Initial

.gitignore

@@ -0,0 +1,3 @@
+.idea
+conf/tls/*.pem
+conf/unrealircd.conf

Dockerfile

@@ -0,0 +1,21 @@
+FROM debian:unstable-slim as builder_source
+RUN apt-get update && apt-get install -y \
+  && apt-get install -y git build-essential pkg-config libssl-dev libpcre2-dev libargon2-0-dev libsodium-dev libc-ares-dev libcurl4-openssl-dev \
+  && rm -rf /var/lib/apt/lists/*
+
+WORKDIR /opt
+RUN git clone https://github.com/unrealircd/unrealircd.git --depth 1 . \
+  && ./configure --with-showlistmodes --enable-ssl --with-bindir=/app/bin --with-datadir=/app/data --with-pidfile=/app/data/unrealircd.pid --with-confdir=/app/conf --with-modulesdir=/app/modules --with-logdir=/app/logs --with-cachedir=/app/cache --with-docdir=/app/doc --with-tmpdir=/app/tmp --with-privatelibdir=/app/lib --with-scriptdir=/app --with-nick-history=2000 --with-permissions=0600 --enable-dynamic-linking \
+  && make -j4 \
+  && make install \
+  && rm /app/source \
+  && cp /app/conf/examples/example.conf /app/conf/unrealircd.conf
+
+FROM builder_source AS builder_binary
+COPY --from=builder_source /app /app
+WORKDIR /app
+RUN useradd unrealircd \
+  && chown unrealircd:unrealircd -R /app
+  USER unrealircd
+CMD /app/unrealircd start \
+  && until ! [ -f /app/data/unrealircd.pid ]; do sleep 60; done

README.md

@@ -0,0 +1,2 @@
+docker-compose build --no-cache
+docker run -d -p 127.0.0.1:6900:6900 -p 127.0.0.1:6697:6697 -p 127.0.0.1:6667:6667 -v /${PWD}/conf/:/app/conf --name unrealircd unrealircd_ircd -it /bin/bash

conf/aliases/aliases.conf

@@ -0,0 +1,43 @@
+/* Standard Aliases */
+
+alias identify {
+	format "^#" {
+		target chanserv;
+		type services;
+		parameters "IDENTIFY %1-";
+	}
+	format "^[^#]" {
+		target nickserv;
+		type services;
+		parameters "IDENTIFY %1-";
+	}
+	type command;
+}
+
+alias services {
+	format "^#" {
+		target chanserv;
+		type services;
+		parameters "%1-";
+	}
+	format "^[^#]" {
+		target nickserv;
+		type services;
+		parameters "%1-";
+	}
+	type command;
+}
+
+alias register {
+	format "^#" {
+		target chanserv;
+		type services;
+		parameters "REGISTER %1-";
+	}
+	format "^[^#]" {
+		target nickserv;
+		type services;
+		parameters "REGISTER %1-";
+	}
+	type command;
+}

conf/aliases/anope.conf

@@ -0,0 +1,17 @@
+/* Anope Aliases */
+
+alias nickserv { type services; }
+alias ns { target nickserv; type services; }
+alias chanserv { type services; }
+alias cs { target chanserv; type services; }
+alias memoserv { type services; spamfilter yes; }
+alias ms { target memoserv; type services; spamfilter yes; }
+alias operserv { type services; }
+alias os { target operserv; type services; }
+alias botserv { type services; }
+alias bs { target botserv; type services; }
+alias hostserv { type services; }
+alias hs { target hostserv; type services; }
+
+include "aliases/aliases.conf";
+

conf/aliases/atheme.conf

@@ -0,0 +1,26 @@
+/* Atheme Aliases */
+
+alias nickserv { type services; }
+alias ns { target nickserv; type services; }
+alias chanserv { type services; }
+alias cs { target chanserv; type services; }
+alias memoserv { type services; spamfilter yes; }
+alias ms { target memoserv; type services; spamfilter yes; }
+alias operserv { type services; }
+alias os { target operserv; type services; }
+alias helpserv { type services; }
+alias botserv { type services; }
+alias bs { target botserv; type services; }
+alias hostserv { type services; }
+alias hs { target hostserv; type services; }
+alias saslserv { type services; }
+alias sss { target saslserv; type services; }
+alias gameserv { type services; }
+alias gms { target gameserv; type services; }
+alias groupserv { type services; }
+alias grs { target groupserv; type services; }
+alias alis { type services; }
+alias ls { target alis; type services; }
+
+include "aliases/aliases.conf";
+

conf/aliases/auspice.conf

@@ -0,0 +1,33 @@
+/* Auspice Aliases */
+
+/* Uncomment this, if you have enabled "MassServ, W and X" in auspice */
+# alias massserv { type services; }
+# alias ma { target massserv; type services; }
+# alias W { type services; }
+# alias X { type services; }
+
+/* Uncomment this, if you have enabled "WebServ" in auspice */
+# alias webserv { type services; }
+# alias ws { target webserv; type services; }
+
+alias agent { type services; }
+alias adminserv { type services; }
+alias as { target adminserv; type services; }
+alias botserv { type services; }
+alias bs { target botserv; type services; }
+alias chanserv { type services; }
+alias cs { target chanserv; type services; }
+alias helpserv { type services; }
+alias hs { target helpserv; type services; }
+alias hostserv { type services; }
+alias ho { target hostserv; type services; }
+alias memoserv { type services; spamfilter yes; }
+alias ms { target memoserv; type services; spamfilter yes; }
+alias nickserv { type services; }
+alias ns { target nickserv; type services; }
+alias operserv { type services; }
+alias os { target operserv; type services; }
+alias rootserv { type services; }
+alias rs { target rootserv; type services; }
+
+include "aliases/aliases.conf";

conf/aliases/cygnus.conf

@@ -0,0 +1,12 @@
+/* Cygnus Aliases */
+
+alias nickserv { type services; }
+alias ns { target nickserv; type services; }
+alias chanserv { type services; }
+alias cs { target chanserv; type services; }
+alias memoserv { type services; spamfilter yes; }
+alias ms { target memoserv; type services; spamfilter yes; }
+alias rootserv { type services; }
+alias rs { target rootserv; type services; }
+
+include "aliases/aliases.conf";

conf/aliases/epona.conf

@@ -0,0 +1,16 @@
+/* Epona Aliases */
+
+alias nickserv { type services; }
+alias ns { target nickserv; type services; }
+alias chanserv { type services; }
+alias cs { target chanserv; type services; }
+alias memoserv { type services; spamfilter yes; }
+alias ms { target memoserv; type services; spamfilter yes; }
+alias operserv { type services; }
+alias os { target operserv; type services; }
+alias helpserv { type services; }
+alias hs { target helpserv; type services; }
+alias botserv { type services; }
+alias bs { target botserv; type services; }
+
+include "aliases/aliases.conf";

conf/aliases/generic.conf

@@ -0,0 +1,14 @@
+/* Generic Aliases */
+
+alias nickserv { type services; }
+alias ns { target nickserv; type services; }
+alias chanserv { type services; }
+alias cs { target chanserv; type services; }
+alias memoserv { type services; spamfilter yes; }
+alias ms { target memoserv; type services; spamfilter yes; }
+alias operserv { type services; }
+alias os { target operserv; type services; }
+alias helpserv { type services; }
+alias hs { target helpserv; type services; }
+
+include "aliases/aliases.conf";

conf/aliases/genericstats.conf

@@ -0,0 +1,4 @@
+/* Generic StatServ Aliases */
+
+alias statserv { type stats; }
+alias ss { target statserv; type stats; }

