# General {
#         name = "servername";
#         vhost = "ipv4vhost";
#         vhost = "ipv6vhost";
#         description = "description";
#         numeric = numericnumber;
#         dns vhost = "ipv4vhost";
#         dns vhost = "ipv6vhost";
#         dns server = "ipaddress";
#         dns server = "ipaddress2";
# };
General {
         name = "Nefarious2.YourNetwork.org";
         description = "Nefarious test server";
         #vhost = "168.235.93.155";
         numeric = 1;
};

# [Admin]
#
# This sets information that can be retrieved with the /ADMIN command.
# It should contain at least an admin Email contact address.
Admin {
  # At most two location lines are allowed...
  Location = "Somwhere";
  Location = "YourNetwork IRC server";
  Contact = "IRC Admins <irc@london.co.uk>";
};

# [Classes]
#
# All connections to the server are associated with a certain "connection
# class", be they incoming or outgoing (initiated by the server), be they
# clients or servers.
#
# Class {
#  name = "<class>";
#  pingfreq = time;
#  connectfreq = time;
#  maxlinks = number;
#  maxchans = number;
#  sendq = size;
#  recvq = size;
#  usermode = "+i";
#  snomask = number;
#  fakelagminimum = number;
#  fakelagfactor = number;
#  autojoinchannel = "channellist";
#  autojoinnotice = "autojoinnotice";
#  restrict_join = yes/no;
#  restrict_privmsg = yes/no;
#  restrict_umode = yes/no;
# };
#
# For connection classes used on server links, maxlinks should be set
# to either 0 (for hubs) or 1 (for leaf servers).  Client connection
# classes may use maxlinks between 0 and approximately 4,000,000,000.
# maxlinks = 0 means there is no limit on the number of connections
# using the class.
# 
# <connect freq> applies only to servers, and specifies the frequency 
# that the server tries to autoconnect. setting this to 0 will cause
# the server to attempt to connect repeatedly with no delay until the 
# <maximum links> condition is satisfied. This is a Bad Thing(tm).
# Note that times can be specified as a number, or by giving something
# like: 1 minutes 20 seconds, or 1*60+20.
#
# <snomask> applies only to classes used for Operator blocks and is
# used to specify the server notice mask an oper gets when he/she uses
# /oper. See doc/snomask.txt or doc/snomask.html for details on what
# this number means.
#
# <fakelagminimum> is the minimum number of seconds to wait before
# processing commands received from clients.
#
# <fakelagfactor> is a number to devide the message length by to
# determine addtional fake lag to apply. If set to 0 (zero) the user
# will not be subject to fake lag at all.
#
# <autojoinchannel> can be specified to automatically join users of the
# class into. If <autojoinnotice> is specified then a notice is sent
# to the user when automatically joined.
#
# <restrict_join> when enabled restricts users in the class from joining
# any channel with the exception of channels specified in the
# autojoinchannel class option.
#
# <restrict_privmsg> when enabled prevents users in the class from
# sending PRIVMSG or NOTICE to other users who are not on the same
# channel as the user.
#
# <restrict_umode> when enabled prevents users in the class from
# changing their user modes.
#
# Recommended server classes:
# All your server uplinks you are not a hub for.
Class {
 name = "Server";
 pingfreq = 1 minutes 30 seconds;
 connectfreq = 5 minutes;
 maxlinks = 1;
 sendq = 9000000;
};
# All the leaf servers you hub for.
Class {
 name = "LeafServer";
 pingfreq = 1 minutes 30 seconds;
 connectfreq = 5 minutes;
 maxlinks = 0;
 sendq = 9000000;
};

# Client {
#  username = "ident";
#  host = "host";
#  ip = "127.0.0.0/8";
#  password = "password";
#  class = "classname";
#  maxlinks = 3;
# };
#
# Everything in a Client block is optional.  If a username mask is
# given, it must match the client's username from the IDENT protocol.
# If a host mask is given, the client's hostname must resolve and
# match the host mask.  If a CIDR-style IP mask is given, the client
# must have an IP matching that range.  If maxlinks is given, it is
# limits the number of matching clients allowed from a particular IP
# address.
#
# Take the following class blocks only as a guide.
Class {
 name = "Local";
 pingfreq = 1 minutes 30 seconds;
 sendq = 160000;
 maxlinks = 100;
 usermode = "+iw";
};
Class {
 name = "America";
 pingfreq = 1 minutes 30 seconds;
 sendq = 80000;
 maxlinks = 5;
};
Class {
 name = "Other";
 pingfreq = 1 minutes 30 seconds;
 sendq = 160000;
 maxlinks = 0;
 autojoinchannel = "#YourNetwork";
};
Class {
 name = "Coders";
 pingfreq = 1 minutes 30 seconds;
 sendq = 160000;
 maxlinks = 10;
 local = no;
};
Class {
 name = "Opers";
 pingfreq = 1 minutes 30 seconds;
 sendq = 160000;
 maxlinks = 10;

