README for ircd-hybrid INS patch version 7.6.2p1 ============================================ *** READ THIS: *** The character for hostname spoofing has changed since INS7.4. *** If you do not update your config file, IT WILL NOT WORK. Please see after the feature list for installation and usage instructions. Features marked with (BROKEN) do not work in this release. The INS patch adds the following features to ircd-hybrid: - #define QUIET_ON_BANNED in config.h will stop users talking in a channel they are banned in. - Q: lines no longer dump the user, they simply send 'nick is already in use'. - #define GLINE_STRICT_VOTE in config.h will make it harder for opers with more than one O: line to place glines. - opers with umode +x will see server split notices as well as server introduction messages. - /ungline command - /undline command - #define TBURST in config.h will enable topicTS, a system for syncing topics on netjoins. This hasn't been completely tested, and is not guaranteed to work correctly. - #define PART_REASON in config.h will allow users to /part a channel with a reason, as long as the channel is not +m. - #define STATS_P_NOTICE in config.h will show opers /stats p, but no other stats. - #define LUSER_WALLOPS will allow non-oper users to see WALLOPS (but not operwalls). - shows the whole nick!user@host of the person who set the topic, not just the nick. - new P: line behaviour allows you to configure which ports can be used by users and servers (as in ircu2.10). - the server now sends a global WALLOPS for every users it kills because of a G: line if GLINE_WALLOPS is defined. - allows you to add '}' to the I: line flags to stop this I: line being shown in /stats i. - define LINKS_OPER_ONLY to allow only opers to use /links command. - define SERVERHIDE to not show the server a user is using to IRC from (not completely finished yet). This differs slightly from the hybrid's own version. - define CLIENT_EXIT to show "Client Exit: reason" as the client exit message, to stop people faking server signoffs. - define STATS_O_OPERS_ONLY and STATS_P_OPERS_ONLY to make /stats o and /stats p respectivly only available to opers. - define STATS_P_NOTIFY_OPER to notify opers that a /stats p has been done, rather than sending a list to the client. - define STATS_O_HIDE_HOST to always show the O: line host as *@* in /stats o for non-opers. - define ALLOW_OPME to enable opers with the E flag to use the /opme command on opless channels, to hack ops. This also lets opers see into opless +s channels, and join them past +iklb modes. - define WARN_HACKOPS to see hacked op notices from leafs. - define SENDQ_NOTICE to send a warning to opers when sendq becomes large. - /restart now requires a server name, as /die does. - client hostmasking (see below). - /quote set splitforce YES to force the server to go into splitmode until /quote set splitforce NO is given. - /quote set splitdelay followed by /quote set splitmode YES will put the server into splitmode for another seconds. - TOPIC_INFO is now always defined. - BAN_INFO is now always defined. - some fixes to the hybrid-6 implementation of HIDE_IPS and SERVERHIDE. - FNAME_OPERLOG, to log failed oper attempts (reports of this coring, it might be fixed in this release, i can't guarantee it though). - OPER_ONLY_UMODES, which allows you to define which user modes only opers can set. - more verbose remote connection notices. - local operatores are gone, they are not needed with oper flags. - shows the hopcount and description of new servers being introduced. - shows the ircname in client connections. - define GLOBAL_OPER_NOTICES to see notices when anyone, on any server does /oper. - define DEOPER_NOTICES to see when someone does /umode -o. - define DEADLINK_WALLOPS to send out a WALLOPs to opers when we close a server's connection because of a write error. - (BROKEN - will be fixed in next release) if you have openssl installed, define USE_SSL to enable SSL connections. (note this has a couple of problems; please read the information in config.h before enabling). (see below). - define HOSTMASKING to allow users to set umode +v to mask their host. (see below). - define SERVICES to get /nickserv etc. commands (see below). - define UMODE_G for hybrid-7 style server side ignore (see below). - define HALFOPS to get half-ops support (see below). Installation And Usage ====================== First, edit config.h and enable whatever features you want, as normal. Then, you must setup ircd.conf to configure some of the new features: - If you wish to restrict a certain port to either users or servers, do something like this: server-only port: P:::S:6667 user-only port: P:::U:6667 You can use SU to allow both users and servers to connect to that port. (which is the default if neither are specified) Additionally, you can use "UH" or "SH" to hide this ports from /stats P. - if you want to use hostmasking in I: lines, you need an I: line like this: I:prefix.::_user@host::1 the client's hostname will be "prefix" followed by the CRC of the rest of their hostname. Note that this isn't entirely working yet (it has problems with IPs among other things). Note that the prefix MUST have a '.' at the end. - if you are using SSL, you must generate an SSL key like so: openssl req -new -config src/ssl.cnf -out server.req.pem -keyout server.key.pem -nodes openssl req -x509 -days 365 -in server.req.pem -key server.key.pem -out server.cert.pem openssl x509 -subject -dates -fingerprint -noout -in server.cert.pem replace "openssl" with the path to your openssl command. Also, for each port you want to enable SSL on, put an 's' in the flags (see above). - Notes on hostmasking (user mode +v): This is basically the same as the "+x" or "+z" mode on other ircds. When set, the user's host is masked, by replacing the first portion (up to the first '.' for hostnames, or everything after the third '.' for IPs) with a string generated by applying a modified CRC16 hash to the hostname. This differs from I: line hostmasking because users can choose themselves whether they want their host masked or not.Users with I: line spoofs or masks are not permitted to set themselves +v. If UMODE_V_DEFAULT is defined, then users will be set +v immediately when they connect. Note that some commands (in particular /kline, /gline, /oper) use the user's real host, rather than the masked host. It is possible for opers to discover a user's real host via /whois. When initially converting a network from non-hostmasking to hostmasking, you may find it useful to define ALLOW_NON_SH on your hubs. This will allow non-hostmasking servers to link, even though they won't understand the +v (and thus will show the wrong hostname for masked users). However, it's best to upgrade all servers ASAP. Note that you *MUST* have an s: line in ircd.conf when using hostmasking, otherwise Bad Things will happen. - Notes on Invite Exemptions (INVEX): Even if you don't define INVEX, the server will understand +I modes, and pass them on to other servers which understand them. It will not, however, allow local users to set +I modes, and will not apply +I modes to local users trying to join channels. - Notes on SERVICES commands: Define this to get the following commands: /nickserv, /ns, /chanserv, /cs, /operserv, /os, /memoserv, /ms, /statserv, /ss, /voteserv, /vs, /seenserv. Note that the short forms are only available if SERVICES_SHORT_ALIASES is defined, otherwise users will get a message telling them to use the long form. In order for this to work, you must set the server that your services appears from in ircd.conf, like so: S:services.us It will refuse to route a message to services if the server is incorrect. You should define NICKSERV, CHANSERV etc. in config.h to the names of your services (but note that this only affects where the message goes, not the name of the command.) - Notes on server side ignore (UMODE_G): When a client is set umode +g, noone can send it private messages. The client will receive a notice tell it it was sent a message, and the sender will receive a notice to say that they were notified. The target is notified only every CALLER_ID_WAIT seconds, to prevent flooding. To allow a client to message you, use the following command: /quote accept And to remove a client from your accept list: /quote accept - To lists current accepts: /quote accept * - Notes on half-ops (HALFOPS): Half-ops are the same as normal channel ops, but with some restrictions: - They cannot set modes +/-oh, - They cannot kick ops. Other than this they are identical to channel ops. Half-ops appear with a '%' sign in /names and /whois. Good luck! -is