change nicklen to 32, and cleaning up a bit

2020-11-06 15:11:05 +00:00 · 2020-11-06 15:11:05 +00:00 · e3b5a9b151
--- a/etc/channel.conf
+++ b/etc/channel.conf
@ -3,9 +3,9 @@ channel {
 	use_except                 = yes;
 	use_knock                  = yes;
 	invite_ops_only            = yes;
-	knock_delay                = 8 hours;
+	knock_delay                = 2 minutes;
 	knock_delay_channel        = 2 second;
-	max_chans_per_user         = 128;
+	max_chans_per_user         = 192;
 	quiet_on_ban               = yes;
 	max_bans                   = 256;
 	default_split_user_count   = 0;
@ -14,5 +14,5 @@ channel {
 	no_join_on_split           = no;
 	burst_topicwho             = yes;
 	use_sslonly                = yes;
-	topiclen                   = 256;
+	topiclen                   = 192;
 };
--- a/etc/general.hub.conf
+++ b/etc/general.hub.conf
@ -12,7 +12,7 @@ general {
 	client_exit                 = yes;
 	collision_fnc               = no;
 	dline_with_reason           = yes;
-	kline_with_reason           = yes;
+	kline_with_reason           = no;
  burst_away                  = yes;
 	kline_reason                = "Please check that your client configuration is compliant with the terms of service and review the MOTD for more information";
 	non_redundant_klines        = yes;
@ -33,7 +33,7 @@ general {
 	no_oper_flood               = yes;
 	glines                      = yes;
  gline_min_cidr              = 29;
-  global_cidr                 = yes;
+  global_cidr                 = no;
  use_whois_actually          = yes;
 	global_cidr_ipv4_bitlen     = 24;
 	global_cidr_ipv4_count      = 128;
@ -66,5 +66,7 @@ general {
  oper_only_umodes            = cconn, cconnext, debug,    full,     skill,  nchange,
                                rej,   spy,      external, operwall, locops, unauth;

-  oper_umodes                 = locops, servnotice, operwall, wallop;
+  oper_umodes                 = locops, servnotice, operwall, wallop,   cconn,  cconnext,
+                                debug,  full,       skill,    nchange,
+                                rej,    spy,        external, operwall, locops, unauth;
 };
--- a/etc/general.tor.dmz.conf
+++ b/etc/general.tor.dmz.conf
@ -13,7 +13,7 @@ general {
 	collision_fnc               = no;
 	dline_with_reason           = yes;
 	kline_with_reason           = yes;
-  burst_away                  = yes;
+  burst_away                  = no;
 	kline_reason                = "Please check that your client configuration is compliant with the terms of service and review the MOTD for more information";
 	non_redundant_klines        = yes;
 	warn_no_nline               = yes;
@ -34,9 +34,9 @@ general {
 	glines                      = no;
  gline_min_cidr              = 29;
  global_cidr                 = yes;
-  use_whois_actually          = no;
+  use_whois_actually          = yes;
 	global_cidr_ipv4_bitlen     = 24;
-	global_cidr_ipv4_count      = 128;
+	global_cidr_ipv4_count      = 384;
 	global_cidr_ipv6_bitlen     = 64;
 	global_cidr_ipv6_count      = 128;
 	max_targets                 = 4;
@ -50,7 +50,7 @@ general {
  min_nonwildcard             = 3;
  min_nonwildcard_simple      = 3;
  max_accept                  = 32;
-  max_monitor                 = 64;
+  max_monitor                 = 0;
  max_nick_changes            = 8;
  reject_duration             = 2 minutes;
  caller_id_wait              = 2 minutes;
--- a/etc/ircd.motd
+++ b/etc/ircd.motd
@ -7,9 +7,12 @@ is no need for TLS. Please read the quickstart
 section for more information regarding privacy 
 and encryption.