 # For connection classes intended for operator use, you can specify
 # privileges used when the Operator block (see below) names this
 # class.  The local (aka globally_opered) privilege MUST be defined
 # by either the Class or Operator block.  The following privileges
 # exist:
 #
 # local (or propagate, with the opposite sense)
 # whox  (log oper's use of x flag with /WHO)
 # display (oper status visible to lusers)
 # chan_limit (can join local channels when in
 #                              MAXCHANNELSPERUSER channels)
 # mode_lchan (can /MODE &channel without chanops)
 # deop_lchan (cannot be deopped or kicked on local channels)
 # walk_lchan (can forcibly /JOIN &channel OVERRIDE)
 # show_invis (see +i users in /WHO x)
 # show_all_invis (see +i users in /WHO x)
 # unlimit_query (show more results from /WHO)
 # local_kill (can kill clients on this server)
 # rehash (can use /REHASH)
 # restart (can use /RESTART)
 # die (can use /DIE)
 # local_jupe (not used)
 # set (can use /SET)
 # local_gline (can set a G-line for this server only)
 # local_badchan (can set a Gchan for this server only)
 # local_jupe (can set a Jupe for this server only)
 # local_shun (can set a Shun for this server only)
 # see_chan (can see users in +s channels in /WHO)
 # list_chan (can see +s channels with /LIST S, or modes with /LIST M)
 # wide_gline (can use ! to force a wide G-line)
 # wide_shun (can use ! to force a wide Shun)
 # see_opers (can see opers without DISPLAY privilege)
 # local_opmode (can use OPMODE/CLEARMODE on local channels)
 # force_local_opmode (can use OPMODE/CLEARMODE on quarantined local channels)
 # kill (can kill clients on other servers)
 # gline (can issue G-lines to other servers)
 # jupe (can issue Jupes to other servers)
 # shun (can issue Shuns to other servers)
 # opmode (can use /OPMODE)
 # badchan (can issue Gchans to other servers)
 # force_opmode (can use OPMODE/CLEARMODE on quarantined global channels)
 # apass_opmode (can use OPMODE/CLEARMODE on +A and +U keys)
 # check (can use /CHECK)
 # whois_notice (can set user mode +W)
 # hide_oper (can set user mode +H)
 # hide_channels (can set user mode +n)
 # hide_idle (can set user mode +I)
 # admin (gets user mode +a and can set/unset it too)
 # xtraop (can set user mode +X)
 # service (can set user mode +k)
 # remote (can use associated operator block from a remote server)
 # freeform (can use /SETHOST to apply a spoofhost not configured with a Spoofhost block)
 # remoterehash (can use /REHASH to rehash remote servers)
 # remove (can use /REMOVE to remove glines and shuns by force)
 # local_zline (can set a Z-line for this server only)
 # zline (can issue Z-lines to other servers)
 # wide_zline (can use ! to force a wide Z-line)
 #
 # For global opers (with propagate = yes or local = no), the default
 # is to grant all of the above privileges EXCEPT walk_lchan,
 # unlimit_query, set, badchan, local_badchan, apass_opmode,
 # whois_notice, hide_oper, hide-channels, hide_idle, admin, xtraop,
 # service, remote, freeform and remove.
 # For local opers, the default is to grant ONLY the following
 # privileges:
 #  chan_limit, mode_lchan, show_invis, show_all_invis, local_kill,
 #  rehash, local_gline, local_jupe, local_opmode, whox, display,
 #  force_local_opmode, local_shun and local_zline
 # Any privileges listed in a Class block override the defaults.

 local = no;
};
# [Client]
#
# To allow clients to connect, they need authorization. This can be
# done based on hostmask, address mask, and/or with a password.
# With intelligent use of classes and the maxconnections field in the
# Client blocks, you can let in a specific domain, but get rid of all other
# domains in the same toplevel, thus setting up some sort of "reverse
# Kill block".
# Client {
#  host = "user@host";
#  ip = "user@ip";
#  password = "password";
#  class = "classname";
#  sslfp = "sslfingerprint";
#  noidenttilde = yes/no;
#  hidehostcomponents = number;
#  autojoinchannel = "channellist";
#  autojoinnotice = "autojoinnotice";
# };
#
# Technical description (for examples, see below):
# For every connecting client, the IP address is known.  A reverse lookup
# on this IP-number is done to get the (/all) hostname(s).
# Each hostname that belongs to this IP-number is matched to <hostmask>,
# and the Client {} is used when any matches; the client will then show
# with this particular hostname.  If none of the hostnames match, then
# the IP-number is matched against the <IP mask ...> field, if this matches
# then the Client{} is used nevertheless and the client will show with the
# first (main) hostname if any; if the IP-number did not resolve then the
# client will show with the dot notation of the IP-number.
# There is a special case for the UNIX domain sockets and localhost connections
# though; in this case the <IP mask ...> field is compared with the
# name of the server (thus not with any IP-number representation). The name
# of the server is the one returned in the numeric 002 reply, for example:
# 002 Your host is 2.undernet.org[jolan.ppro], running version ...
# Then the "jolan.ppro" is the name used for matching.
# Therefore, unix domain sockets, and connections to localhost would
# match this block:
# host = "*@jolan.ppro";
#
# This is the "fallback" entry. All .uk, .nl, and all unresolved are
# in these two lines.
# By using two different lines, multiple connections from a single IP
# are only allowed from hostnames which have both valid forward and
# reverse DNS mappings.
Client
{
 class = "Other";
 ip = "*@*";
 maxlinks = 5;
};


Client
{
 class = "Other";
 host = "*@*";
 maxlinks = 5;
};
# If you don't want unresolved dudes to be able to connect to your
# server, do not specify any "ip = " settings.
#
# Here, take care of all American ISPs.
Client
{
 host = "*@*.com";
 class = "America";
 maxlinks = 2;
};

Client
{
 host = "*@*.net";
 class = "America";
 maxlinks = 2;
};
# Now list all the .com / .net domains that you wish to have access...
# actually it's less work to do it this way than to do it the other
# way around - K-lining every single ISP in the US.
# I wish people in Holland just got a .nl domain, and not try to be
# cool and use .com...
Client { host = "*@*.wirehub.net"; class = "Other"; maxlinks=2; };
Client { host = "*@*.planete.net"; class = "Other"; maxlinks=2; };
Client { host = "*@*.ivg.com"; class = "Other"; maxlinks=2; };
Client { host = "*@*.ib.com"; class = "Other"; maxlinks=2; };
Client { host = "*@*.ibm.net"; class = "Other"; maxlinks=2; };
Client { host = "*@*.hydro.com"; class = "Other"; maxlinks=2; };
Client { host = "*@*.nl.net"; class = "Local"; maxlinks=2; };

# You can request a more complete listing, including the "list of standard
# Kill blocks" from the Routing Committee; it will also be sent to you if
# you apply for a server and get accepted.
#
# Ourselves - this makes sure that we can get in, no matter how full
# the server is (hopefully).
Client
{
 host = "*@*.london.ac.uk";
 ip = "*@193.37.*";
 class = "Local";
 # A maxlinks of over 5 will automatically be glined by euworld on Undernet
 maxlinks = 5;
};

# You can put an expression in the maxlinks value, which will make ircd
# only accept a client when the total number of connections to the network
# from the same IP number doesn't exceed this number.
# The following example would accept at most one connection per IP number
# from "*.swipnet.se" and at most two connections from dial up accounts
# that have "dial??.*" as host mask:
# Client {
#  host = "*@*.swipnet.se";
#  maxlinks = 1;
#  class = "Other";
# };
# Client {
#  host = "*@dial??.*";
#  maxlinks = 2;
#  class = "Other";
# };
#
# If you are not worried about who connects, this line will allow everyone
# to connect.
Client {
 host = "*@*";
 ip = "*@*";
 class = "Other";
 maxlinks = 5;
};

