From f98e2a43752b9558f2b42f216fcc5c2c1eb8afb2 Mon Sep 17 00:00:00 2001 From: Mikaela Suomalainen Date: Thu, 9 Jul 2015 10:48:28 +0300 Subject: [PATCH] somewhat rewrite etc/oidentd.conf --- etc/oidentd.conf | 63 ++++++++++++++++++++++++++++-------------------- 1 file changed, 37 insertions(+), 26 deletions(-) diff --git a/etc/oidentd.conf b/etc/oidentd.conf index a8c88e7a..f6446e51 100644 --- a/etc/oidentd.conf +++ b/etc/oidentd.conf @@ -1,34 +1,45 @@ -# Oidentd.conf allowing everything and giving random responses when -# asked from root. -# With public shells "allow" should be replaced with "deny" but when -# there is only me, why to deny anything? +# oidentd.conf denying everything except hiding root and allowing ZNC to +# spoof. With only one user everything could be allowed, but if other users +# appear out of nowhere... +# * * * * * + +# Deny everything by default default { + default { + deny spoof + deny spoof_all + deny spoof_privport + deny random + deny random_numeric + deny numeric + deny hide + } +} + +# Don't respond to ident request to root +user root { + default { + force hide + } +} + +# Allow user znc to spoof when *Identfile is used +# http://wiki.znc.in/Identfile +# touch ~/.oidentd.conf +# chmod 644 ~/.oidentd.conf +# chmod 711 ~ +# /msg *status loadmod identfile +# /msg *identfile setfile ~/.oidentd.conf +# /msg *identfile setformat global { reply "%user%" } +user "znc" { default { allow spoof allow spoof_all allow spoof_privport - allow random - allow random_numeric - allow numeric - allow hide + deny random + deny random_numeric + deny numeric + deny hide } } -user root { - default { - force random - } -} - -## Allow user znc to do spoof when *Identfile is used -#user "znc" { -# default { -# allow spoof -# allow spoof_all -# allow spoof_privport -# deny random -# deny random_numeric -# deny numeric -# deny hide -# } -#}