-General IRC network access (No IDENT):       irc.netwerk.insecurity.corp:6667 / TLS port 6697 
-General IRC network access (IDENT required): irc.netwerk.insecurity.corp:6668 / TLS port 6698
-To connect from DronesBL listed hosts:       irc.netwerk.insecurity.corp:6669 / TLS port 6699
+General IRC network access (No IDENT):       irc.netwerk.insecurity.corp:6667
+                                                            ( TLS port 6697 ) 
+General IRC network access (IDENT required): irc.netwerk.insecurity.corp:6668
+                                                            ( TLS port 6698 )
+To connect from DronesBL listed hosts:       irc.netwerk.insecurity.corp:6669
+                                                            ( TLS port 6699 )

 IPv6 access:                                 irc.ipv6.netwerk.insecurity.corp

@ -33,11 +36,12 @@ this hostmask:

 - *!~*@*

-3. It stands to reason to use TLS if you are using shared secrets 
-like channel keys or other authentication. Tor hidden services 
-offer the best end-to-end (client-to-server) encryption whereas 
-TLS certificates rely on chain of trust or manually verified 
-fingerprints for connection integrity confirmation. Neither of these
+3. It a good idea to use TLS if you are using shared secrets 
+like channel keys or other authentication (services, ect.)
+Tor hidden services offer the best end-to-end
+(client-to-server) encryption whereas TLS certificates rely
+on chain of trust or manually verified fingerprints for
+connection integrity confirmation. Neither of these
 should be regarded as appropriate for conversational privacy. 

 For conversational privacy (client-to-server-to-client) encryption, 
@ -55,4 +59,4 @@ decide on your own level of separation from this network and it's users.
 - Use encryption
 - Use shell accounts
 - Use proxies 
- Use Tor 
+- Use tor 
--- a/etc/modules.all.conf
+++ b/etc/modules.all.conf
@ -35,11 +35,11 @@ modules {
        path = "/usr/local/ircd/modules/autoload/m_locops.so";
        path = "/usr/local/ircd/modules/autoload/m_lusers.so";
        path = "/usr/local/ircd/modules/autoload/m_map.so";
-        path = "/usr/local/ircd/modules/autoload/m_monitor.so";
+#        path = "/usr/local/ircd/modules/autoload/m_monitor.so";
        path = "/usr/local/ircd/modules/autoload/m_motd.so";
        path = "/usr/local/ircd/modules/autoload/m_names.so";
        path = "/usr/local/ircd/modules/autoload/m_oper.so";
-        path = "/usr/local/ircd/modules/autoload/m_operspy.so";
+#        path = "/usr/local/ircd/modules/autoload/m_operspy.so";
        path = "/usr/local/ircd/modules/autoload/m_pass.so";
        path = "/usr/local/ircd/modules/autoload/m_ping.so";
        path = "/usr/local/ircd/modules/autoload/m_pong.so";
@ -55,7 +55,7 @@ modules {
        path = "/usr/local/ircd/modules/autoload/m_testmask.so";
        path = "/usr/local/ircd/modules/autoload/m_time.so";
        path = "/usr/local/ircd/modules/autoload/m_topic.so";
-        path = "/usr/local/ircd/modules/autoload/m_trace.so";
+#        path = "/usr/local/ircd/modules/autoload/m_trace.so";
        path = "/usr/local/ircd/modules/autoload/m_unreject.so";
        path = "/usr/local/ircd/modules/autoload/m_user.so";
        path = "/usr/local/ircd/modules/autoload/m_userhost.so";
--- a/etc/server.classes.conf
+++ b/etc/server.classes.conf
@ -2,7 +2,7 @@ class "remote_edge_server" {
        ping_time   = 30 seconds;
        connectfreq = 2 seconds;
        max_number  = 64;
-        sendq       = 16 megabytes;
+        sendq       = 32 megabytes;
 };

 class "edge_server" {
@ -16,28 +16,28 @@ class "tor_dmz_server" {
        ping_time   = 2 seconds;
        connectfreq = 2 seconds;
        max_number  = 8;
-        sendq       = 16 megabytes;
+        sendq       = 32 megabytes;
 };

 class "proxy_dmz_server" {
        ping_time   = 2 seconds;
        connectfreq = 2 seconds;
        max_number  = 8;
-        sendq       = 16 megabytes;
+        sendq       = 32 megabytes;
 };

 class "general_server" {
        ping_time   = 2 seconds;
        connectfreq = 2 seconds;
        max_number  = 8;
-        sendq       = 16 megabytes;
+        sendq       = 32 megabytes;
 };