# You can additionally specify either a country code or continent code
# using the country or continent fields for a Client block to be matched
# by.
# Client {
#  country = "GB";
#  class = "Local";
# };

# You can also specify an SSL client certificate fingerprint for a Client
# block as an alternative, or addition to the password for authentication.
# Client {
#  host "*@*";
#  ip = "*@*";
#  class = "Other";
#  sslfp = "61D0720B27D8AED9C0A7CB788091B0D8D9A94E119D5118E574B70EECD41B3C26";
# };

# You can disable the '~' prefix applied to users with no ident reply by
# setting noidenttilde to 'no' (default: 'yes').
# Client {
#  host = "*@*";
#  ip = "*@*";
#  class = "Other";
#  noidenttilde = no;
# }

# You can specify a server (and optionally a port) that a client should be advised
# to reconnect to using the 'redirect' option. If a port is not specified then
# 6667 is used.
#
# Client {
#  host = "*@*";
#  ip = "*@*";
#  class = "Other";
#  redirect = "some.other.server.com" 6667;
# };

# You can specify the number of host name components to hide when using
# HOST_HIDING_STYLE 2 or 3 by adding the hidehostcomponents option to a Client
# block.
#
# Client {
#  host = "*@*";
#  ip = "*@*";
#  class = "Other";
#  hidehostcomponents = 2;
# };

# You can specify a list of channels to automatically join users into upon
# connecting by adding the autojoinchannel option to the Client block. You
# can also specify a notice to send to users when they are automatically.
#
# Client {
#  host = "*@*";
#  ip = "*@*";
#  class = "Other";
#  autojoinchannel = "#channel1,#channel2";
#  autojoinnotice = "*** Notice -- You are now being autojoined into #channel1 and #channel2";
# };

# [motd]
#
# It is possible to show a different Message of the Day to a connecting
# client depending on its origin.
# motd {
#  # Note: host can also be a classname.
#  host = "Other";
#  country = "countrycode";
#  continent = "continentcode";
#  file = "path/to/motd/file";
# };
#
# More than one host/country/continent = "mask"; entry may be present in
# one block; this has the same effect as one Motd block for each host
# entry, but makes it easier to update the messages's filename.
#
# DPATH/net_com.motd contains a special MOTD where users are encouraged
# to register their domains and get their own client{} lines if they're in
# Europe, or move to US.UnderNet.org if they're in the USA.
motd {
 host = "*.net";
 file = "net_com.motd";
};
motd {
 host = "*.com";
 file = "net_com.motd";
};
motd {
 host = "America";
 file = "net_com.motd";
};

# A different MOTD for ourselves, where we point out that the helpdesk
# better not be bothered with questions regarding irc...
motd {
 host = "*.london.ac.uk";
 file = "london.motd";
};

# [UWorld]
#
# One of the many nice features of Undernet is "Uworld", a program
# connected to the net as a server. This allows it to broadcast any mode
# change, thus allowing opers to, for example, "unlock" a channel that
# has been taken over.
# There is only one slight problem: the TimeStamp protocol prevents this.
# So there is a configuration option to allow them anyway from a certain
# server.
# UWorld {
#  # The servername or wildcard mask for it that this applies to.
#  name = "relservername";
# };
#
# You may have have more than one name listed in each block.
#
# Note: (1) These lines are agreed on by every server admin on Undernet;
# (2) These lines must be the same on every single server, or results
# will be disasterous; (3) This is a useful feature, not something that
# is a liability and abused regularly (well... :-)
# If you're on Undernet, you MUST have these lines. I cannnot stress
# this enough.  If all of the servers don't have the same lines, the
# servers will try to undo the mode hacks that Uworld does.  Make SURE that
# all of the servers have the EXACT same UWorld blocks.
#
# If your server starts on a bit larger network, you'll probably get
# assigned one or two uplinks to which your server can connect.
# If your uplink(s) also connect to other servers than yours (which is
# probable), you need to define your uplink as being allowed to "hub".
# See the Connect block documentation for details on how to do that.

UWorld {
 name = "uworld.eu.yournetwork.org";
 name = "uworld2.yournetwork.org";
 name = "uworld.yournetwork.org";
 name = "channels.yournetwork.org";
 name = "channels2.yournetwork.org";
 name = "channels3.yournetwork.org";
 name = "channels4.yournetwork.org";
 name = "channels5.yournetwork.org";
 name = "channels6.yournetwork.org";
};

# As of ircu2.10.05 is it possible to Jupe nicks. As per CFV-0095 and
# CFV-0255, the following nicks must be juped, it is not allowed to
# jupe others as well.
Jupe {
 nick = "A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,{,|,},~,-,_,`";
 nick = "EuWorld,UWorld,UWorld2";
 nick = "login,yournetwork,protocol,pass,newpass,org";
 nick = "StatServ,NoteServ";
 nick = "ChanSvr,ChanSaver,ChanServ";
 nick = "NickSvr,NickSaver,NickServ";
 nick = "LPT1,LPT2,COM1,COM2,COM3,COM4,AUX";
};

# [Kill]
#
# While running your server, you will most probably encounter individuals
# or groups of persons that you do not wish to have access to your server.
#
# For this purpose, the ircd understands "kill blocks". These are also
# known as K-lines, by virtue of the former config file format.
# Kill
# {
#   host = "user@host";
#   reason = "The reason the user will see";
# };
# It is possible to ban on the basis of the real name.
# It is also possible to use a file as comment for the ban, using
# file = "file":
# Kill
# {
#   realname = "realnametoban";
#   file = "path/to/file/with/reason/to/show";
# };
# It is also possible to ban using either the 2 letter country code or
# the 2 letter continent code provided by GeoIP using either the country
# or continent fields.
# Kill
# {
#   country = "US";
#   reason = "Local server for local people!";
# };
#
#
# The default reason is: "You are banned from this server"
# Note that Kill blocks are local to the server; if you ban a person or a
# whole domain from your server, they can get on IRC via any other server
# that doesn't have them Killed (yet).
#
# With a simple comment, using quotes:
Kill { host = "*.au"; reason = "Please use a nearer server"; };
Kill { host = "*.edu"; reason = "Please use a nearer server"; };