conf/aliases/ircservices.conf

@@ -0,0 +1,17 @@
+/* IRCServices Aliases */
+
+alias nickserv { type services; }
+alias ns { target nickserv; type services; }
+alias chanserv { type services; }
+alias cs { target chanserv; type services; }
+alias memoserv { type services; spamfilter yes; }
+alias ms { target memoserv; type services; spamfilter yes; }
+alias operserv { type services; }
+alias os { target operserv; type services; }
+alias helpserv { type services; }
+alias hs { target helpserv; type services; }
+alias irciihelp { type services; }
+alias statserv { type services; }
+alias ss { target statserv; type services; }
+
+include "aliases/aliases.conf";

conf/aliases/operstats.conf

@@ -0,0 +1,6 @@
+/* OperStats Aliases */
+
+alias operserv { type stats; }
+alias os { target operserv; type stats; }
+alias statserv { type stats; }
+alias ss { target statserv; type stats; }

conf/badwords.conf

@@ -0,0 +1,51 @@
+/*  
+ Unreal Internet Relay Chat Daemon
+ Copyright (C) Carsten V. Munk 2000
+
+ NOTE: Those words are not meant to insult you (the user)
+       but is meant to be a list of words so that the +G channel/user mode 
+       will work properly. You can easily modify this file at your will.
+       If you got words to add to this file, please mail badwords@tspre.org
+
+ 
+
+
+
+ 
+                This is some filling space, scroll down to see the words
+
+ 
+
+
+ 
+
+
+ 
+
+
+ 
+
+
+ 
+
+
+*/
+badword all { word "pussy"; }
+badword all { word "fuck"; }
+badword all { word "whore"; }
+badword all { word "slut"; }
+badword all { word "shit"; }
+badword all { word "asshole"; }
+badword all { word "bitch"; }
+badword all { word "cunt"; }
+badword all { word "vagina"; }
+badword all { word "penis"; }
+badword all { word "jackass"; }
+badword all { word "*fucker*"; }
+badword all { word "faggot"; }
+badword all { word "fag"; }
+badword all { word "horny"; }
+badword all { word "dickhead"; }
+badword all { word "sonuvabitch"; }
+badword all { word "*fuck*"; }
+badword all { word "tits"; }

conf/dccallow.conf

@@ -0,0 +1,42 @@
+/* Example of a possible semi-secure /DCCALLOW configuration written by Syzop.
+ * $Id$
+ *
+ * Actually nothing is *100% secure*... there could still be
+ * bugs in the software itself (think: a winamp bug that can
+ * be exploited via an mp3, or: a wmplayer bug that can be
+ * exploited via a specially crafted .wmv, etc..).
+ * If you are really that paranoid you could just remove
+ * all 'allow dcc'-blocks and prompt the user for EVERY file ;).
+ * 
+ * Still, I think this file is a good tradeoff between userfriendlyness
+ * and security. Note that when you try to only DENY specific
+ * file type (exe, com, etc) you are *guaranteed* to miss ones
+ * (like: did you know .r17 gets treated as a rar archive?
+ *  and that an exe can be disguished as .cmd which is executable
+ *  on nt/w2k/xp?)
+ */
+
+/* first.. deny everything, then allow known-good stuff... */
+deny dcc { filename "*"; reason "Possible executable content"; soft yes; }
+/* common image formats */
+allow dcc { filename "*.jpg"; soft yes; }
+allow dcc { filename "*.jpeg"; soft yes; }
+allow dcc { filename "*.gif"; soft yes; }
+allow dcc { filename "*.png"; soft yes; }
+allow dcc { filename "*.bmp"; soft yes; }
+/* audio / video (but not scripted/playlists!) */
+allow dcc { filename "*.mp1"; soft yes; }
+allow dcc { filename "*.mp2"; soft yes; }
+allow dcc { filename "*.mp3"; soft yes; }
+allow dcc { filename "*.mpg"; soft yes; }
+allow dcc { filename "*.mpeg"; soft yes; }
+allow dcc { filename "*.m1v"; soft yes; }
+allow dcc { filename "*.m2v"; soft yes; }
+allow dcc { filename "*.vob"; soft yes; }
+allow dcc { filename "*.wav"; soft yes; }
+/* text / misc */
+allow dcc { filename "*.txt"; soft yes; }
+allow dcc { filename "*.log"; soft yes; }
+allow dcc { filename "*.pdf"; soft yes; }
+allow dcc { filename "*.c"; soft yes; }
+allow dcc { filename "*.cpp"; soft yes; }

