| Return
to Chat Page |
|
Oper Help
NOTE: This document is primarily intended for Net
Operators. There isn't much use in reading this if you're not an
operator, although we won't stop the curious from reading anyway.
A detailed list of commands can be found
here
This document tries to explain some facts about
how the IRC servers operate, explains handy Net Operator commands (and
non-oper commands which are still useful), tries to explain how to use
commands like /SQUIT and /CONNECT, and details the workings of services,
mostly OperServ. This document is NOT concerned with the ethical
side of being an IRC Operator, ie. when use of channel or user mode
overrides is acceptable, when to DROP and GETPASS or SETPASS nicks or
channels, when a /KILL or AKILL is justified, or anything else.
Server operation - a list of commands. There
are quite a few commands. Make sure to understand at least /CONNECT, /SQUIT,
/STATS c, /STATS k, /WHOWAS and /WALLOPS, these are the most useful
commands (and /KILL :-) ). In time, you'll understand all the other
commands, by learning them from others, or learn them by reading this.
Just keep this document handy as a reference. Also, note that many
commands listed here are also available to non IRC Operators. But as
they still are quite useful, they're listed anyway.
Remember that your irc client may not pass your
commands correctly to the server because of standard alias's or they use
the command themselves. If this is the case use /quote
<command> or /raw <command>.
/CLOSE
The CLOSE command forces the server to close all unknown
connections. Unknown connections are connections on which it is still
not known whether the person connecting is an user, or a server. This
will not disconnect anyone from IRC who is already connected. I
haven't seen any useful use of this command yet, but you might want to
try as a last resort (aside from a /RESTART) if the server seems to act
weirdly and refusing to accept connections, or /LUSERS shows an usually
high number of unknown connections. Many clients have reassigned
/CLOSE to an internal function, so to send this command to the server,
use /QUOTE (or /RAW) CLOSE This command unfortunately can't be
used to close half-open connections caused by a SYNflood
/CONNECT
<new server> <port> <start server>
Forces a server to connect to another server. If you use
CONNECT with one or two parameters, this will force your server to
connect to the other server. If you give a third parameter, this will
send the connect command to that server (remote connecting).
See server linking for more information,
/DIE
The /DIE command terminates the server completely. All
open connections are closed, everyone is disconnected. A server will NOT
come back up by itself after a /DIE (unless the server admin is using a
script that checks if the ircd is alive, and reboots it if it isn't).
/DIE should only be used in cases where the server is better off not
running, like clients being randomly disconnected, or the server going
crazy and disrupting the rest of the network. Try to inform everyone on
your server, and all IRC operators, that your server will be terminated,
before using /DIE Server admins may choose not to enable /DIE.
/GLOBOPS <message>
This will send a message to all online IRC Operators, and
former-operators, who set mode -o, but still have +g enabled. (off-duty?
:-) ) Normal users can not see messages sent via /GLOBOPS. Some clients
might not get this command right, so if words are missing, or other
strange things happen, use an alias
ircII: alias
globops globops :$-
mIRC: alias globops globops : $+ *1
/HELP
Lists all the commands that the server accepts. Many
clients reassign /help so its best to use /raw help or /quote help.
/KILL
<nick> <mode>
Sends a KILL message to a user, which will cause the user
to be disconnected from IRC. At times, you will see a message like KILL
changed from ... to ..., this means that the user has changed nicks, and
the servers have changed the nick to kill accordingly. (This makes sure
users can't escape kills by changing nicks quickly)
/KLINE
<mask> <reason>
Sets a temporary K-line, on your server only. A K-line
will make it impossible for the user to connect to your server - when he
tries so, it will see the message K-Lined, and the reason. You
can't kline by nick!user@host, only by user@host. Don't try to use !s in
/KLINE masks. Please note that most clients don't handle this
command correctly - reasons longer than one word are cut off. Unless you
have an alias to correct for this, use KLINE like this:
/QUOTE KLINE <mask> :<reason>. Don't forget the
`:', otherwise the kline comment will still be cut off. Suggested
aliases for popular irc clients are:
ircII:<\B>
alias kline quote kline $1 :$2-
mIRC:<\B> alias kline quote kline $$1 : $+ *2
/MAP
Shows a map of the network, the number of users per
server, and the percentage each server has of the global. (I know the
percentages don't add up to 100%, no need to keep mentioning that to me
:) )
/MODE
<Channel><mode>
(Channel modes)
Changing channel modes
Usage: /MODE channel parameters
The following table contains a subset of channel
modes - Click
for a complete list
| b <banmask> |
Ban users from a channel |
| c |
Knock - send a notice to
chanops if a user tries to join (the channel needs to be +i for
this to work) |
| i |
Chanops must /invite people
before they chan join |
| k <key> |
User who want to join must
specify this key |
| l <limit> |
Limit the max number of users