# You can also kill based on username.
Kill { username = "sub7"; realname = "s*7*"; reason = "You are infected with a Trojan"; };

# The file can contain for example, a reason, a link to the
# server rules and a contact address.  Note the combination
# of username and host in the host field.
Kill
{
 host = "*luser@unixbox.flooder.co.uk";
 file = "kline/youflooded.txt";
};

# IP-based kill lines apply to all hosts, even if an IP address has a
# properly resolving host name.
Kill
{
 host = "192.168.*";
 file = "klines/martians";
};

# The realname field lets you ban by realname...
Kill
{
 realname = "*sub7*";
 reason = "You are infected with a Trojan";
};

# The version field lets you ban by CTCP version (requires "CTCP_VERSION" and
# "CTCP_VERSIONING_KILL" to be enabled in the Features block)
#Kill
#{
#  version = "*iroffer*";
#  reason = "You are using a disallowed chat client version. Either upgrade or get a new client.";
#};

# A Kill block can also allow authenticated users to connect even if they match
# the kill block in question. This can be achieved by adding the authexempt
# option to the kill block. Addition of the mark option will add a line to the
# users WHOIS with the value of the mark option.
Kill
{
  host = "silly.people";
  reason = "Silly people are not allowed unless authenticated.";
  authexempt = yes;
  mark = "Silly Person";
};

# [Connect]
#
# You probably want your server connected to other servers, so your users
# have other users to chat with.
# IRC servers connect to other servers forming a network with a star or
# tree topology. Loops are not allowed.
# In this network, two servers can be distinguished: "hub" and "leaf"
# servers. Leaf servers connect to hubs; hubs connect to each other.
# Of course, many servers can't be directly classified in one of these
# categories. Both a fixed and a rule-based decision making system for
# server links is provided for ircd to decide what links to allow, what
# to let humans do themselves, and what links to (forcefully) disallow.
#
# The Connect blocks
# define what servers the server connect to, and which servers are
# allowed to connect.
# Connect {
#  name = "servername";
#  host = "hostnameORip";
#  vhost = "localIP";
#  password = "passwd";
#  port = portno;
#  class = "classname";
#  maxhops = 2;
#  hub = "*.eu.yournetwork.org";
#  autoconnect = no;
#  sslfp = "sslfingerprint";
#  sslciphers = "ssl ciphers string";
#  ssl = no;
# };
#
# The "port" field defines the default port the server tries to connect
# to if an operator uses /connect without specifying a port. This is also
# the port used when the server attempts to auto-connect to the remote
# server. (See Class blocks for more informationa about auto-connects).
# You may tell ircu to not automatically connect to a server by adding
# "autoconnect = no;"; the default is to autoconnect.
#
# If the vhost field is present, the server will use that IP as the
# local end of connections that it initiates to this server.  This
# overrides the vhost value from the General block.
#
# If the sslfp field is present the remote server must be connected via
# SSL using an SSL certificate with the SHA256 fingerprint specified to
# be allowed to use the Connect block.
#
# If the ssliphers field is present then the ciphers list specified will
# be used when this server connects to the server the Connect block
# belongs to. See https://www.openssl.org/docs/apps/ciphers.html for an
# explanation on how to format this string.
#
# The maxhops field causes an SQUIT if a hub tries to introduce
# servers farther away than that; the element 'leaf;' is an alias for
# 'maxhops = 0;'.  The hub field limits the names of servers that may
# be introduced by a hub; the element 'hub;' is an alias for
# 'hub = "*";'.


## Our primary uplink.
#Connect {
# name = "Amsterdam.NL.Eu.UnderNet.org";
# host = "1.2.3.4";
# password = "passwd";
# port = 4400;
# class = "Server";
# autoconnect = no;
# hub;
#};

Connect {
  name = "channels.yournetwork.org";
  host = "127.0.0.1";
  password = "54321";
  port = 4400;
  class = "Server";
  autoconnect = no;
  hub = "*";
};

Connect {
  name = "irc.YourNetwork.org";
  host = "168.235.93.155";
  password = "54321";
  port = 4400;
  class = "Server";
  autoconnect = yes;
  hub;
};

# [crule]
#
# For an advanced, real-time rule-based routing decision making system
# you can use crule blocks. For more information, see doc/readme.crules.
# If more than one server mask is present in a single crule, the rule
# applies to all servers.
# CRULE
# {
#  server = "servermask";
#  rule = "connectrule";
#  # Setting all to yes makes the rule always apply. Otherwise it only
#  # applies to autoconnects.
#  all = yes;
# };
CRULE
{
 server = "*.US.UnderNet.org";
 rule = "connected(*.US.UnderNet.org)";
};
CRULE
{
 server = "*.EU.UnderNet.org";
 rule = "connected(Amsterdam.NL.EU.*)";
};

# The following block is recommended for leaf servers:
CRULE
{
 server = "*";
 rule = "directcon(*)";
};

# [Operator]
#
# Inevitably, you have reached the part about "IRC Operators". Oper status
# grants some special privileges to a user, like the power to make the
# server break or (try to) establish a connection with another server,
# and to "kill" users off IRC.
# I can write many pages about this; I will restrict myself to saying that
# if you want to appoint somebody as IRC Operator on your server, that
# person should be aware of his/her responsibilities, and that you, being
# the admin, will be held accountable for their actions.
#
# There are two sorts of IRC Operators: "local" and "global". Local opers
# can squit, connect and kill - but only locally: their +o user mode
# is not not passed along to other servers. On Undernet, this prevents
# them from using Uworld as well.
#
# More than one host = "mask"; entry may be present in one block; this
# has the same effect as one Operator block for each host entry, but
# makes it easier to update operator nicks, passwords, classes, and
# privileges.
#
# Operator {
#  host = "host/IP mask";
#  name = "opername";
#  password = "encryptedpass";
#  class = "classname";
#  sslfp = "sslfingerprint";
#  snomask = number;
#  autojoinchannel = "channellist";
#  autojoinnotice = "autjoinnotice";
#  # You can also set any operator privilege; see the Class block
#  # documentation for details.  A privilege defined for a single
#  # Operator will override the privilege settings for the Class
#  # and the default setting.
# };
#
# By default, the password is hashed using the system's native crypt()
# function.  Other password mechanisms are available; the umkpasswd
# utility from the ircd directory can hash passwords using those
# mechanisms.  If you use a password format that is NOT generated by
# umkpasswd, ircu will not recognize the oper's password.
#
# If sslfp is present the user must be connected via SSL from a client
# setup to use an SSL client certificate with the SHA256 fingerprint
# specified.
#
# snomask is used to specify the server notice mask an oper gets when
# he/she uses /oper. See doc/snomask.txt or doc/snomask.html for
# details on what this number means.
#
# autjoinchannel allows you to specify channels the user is automatically
# joined into when he/she uses /oper. Additionally you can specify a
# notice to be sent to the user by using autojoinnotice.
#
# All privileges are shown with their default values; if you wish to
# override defaults, you should set only those privileges for the
# operator.  Listing defaulted privileges just makes things harder to
# find.