 class "hub_server" {
        ping_time   = 2 seconds;
        connectfreq = 2 seconds;
        max_number  = 8;
-        sendq       = 16 megabytes;
+        sendq       = 32 megabytes;
 };

 class "dmz_to_hub_server" {
--- a/ratbox/Dockerfile
+++ b/ratbox/Dockerfile
@ -1,6 +1,6 @@
 FROM debian:latest
 ENV DEBIAN_FRONTEND noninteractive
-ENV NICK_LEN 16
+ENV NICK_LEN 32
 RUN apt-get update && apt-get -y install git subversion libssl-dev build-essential autoconf automake1.11 clang zlib1g-dev libsqlite3-dev
 RUN mkdir -p /tmp/ratbox
 WORKDIR /tmp/ratbox
--- a/rb_console/.irssi/config
+++ b/rb_console/.irssi/config
@ -48,43 +48,50 @@ servers = (

 chatnets = {
  hub = {
-    nick = "hubadmin";
+    nick = "hub_admin";
    username = "hubadmin";
    realname = "hub admin";
    type = "IRC";
-    autosendcmd = "/quote oper hubadmin password";
+    autosendcmd = "/quote oper hub_admin password";
  };
  edge = {
-    nick = "edgeadmin";
+    nick = "edge_admin";
    username = "edgeadmin";
    realname = "edge admin";
    type = "IRC";
-    autosendcmd = "/oper edgeadmin password";
+    autosendcmd = "/oper edge_admin password";
  };
  general = {
-    nick = "generaladmin";
+    nick = "general_admin";
    username = "generaladmin";
    realname = "general admin";
    type = "IRC";
-    autosendcmd = "/oper generaladmin password";
+    autosendcmd = "/oper general_admin password";
  };
-  dmz = {
-    nick = "tdmzadmin";
+  tordmz = {
+    nick = "tor_dmz_admin";
    username = "tdmzadmin";
    realname = "tor dmz admin";
    type = "IRC";
-    autosendcmd = "/oper tordmzadmin password";
+    autosendcmd = "/oper tor_dmz_admin password";
+  };
+  prxdmz = {
+    nick = "proxy_dmz_admin";
+    username = "pdmzadmin";
+    realname = "tor dmz admin";
+    type = "IRC";
+    autosendcmd = "/oper proxy_dmz_admin password";
  };
  "tor-dmz" = { type = "IRC"; };
  "proxy-dmz" = { type = "IRC"; };
 };

 channels = (
-  { name = "#oper"; chatnet = "hub"; autojoin = "yes"; },
-  { name = "#oper"; chatnet = "edge"; autojoin = "yes"; },
-  { name = "#oper"; chatnet = "general"; autojoin = "yes"; },
-  { name = "#oper"; chatnet = "tor-dmz"; autojoin = "yes"; },
-  { name = "#oper"; chatnet = "proxy-dmz"; autojoin = "yes"; }
+  { name = "#partyline"; chatnet = "hub"; autojoin = "yes"; },
+  { name = "#partyline"; chatnet = "edge"; autojoin = "yes"; },
+  { name = "#partyline"; chatnet = "general"; autojoin = "yes"; },
+  { name = "#partyline"; chatnet = "tordmz"; autojoin = "yes"; },
+  { name = "#partyline"; chatnet = "prxdmz"; autojoin = "yes"; }
 );

 aliases = {
--- a/rb_console/docker-compose.yml
+++ b/rb_console/docker-compose.yml
--- a/rb_edge/docker-compose.yml
+++ b/rb_edge/docker-compose.yml
@ -27,7 +27,7 @@ services:
    environment:
      LANG: en_US.utf8
      TZ: UTC
-      NICK_LEN: 16
+      NICK_LEN: 32
    ulimits:
      nproc: 65535
      nofile:
--- a/rb_edge/edge.conf
+++ b/rb_edge/edge.conf
@ -44,7 +44,7 @@ auth {
          gline_exempt, kline_exempt,   exceed_limit;
 };

-operator "edgeadmin" {
+operator "edge_admin" {
 	user     = "*@198.18.70.43";
 	password = "password";

