From 215d36cff17e6d861885ca3eac9c6026751e5c13 Mon Sep 17 00:00:00 2001
From: Shivaram Lingamneni <slingamn@cs.stanford.edu>
Date: Fri, 8 May 2020 01:26:50 -0400
Subject: [PATCH] enable cloaking by default

---
 conventional.yaml | 10 ++++++----
 oragono.yaml      | 12 +++++++-----
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/conventional.yaml b/conventional.yaml
index c3f1d04b..6fcdded1 100644
--- a/conventional.yaml
+++ b/conventional.yaml
@@ -110,8 +110,9 @@ server:
     # already up and running is problematic).
     casemapping: "precis"
 
-    # whether to look up user hostnames with reverse DNS
-    # (to suppress this for privacy purposes, use the ip-cloaking options below)
+    # whether to look up user hostnames with reverse DNS.
+    # (disabling this will expose user IPs instead of hostnames;
+    # to make IP/hostname information private, see the ip-cloaking section)
     lookup-hostnames: true
     # whether to confirm hostname lookups using "forward-confirmed reverse DNS", i.e., for
     # any hostname returned from reverse DNS, resolve it back to an IP address and reject it
@@ -230,8 +231,9 @@ server:
         # whether to enable IP cloaking
         enabled: false
 
-        # fake TLD at the end of the hostname, e.g., pwbs2ui4377257x8.oragono
-        netname: "oragono"
+        # fake TLD at the end of the hostname, e.g., pwbs2ui4377257x8.irc
+        # you may want to use your network name here
+        netname: "irc"
 
         # the cloaked hostname is derived only from the CIDR (most significant bits
         # of the IP address), up to a configurable number of bits. this is the
diff --git a/oragono.yaml b/oragono.yaml
index 25baf0f4..7e29c9ba 100644
--- a/oragono.yaml
+++ b/oragono.yaml
@@ -131,8 +131,9 @@ server:
     # already up and running is problematic).
     casemapping: "precis"
 
-    # whether to look up user hostnames with reverse DNS
-    # (to suppress this for privacy purposes, use the ip-cloaking options below)
+    # whether to look up user hostnames with reverse DNS.
+    # (disabling this will expose user IPs instead of hostnames;
+    # to make IP/hostname information private, see the ip-cloaking section)
     lookup-hostnames: true
     # whether to confirm hostname lookups using "forward-confirmed reverse DNS", i.e., for
     # any hostname returned from reverse DNS, resolve it back to an IP address and reject it
@@ -249,10 +250,11 @@ server:
     # IP is not already known, it is infeasible to recover it from the cloaked name.
     ip-cloaking:
         # whether to enable IP cloaking
-        enabled: false
+        enabled: true
 
-        # fake TLD at the end of the hostname, e.g., pwbs2ui4377257x8.oragono
-        netname: "oragono"
+        # fake TLD at the end of the hostname, e.g., pwbs2ui4377257x8.irc
+        # you may want to use your network name here
+        netname: "irc"
 
         # the cloaked hostname is derived only from the CIDR (most significant bits
         # of the IP address), up to a configurable number of bits. this is the