Operator {
  local = no;
  host = "*@*.cs.vu.nl";
  password = "VRKLKuGKn0jLt";
  name = "Niels";
  class = "Local";
};

Operator {
  host = "*@*";
  password = "$PLAIN$temPass";
  name = "Seven";
  class = "Coders";
};

# Note that the <connection class> is optional, but leaving it away
# puts the opers in class "default", which usually only accepts one
# connection at a time.  If you want users to Oper up more then once per
# block, then use a connection class that allows more then one connection,
# for example (using class Local as in the example above):
#
# Once you OPER your connection class changes no matter where you are or
# your previous connection classes.  If the defined connection class is
# Local for the operator block, then your new connection class is Local.

# [Port]
# When your server gets more full, you will notice delays when trying to
# connect to your server's primary listening port. It is possible via the
# Port lines to specify additional ports for the ircd to listen to.
# De facto ports are: 6667 - standard; 6660-6669 - additional client
# ports;
# Undernet uses 4400 for server listener ports.
# These are just hints, they are in no way official IANA or IETF policies.
# IANA says we should use port 194, but that requires us to run as root,
# so we don't do that.
#
#
# Port {
#  port = [ipv4] [ipv6] number;
#  mask = "ipmask";
#  # Use this to control the interface you bind to.
#  vhost = [ipv4] [ipv6] "virtualhostip";
#  # You can specify both virtual host and port number in one entry.
#  vhost = [ipv4] [ipv6] "virtualhostip" number;
#  # Setting to yes makes this server only.
#  server = yes;
#  # Setting to yes makes the port "hidden" from stats.
#  hidden = yes;
#  # Setting to yes makes the port accept SSL encrypted connections.
#  ssl = yes;
# };
#
# The port and vhost lines allow you to specify one or both of "ipv4"
# and "ipv6" as address families to use for the port.  The default is
# to listen on both IPv4 and IPv6.
#
# The mask setting allows you to specify a range of IP addresses that
# you will allow connections from. This should only contain IP addresses
# and '*' if used. This field only uses IP addresses. This does not use
# DNS in any way so you can't use it to allow *.nl or *.uk. Attempting
# to specify anything other than numbers, dots and stars [0-9.*] will result
# in the port allowing connections from anyone.
#
# The interface setting allows multiply homed hosts to specify which
# interface to use on a port by port basis, if an interface is not specified
# the default interface will be used. The interface MUST be the complete
# IP address for a real hardware interface on the machine running ircd.
# If you want to use virtual hosting *YOU* *MUST* *USE* *THIS* otherwise it
# WILL bind to all interfaces - not what most people seem to expect.
#
Port {
 server = yes;
 port = 4400;
};

# This is an SSL port.
Port {
 ssl = yes;
 port = 6697;
};

## This is an IPv4-only Server port that is Hidden
#Port {
# server = yes;
# hidden = yes;
# port = ipv4 4400;
#};

# The following are normal client ports
Port { port = 6667; };
#Port { port = 6668; };
#Port { port = 7000; };
#Port {
# # This only accepts clients with IPs like 192.168.*.
# mask = "192.168.*";
# port = 6666;
#};

# This is a hidden client port, listening on 168.8.21.107.
#Port {
# vhost = "168.8.21.107";
# hidden = yes;
# port = 7000;
#};

# More than one vhost may be present in a single Port block; in this case,
# we recommend listing the port number on the vhost line for clarity.
Port {
# vhost = "172.16.0.1" 6667;
# vhost = "172.16.3.1" 6668;
# vhost = "172.16.3.1" 7000;
 hidden = no;
};

# [Spoofhost]
#
# Spoofhost "<spoof host>" {
#   pass = "<password>";
#   host = "<hostmask>";
#   autoapply = <yes/no>;
#   ismask = <yes/no>;
#   matchusername = <yes/no>;
# };
#
# <spoof host>  An ident@hostname or hostname to be spoofed
# <password>    A password for this spoof host. Used if SETHOST_USER is enabled.
# <hostmask>    A hostmask for matching against users that are to be auto
#               spoofed or to restrict access to a spoof host.
# <autoapply>   Either yes or no, yes indicates that the Spoofhost should be
#               automatically applied to a user. If set to yes, <pass> is
#               ignored when automatically applying the host.
# <ismask>      Either yes or no, yes indicates that <spoof host> is a wild
#               card mask (includes * or ?) to match against the supplied spoof
#               host. A yes also sets <autoapply> to no.
# <matchusername> If set to yes when <autoapply> is set to yes, the user portion
#               of <hostmask> will match against the USER supplied user name
#               as well as the ident supplied user name.
#
# NOTE: When using ismask steps should be taken to ensure only users you trust
#       can make use of a Spoofhost block using the option. The reason for this
#       is because of the nature of ismask, users who can use a Spoofhost block
#       with ismask enabled can make use of a wild card mask to change their
#       host name and evade channel bans.
#
# Spoofhost "testsline.AfterNET.Org"  { pass = "secret"; host = "*"; };
#
# This is how to define Spoofhosts when having freeform turned off.
# Spoofhost "testsline2.AfterNET.Org" { username = "x"; host = "nohost"; };