in the channel |
| m |
Moderated - only +o and +v
users can speak |
| n |
Users must be in channel to
speak |
| o <nick> |
Chanop status - chanops can
change channel modes |
| p |
Name of channel won't be shown
in /list and /whois |
| s |
same as p, except channel names
won't be shown in a /who #channel |
| t |
Allow only chanops to change
the topic |
| v <nick> |
Voice - allow to speak in
moderate channels |
| z |
Only clients with VWORLD
off or invited users may join |
/MODE <nick> <mode>
(User modes)
See
here for user modes
/MSG mask message
The /msg (and /notice) command have some extra options,
which allow you to send notices to a large group of users. Use a
destination starting with a # if you want to send the message to all
people with a certain hostmask, and start with $ if you want to send the
message to people on a certain server, or servers. Examples:
| /msg #*.nl Please use
london.uk.eu.dreamwave.org for less lagged chats |
Will send the specified message
to all people with a hostname ending in .nl |
| /msg $fron*.org Frontline will
terminate in a few seconds, for ircd upgrade |
Sends the message to everyone
on frontline. (you *have* to specify .org at the end in this
case!) |
| /msg $*.us.dreamwave.org
There's a new american server, ultratech.mo.us.dreamwave.org |
Sends the message to all people
on american servers |
| /msg #* Services will go down
for upgrade, apologies for downtime |
Sends the message to everyone
/notice can be used in just the same way as /msg. The practical
differences are, that most Windows clients tend to hide notices
a bit (place them in the status window), while messages usually
open up a window, or appear in their message window, and
generally is better at attracting their attention.
Considering that, use /msg for more important notices. And
remember that stupid bots often start replying to you if you do
global messages (though most ignore /notice) |
/OPER <name> <password>
Gives operator privileges, and enables a lot of modes.
/REHASH
This forces the server to reload the configuration files.
This is useful if you have made changes to ircd.conf (if you have access
to it) or when you need the internal AKILL list cleared (it happens at
times that an expired AKILL isn't removed from your server, so you can
/REHASH to also clear your servers memory). Note that /REHASH removes
AKILLs from the memory of your server, but if they're still in
OperServ's memory, OperServ will readd the akill if a user matching it
comes online.
/RESTART
This restarts the server. The server will close all open
connections, disconnect everyone (all servers and clients, including
you!), and try to restart. Inform all online operators before issuing
this command, as rerouting might be necessary, especially if you're a
hub. /RESTART should only be used as a last resort, if all else fails.
Do not use a /RESTART lightly. Note that servers may disable
/RESTART completely, and that it can happen (memory errors, or CPATH
incorrectly set up by the server admin at compilation) that the server
will NOT come back to live. (and someone has to restart the server
manually, by using the "ircd" command on the machine the
server is running on). Most likely, you will never have to use
/RESTART.
/UPING <server>
This sends a series of pings directly to the server (not
via the IRC network routing). This is useful for determining the
best/fastest network topology. The results of the pings are
displayed.
/UNKLINE <mask>
Removes a temporary K-line which was originally set
/KLINE. /UNKLINE does not remove AKILLs, or permanent K-lines set
by the server admin (in ircd.conf). Suggested aliases for
popular irc clients are:
ircII & mIRC: alias unkline
quote unkline $1
/STATS
<stats> <server>
| L l |
Data transfer statistics by
connection The numeric fields are as follows: sendQ (outgoing
message queue) sendM (protocol messages sent) sendK (total
kilobytes sent) receiveM (protocol messages received) receiveK
(total kilobytes received) time in seconds since the connection
was created. Only restrictions are on those
who are invisible not being visible to in the normal way to
those who use a wild card based search to list it. STATS
L is the same as STATS l, except shows IP address instead of
host |
| C c |
display ircd.conf C and N line
information |
| H h |
display ircd.conf H and L line
information |
| I i |
display ircd.conf I line
information |
| K k |
display KLINE details |
| M m |
display command statistics |
| O o |
display ircd.conf O and o line
information |
| Q q |
display ircd.conf Q line
information |
| R r |
any more ideas? |
| D |
any more ideas? |
| d |
any more ideas? |
| B b |
display server B line
information |
| T t |
display server statistics |
| U |
display ircd.conf U line
information |
| u |
displays the servers uptime and
maximum connection count |
| W w |
display server statistics |
| X x |
?? (its in the code) |
| Y y |
display ircd.conf Y line
information |
| Z z |
display more server statistics |
/SQUIT <server> <reason>
Breaks a link between server. This will break the link
between two servers, and send out a WALLOPS with the reason you've
specified. Wildcards are accepted, so /SQUIT ult* would disconnect
ultratech.mo.us.dreamwave.org. But make sure that the wildcards you use
only matches one possible server. See server linking for more
information.
/TRACE
<nick/server> <start server>
The TRACE command is used to trace the path from
your current server to the specified server or user.