conf/modules.default.conf

@@ -0,0 +1,237 @@
+/* This file will load (nearly) all modules available on UnrealIRCd.
+ * So all commands, channel modes, user modes, etc..
+ *
+ * If you want to have all UnrealIRCd functionality, then include this
+ * file from your unrealircd.conf by using:
+ * include "modules.default.conf";
+ *
+ * DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
+ * If you want to customize the modules to load you have two options:
+ * 1) Keep the include for modules.default.conf as usual and make use
+ *    of blacklist-module "xyz"; to selectively disable modules.
+ *    See https://www.unrealircd.org/docs/Blacklist-module_directive
+ * 2) OR, make a copy of this file (eg: name it modules.custom.conf)
+ *    and edit it. Then include that file from your unrealircd.conf
+ *    instead of this one.
+ * The downside of option #2 is that you will need to track changes
+ * in the original modules.default.conf with each new UnrealIRCd
+ * release to make sure you don't miss any new functionality (as new
+ * important modules may be added you need to add them to your conf).
+ * You don't have this problem with option #1.
+ */
+
+/*** Cloaking (for user mode +x) ***/
+loadmodule "cloak";
+
+
+/*** Commands ***/
+
+// User commands (MINIMAL)
+// These provide just the minimal set of IRC commands that are
+// required by RFC1459 along with WATCH and MAP.
+loadmodule "admin";
+loadmodule "away";
+loadmodule "invite";
+loadmodule "ison";
+loadmodule "join";
+loadmodule "kick";
+loadmodule "links";
+loadmodule "list";
+loadmodule "lusers";
+loadmodule "map";
+loadmodule "message";
+loadmodule "mode";
+loadmodule "motd";
+loadmodule "names";
+loadmodule "nick";
+loadmodule "part";
+loadmodule "pass";
+loadmodule "pingpong";
+loadmodule "protoctl";
+loadmodule "quit";
+loadmodule "rules";
+loadmodule "topic";
+loadmodule "user";
+loadmodule "userhost";
+loadmodule "watch";
+loadmodule "whox";
+loadmodule "whois";
+loadmodule "whowas";
+
+// User commands (EXTENDED)
+// These are commands that provide extended functionality.
+loadmodule "botmotd";
+loadmodule "cap";
+loadmodule "cycle";
+loadmodule "dccallow";
+loadmodule "help";
+loadmodule "knock";
+loadmodule "lag";
+loadmodule "sasl";
+loadmodule "setname";
+loadmodule "silence";
+loadmodule "starttls";
+loadmodule "time";
+loadmodule "userip";
+loadmodule "vhost";
+loadmodule "history";
+
+// IRC Operator commands
+// Note: several of these like kill are also server-to-server commands
+// which are required if you link to other servers.
+loadmodule "addmotd";
+loadmodule "addomotd";
+loadmodule "chghost";
+loadmodule "chgident";
+loadmodule "chgname";
+loadmodule "close";
+loadmodule "connect";
+loadmodule "squit";
+loadmodule "dccdeny";
+loadmodule "globops";
+loadmodule "kill"; /* also server-to-server */
+loadmodule "locops";
+loadmodule "mkpasswd";
+loadmodule "oper";
+loadmodule "opermotd";
+loadmodule "sajoin";
+loadmodule "samode";
+loadmodule "sapart";
+loadmodule "sdesc";
+loadmodule "sethost";
+loadmodule "setident";
+loadmodule "stats";
+loadmodule "tkl"; /* also server-to-server */
+loadmodule "trace";
+loadmodule "tsctl";
+loadmodule "unsqline";
+loadmodule "wallops";
+loadmodule "jumpserver";
+
+// Server-to-server commands
+// Don't remove these, unless you never link to other servers.
+loadmodule "eos";
+loadmodule "md";
+loadmodule "netinfo";
+loadmodule "server";
+loadmodule "sjoin";
+loadmodule "sqline";
+loadmodule "swhois";
+loadmodule "umode2";
+loadmodule "sinfo";
+loadmodule "require-module";
+
+// Services commands
+// You could disable these if you don't use Services
+// https://www.unrealircd.org/docs/Services
+loadmodule "sendsno";
+loadmodule "sendumode";
+loadmodule "svsjoin";
+loadmodule "svskill";
+loadmodule "svslusers";
+loadmodule "svsmode";
+loadmodule "svsmotd";
+loadmodule "svsnick";
+loadmodule "svsnline";
+loadmodule "svsnolag";
+loadmodule "svsnoop";
+loadmodule "svspart";
+loadmodule "svssilence";
+loadmodule "svssno";
+loadmodule "svswatch";
+
+
+/*** Channel modes ***/
+loadmodule "chanmodes/floodprot"; /* +f */
+loadmodule "chanmodes/nocolor"; /* +c */
+loadmodule "chanmodes/noctcp"; /* +C */
+loadmodule "chanmodes/stripcolor"; /* +S */
+loadmodule "chanmodes/issecure"; /* +Z */
+loadmodule "chanmodes/permanent"; /* +P */
+loadmodule "chanmodes/link"; /* +L */
+loadmodule "chanmodes/censor"; /* +G */
+loadmodule "chanmodes/delayjoin"; /* +D  */
+loadmodule "chanmodes/noknock"; /* +K */
+loadmodule "chanmodes/noinvite"; /* +V */
+loadmodule "chanmodes/operonly"; /* +O */
+loadmodule "chanmodes/nonotice"; /* +T */
+loadmodule "chanmodes/regonly"; /* +R */
+loadmodule "chanmodes/nonickchange"; /* +N */
+loadmodule "chanmodes/nokick"; /* +Q */
+loadmodule "chanmodes/regonlyspeak"; /* +M */
+loadmodule "chanmodes/secureonly"; /* +z */
+loadmodule "chanmodes/history"; /* +H */
+
+
+/*** User modes ***/
+loadmodule "usermodes/bot"; /* +B (mark yourself as a bot) */
+loadmodule "usermodes/servicebot"; /* +S (service bot) */
+loadmodule "usermodes/noctcp"; /* +T (block CTCP's) */
+loadmodule "usermodes/censor"; /* +G (censor bad words) */
+loadmodule "usermodes/showwhois"; /* +W (show if someone does /WHOIS) */
+loadmodule "usermodes/privacy"; /* +p (privacy, hide channels in /WHOIS) */
+loadmodule "usermodes/nokick"; /* +q (unkickable oper) */
+loadmodule "usermodes/regonlymsg"; /* +R (only registered users may private message you) */
+loadmodule "usermodes/secureonlymsg"; /* +Z (only SSL/TLS users may private message you) */
+loadmodule "usermodes/privdeaf"; /* +D (don't let other user PM you) */
+
+
+/*** Server notice masks */
+loadmodule "snomasks/dccreject"; /* +D (rejected DCC's) */
+
+
+/*** Extended Bans ***/
+loadmodule "extbans/join"; /* +b ~j (prevent only joins) */
+loadmodule "extbans/quiet"; /* +b ~q (prevent only messaging) */
+loadmodule "extbans/nickchange"; /* +b ~n (prevent only nick changes) */
+loadmodule "extbans/realname"; /* +b ~r (ban by real name) */
+loadmodule "extbans/account"; /* +b ~a (ban/exempt if logged in with services account) */
+loadmodule "extbans/inchannel"; /* +b ~c (ban/exempt if in channel) */
+loadmodule "extbans/operclass"; /* +b ~O (ban/exempt by operclass) */
+loadmodule "extbans/certfp"; /* +b ~S (ban/exempt by certfp) */
+loadmodule "extbans/textban"; /* +b ~T (censor or block text) */
+loadmodule "extbans/msgbypass"; /* +e ~m (bypass message restrictions) */
+loadmodule "extbans/timedban"; /* +b ~t (timed bans / temporary bans) */
+loadmodule "extbans/partmsg"; /* +b ~p (hide part/quit message) */
+loadmodule "extbans/securitygroup"; /* +b ~G (security group) */
+
+
+/** IRCv3 extensions */
+loadmodule "account-notify"; /* send ACCOUNT message upon services account login */
+loadmodule "message-tags"; /* add tags to messages, required for various IRCv3 features */
+loadmodule "batch"; /* also required for several IRCv3 features */
+loadmodule "server-time"; /* adds server timestamp to various messages */
+loadmodule "message-ids"; /* adds unique msgid to various messages */
+loadmodule "account-tag"; /* adds services account information to messages */
+loadmodule "echo-message"; /* shows clients if their messages are altered/filtered */
+loadmodule "labeled-response"; /* correlate requests and responses easily */
+loadmodule "bot-tag"; /* indicate the message comes from a bot (draft/bot) */
+loadmodule "typing-indicator"; /* typing indicator in PM and channels (+typing) */
+loadmodule "reply-tag"; /* indicate to which message you are responding (+draft/reply) */
+loadmodule "clienttagdeny"; /* informs clients about supported client-only message tags */
+loadmodule "sts"; /* strict transport policy (set::tls::sts-policy) */
+loadmodule "link-security"; /* link-security announce */
+loadmodule "plaintext-policy"; /* plaintext-policy announce */
+loadmodule "chathistory"; /* CHATHISTORY client command, 005 and a CAP (draft) */
+
+
+/*** Other ***/
+// These are modules that don't fit in any of the previous sections
+loadmodule "ident_lookup"; /* Ident lookups if set::options::identd-check is set*/
+loadmodule "certfp"; /* SSL/TLS certificate fingerprint in /WHOIS (& more) */
+loadmodule "tls_antidos"; /* prevent TLS DoS (renegotiate floods) */
+loadmodule "webirc"; /* WEBIRC command. See webirc block. */
+loadmodule "blacklist"; /* Blacklist support (DNSBL). See blacklist block. */
+loadmodule "jointhrottle"; /* set::anti-flood::join-flood (previously chanmode +j) */
+loadmodule "charsys"; /* Provides set::allowed-nickchars (must always be loaded!) */
+loadmodule "authprompt"; /* Authentication prompt, see set::authentication-prompt */
+loadmodule "history_backend_mem"; /* History storage backend (used by chanmodes/history) */
+loadmodule "tkldb"; /* Write TKLines to .db file */
+loadmodule "channeldb"; /* Write channel settings to .db file (+P channels only) */
+loadmodule "rmtkl"; /* Easily remove *-Lines in bulk with /RMTKL */
+loadmodule "restrict-commands"; /* Provides set::restrict-commands settings */
+loadmodule "reputation"; /* used by Connthrottle and others, see next */
+loadmodule "connthrottle"; /* see https://www.unrealircd.org/docs/Connthrottle */
+loadmodule "userip-tag"; /* unrealircd.org/userip tag for ircops */
+loadmodule "userhost-tag"; /* unrealircd.org/userhost tag for ircops */
+loadmodule "targetfloodprot"; /* set::anti-flood::target-flood protection */