# Quarantine blocks disallow operators from using OPMODE and CLEARMODE
# on certain channels.  Opers with the force_opmode (for local
# channels, force_local_opmode) privilege may override the quarantine
# by prefixing the channel name with an exclamation point ('!').
# Wildcards are NOT supported; the channel name must match exactly.
Quarantine {
  "#shells" = "Thou shalt not support the h4><0rz";
  "&kiddies" = "They can take care of themselves";
};

# This is a server-implemented alias to send a message to a service.
# The string after Pseudo is the command name; the name entry inside
# is the service name, used for error messages.  More than one nick
# entry can be provided; the last one listed has highest priority.
#Pseudo "CHANSERV" {
# name = "X";
# nick = "X@channels.yournetwork.org";
#};

# You can also prepend text before the user's message.
Pseudo "LOGIN" {
 name = "X";
 prepend = "LOGIN ";
 nick = "X@channels.yournetwork.org";
};

# You can also specify the default text to send if the user does not
# supply some text.
#Pseudo "AUTHSERV" {
# name = "AuthServ";
# nick = "AuthServ@channels.yournetwork.org";
# defaulttext = "HELP";
#};

# You can ask a separate server whether to allow users to connect.
# Uncomment this ONLY if you have an iauth helper program.
# IAuth {
#  program = "../path/to/iauth" "-n" "options go here";
# };

# [Forwards]
# These blocks will enable the server to forward any messages which
# are prefixed and specific with a b:line. This will allow users to
# use the services without the services being in channel.
#
# Forwards {
#   "<prefix>" = "<services server>";
# };
#
# Forwards {
#   "!" = "channels.yournetwork.org";
#   "?" = "channels.yournetwork.org";
#   "." = "channels.yournetwork.org";
# };
#
# Any channel messages prefixed with a ? ! or a . would be sent to
# channels.yournetwork.org in the above examples.

# [WebIRC]
# These blocks allow you to run a WEBIRC client on your website without
# having to set clone exceptions for your websites hostname on your IRCd.
# WEBIRC will send a WEBIRC command along with the clients hostname, ip and
# WEBIRC password.
#
# WebIRC {
#  host = "user@host";
#  password = "password";
#  ident = "fakeident";
#  userident = yes/no;
#  ignoreident = yes/no;
#  stripsslfp = yes/no;
#  description = "description";
# };
#
# The host and password fields take the same formats as in the Client block.
# The host field is matched against the host mask of the client attempting
# to use the WEBIRC command. The ident field is optional and if specified
# is used as if it were the reply from the users identd. The ignoreident
# option causes any identd reply already received to be ignored. The
# userident option uses the USER user name as if it were an identd reply if
# none was received or if ignoreident is set to yes. The description field is
# a short line of text to be added to the user's WHOIS to mark them as a
# WEBIRC user. If the client issuing the WEBIRC command uses an SSL client
# certificate then stripsslfp should be set to yes.
#
# Example:
# WebIRC {
#  host = "*@127.0.0.1";
#  password = "$PLAIN$kg533n6xVI";
# };

# [Except]
# These blocks allow you to exempt matching clients from various
# restrictions or checks.
#
# Except {
#  host = "user@host";
#  shun = yes/no;
#  kline = yes/no;
#  gline = yes/no;
#  ident = yes/no;
#  rdns = yes/no;
#  ipcheck = yes/no;
#  targetlimit = yes/no;
# };
#
# The host field is used to specify a user@host mask to select clients to
# apply the exemptions to. For some exemption types such as ipcheck, ident and
# rdns, you can only specify a mask of *@<ip> or *@<cidr> as neither ident nor
# rDNS checks have been performed when exceptions have been checked. The kline
# type exempts users from Kill blocks in ircd.conf that the client matches.
# The gline and shun types exempt matching clients from glines and shuns
# respectively. The ident and rdns types stop the IRCd from performing ident
# and reverse DNS lookups for matching clients. The ipcheck type exempts
# matching clients from connection throttling and IP limits. The targetlimit
# type exempts matching clients from the message target limits.

