somewhat rewrite etc/oidentd.conf

2015-07-09 10:48:28 +03:00 · 2015-07-09 10:48:28 +03:00 · f98e2a4375
parent cf13b0faaf
commit f98e2a4375
1 changed files with 37 additions and 26 deletions
--- a/etc/oidentd.conf
+++ b/etc/oidentd.conf
@ -1,34 +1,45 @@
-# Oidentd.conf allowing everything and giving random responses when
-# asked from root.
-# With public shells "allow" should be replaced with "deny" but when
-# there is only me, why to deny anything?
+# oidentd.conf denying everything except hiding root and allowing ZNC to
+# spoof. With only one user everything could be allowed, but if other users
+# appear out of nowhere...

+# * * * * *
+
+# Deny everything by default
 default {
+    default {
+        deny spoof
+        deny spoof_all
+        deny spoof_privport
+        deny random
+        deny random_numeric
+        deny numeric
+        deny hide
+    }
+}
+
+# Don't respond to ident request to root
+user root {
+    default {
+        force hide
+    }
+}
+
+# Allow user znc to spoof when *Identfile is used
+# http://wiki.znc.in/Identfile
+# touch ~/.oidentd.conf
+# chmod 644 ~/.oidentd.conf
+# chmod 711 ~
+# /msg *status loadmod identfile
+# /msg *identfile setfile ~/.oidentd.conf
+# /msg *identfile setformat global { reply "%user%" }
+user "znc" {
    default {
        allow spoof
        allow spoof_all
        allow spoof_privport
-        allow random
-        allow random_numeric
-        allow numeric
-        allow hide
+        deny random
+        deny random_numeric
+        deny numeric
+        deny hide
    }
 }
-user root {
-    default {
-        force random
-    }
-}
-
-## Allow user znc to do spoof when *Identfile is used
-#user "znc" {
-#    default {
-#        allow spoof
-#        allow spoof_all
-#        allow spoof_privport
-#        deny random
-#        deny random_numeric
-#        deny numeric
-#        deny hide
-#    }
-#}