 |
NOTE: This document is
primarily intended for IRC Operators. There isn't much use in reading
this if you're not an operator, although we won't stop the curious from
reading anyway. But please, don't bother the writer with questions about
it in that case.
This document tries to explain some facts about how servers operate,
explains handy IRC Operator commands (and non-oper commands which are
still useful), tries to explain how to use commands like /SQUIT
and /CONNECT, and details the workins of services, mostly OperServ
This document is NOT concerned with the ethical side of being
an IRC Operator, ie. when usage of +M (Mode Override) is acceptable,
when to DROP and GETPASS nicks or channels, when a /KILL is justified,
or anything else. There should be other documents available to explain
that, and I won't volunteer writing those myself :-)
Server operation - a list of commands
There are quite a few commands. Make sure to understand at least
/CONNECT, /SQUIT, /STATS c, /STATS k, /WHOWAS and /WALLOPS, these are
the most useful commands (and /KILL :-) ). In time, you'll understand
all the other commands, by learning them from others, or learn them by
reading this. Just keep this document handy as a reference.
Also, note that many commands listed here are also available to non IRC
Operaters. But as they still are quite useful, they're listed anyway.
- /CLOSE
The CLOSE command forces the server to close all unknown
connections. Unknown connections are connections on which it is
still not known wether the person connecting is an user, or a
server. This will not disconnect anyone from IRC who is already
connected.
I haven't seen any useful use of this command yet, but you might
want to try as a last resort (aside from a /RESTART) if the server
seems to act weirdly and refusing to accept connections, or /LUSERS
shows an usually high number of unknown connections.
Many clients have reassigned /CLOSE to an internal function, so to
send this command to the server, use /QUOTE CLOSE
This command unfortunately can't be used to close half-open
connections caused by a SYNflood
- /CONNECT <new server> <port> <start
server>
Forces a server to connect to another server. If you use CONNECT
with one or two parameters, this will force your server to connect
to the other server. If you give a third parameter, this will send
the connect command to that server (remote connecting).
See server
linking for more information,
- /DIE
The /DIE command terminates the server completely. All open
connections are closed, everyone is disconnected. A server will NOT
come back up by itself after a /DIE (unless the server admin is
using a script that checks if the ircd is alive, and reboots it if
it isn't). /DIE should only be used in cases where the server is
better off not running, like clients being randomly disconnected, or
the server going crazy and disrupting the rest of the network. Try
to inform everyone on your server, and all IRC operators, that your
server will be terminated, before using /DIE
Server admins may choose not to enable /DIE.
- /GLOBOPS <message>
This will send a message to all online IRC Operators, and
former-operators, who set mode -o, but still have +g enabled.
(off-duty? :-) ) Normal users can not see messages sent via
/GLOBOPS. Some clients might not get this command right, so if words
are missing, or other strange things happen, use an alias.
ircII:
alias globops globops :$-
mIRC:
alias globops globops : $+ *1
- /KILL <nick> <mode>
Sends a KILL message to a user, which will cause the user to be
disconnected from IRC. At times, you will see a message like KILL
changed from ... to ..., this means that the user has changed
nicks, and the servers have changed the nick to kill accordingly.
(This makes sure users can't escape kills by changing nicks quickly)
- /KLINE <mask> <reason>
Sets a temporary K-line, on your server only. A K-line will make it
impossible for the user to connect to your server - when he tries
so, it will see the message K-Lined, and the reason.
You can't kline by nick!user@host, only by user@host. Don't try to
use !s in /KLINE masks.
Please note that most clients don't handle this command correctly -
reasons longer than one word are cut off. Unless you have an alias
to correct for this, use KLINE like this:
/QUOTE KLINE <mask> :<reason>
Don't forget the `:', otherwise the kline comment will still
be cut off.
Suggested aliases for popular irc clients are:
ircII:<\B>
alias kline quote kline $1 :$2-
mIRC:<\B>
alias kline quote kline $$1 : $+ *2
- /MAP
Shows a map of the network, the number of users per server, and
the percentage each server has of the global. (I know the
percentages don't add up to 100%, no need to keep mentioning that
to me :) )
- /MODE <nick> <mode>
MODE offers some extra options after you have used the /OPER
command. Most modes, except +n, +i, and +m, will automatically be
set by the server as soon as you use the /OPER command
Remember that you can get a list of available modes via
/mode ?
so there's no need to memorize everything.
- +/-c
This mode controls the seeing of "Client
connecting", "Client exiting" messages. If they
annoy you, turn them off.
- +/-d
When you enable the deaf mode, you won't receive any
messages sent to a channel. Useful for bots, but not likely
for much else.
- +/-g
This option controls whether you will see GLOBOPS
messages. GLOBOPS are sent by other IRC Operators, or by
services.
- +/-h
Enables the seeing of HELP requests, and adds the line
"looks very helpful" to your /whois information.