conf/modules.optional.conf

@@ -0,0 +1,183 @@
+/* This file will load all optional modules. These are features that
+ * not everyone will use or are considered experimental.
+ * You can include this file from your unrealircd.conf like this:
+ * include "modules.optional.conf";
+ * OR... and this is probably a better idea... you can copy-paste it
+ * to another file where you do your own customizations.
+ *
+ * DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
+ * If you want to customize, make a copy of this file (for example
+ * name it modules.custom.conf) and edit it.
+ * Then include that file from your unrealircd.conf instead of this one.
+ */
+
+/*** Commands ***/
+
+// This add the /IRCOPS command: A more visual way for users
+// to see which IRCOps are online.
+loadmodule "ircops";
+
+// This adds the /STAFF command: This command simply displays
+// a text file that you can configure here:
+loadmodule "staff";
+set { staff-file "network.staff"; }
+
+
+/*** Channel modes ***/
+
+// The following module ('nocodes') is not a true channel mode.
+// It simply enhances the existing channel mode +S/+c to include
+// stripping/blocking of bold, underline and italic text.
+loadmodule "nocodes";
+
+
+/*** Other ***/
+
+// The hideserver module will hide /MAP and /LINKS to regular users.
+// It does not truly enhance security as server names can still be
+// seen at other places.
+// Comment out the following line to enable this:
+// loadmodule "hideserver";
+
+// The antirandom module will kill or *line users that have a nick,
+// ident and/or realname that is considered "random".
+// This helps to combat simple botnets/drones.
+// Note that failure to set the right settings may ban innocent users.
+// This is especially true if you are on a non-English network where
+// the module may consider a sequence of characters "random" even though
+// it is a perfectly pronounceable word in your language.
+loadmodule "antirandom";
+set {
+	antirandom {
+		/* THRESHOLD:
+		 * This is pretty much the most important setting of all.
+		 * For every randomly looking ident the user gets a certain amount of
+		 * 'points', if this value reaches 'threshold' then the appropriate
+		 * action is taken (killed, *lined, see later on).
+		 *  lower = more randomly looking users will be catched (but also more
+		 *	  innocent users)
+		 * higher = less chance of innocent users getting killed, but also less
+		 *	  chance on bots getting catched.
+		 * <2:  DON'T!!
+		 *  4:  Works good, probably a few more innocent kills but if you got
+		 *      quite a bot problem then this might be a useful setting.
+		 *  5:  Works well with few innocent kills, probably good to begin with.
+		 *  6:  If you want to be a tad more careful
+		 * >6:  For the paranoid. Module can still be quite effective, though :)
+		 */
+		threshold 7;
+
+		/* BAN-ACTION:
+		 * Action to take whenever the user is catched as random, options:
+		 * warn, kill, gline, gzline, kline, zline, shun, tempshun
+		 */
+		ban-action kill;
+
+		/* BAN-TIME:
+		 * Time to ban the user (irrelevant for tempshun/kill).
+		 * Something between 1 hour and 2 days is recommended.
+		 * If you set it higher than 3 or 4 days then you get quite a risk
+		 * of catching innocent users due to dynamic IP, not to mention
+		 * your *line list gets filled up... so choose it wisely.
+		 */
+		ban-time 4h;
+
+		/* BAN-REASON:
+		 * The ban (or kill) reason to use.
+		 * You might want to put in an entry to a FAQ or an email address
+		 * where users can mail if they have been catched and don't know what to do.
+		 * NOTE: One of the various reasons that ""innocent users"" are catched is
+		 *       if they just randomly type in info for their nick, ident, or realname.
+		 */
+		ban-reason "You look like a bot. Be sure to fill in your nick/ident/realname properly.";
+
+		/* CONVERT-TO-LOWERCASE:
+		 * Convert nicks, idents, and realnames to lowercase before doing random checks?
+		 * This has not been tested extensively for false positives, but might be (very)
+		 * helpful to catch GnStA5FYhiTH51TUkf style random nicks as random.
+		 * Enabled by default.
+		 */
+		convert-to-lowercase yes;
+
+		/* FULLSTATUS-ON-LOAD:
+		 * If enabled, then upon loading it will check all users that are currently
+		 * connected and give a status report about who it would have killed.
+		 * Note that it doesn't actually kill any currently connected users, it is for
+		 * informative purposes only.
+		 * This can be (very) useful if you use the module for the first time.
+		 * But you probably want to disable it after a while, since once the module
+		 * is actively dealing with randomly looking persons, it shouldn't report any
+		 * users anymore on load and then this check only eats useless CPU on /REHASH.
+		 * Enabled by default.
+		 */
+		fullstatus-on-load yes;
+
+		/* SHOW-FAILEDCONNECTS:
+		 * This will send out a notice whenever a randomly looking user has been catched
+		 * during connecting. Obviously this can be pretty noisy.
+		 * Especially recommended to enable during the first few days you use this module.
+		 */
+		show-failedconnects yes;
+
+		/* EXCEPT-HOSTS:
+		 * Hostmasks on this list are matched against the IP and hostname of the connecting
+		 * user. If it matches then we do not check if the nick/ident/realname is random.
+		 * NOTE: Use the REAL host or IP here, not any cloaked hosts!
+		 */
+		except-hosts {
+			mask 192.168.0.0/16;
+			mask 127.0.0.0/8;
+		}
+
+		/* EXCEPT-WEBIRC:
+		 * This will make antirandom not check connections from WEBIRC gateways.
+		 * ( see https://www.unrealircd.org/docs/WebIRC_block )
+		 * It seems WEBIRC connections frequently cause false positives so the
+		 * default is 'yes'.
+		 */
+		except-webirc yes;
+	}
+}
+
+// This module will send a HTTP 301 redirect to any client which sends
+// a HTTP request to us. This is commented out by default:
+//loadmodule "webredir";
+//set {
+//	webredir {
+//		url "https://...";
+//	}
+//}
+
+// This adds websocket support. For more information, see:
+// https://www.unrealircd.org/docs/WebSocket_support
+loadmodule "websocket";
+
+// This module will detect and stop spam containing of characters of
+// mixed "scripts", where (for example) some characters are in
+// Latin script and other characters are in Cyrillic script.
+loadmodule "antimixedutf8";
+set {
+	antimixedutf8 {
+		/* Take action at this 'score' (lower = more sensitive)
+		 *
+		 * A score of 2 or 3 will catch a lot but also
+		 * catch innocent users who are not using a pure
+		 * Latin script, such as Russian people who
+		 * commonly use a mix of Latin and Cyrillic.
+		 *
+		 * A score of 8 is a safe default.
+		 */
+		score 8;
+
+		/* Action to take, see:
+		 * https://www.unrealircd.org/docs/Actions
+		 */
+		ban-action block;
+
+		/* Block/kill/ban reason (sent to user) */
+		ban-reason "Mixed character spam";
+
+		/* Duration of ban (does not apply to block/kill) */
+		ban-time 4h; // For other types
+	}
+}