# [features]
# IRC servers have a large number of options and features.  Most of these
# are set at compile time through the use of #define's--see "make config"
# for more details--but we are working to move many of these into the
# configuration file.  Features let you configure these at runtime.
# You only need one feature block in which you use
# "featurename" = "value1" , "value2", ..., "valuen-1", "valuen";
#
# The entire purpose of F:lines are so that you do not have to recompile
# the IRCD everytime you want to change a feature.  All of the features
# are listed below, and at the bottom is how to set logging.
#
# A Special Thanks to Kev for writing the documentation of F:lines.  It can
# be found at doc/readme.features and the logging documentation can be
# found at doc/readme.log.  The defaults used by the Undernet network are
# below.
#
features
{
# These log features are the only way to get certain error messages
# (such as when the server dies from being out of memory).  For more
# explanation of how they work, see doc/readme.log.
 "LOG" = "SYSTEM" "FILE" "ircd-nef.log";
 "LOG" = "SYSTEM" "LEVEL" "CRIT";
#  "DOMAINNAME"="<obtained from /etc/resolv.conf by ./configure>";
#  "RELIABLE_CLOCK"="FALSE";
#  "BUFFERPOOL"="27000000";
#  "HAS_FERGUSON_FLUSHER"="FALSE";
#  "CLIENT_FLOOD"="1024";
  "SERVER_PORT"="4400";
#  "NODEFAULTMOTD"="TRUE";
#  "MOTD_BANNER"=""; 
#  "KILL_IPMISMATCH"="FALSE";
#  "IDLE_FROM_MSG"="TRUE";
  "HUB"="TRUE";
#  "WALLOPS_OPER_ONLY"="FALSE";
#  "NODNS"="FALSE";
#  "RANDOM_SEED"="<you should set one explicitly>";
#  "DEFAULT_LIST_PARAM"="";
#  "NICKNAMEHISTORYLENGTH"="800";
  "NETWORK"="YourNetwork";
  "HOST_HIDING"="TRUE";
  "HIDDEN_HOST"="users.yournetwork.org";
  "HIDDEN_IP"="127.0.0.1";
#  "KILLCHASETIMELIMIT"="30";
#  "MAXCHANNELSPERUSER"="10";
  "NICKLEN" = "20";
#  "AVBANLEN"="40";
#  "MAXBANS"="50";
#  "MAXSILES"="15";
#  "HANGONGOODLINK"="300";
#  "HANGONRETRYDELAY" = "10";
#  "CONNECTTIMEOUT" = "90";
#  "MAXIMUM_LINKS" = "1";
#  "PINGFREQUENCY" = "120";
#  "CONNECTFREQUENCY" = "600";
#  "DEFAULTMAXSENDQLENGTH" = "40000";
#  "GLINEMAXUSERCOUNT" = "20";
#  "MPATH" = "ircd.motd";
#  "RPATH" = "remote.motd";
  "PPATH" = "ircd-nef.pid";
#  "TOS_SERVER" = "0x08";
#  "TOS_CLIENT" = "0x08";
#  "POLLS_PER_LOOP" = "200";
#  "IRCD_RES_TIMEOUT" = "4";
#  "IRCD_RES_RETRIES" = "2";
#  "AUTH_TIMEOUT" = "9";
#  "IPCHECK_CLONE_LIMIT" = "4";
#  "IPCHECK_CLONE_PERIOD" = "40";
#  "IPCHECK_CLONE_DELAY" = "600";
#  "CHANNELLEN" = "200";
#  "CONFIG_OPERCMDS" = "TRUE";
#  "OPLEVELS" = "TRUE";
#  "ZANNELS" = "TRUE";
#  "LOCAL_CHANNELS" = "TRUE";
#  "ANNOUNCE_INVITES" = "FALSE";
#  These were introduced by Undernet CFV-165 to add "Head-In-Sand" (HIS)
#  behavior to hide most network topology from users.
#  "HIS_SNOTICES" = "TRUE";
#  "HIS_SNOTICES_OPER_ONLY" = "TRUE";
#  "HIS_DEBUG_OPER_ONLY" = "TRUE";
#  "HIS_WALLOPS" = "TRUE";
#  "HIS_MAP" = "TRUE";
#  "HIS_LINKS" = "TRUE";
#  "HIS_TRACE" = "TRUE";
#  "HIS_STATS_a" = "TRUE";
#  "HIS_STATS_c" = "TRUE";
#  "HIS_STATS_d" = "TRUE";
#  "HIS_STATS_e" = "TRUE";
#  "HIS_STATS_f" = "TRUE";
#  "HIS_STATS_g" = "TRUE";
#  "HIS_STATS_i" = "TRUE";
#  "HIS_STATS_j" = "TRUE";
#  "HIS_STATS_J" = "TRUE";
#  "HIS_STATS_k" = "TRUE";
#  "HIS_STATS_l" = "TRUE";
#  "HIS_STATS_L" = "TRUE";
#  "HIS_STATS_m" = "TRUE";
#  "HIS_STATS_M" = "TRUE";
#  "HIS_STATS_o" = "TRUE";
#  "HIS_STATS_p" = "TRUE";
#  "HIS_STATS_q" = "TRUE";
#  "HIS_STATS_r" = "TRUE";
#  "HIS_STATS_R" = "TRUE";
#  "HIS_STATS_S" = "TRUE";
#  "HIS_STATS_t" = "TRUE";
#  "HIS_STATS_T" = "TRUE";
#  "HIS_STATS_u" = "FALSE";
#  "HIS_STATS_U" = "TRUE";
#  "HIS_STATS_v" = "TRUE";
#  "HIS_STATS_w" = "TRUE";
#  "HIS_STATS_x" = "TRUE";
#  "HIS_STATS_y" = "TRUE";
#  "HIS_STATS_z" = "TRUE";
#  "HIS_STATS_IAUTH" = "TRUE";
#  "HIS_WHOIS_SERVERNAME" = "TRUE";
#  "HIS_WHOIS_IDLETIME" = "TRUE";
#  "HIS_WHOIS_LOCALCHAN" = "TRUE";
#  "HIS_WHO_SERVERNAME" = "TRUE";
#  "HIS_WHO_HOPCOUNT" = "TRUE";
#  "HIS_MODEWHO" = "TRUE";
#  "HIS_BANWHO" = "TRUE";
#  "HIS_KILLWHO" = "FALSE";
#  "HIS_REWRITE" = "TRUE";
#  "HIS_REMOTE" = "TRUE";
#  "HIS_NETSPLIT" = "TRUE";
  "HIS_SERVERNAME" = "*.yournetwork.org";
  "HIS_SERVERINFO" = "The YourNetwork Underworld";
  "HIS_URLSERVERS" = "http://www.yournetwork.org/servers.php";
  "URLREG" = "http://cservice.yournetwork.org/live/";
#  "CHECK" = "TRUE";
#  "CHECK_EXTENDED" = "TRUE";
#  "MAX_CHECK_OUTPUT" = "1000";
  "OPER_WHOIS_PARANOIA" = "TRUE";