Hardly anyone uses help requests, so this mode is not too
useful. More of a vanity mode :-)
- +/-i
Invisibility. This one will make you invisible from /who and
/names, except if the person doing the /who or /names is on
the same channel as you are. You're not really invisible, any
user that cares to read the available documentation, knows
that +i IRC Operators can be found using /trace ;-)
- +/-k
Kill messages. If you enable this, you will see KILLs sent out
by services, servers, or other IRC operators
- +/-l
Linking information. Enabling this option sends you
information about network splits, connections, and all other
stuff concerning network linking. It's highly recommended that
you keep this one on.
- +/-m
Mode override. Intended to be used on channels where mode wars
make it very hard to use services' mode commands, or when
services are unusable. This mode also blocks KICKs. Try to use
other methods whereever possible, and when using +m, disable
it as soon as possible. Be aware that all online operators are
informed about usage of this mode!
- +/-n
No invite. Noone will be able to /invite you, except if they
try to /invite you to a +ci channel, on which you knocked
first
- +/-o
Operator status. If you want to be off-duty, not use operator
commands, or anything, then set mode -o to disable operator
commands. Please note that if you have disabled +o, but didn't
disable +g, you can still read and use GLOBOPS
- +/-s
Server notices. Makes the server send status messages to you,
and report errors. Highly recommended to keep this enabled.
- +/-u
Usage of mode override. When this mode is enabled, you will
receive notification if any operator uses the +m mode.
- +/-w
Wallops. When enabled, you'll see all /WALLOPS messages.
- /MSG mask message
The /msg (and /notice) command have some extra options, which
allow you to send notices to a large group of users. Use a
destination starting with a # if you want to send the message to
all people with a certain hostmask, and start with $ if you want
to send the message to people on a certain server, or servers.
Examples:
/msg #*.nl Please use ufo.xnet.org for less lagged chats
Will send the specified message to all people with a hostname
ending in .no
/msg $fron*.org Frontline will terminate in a few seconds, for ircd upgrade
Sends the message to everyone on frontline. (you *have* to specify
.org at the end in this case!)
/msg $*.au.xnet.org There's a new australian server, chariot.au.xnet.org
Sends the message to all people on australian servers
/msg #* Services will go down for upgrade, apologies for downtime
Sends the message to everyone /notice can be used in just the same
way as /msg. The practical differences are, that most Windows
clients tend to hide notices a bit (place them in the status
window), while messages usually open up a window, or appear in
their message window, and generally is better at attracting their
attention.
Considering that, use /msg for more important notices. And
remember that stupid bots often start replying to you if you do
global messages (though most ignore /notice)
- /OPER <name> <password>
Gives operator privileges, and enables a lot of modes.
- /REHASH
This forces the server to reload the configuration files. This is
useful if you have made changes to ircd.conf (if you have access
to it) or when you need the internal AKILL list cleared (it
happens at times that an expired AKILL isn't removed from your
server, so you can /REHASH to also clear your servers memory).
Note that /REHASH removes AKILLs from the memory of your server,
but if they're still in OperServ's memory, OperServ will readd the
akill if a user matching it comes online.
- /RESTART
This restarts the server. The server will close all open
connections, disconnect everyone (all servers and clients,
including you!), and try to restart. Inform all online operators
before issuing this command, as rerouting might be necessary,
especially if you're a hub. /RESTART should only be used as a last
resort, if all else fails. Do not use a /RESTART lightly.
Note that servers may disable /RESTART completely, and that it can
happen (memory errors, or CPATH incorrectly set up by the server
admin at compilation) that the server will NOT come back to live.
(and someone has to restart the server manually, by using the
"ircd" command on the machine the server is running on).
Most likely, you will never have to use /RESTART.
- /RPING <server> <start server>
(still needs to be written)
- /UNKLINE <mask>
Removes a temporary K-line which was originally set /KLINE.
/UNKLINE does not remove AKILLs, or permanent K-lines set by the
server admin (in ircd.conf)
Suggested aliases for popular irc clients are:
ircII & mIRC:<\B>
alias unkline quote unkline $1
- /STATS <stats> <server>
(still needs to be written)
- /SQUIT <server> <reason>
Breaks a link between server. This will break the link between two
servers, and send out a WALLOPS with the reason you've specified.
Wildcards are accepted, so /SQUIT fro* would disconnect
frontline.us.xnet.org. But make sure that the wildcards you use
only matches one possible server.
See server
linking for more information.
- /TRACE <nick/server> <start server>
(still needs to be written)
- /WALLOPS <message>
This sends a message to all people with mode +w enabled. Keep in
mind that non-operators can read these messages too!
- /WHO
(still needs to be written)
- /WHOWAS <nick>
Whowas is similair to /WHOIS, but is used to look in the nickname
history. If someone changes nicks, or leaves irc, the old nick is
stored in the database.
This makes /WHOWAS very effective to track down people who try to
hide by changing nicks. First do a /WHOWAS on the old nick. This
will give you the hostname of the user, and you can then use this
hostname in a /WHO request.