conf/modules.sources.list

@@ -0,0 +1,21 @@
+#
+# This file contains the list of repositories that are used
+# by the './unrealircd module' command.
+# Note that 3rd party modules are NOT written by the UnrealIRCd team.
+# Use such modules at your own risk. In case of problems, contact
+# the module author. For more information, see:
+# https://www.unrealircd.org/docs/Module_manager
+#
+
+#
+# This is the unrealircd-contrib repository which is added by default in
+# UnrealIRCd 5 to make it easy for users to install 3rd party modules.
+# If you are a module coder and want to add your module to this repository
+# as well, then read the rules and procedure at:
+# https://www.unrealircd.org/docs/Rules_for_3rd_party_modules_in_unrealircd-contrib
+#
+https://modules.unrealircd.org/modules.list
+
+# You can add more repositories here. However, do note that all
+# URLs MUST start with https://
+

conf/operclass.default.conf

@@ -0,0 +1,144 @@
+/* This file defines a number of default operclass blocks which you can
+ * use in your oper blocks (via oper::operclass).
+ *
+ * This file is normally included from your unrealircd.conf through:
+ * include "operclass.default.conf";
+ *
+ * The operclass block is extensively documented at:
+ * https://www.unrealircd.org/docs/Operclass_block
+ * And the permissions itself (operclass::permissions) at:
+ * https://www.unrealircd.org/docs/Operclass_permissions
+ *
+ * DO NOT EDIT THIS FILE! IT WILL BE OVERWRITTEN DURING NEXT UPGRADE!!
+ * Instead, if you want to change the permissions in an operclass block,
+ * you should copy the definition, or this entire file, to either your
+ * unrealircd.conf or some other file (eg: operclass.conf) that you
+ * you will include from your unrealircd.conf.
+ * Then edit it, and while doing so don't forget to change the name
+ * of your custom operclass block(s), so operclass <name>.
+ */
+
+/* Local IRC Operator */
+operclass locop {
+	permissions {
+		chat;
+		channel { operonly; override { flood; } }
+		client { see; }
+		immune;
+		self { getbaddcc; opermodes; set; }
+		server { opermotd; info; close; module; dns; rehash; }
+		route { local; }
+		kill { local; }
+		server-ban {
+			kline;
+			zline { local; }
+		}
+	}
+}
+
+/* Global IRC Operator */
+operclass globop {
+	permissions {
+		chat;
+		channel { operonly; see; override { flood; } }
+		client;
+		immune;
+		self { getbaddcc; opermodes; set; }
+		server { opermotd; info; close; module; dns; rehash;
+		         remote; tsctl { view; } }
+		route;
+		kill;
+		server-ban { dccdeny; shun; zline; kline; gline; }
+	}
+}
+
+/* Server administrator */
+operclass admin {
+	permissions {
+		chat;
+		channel { operonly; see; override { flood; } }
+		client;
+		immune;
+		self { getbaddcc; opermodes; set; }
+		server { opermotd; info; close; module; dns; rehash;
+		         remote; description; addmotd;
+		         addomotd; tsctl { view; } }
+		route;
+		kill;
+		server-ban;
+	}
+}
+
+/* Services Admin */
+operclass services-admin {
+	permissions {
+		chat;
+		channel { operonly; see; override { flood; } }
+		client;
+		immune;
+		self { getbaddcc; opermodes; set; }
+		server { opermotd; info; close; module; dns; rehash;
+		         remote; description; addmotd;
+		         addomotd; tsctl { view; } }
+		route;
+		kill;
+		server-ban;
+		sacmd;
+		services;
+	}
+}
+
+/* Network Administrator */
+operclass netadmin {
+	permissions {
+		chat;
+		channel { operonly; see; override { flood; } }
+		client;
+		immune;
+		self { getbaddcc; opermodes; set; }
+		server { opermotd; info; close; module; dns; rehash;
+		         remote; description; addmotd;
+		         addomotd; tsctl; }
+		route;
+		kill;
+		server-ban;
+		sacmd;
+		services;
+	}
+}
+
+/* Same as 'globop' operclass, but with OperOverride capabilities added */
+operclass globop-with-override {
+	parent globop;
+	permissions {
+		channel { operonly; see; override; }
+		self { getbaddcc; opermodes; set; unkickablemode; }
+	}
+}
+
+/* Same as 'admin' operclass, but with OperOverride capabilities added */
+operclass admin-with-override {
+	parent admin;
+	permissions {
+		channel { operonly; see; override; }
+		self { getbaddcc; opermodes; set; unkickablemode; }
+	}
+}
+
+/* Same as 'services-admin' operclass, but with OperOverride capabilities added */
+operclass services-admin-with-override {
+	parent services-admin;
+	permissions {
+		channel { operonly; see; override; }
+		self { getbaddcc; opermodes; set; unkickablemode; }
+	}
+}
+
+/* Same as 'netadmin' operclass, but with OperOverride capabilities added */
+operclass netadmin-with-override {
+	parent netadmin;
+	permissions {
+		channel { operonly; see; override; }
+		self { getbaddcc; opermodes; set; unkickablemode; }
+	}
+}

