Page 1 of 1
Unreal Errors
Posted: Fri Nov 26, 2004 8:30 am
by snakeyes37
Hi, I'm getting these errors when I try to run the config file.
* Loading IRCd configuration ..
* unrealircd.conf:320: link hub.mynet.com with SSL option enabled on a non-SSL compile
[error] unrealircd.conf:523: missing parameter in tld::mask
[error] unrealircd.conf:524: tld::motd: : No such file or directory
[error] unrealircd.conf:525: tld::rules: : No such file or directory
[error] 4 errors encountered
[error] IRCd configuration failed to pass testing
Thanks.
Posted: Fri Nov 26, 2004 8:55 am
by Dukat
Well then you should probably fix them
I suggest you read the Documentation first and don't just use the example.conf file without understanding what it does.
http://www.vulnscan.org/UnrealIRCd/unreal32docs.html
Or what's your question?
Posted: Fri Nov 26, 2004 9:09 am
by snakeyes37
My question is, do I need SSL or can I just remove it?
Thanks.
Posted: Fri Nov 26, 2004 9:25 am
by Dukat
You can remove it.
Posted: Fri Nov 26, 2004 9:39 am
by snakeyes37
Alright, thanks that did the trick. But now I'm having a small problem connecting, I get the following connection message,
Closing Link: Nichirasu[192.168.x.x] (Password mismatch)
Thanks.
Posted: Fri Nov 26, 2004 9:47 am
by Dukat
Now you really have to read the documentation. We won't explain you everything just because you're too lazy.
http://www.vulnscan.org/UnrealIRCd/unreal32docs.html
(Read the whole doc! And especially the part about allow blocks.)
Posted: Fri Nov 26, 2004 10:23 am
by snakeyes37
Okay, I re-read the document and fixed the problem. Do cloak keys have to be on? I've tried just leaving the cloak keys blank but Unreal wont start up unless you put something there. I dont really want hostnames to be masked. And it seems that nobody is able to connect to my server, got a DNS from DynDNS.org and I wanted to use it irc.spikechat.ath.cx, now I have no problem connecting at all the (the computer hosting the server) but when other people try to connect all they get is "Unable to connect to server" "Connection timed out". I read the allow block throughly, it looks fine to me, I also port forwarded ports 6667, and 7000 to the host computer to my router.
/*
* NEW: allow {}
* OLD: I:Line
* This defines allowing of connections...
* Basically for clients, it allows them to connect so you can have some
* control and/or set a password.
* Syntax is as follows:
* allow {
* ip (ip mask to allow);
* hostname (host mask);
* class (class to send them to [see class {}]);
* password "(password)"; (optional)
* maxperip (how many connections per ip); (optional)
* };
*/
allow {
ip *@*;
hostname *@*;
class clients;
maxperip 5;
};
/* Passworded allow line */
allow {
ip *@*;
hostname *@*;
class clients;
maxperip 2;
/*
* NEW: listen {}
* OLD: P:Line
* This defines a port for the ircd to bind to, to
* allow users/servers to connect to the server.
* Syntax is as follows:
* listen (ip number):(port number)
* {
* options {
* (options here);
* };
* };
* or for a plain
* listen: listen (ip):(6667-7000);
*
* NOTICE: for ipv6 ips (3ffe:b80:2:51d::2 etc), use listen [ip]:port;
*
* That works also.
*/
/* Options for listen:
OLD | NEW
S serversonly
C clientsonly
J java
s ssl
* standard
*/
/* NOTE ON SSL PORTS: SSL ports are pretty non-standardized,
* besides numerous high-SSL ports, some people say you should run
* it at 994 because that's the official SSL port.. but that
* requires root! Besides, port 194 is the official irc port and
* have you ever seen an ircd running on that?
* So, our suggestion is to use port 6697 for SSL, this is used by
* quite some networks and is recognized by for example StunTour.
* You are free to open up as many SSL ports as you want, but
* by (also) using 6697 you help the world standardize a bit
.
*/
listen *:6697
{
options
{
ssl;
clientsonly;
};
};
listen *:8067;
listen *:6667;
/*
* NEW: link {}
* OLD: C/N:Lines
* This defines an okay for a server connection.
* NOTE: BOTH SERVERS NEED A LINK {} SETTING TO CONNECT PROPERLY!
* Syntax is as follows:
* link (server name)
* {
* username (username, * works too);
* hostname (ip number/hostmask);
* bind-ip (What IP to bind to when connecting, or *);
* port (port to connect to, if any);
* hub (If this is a hub, * works, or servermasks it may bring in);
* [or leaf *;]
* password-connect "";
* password-receive "";
* class (class to direct servers into);
* options {
* (options here*);
* };
* /* If we use SSL, we can choose what cipher to use in SSL mode
* * Retrieve a list by "openssl ciphers", seperate ciphers with :'s
* */
* ciphers "DES-CBC3-MD5";
*
* };
Thanks.
Posted: Fri Nov 26, 2004 12:43 pm
by Dukat
You don't have to use Cloaking if you don't want to (just remove +x from the set::snomask-on-connect (and add x to the set::restrict-usermodes, if you want to deny cloaking)), but you always have to specify the cloaking keys.
If you want to use dyndns, you have to make sure, the correct IP is in their DNS servers. (Currently irc.spikechat.ath.cx is not up.)
You also have to correctly set up any firewalls - and forwarding the port is required too, but you already did that, you said.
To your config pastes:
Why do you have two almost identical allow blocks?
Why do you still have a ssl listen block? Does it work now?
Why are you pasting the comment to the link block? We all know how link blocks work here...