@ -62,8 +62,8 @@ connect "hub.netwerk.insecurity.corp" {
        port            = 7003;
        aftype          = ipv4;
        class           = "hub_server";
-        hub_mask         = "*";
-        flags           = autoconn, topicburst;
+        hub_mask        = "*";
+        flags           = topicburst;
 };

 service {
--- a/rb_general/docker-compose.yml
+++ b/rb_general/docker-compose.yml
@ -27,7 +27,7 @@ services:
    environment:
      LANG: en_US.utf8
      TZ: UTC
-      NICK_LEN: 16
+      NICK_LEN: 32
    ulimits:
      nproc: 65535
      nofile:
--- a/rb_general/general.conf
+++ b/rb_general/general.conf
@ -45,7 +45,7 @@ auth {
          gline_exempt, kline_exempt,   exceed_limit;
 };

-operator "generaladmin" {
+operator "general_admin" {
 	user     = "*@198.18.70.51";
 	password = "password";

--- a/rb_hub/docker-compose.yml
+++ b/rb_hub/docker-compose.yml
@ -59,7 +59,7 @@ services:
    environment:
      LANG: en_US.utf8
      TZ: UTC
-      NICK_LEN: 16
+      NICK_LEN: 32
    ulimits:
      nproc: 65535
      nofile:
--- a/rb_hub/hub.conf
+++ b/rb_hub/hub.conf
@ -64,7 +64,7 @@ operator "g0d" {
 };


-operator "hubadmin" {
+operator "hub_admin" {
 	user     = "*@198.18.70.34";
 	password = "password";

@ -112,7 +112,8 @@ connect "edge.netwerk.insecurity.corp" {
        port            = 7003;
        aftype          = ipv4;
        class           = "edge_server";
-        flags           = topicburst;
+        hub_mask        = "*";
+        flags           = autoconn, topicburst;
 };

 connect "n3tw3rk.services" {
--- a/rb_proxy_dmz/docker-compose.yml
+++ b/rb_proxy_dmz/docker-compose.yml
@ -27,7 +27,7 @@ services:
    environment:
      LANG: en_US.utf8
      TZ: UTC
-      NICK_LEN: 16
+      NICK_LEN: 32
    ulimits:
      nproc: 65535
      nofile:
--- a/rb_proxy_dmz/proxy-dmz.conf
+++ b/rb_proxy_dmz/proxy-dmz.conf
@ -52,7 +52,7 @@ auth {
          gline_exempt, kline_exempt,   exceed_limit;
 };

-operator "pdmzadmin" {
+operator "proxy_dmz_admin" {
 	user     = "*@198.18.70.67";
 	password = "password";

--- a/rb_services/services.conf
+++ b/rb_services/services.conf
@ -1,7 +1,7 @@
 serverinfo {
        name                     = "n3tw3rk.services";
 	      sid                      = "14X";
-        description              = "n3tw3rk services";
+        description              = "name, and channel registration";
 	      dcc_vhost                = "192.168.70.90";
 	      dcc_low_port             = 3000;
 	      dcc_high_port            = 5000;
@ -47,7 +47,7 @@ connect "hub.netwerk.insecurity.corp" {
 };

 operator "g0d" {
-        user     = "*@oper.bounce.netwerk.insecurity.corp";
+        user     = "g0d@198.18.70.91";
        password = "password";
        flags    = admin, dcc, route;
        userserv = admin;
@ -61,9 +61,9 @@ operator "g0d" {
 };

 service "userserv" {
-	nick                   = "USERSERV";
-	username               = "user";
-	host                   = "userserv.c0rp";
+	nick                   = "U";
+	username               = "userserv";
+	host                   = "1ns3cur1ty.c0rp";
 	realname               = "user registration service";
 	flags                  = opered, msg_self;
 	loglevel               = 5;
@ -92,9 +92,9 @@ service "userserv" {
 };

 service "chanserv" {
-	nick                   = "CHANSERV";
-	username               = "chan";
-	host                   = "chanserv.c0rp";
+	nick                   = "C";
+	username               = "chanserv";
+	host                   = "1ns3cur1ty.c0rp";
 	realname               = "channel registration service";
 	flags                  = opered, login_help;
 	loglevel               = 3;
@ -114,9 +114,9 @@ service "chanserv" {
 };