conf/spamfilter.conf

@@ -0,0 +1,154 @@
+/*
+ * This configuration file contains example spamfilter rules.
+ * They are real rules that were useful a long time ago.
+ * Since 2005 these rules are no longer maintained.
+ * The main purpose nowadays is to serve as an example
+ * to give you an idea of how powerful spamfilters can
+ * be in real-life situations.
+ *
+ * Documentation on spamfilter is available at:
+ * https://www.unrealircd.org/docs/Spamfilter
+ */
+
+/* General note:
+ * If you want to use a \ in a spamfilter, or in fact
+ * anywhere in the configuration file, then you need
+ * to escape this to \\ instead.
+ */
+
+
+/* First some spamfilters with match-type 'simple'.
+ * The only matchers available are * and ?
+ * PRO's: very fast, easy matching: everyone can do this.
+ * CON's: limited ability to fine-tune spamfilters
+ */
+
+spamfilter {
+	match-type simple;
+	match "Come watch me on my webcam and chat /w me :-) http://*:*/me.mpg";
+	target private;
+	action gline;
+	reason "Infected by fyle trojan: see http://www.sophos.com/virusinfo/analyses/trojfylexa.html";
+}
+
+/* This signature uses a \ which has to escaped to \\ in the configuration file */
+spamfilter {
+	match-type simple;
+	match "C:\\WINNT\\system32\\*.zip";
+	target dcc;
+	action block;
+	reason "Infected by Gaggle worm?";
+}
+
+spamfilter {
+	match-type simple;
+	match "Speed up your mIRC DCC Transfer by up to 75%*www.freewebs.com/mircupdate/mircspeedup.exe";
+	target private;
+	action gline;
+	reason "Infected by mirseed trojan: see http://www.sophos.com/virusinfo/analyses/trojmirseeda.html";
+}
+
+spamfilter {
+	match-type simple;
+	match "STOP SPAM, USE THIS COMMAND: //write nospam $decode(*) | .load -rs nospam | //mode $me +R";
+	target private;
+	action gline;
+	reason "Infected by nkie worm: see http://www.trojaninfo.com/nkie/nkie.htm";
+}
+
+
+/* Now spamfilters of type 'regex'.
+ * These use powerful regular expressions (Perl/PCRE style)
+ * You may have to learn more about "regex" first before you
+ * can use them. For example the dot ('.') has special meaning.
+ */
+
+/* This regex shows a pattern which requires 20 paramaters,
+ * such as "x x x x x x x x x x x x x x x x x x x x"
+ */
+spamfilter {
+	match-type regex;
+	match "\x01DCC (SEND|RESUME)[ ]+\"(.+ ){20}";
+	target { private; channel; }
+	action kill;
+	reason "mIRC 6.0-6.11 exploit attempt";
+}
+
+/* Similarly, this regex shows a pattern that matches
+ * against at least 225 characters in length.
+ */
+spamfilter {
+	match-type regex;
+	match "\x01DCC (SEND|RESUME).{225}";
+	target { private; channel; }
+	action kill;
+	reason "Possible mIRC 6.12 exploit attempt";
+}
+
+/* Earlier you saw an example of a $decode exploit which used
+ * match-type 'simple' and - indeed - the filter was quite simple.
+ * The following uses a regex with a similar example.
+ * Regular expressions are very powerful but here you can see
+ * that it actually complicates writing a filter quite a bit.
+ * With regex in this filter we need to escape the ( and all
+ * the dots, question marks, etc. if we want to match these
+ * characters in literal text.
+ */
+spamfilter {
+	match-type regex;
+	match "^Want To Be An IRCOp\? Try This New Bug Type: //write \$decode\(.+=.?,m\) \| \.load -rs \$decode\(.+=.?,m\)$";
+	target private;
+	action block;
+	reason "Spamming users with an mIRC trojan. Type '/unload -rs newb' to remove the trojan.";
+}
+
+spamfilter {
+	match-type regex;
+	match "^http://www\.angelfire\.com/[a-z0-9]+/[a-z0-9]+/[a-z_]+\.jpg <- .*!";
+	target private;
+	action block;
+	reason "Infected by fagot worm: see http://www.f-secure.com/v-descs/fagot.shtml";
+}
+
+/* This shows a regex which specifically matches an entire line by 
+ * the use of ^ and $
+ */
+spamfilter {
+	match-type regex;
+	match "^!login Wasszup!$";
+	target channel;
+	action gline;
+	reason "Attempting to login to a GTBot";
+}
+
+/* An example of how to match against an IP address in text (IPv4 only) */
+spamfilter {
+	match-type regex;
+	match "^!packet ([0-9]{1,3}\.){3}[0-9]{1,3} [0-9]{1,15}";
+	target channel;
+	action gline;
+	reason "Attempting to use a GTBot";
+}
+
+/* A slightly more complex example with a partial OR matcher (|) */
+spamfilter {
+	match-type regex;
+	match "(^wait a minute plz\. i am updating my site|.*my erotic video).*http://.+/erotic(a)?/myvideo\.exe$";
+	target private;
+	action gline;
+	reason "Infected by some trojan (erotica?)";
+}
+
+/* In regex a \ is special and needs to be escaped to \\
+ * However in this configuration file, \ is also special and
+ * needs to be escaped to \\ as well.
+ * The result is that we need double escaping:
+ * To match a \ you need to write \\\\ in the configuration file.
+ */
+spamfilter {
+	match-type regex;
+	match "C:\\\\WINNT\\\\system32\\\\(notes|videos|xxx|ManualSeduccion|postal|hechizos|images|sex|avril)\.zip";
+	target dcc;
+	action dccblock;
+	reason "Infected by Gaggle worm";
+}