#  "OPER_HIDE" = "FALSE";
#  "AUTOCHANMODES" = "FALSE";
#  "AUTOCHANMODES_LIST" = "";
#  "UHNAMES" = "TRUE";
#  "RESTARTPASS" = "";
#  "DIEPASS" = "";
#  "HIS_STATS_W" = "TRUE";
#  "WHOIS_OPER" = "is an IRC Operator";
#  "WHOIS_SERVICE" = "is a Network Service";
#  "TARGET_LIMITING" = "TRUE";
#  "OPER_XTRAOP" = "FALSE";
#  "OPERMOTD" = "FALSE";
#  "RULES" = "FALSE";
#  "DISABLE_SHUNS" = FALSE";
#  "SHUNMAXUSERCOUNT" = "20";
#  "HIS_SHUN_REASON" = "TRUE";
#  "HIS_GLINE_REASON" = "FALSE";
#  "NOIDENT" = "FALSE";
  "EXTENDED_ACCOUNTS" = "FALSE";
#  "LOGIN_ON_CONNECT" = "FALSE";
#  "LOC_SENDHOST" = "FALSE";
#  "LOC_SENDSSLFP" = "FALSE";
#  "LOC_DEFAULT_SERVICE" = "AuthServ";
#  "LOC_TIMEOUT" = "3";
#  "STRICTUSERNAME" = "FALSE";
#  "APASS_CANSEND" = "FALSE";
#  "HOST_IN_TOPIC" = "TRUE";
#  "HIS_STATS_s" = "TRUE";
#  "SETHOST" = "TRUE";
#  "FLEXIBLEKEYS" = "FALSE";
#  "HIS_STATS_E" = "TRUE";
#  "SASL_SERVER" = "*";
#  "LISTDELAY" = "15";
#  "ALLOW_OPLEVEL_CHANGE" = "FALSE";
#  "NETWORK_REHASH" = "TRUE";
#  "LIST_SHOWMODES_OPERONLY" = "FALSE";
#  "LIST_PRIVATE_CHANNELS" = "";
#  "MAXWATCHS" = "128";
#  "HIS_STATS_Z" = "TRUE";
#  "SASL_TIMEOUT" = "8";
#  "NOMULTITARGETS" = "FALSE";
#  "HIS_IRCOPS" = "TRUE";
#  "HIS_IRCOPS_SERVERS" = "TRUE";
#  "SASL_SENDHOST" = "TRUE";
#  "SASL_AUTOHIDEHOST" = "TRUE";
#  "SNOMASK_DEFAULT" = "1540";
#  "SNOMASK_OPERDEFAULT" = "5645";
#  "TPATH" = "ircd.tune";
#  "CHMODE_m_NONICKCHANGE" = "TRUE";
#  "CHMODE_r_NONICKCHANGE" = "TRUE";
#  "SILENCE_CHANMSGS" = "TRUE";
#  "CHANNEL_CREATE_IRCOPONLY" = "FALSE";
  "CHMODE_a" = "FALSE";
  "CHMODE_c" = "FALSE";
  "CHMODE_C" = "FALSE";
  "CHMODE_L" = "FALSE";
  "CHMODE_M" = "FALSE";
  "CHMODE_N" = "FALSE";
  "CHMODE_O" = "FALSE";
  "CHMODE_Q" = "FALSE";
  "CHMODE_S" = "FALSE";
  "CHMODE_T" = "FALSE";
  "CHMODE_Z" = "FALSE";
  "HALFOPS" = "TRUE";
#  "EXCEPTS" = "FALSE";
#  "MAXEXCEPTS" = "45";
#  "AVEXCEPTLEN" = "40";
#  "CHMODE_e_CHMODEEXCEPTION" = "FALSE";
#  "HALFOP_DEHALFOP_SELF" = "FALSE";
#  "CHMODE_Z_STRICT" = "TRUE";
#  "MAX_BOUNCE" = "5";
#  "EXTBANS" = "TRUE";
#  "EXTBAN_j_MAXDEPTH" = "1";
#  "EXTBAN_j_MAXPERCHAN" = "2";
#  "EXTBAN_a" = "TRUE";
#  "EXTBAN_c" = "TRUE";
#  "EXTBAN_j" = "TRUE";
#  "EXTBAN_n" = "TRUE";
#  "EXTBAN_q" = "TRUE";
#  "EXTBAN_r" = "TRUE";
#  "EXTBAN_m" = "TRUE";
#  "EXTBAN_M" = "TRUE";
#  "OMPATH" = "ircd.opermotd";
#  "EPATH" = "ircd.rules";
  "HIDDEN_HOST_QUIT" = "TRUE";
  "HIDDEN_HOST_SET_MESSAGE" = "Registered";
  "HIDDEN_HOST_UNSET_MESSAGE" = "UnRegistered";
#  "ALLOWRMX" = "FALSE";
  "OPERHOST_HIDING" = "FALSE";
#  "HIDDEN_OPERHOST" = "Staff.Nefarious";
#  "HOST_HIDING_STYLE" = "1";
#  "HOST_HIDING_PREFIX" = "Nefarious";
#  "HOST_HIDING_KEY1" = "aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";
#  "HOST_HIDING_KEY2" = "sdfjkLJKHlkjdkfjsdklfjlkjKLJ";
#  "HOST_HIDING_KEY3" = "KJklJSDFLkjLKDFJSLKjlKJFlkjS";
#  "HOST_HIDING_COMPONENTS" = "1";
#  "CTCP_VERSIONING" = "FALSE";
#  "CTCP_VERSIONING_KILL" = "FALSE";
#  "CTCP_VERSIONING_CHAN" = "FALSE";
#  "CTCP_VERSIONING_CHANNAME" = "#opers";
#  "CTCP_VERSIONING_USEMSG" = "FALSE";
#  "CTCP_VERSIONING_NOTICE" = "*** Checking your client version";
  "GEOIP_ENABLE" = "TRUE";
  "GEOIP_FILE" = "GeoIP.dat";
  "GEOIP_IPV6_FILE" = "GeoIPv6.dat";
#  "SSL_CERTFILE" = "ircd.pem";
#  "SSL_KEYFILE" = "ircd.pem";
#  "SSL_CACERTFILE" = "";
#  "SSL_VERIFYCERT" = "FALSE";
#  "SSL_NOSELFSIGNED" = "FALSE";
#  "SSL_REQUIRECLIENTCERT" = "FALSE";
#  "SSL_NOSSLV2" = "TRUE";
#  "SSL_NOSSLv3" = "TRUE";
#  "SSL_NOTLSV1" = "TRUE";
#  "SSL_CIPHERS" = "";
#  "DISABLE_ZLINES" = "FALSE";
#  "HIS_ZLINE_REASON" = "FALSE";
#  "ZLINEMAXUSERCOUNT" = "20";
#  "CAP_multi_prefix" = "TRUE";
#  "CAP_userhost_in_names" = "TRUE";
#  "CAP_extended_join" = "TRUE";
#  "CAP_away_notify" = "TRUE";
#  "CAP_account_notify" = "TRUE";
#  "CAP_sasl" = "TRUE";
#  "CAP_tls" = "TRUE";
#  "CONNEXIT_NOTICES" = "FALSE";
};

# Well, you have now reached the end of this sample configuration
# file. If you have any questions, feel free to mail
# <coder-com@undernet.org>.  If you are interested in linking your
# server to the Undernet IRC network visit
# http://www.routing-com.undernet.org/, and if there are any
# problems then contact <routing-com@undernet.org> asking for
# information. Upgrades of the Undernet ircd can be found on
# http://coder-com.undernet.org/.
#
# For the rest:  Good Luck!
#
#	-- Niels.