(eg, if /WHOWAS told you the user was
[email protected], you could use /WHO #grngn1-p15*
to find the new nickname of the user)
- /VERSION <server>
This command requests version information from a server, or your
current server if you don't specify information. You can use
/VERSION if you think servers are behaving weirdly, and think it
might be caused by incompatible versions, or if you want to know
the compilation options of the server.
Behind the version response, you'll see a string like AcDefFghIj.
Every character corresponds to a server compile-time option, and
you can use this information to gather a bit more information
about server compilation.
- A SENDQ_ALWAYS
SENDQ_ALWAYS increases server efficiency, but also tends to
cause Dead Socket errors earlier with /who responses. (But
this problem has already been fixed in a different way, so all
servers now use SENDQ_ALWAYS without problems)
- c CHROOTDIR
CHROOTDIR only has to do with local security on the server's
system, and nothing with IRC itself.
- C CMDLINE_CONFIG
Another option that increases security, but has no effect on
IRC.
- D DEBUGMODE
Indicates that the server has been compiled in debugging mode.
If you see this mode enabled, then that's a likely explanation
for the high system loads or slow server response :)
- e LOCOP_REHASH
Controls wether local operators (little-O lines) are allowed
to use /REHASH
- E OPER_REHASH
Controls wether operators (big-O lines) aer allowed to /REHASH
- F INVITE_DELAY
Tells wether the server has invite-flood protection enabled. Note:
due to a small type error, the 1.5.x servers will never show a
F in the /VERSION info - even if invite-flood protection has
been enabled
- H HUB
Servers compiled with the HUB option are able to connect more
than one server at a time, servers without the HUB option are
not. See server
linking for more information.
- I NO_DEFAULT_INVISIBLE
People connecting to the server, won't have mode +i enabled by
the server (though they can still enable it theirself, and on)
servers who do set +i by default, users can turn it off
again.)
- i IGNORE_CASE_FIRST_CHAR
The case of the first character will be ignored, when checking
for invalid or mixed-cased userids.
- k LOCAL_KILL_ONLY
Operators and local operators on the server are only allowed
to kill people on their own servers, and not on remote
servers. If this option is enabled, it affects BOTH local and
global operators.
- K OPER_KILL
Operators (big O-lines) on this server can kill users on any
server. Local operators (little O-lines) still can only kill
local users
- m M4_PREPROC
This server uses a M4 preprocessor on the ircd.conf. This does
not affect IRC itself.
- M IDLE_FROM_MSG
The idle time of a user is only reset when he does a /MSG. If
this option is not enabled, then every command, except PING
and PONG, will cause the idle time to be reset.
- p CRYPT_OPER_PASSWORD
Indicates that the O-line passwords in ircd.conf are
encrypted. This option does not affect IRC.
- P CRYPT_LINK_PASSWORD
Indicates that the N-line passwords in ircd.conf are
encrypted. This option does not affect IRC.
- N NICK_DELAY
This server has nick-flood protection. This normally means,
that only 2 nick changes per 30 seconds allowed.
- n NOSPOOF
The server has IP spoofing protection (the PING/PONG you see
when connecting)
- r LOCOP_RESTART
Indicates that local operators (little-O lines) are allowed to
issue the /RESTART command
- R OPER_RESTART
Indicates that operators (big-O lines) are allowed to issue
the /RESTART command
- T KPATH
K-lines set via /KLINE and /UNKLINE are recorded in a local
file, so they'll survive a /REHASH
- t OPER_REMOTE
Indicates that operators can also send commands to other
servers. All servers should have this defined, or they will be
incompatible.
- U DISALLOW_MIXED_CASE
Disallows clients to use mixed-case, or illegal characters in
their userid.
- u IRCII_KLUDGE
Compiles in some extra code for backwards compatibility with
older ircII clients.
- Y USE_SYSLOG
Indicates that the server logs errors to the system logfiles.
Does not affect IRC.
- /UPING <server> <port> <start server>
<pings>
This command sends out a serie of PINGs to a server (using
methods similair to the unix "ping" command). If you
only specify a server name (wildcards ok), it will send out 5
pings to that server, and report the number of successful
pings, and ping times, to you.
If you want to ping from a remote server, you have to specify
a server, a port (always use port 7007), and a server to start
the pinging from. You can, as a fourth parameter, specify the
number of pings, although you can never have the server send
out more than 20 pings with a single UPING.
UPING should be used if a server link seems to be slow, and
you want to see if there's a better link available - you would
UPING all possible links for that server, and see if any link
is faster.
Note that servers will only UPING servers to which they can
actually connect. If you try to have a server UPING another
server to which it can't connect, you'll receive an error
message complaining about the server not listed in the
configuration file.
See server
linking for more information.
Security considerations
Many of the recommendations and risks outlined here may seem to be
a bit far-fetched, but please, take any security measures
possible. One single oper password hack can cause enormous amount
of damage to the network.
|