 service "nickserv" {
-	nick           = "NICKSERV";
-	username       = "nick";
-	host           = "nickserv.c0rp";
+	nick           = "N";
+	username       = "nickserv";
+	host           = "1ns3cur1ty.c0rp";
 	realname       = "nickname services";
 	flags          = opered, msg_self;
 	loglevel       = 3;
@ -126,9 +126,9 @@ service "nickserv" {
 };

 service "operserv" {
-	nick      = "OPERSERV";
-	username  = "oper";
-	host      = "operserv.c0rp";
+	nick      = "O";
+	username  = "operserv";
+	host      = "1ns3cur1ty.c0rp";
 	realname  = "oper services";
 	flags     = opered, msg_self, stealth, wallop_adm;
 	loglevel  = 1;
@ -136,9 +136,9 @@ service "operserv" {
 };

 service "jupeserv" {
-	nick                = "JUPESERV";
-	username            = "jupe";
-	host                = "jupeserv.c0rp";
+	nick                = "J";
+	username            = "jupeserv";
+	host                = "1ns3cur1ty.c0rp";
 	realname            = "server jupe service";
 	flags               = opered, msg_self, stealth;
 	loglevel            = 2;
@ -150,18 +150,18 @@ service "jupeserv" {
 };

 service "operbot" {
-	nick     = "operbot";
+	nick     = "OB";
 	username = "operbot";
-	host     = "operbot.c0rp";
+	host     = "1ns3cur1ty.c0rp";
 	realname = "oper op/invite services";
 	flags    = opered, msg_self, stealth;
 	loglevel = 1;
 };

 service "alis" {
-	nick        = "alis";
+	nick        = "A";
 	username    = "alis";
-	host        = "alis.c0rp";
+	host        = "1ns3cur1ty.c0rp";
 	realname    = "Advanced List Service - /msg alis help";
 	flags       = msg_self;
 	loglevel    = 1;
@ -169,18 +169,18 @@ service "alis" {
 };

 service "global" {
-	nick     = "GLOBAL";
+	nick     = "G";
 	username = "global";
-	host     = "global.c0rp";
+	host     = "1ns3cur1ty.c0rp";
 	realname = "Network Message Service";
 	flags    = opered, msg_self, stealth;
 	loglevel = 1;
 };

 service "banserv" {
-	nick                = "BANSERV";
+	nick                = "B";
 	username            = "banserv";
-	host                = "banserv.c0rp";
+	host                = "1ns3cur1ty.c0rp";
 	realname            = "Ban Service";
 	flags               = opered, msg_self, stealth;
 	loglevel            = 1;
@ -195,19 +195,19 @@ service "banserv" {
 };

 service "watchserv" {
-	nick                = "WATCHSERV";
-	username            = "watchserv";
-	host                = "services.c0rp";
-	realname            = "Command Watching Service";
+	nick                = "W";
+	username            = "ceilingcat";
+	host                = "1ns3cur1ty.c0rp";
+	realname            = "ceiling cat is watching you";
 	flags               = msg_self, stealth;
 	loglevel            = 1;
 	merge_into_operserv = no;
 };

 service "memoserv" {
-	nick                  = "MEMOSERV";
+	nick                  = "M";
 	username              = "memoserv";
-	host                  = "memo.c0rp";
+	host                  = "1ns3cur1ty.c0rp";
 	realname              = "Did you by any chance get that e-mail I sent you?";
 	flags                 = msg_self;
 	loglevel              = 0;
--- a/rb_tor_dmz/docker-compose.yml
+++ b/rb_tor_dmz/docker-compose.yml
@ -30,7 +30,7 @@ services:
    environment:
      LANG: en_US.utf8
      TZ: UTC
-      NICK_LEN: 16
+      NICK_LEN: 32
    ulimits:
      nproc: 65535
      nofile:
--- a/rb_tor_dmz/tor-dmz.conf
+++ b/rb_tor_dmz/tor-dmz.conf
@ -52,7 +52,7 @@ auth {
  flags = spambot_exempt, no_tilde, gline_exempt, kline_exempt;
 };
   
-operator "tdmzadmin" {
+operator "tor_dmz_admin" {
 	user     = "*@198.18.70.59";
 	password = "password";