Require Username/Password

[Dishcandanty]

Hello! I am trying to require username/passwords to connect to my irc server. I have created operator accounts and they work. Also I would like to require passwords to different offical chat rooms anyone know how?

Thanks in advance

[katsklaw]

In danger of sounding rude, this is a classic case of RTFM.

1> http://www.unrealircd.com/files/docs/un ... allowblock
2> chanmode +k (see /helpop ?chmodes _or_ http://www.unrealircd.com/files/docs/un ... annelmodes)

For your convenience, the above documentation is included with every version of Unreal in the "doc" directory. Please read the manual in it's entirety.

[Dishcandanty]

I did read that part and haven't been able to get it to work for me. I am trying to slowly create users for everyone that needs an account. So i want a blanket everybody password while im going through and creating accounts. This is what I have:

allow {
ip *username*;
hostname *@*;
class clients;
maxperip 2;
password "password";
};
I don't think this is correct. Also I have tried:
ip username@*
hostname username@*

allow {
ip *;
hostname *;
class clients;
maxperip 30;
password "password2";
};

I was able to login with the one account if I used the hostname username@* but then nobody else could log in with the allow all allow line. I have tried changing the order of the different blocks but that didn't work either.

Thanks in advance

[katsklaw]

Your configuration as pasted is: Everyone must connect with the password of 'password2' and is limited to 30 connections per IP. No other restrictions are in place.

This it the very first paragraph from the allow block link I pasted:

"The access control works like this: ip matches OR host matches, so "hostname *@*"; and "ip *@1.2.3.4" will mean it will always match. Also the allow blocks are read upside down, so you need specific host/ip allow blocks AFTER your general *@* allow blocks. Additionally, if you want to setup a block that only matches based on IP, then set the hostname to something invalid, such as "hostname NOBODY;", this will allow the block to only match based on IP."

Code: Select all

allow {
	ip *;
	hostname *;
	class clients;
	maxperip 5;
};

allow {
	ip *@*;
	hostname *@*.passworded.ugly.people;
	class clients;
	password "f00Ness";
	maxperip 1;
};

In the example above, users from *@*.passworded.ugly.people must give the password of 'f00Ness' and are restricted to 1 connection per IP. Everyone else is free to connect without a password and are restricted to 5 per IP.

[Dishcandanty]

That would be great if I knew the hostname/ip address of every client that is connecting. Fact is i don't, and it is likely to change if anyone connects from different computers. I need usernames.

This is what I have been trying, and it isn't working.

Code: Select all

allow {
   ip *;
   hostname *;
   class clients;
   maxperip 5;
  password "password";
};

allow {
   ip *@*;
   hostname username@*;
   class clients;
   password "f00Ness";
   maxperip 1;
};

So it will allow everyone initially (ip * and hostname *) but then I want to be able to put usernames. So if they login via username, it will require f00Ness as the password instead of the default allow password.

[Casper]

As far as I know it isn't possible..

What you could do however (work around) is requiring everybody to register via your services package, set all channels to be +R so only registrered nicks can join any channel. The next thing you'll have to do is to make one Defcon level which only disables nickname registrations. When you're okay with someone to register, you'll just change DefCon level and the person can register. Important here is that you monitor your ServicesChannel to watch closely if someone else takes the freedom to register.

When you're done, you just set the DefCon level back to it's original level. This is just a temp solution as Anope (which I think you are using) will come with live-MySQL abilities. Then you just set up a webpage which is only accessible by you (.htaccess) and you'll do the registrering for them. After you did that, you can just give them the nick/passwd combination and they'll be registrered as well.

I know this is a 'long-shot-solution', but at least it's something..

Good luck though.

[katsklaw]

Well you need to pay attention to where the documentation says "ip matches OR host matches" It doesn't say AND matches ... it's either ip OR host. It also states "if you want to setup a block that only matches based on IP, then set the hostname to something invalid, such as "hostname NOBODY;", this will allow the block to only match based on IP."

/* my default user class */
allow {
ip *;
hostname *;
class clients;
maxperip 5;
};

/* more restrictive user classes *after* the default allow block */
allow {
/* I want to match a host like aol.com. I first set a fake IP so it never matches */
ip *@127.0.0.1;
/* my aol.com host match */
hostname *@*.aol.com;
class clients;
/* they don't need a password but they aren't allowed to use clones. */
maxperip 1;
};

/* Bob need to use a password */
allow {
ip *@127.0.0.1;
hostname *bob@*.bobs.isp.tld;
class clients;
password "BobsPasswd";
maxperip 10;
};