conf/unrealircd.conf.example

@@ -0,0 +1,592 @@
+/* Configuration file for UnrealIRCd 5
+ *
+ * Simply copy this file to your conf/ directory, call it
+ * 'unrealircd.conf' and walk through it line by line (edit it!)
+ *
+ * Important: All lines, except { and } end with an ;
+ * This is very important, if you miss a ; somewhere then the
+ * configuration file parser will complain and the file will not
+ * be processed correctly!
+ * If this is your first experience with an UnrealIRCd configuration
+ * file then we really recommend you to read a little about the syntax,
+ * this only takes a few minutes and will help you a lot:
+ * https://www.unrealircd.org/docs/Configuration#Configuration_file_syntax
+ *
+ * UnrealIRCd 5 documentation (very extensive!):
+ * https://www.unrealircd.org/docs/UnrealIRCd_5_documentation
+ *
+ * Frequently Asked Questions:
+ * https://www.unrealircd.org/docs/FAQ
+ *
+ */
+
+/* This is a comment, all text here is ignored (comment type #1) */
+// This is also a comment, this line is ignored (comment type #2)
+# This is also a comment, again this line is ignored (comment type #3)
+
+/* UnrealIRCd makes heavy use of modules. Modules allow you to completely
+ * customize the featureset you wish to enable in UnrealIRCd.
+ * See: https://www.unrealircd.org/docs/Modules
+ *
+ * By using the include below we instruct the IRCd to read the file
+ * 'modules.default.conf' which will load more than 150 modules
+ * shipped with UnrealIRCd. In other words: this will simply load
+ * all the available features in UnrealIRCd.
+ * If you are setting up UnrealIRCd for the first time we suggest you
+ * use this. Then, when everything is up and running you can come
+ * back later to customize the list (if you wish).
+ */
+include "modules.default.conf";
+
+/* Now let's include some other files as well:
+ * - help/help.conf for our on-IRC /HELPOP system
+ * - badwords.conf for channel and user mode +G
+ * - spamfilter.conf as an example for spamfilter usage
+ *   (commented out)
+ * - operclass.default.conf contains some good operclasses which
+ *   you can use in your oper blocks.
+ */
+include "help/help.conf";
+include "badwords.conf";
+//include "spamfilter.conf";
+include "operclass.default.conf";
+
+/* This is the me { } block which basically says who we are.
+ * It defines our server name, some information line and an unique "sid".
+ * The server id (sid) must start with a digit followed by two digits or
+ * letters. The sid must be unique for your IRC network (each server should
+ * have it's own sid).
+ */
+me {
+	name "irc.example.org";
+	info "ExampleNET Server";
+	sid "001";
+}
+
+/* The admin { } block defines what users will see if they type /ADMIN.
+ * It normally contains information on how to contact the administrator.
+ */
+admin {
+	"Bob Smith";
+	"bob";
+	"email@example.org";
+}
+
+/* Clients and servers are put in class { } blocks, we define them here.
+ * Class blocks consist of the following items:
+ * - pingfreq: how often to ping a user / server (in seconds)
+ * - connfreq: how often we try to connect to this server (in seconds)
+ * - sendq: the maximum queue size for a connection
+ * - recvq: maximum receive queue from a connection (flood control)
+ */
+
+/* Client class with good defaults */
+class clients
+{
+	pingfreq 90;
+	maxclients 1000;
+	sendq 200k;
+	recvq 8000;
+}
+
+/* Special class for IRCOps with higher limits */
+class opers
+{
+	pingfreq 90;
+	maxclients 50;
+	sendq 1M;
+	recvq 8000;
+}
+
+/* Server class with good defaults */
+class servers
+{
+	pingfreq 60;
+	connfreq 15; /* try to connect every 15 seconds */
+	maxclients 10; /* max servers */
+	sendq 20M;
+}
+
+/* Allow blocks define which clients may connect to this server.
+ * This allows you to add a server password or restrict the server to
+ * specific IP's only. You also configure the maximum connections
+ * allowed per IP here.
+ * See also: https://www.unrealircd.org/docs/Allow_block
+ */
+
+/* Allow everyone in, but only 3 connections per IP */
+allow {
+	mask *;
+	class clients;
+	maxperip 3;
+}
+
+/* Example of a special allow block on a specific IP:
+ * Requires users on that IP to connect with a password. If the password
+ * is correct then it permits 20 connections on that IP.
+ */
+allow {
+	mask 192.0.2.1;
+	class clients;
+	password "somesecretpasswd";
+	maxperip 20;
+}
+
+/* Oper blocks define your IRC Operators.
+ * IRC Operators are people who have "extra rights" compared to others,
+ * for example they may /KILL other people, initiate server linking,
+ * /JOIN channels even though they are banned, etc.
+ *
+ * For more information about becoming an IRCOp and how to do admin
+ * tasks, see: https://www.unrealircd.org/docs/IRCOp_guide
+ *
+ * For details regarding the oper { } block itself, see
+ * https://www.unrealircd.org/docs/Oper_block
+ */
+
+/* Here is an example oper block for 'bobsmith' with password 'test'.
+ * You MUST change this!!
+ */
+oper bobsmith {
+	class opers;
+	mask *@*;
+	password "test123";
+	/* Oper permissions are defined in an 'operclass' block.
+	 * See https://www.unrealircd.org/docs/Operclass_block
+	 * UnrealIRCd ships with a number of default blocks, see
+	 * the article for a full list. We choose 'netadmin' here.
+	 */
+	operclass netadmin;
+	swhois "is a Network Administrator";
+	vhost netadmin.example.org;
+}
+
+/* Listen blocks define the ports where the server should listen on.
+ * In other words: the ports that clients and servers may use to
+ * connect to this server.
+ *
+ * Syntax:
+ * listen {
+ * {
+ *   ip <ip>;
+ *   port <port>;
+ *   options {
+ *     <options....>;
+ *   }
+ * }
+ */
+
+/* Standard IRC port 6667 */
+listen {
+	ip *;
+	port 6667;
+}
+
+/* Standard IRC SSL/TLS port 6697 */
+listen {
+	ip *;
+	port 6697;
+	options { tls; }
+}
+
+/* Special SSL/TLS servers-only port for linking */
+listen {
+	ip *;
+	port 6900;
+	options { tls; serversonly; }
+}
+
+/* NOTE: If you are on an IRCd shell with multiple IP's and you use
+ *       the above listen { } blocks then you will likely get an
+ *       'Address already in use' error and the ircd won't start.
+ *       This means you MUST bind to a specific IP instead of '*' like:
+ *       listen { ip 1.2.3.4; port 6667; }
+ *       Of course, replace the IP with the IP that was assigned to you.
+ */
+
+/*
+ * Link blocks allow you to link multiple servers together to form a network.
+ * See https://www.unrealircd.org/docs/Tutorial:_Linking_servers
+ */
+link hub.example.org
+{
+	incoming {
+		mask *@something;
+	}
+
+	outgoing {
+		bind-ip *; /* or explicitly an IP */
+		hostname hub.example.org;
+		port 6900;
+		options { tls; }
+	}
+
+	/* We use the SPKI fingerprint of the other server for authentication.
+	 * Run './unrealircd spkifp' on the other side to get it.
+	 */
+	password "AABBCCDDEEFFGGHHIIJJKKLLMMNNOOPPQQRRSSTTUUV=" { spkifp; }
+
+	class servers;
+}
+
+/* The link block for services is usually much simpler.
+ * For more information about what Services are,
+ * see https://www.unrealircd.org/docs/Services
+ */
+link services.example.org
+{
+	incoming {
+		mask 127.0.0.1;
+	}
+
+	password "changemeplease";
+
+	class servers;
+}
+
+/* U-lines give other servers (even) more power/commands.
+ * If you use services you must add them here.
+ * NEVER put the name of an UnrealIRCd server here!!!
+ */
+ulines {
+	services.example.org;
+}
+
+/* Here you can add a password for the IRCOp-only /DIE and /RESTART commands.
+ * This is mainly meant to provide a little protection against accidental
+ * restarts and server kills.
+ */
+drpass {
+	restart "restart";
+	die "die";
+}
+
+/* The log block defines what should be logged and to what file.
+ * See also https://www.unrealircd.org/docs/Log_block
+ */
+
+/* This is a good default, it logs everything */
+log "ircd.log" {
+	flags {
+		oper;
+		connects;
+		server-connects;
+		kills;
+		errors;
+		flood;
+		sadmin-commands;
+		chg-commands;
+		oper-override;
+		tkl;
+		spamfilter;
+	}
+}
+
+/* With "aliases" you can create an alias like /SOMETHING to send a message to
+ * some user or bot. They are usually used for services.
+ *
+ * We have a number of pre-set alias files, check out the alias/ directory.
+ * As an example, here we include all aliases used for anope services.
+ */
+include "aliases/anope.conf";
+
+/* Ban nick names so they cannot be used by regular users */
+ban nick {
+	mask "*C*h*a*n*S*e*r*v*";
+	reason "Reserved for Services";
+}
+
+/* Ban ip.
+ * Note that you normally use /KLINE, /GLINE and /ZLINE for this.
+ */
+ban ip {
+	mask 195.86.232.81;
+	reason "Hate you";
+}
+
+/* Ban server - if we see this server linked to someone then we delink */
+ban server {
+	mask eris.berkeley.edu;
+	reason "Get out of here.";
+}
+
+/* Ban user - just as an example, you normally use /KLINE or /GLINE for this */
+ban user {
+	mask *tirc@*.saturn.bbn.com;
+	reason "Idiot";
+}
+
+/* Ban realname allows you to ban clients based on their 'real name'
+ * or 'gecos' field.
+ */
+ban realname {
+	mask "Swat Team";
+	reason "mIRKFORCE";
+}
+
+ban realname {
+	mask "sub7server";
