every 120s; }
lag-penalty 1000;
lag-penalty-bytes 90;
}
@ -200,8 +192,9 @@ set {
default-bantime 30d;
modef-default-unsettime 5;
spamfilter {
ban-time 1d;
ban-time 30d;
ban-reason "$VOID";
utf8 yes;
except "#anythinggoes";
}
max-targets-per-command { kick 1; part 1; privmsg 1; }
@ -220,9 +213,9 @@ set {
ban-reason "$VOID";
}
connthrottle {
except { reputation-score 100; identified yes; webirc yes; }
new-users { local-throttle 20:60; global-throttle 30:60; }
disabled-when { reputation-gathering 1w; start-delay 3m; }
except { reputation-score 100; identified yes; webirc yes; }
new-users { local-throttle 20:60; global-throttle 30:60; }
disabled-when { reputation-gathering 1w; start-delay 3m; }
reason "$VOID";
}
history {
@ -234,29 +227,25 @@ set {
}
}
}
manual-ban-target ip;
hide-idle-time { policy always; }
whois-details {
account { everyone full; }
away { everyone full; }
basic { everyone full; }
bot { everyone full; }
certfp { everyone full; }
channels { everyone none; self full; oper full; }
geo { everyone none; }
idle { everyone none; }
modes { everyone none; self full; oper full; }
oper { everyone limited; self full; oper full; }
realhost { everyone none; self full; oper full; }
registered-nick { everyone full; }
reputation { everyone full; }
secure { everyone limited; self full; oper full; }
server { everyone full; }
services { everyone full; }
shunned { everyone none; self none; oper full; }
swhois { everyone full; }
channels { everyone none; self full; oper full; }
reputation { everyone full; }
server { everyone none; self full; oper full; }
swhois { everyone full; }
}
}
set known-users {
auto-join "#superbowl";
}
set unknown-users {
static-quit "EMO-QUIT";
static-part "EMO-PART";
}
hideserver {
disable-map yes;
disable-links yes;
@ -266,5 +255,5 @@ hideserver {
security-group known-users {
identified yes;
reputation-score 100;
reputation-score 10000;
}