+	reason "sub7";
+}
+
+/* Ban and TKL exceptions. Allows you to exempt users / machines from
+ * KLINE, GLINE, etc.
+ * If you are an IRCOp with a static IP (and no untrusted persons on that IP)
+ * then we suggest you add yourself here. That way you can always get in
+ * even if you accidentally place a *LINE ban on yourself.
+ */
+
+/* except ban protects you from KLINE and ZLINE */
+except ban {
+	mask *@192.0.2.1;
+	// you may add more mask entries here..
+}
+
+/* except ban with type 'all' protects you from GLINE, GZLINE, QLINE, SHUN */
+except ban {
+	mask *@192.0.2.1;
+	type all;
+}
+
+/* With deny dcc blocks you can ban filenames for DCC */
+deny dcc {
+	filename "*sub7*";
+	reason "Possible Sub7 Virus";
+}
+
+/* deny channel allows you to ban a channel (mask) entirely */
+deny channel {
+	channel "*warez*";
+	reason "Warez is illegal";
+	class "clients";
+}
+
+/* VHosts (Virtual Hosts) allow users to acquire a different host.
+ * See https://www.unrealircd.org/docs/Vhost_block
+ */
+
+/* Example vhost which you can use. On IRC type: /VHOST test test
+ * NOTE: only people with an 'unrealircd.com' host may use it so
+ *       be sure to change the vhost::mask before you test.
+ */
+vhost {
+	vhost i.hate.microsefrs.com;
+	mask *@unrealircd.com;
+	login "test";
+	password "test";
+}
+
+/* Blacklist blocks will query an external DNS Blacklist service
+ * whenever a user connects, to see if the IP address is known
+ * to cause drone attacks, is a known hacked machine, etc.
+ * Documentation: https://www.unrealircd.org/docs/Blacklist_block
+ * Or just have a look at the blocks below.
+ */
+
+/* DroneBL, probably the most popular blacklist used by IRC Servers.
+ * See https://dronebl.org/ for their documentation and the
+ * meaning of the reply types. At time of writing we use types:
+ * 3: IRC Drone, 5: Bottler, 6: Unknown spambot or drone,
+ * 7: DDoS Drone, 8: SOCKS Proxy, 9: HTTP Proxy, 10: ProxyChain,
+ * 11: Web Page Proxy, 12: Open DNS Resolver, 13: Brute force attackers,
+ * 14: Open Wingate Proxy, 15: Compromised router / gateway,
+ * 16: Autorooting worms.
+ */
+blacklist dronebl {
+        dns {
+                name dnsbl.dronebl.org;
+                type record;
+                reply { 3; 5; 6; 7; 8; 9; 10; 11; 12; 13; 14; 15; 16; }
+        }
+        action gline;
+        ban-time 24h;
+        reason "Proxy/Drone detected. Check https://dronebl.org/lookup?ip=$ip for details.";
+}
+
+/* EFnetRBL, see https://rbl.efnetrbl.org/ for documentation
+ * and the meaning of the reply types.
+ * At time of writing: 1 is open proxy, 4 is TOR, 5 is drones/flooding.
+ *
+ * NOTE: If you want to permit TOR proxies on your server, then
+ *       you need to remove the '4;' below in the reply section.
+ */
+blacklist efnetrbl {
+        dns {
+                name rbl.efnetrbl.org;
+                type record;
+                reply { 1; 4; 5; }
+        }
+        action gline;
+        ban-time 24h;
+        reason "Proxy/Drone/TOR detected. Check https://rbl.efnetrbl.org/?i=$ip for details.";
+}
+
+/* You can include other configuration files */
+/* include "klines.conf"; */
+
+/* Network configuration */
+set {
+	network-name 		"ExampleNET";
+	default-server 		"irc.example.org";
+	services-server 	"services.example.org";
+	stats-server 		"stats.example.org";
+	help-channel 		"#Help";
+	hiddenhost-prefix	"Clk";
+	prefix-quit 		"Quit";
+
+	/* Cloak keys should be the same at all servers on the network.
+	 * They are used for generating masked hosts and should be kept secret.
+	 * The keys should be 3 random strings of 50-100 characters
+	 * and must consist of lowcase (a-z), upcase (A-Z) and digits (0-9).
+	 * HINT: On *NIX, you can run './unrealircd gencloak' in your shell to let
+	 *       UnrealIRCd generate 3 random strings for you.
+	 */
+	cloak-keys {
+		"aoAr1HnR6gl3sJ7hVz4Zb7x4YwpW";
+		"aoAr1HnR6gl3sJ7hVz4Zb7x4Yw11";
+		"aoAr1HnR6gl3sJ7hVz4Zb7x4Yw22";
+	}
+}
+
+/* Server specific configuration */
+
+set {
+	kline-address "help@stuzer.link"; /* e-mail or URL shown when a user is banned */
+	modes-on-connect "+ixw"; /* when users connect, they will get these user modes */
+	modes-on-oper "+xws"; /* when someone becomes IRCOp they'll get these modes */
+	modes-on-join "+nt"; /* default channel modes when a new channel is created */
+	oper-auto-join "#opers"; /* IRCOps are auto-joined to this channel */
+	options {
+		hide-ulines; /* hide U-lines in /MAP and /LINKS */
+		show-connect-info; /* show "looking up your hostname" messages on connect */
+	}
+
+	maxchannelsperuser 10; /* maximum number of channels a user may /JOIN */
+
+	/* The minimum time a user must be connected before being allowed to
+	 * use a QUIT message. This will hopefully help stop spam.
+	 */
+	anti-spam-quit-message-time 10s;
+
+	/* Or simply set a static quit, meaning any /QUIT reason is ignored */
+	/* static-quit "Client quit";	*/
+
+	/* static-part does the same for /PART */
+	/* static-part yes; */
+
+	/* Flood protection:
+	 * There are lots of settings for this and most have good defaults.
+	 * See https://www.unrealircd.org/docs/Set_block#set::anti-flood
+	 */
+	anti-flood {
+	}
+
+	/* Settings for spam filter */
+	spamfilter {
+		ban-time 1d; /* default duration of a *LINE ban set by spamfilter */
+		ban-reason "Spam/Advertising"; /* default reason */
+		virus-help-channel "#help"; /* channel to use for 'viruschan' action */
+		/* except "#help"; channel to exempt from Spamfilter */
+	}
+
+	/* Restrict certain commands.
+	 * See https://www.unrealircd.org/docs/Set_block#set::restrict-commands
+	 */
+	restrict-commands {
+		list {
+			connect-delay 60;
+			exempt-identified yes;
+			exempt-reputation-score 24;
+		}
+		invite {
+			connect-delay 120;
+			exempt-identified yes;
+			exempt-reputation-score 24;
+		}
+		/* In addition to the ability to restrict any command,
+		 * such as shown above. There are also 4 special types
+		 * that you can restrict. These are "private-message",
+		 * "private-notice", "channel-message" and "channel-notice".
+		 * They are commented out (disabled) in this example:
+		 */
+		//private-message {
+		//	connect-delay 10;
+		//}
+		//private-notice {
+		//	connect-delay 10;
+		//}
+	}
+}
+
+/*
+ * The following will configure connection throttling of "unknown users".
+ *
+ * When UnrealIRCd detects a high number of users connecting from IP addresses
+ * that have not been seen before, then connections from new IP's are rejected
+ * above the set rate. For example at 10:60 only 10 users per minute can connect
+ * that have not been seen before. Known IP addresses can always get in,
+ * regardless of the set rate. Same for users who login using SASL.
+ *
+ * See also https://www.unrealircd.org/docs/Connthrottle for details.
+ * Or just keep reading the default configuration settings below:
+ */
+
+set {
+	connthrottle {
+		/* First we must configure what we call "known users".
+		 * By default these are users on IP addresses that have
+		 * a score of 24 or higher. A score of 24 means that the
+		 * IP was connected to this network for at least 2 hours
+		 * in the past month (or minimum 1 hour if registered).
+		 * The sasl-bypass option is another setting. It means
+		 * that users who authenticate to services via SASL
+		 * are considered known users as well.
+		 * Users in the "known-users" group (either by reputation
+		 * or by SASL) are always allowed in by this module.
+		 */
+		known-users {
+			minimum-reputation-score 24;
+			sasl-bypass yes;
+		}
+
+		/* New users are all users that do not belong in the
+		 * known-users group. They are considered "new" and in
+		 * case of a high number of such new users connecting
+		 * they are subject to connection rate limiting.
+		 * By default the rate is 20 new local users per minute
+		 * and 30 new global users per minute.
+		 */
+		new-users {
+			local-throttle 20:60;
+			global-throttle 30:60;
+		}
+
+		/* This configures when this module will NOT be active.
+		 * The default settings will disable the module when:
+		 * - The reputation module has been running for less than
+		 *   a week. If running less than 1 week then there is
+		 *   insufficient data to consider who is a "known user".
+		 * - The server has just been booted up (first 3 minutes).
+		 */
+		disabled-when {
+			reputation-gathering 1w;
+			start-delay 3m;
+		}
+	}
+}
+
+/* Finally, you may wish to have a MOTD (Message of the Day), this can be
+ * done by creating an 'ircd.motd' text file in your conf/ directory.
+ * This file will be shown to your users on connect.
+ * For more information see https://www.unrealircd.org/docs/MOTD_and_Rules
+ */
+
+/*
+ * Problems or need more help?
+ * 1) https://www.unrealircd.org/docs/UnrealIRCd_4_documentation
+ * 2) https://www.unrealircd.org/docs/FAQ <- answers 80% of your questions!
+ * 3) If you are still having problems then you can get support:
+ *    - Forums: https://forums.unrealircd.org/
+ *    - IRC: irc.unrealircd.org (SSL on port 6697) / #unreal-support
+ *    Note that we require you to read the documentation and FAQ first!
+ */