When the destination is a server, TRACE will also
return information about current server and operator connections,
incoming connections (with negative class numbers), and the number of
users in each class. The oper connections contain the connection class,
the nickname, and user@hostmask for the oper. For server connections, it
shows the connection class, the number of servers behind it (followed by
"S"), the number of clients on and behind it (followed by
"C"), the server name, and what was responsible for connecting
it.
When the destination is a user, TRACE shows the
connection class, nickname and user@hostmask for that user.
/WALLOPS
<message>
This sends a message to all people with mode +w enabled.
Keep in mind that non-operators can read these messages too!
/WHO <parameters>
This displays a list of on-line users who meet certain
search criteria. Remember that people normally invisible to you
wont show up in these searches.
The <parameters> are as follows:
| #<hostmask> |
Scan the hostname field (if empty, your
host) |
| $<servermask> |
Scan on a specific server (if empty, your
server) |
| &<infomask> |
Scan the "info" or "real
name" field |
| @<nickmask> |
Scan by nickname |
| o |
List only opers |
| i |
List only people who have the invisble flag
set |
| c |
List only people who are currently on a
(visible) channel |
| a |
List only people who are away |
| ! |
Invert selection |
| 0 |
All users (?) |
You can also type /who ? for this list of options
Examples:
| /who #*.nl |
Look for people from The
Netherlands |
| /who #*.com #*slip* |
Look for people with both
"slip" in their host name, and having their hostname
end in ".com" |
| /who # |
Look for people with your
hostname (probably you & your bot :) ) |
| /who #*.au !$*.au.dreamwave.org |
Look for people from Australia,
who are not on an Australian server |
| /who @*lynx #*.nl |
Look for people who's nick end
with "lynx", and are from The Netherlands |
| /who @*lynx !#*.nl !$ !# |
Find lynx'es not from NL, not
from your host, and not on your server |
| /who $ o |
Look for IRC Operators on your
server |
| /who c !a |
List all people who are
currently on a channel, and are not away (biggest chance of
finding people who are alive) |
| /who i |
List invisible people (You will
only see yourself, and people who are on a common channel with
you, you WON'T see people you wouldn't normally see either :) ) |
| /who 0 o |
List all IRC Operators on any
server |
| /who #* |
List all users (useful for IRC
Operators) |
/WHOWAS <nick>
Whowas is similair to /WHOIS, but is used to look in the
nickname history. If someone changes nicks, or leaves irc, the old nick
is stored in the database. This makes /WHOWAS very effective
to track down people who try to hide by changing nicks. First do a /WHOWAS
on the old nick. This will give you the hostname of the user, and you
can then use this hostname in a /WHO request. (eg, if /WHOWAS told
you the user was unilynx@grngn1-p15.worldonline.nl, you could use /WHO
#grngn1-p15* to find the new nickname of the user)
/VERSION <server>
This command requests version information from a server,
or your current server if you don't specify information. You can use
/VERSION if you think servers are behaving weirdly, and think it might
be caused by incompatible versions, or if you want to know the
compilation options of the server. Behind the version response,
you'll see a string like AcDefFghIj. Every character corresponds to a
server compile-time option, and you can use this information to gather a
bit more information about server compilation.
| A |
SENDQ_ALWAYS |
SENDQ_ALWAYS increases server
efficiency, but also tends to cause Dead Socket errors earlier
with /who responses. (But this problem has already been fixed in
a different way, so all servers now use SENDQ_ALWAYS without
problems) |
| c |
CHROOTDIR |
CHROOTDIR only has to do with
local security on the server's system, and nothing with IRC
itself. |
| C |
CMDLINE_CONFIG |
Another option that increases
security, but has no effect on IRC |
| D |
DEBUGMODE |
Indicates that the server has
been compiled in debugging mode. If you see this mode enabled,
then that's a likely explanation for the high system loads or
slow server response :) |
| e |
LOCOP_REHASH |
Controls wether local operators
(little-O lines) are allowed to use /REHASH |
| E |
OPER_REHASH |
Controls wether operators
(big-O lines) aer allowed to /REHASH |
| F |
INVITE_DELAY |
Tells wether the server has
invite-flood protection enabled. Note: due to a small type
error, the 1.5.x servers will never show a F in the /VERSION
info - even if invite-flood protection has been enabled |
| H |
HUB |
Servers compiled with the HUB
option are able to connect more than one server at a time,
servers without the HUB option are not. See server linking for
more information. |
| I |
NO_DEFAULT_INVISIBLE |
People connecting to the
server, won't have mode +i enabled by the server (though they
can still enable it theirself, and on) servers who do set +i by
default, users can turn it off again.) |
| i |
IGNORE_CASE_FIRST_CHAR |
The case of the first character
will be ignored, when checking for invalid or mixed-cased
userids |
| k |
LOCAL_KILL_ONLY |
Operators and local operators
on the server are only allowed to kill people on their own
servers, and not on remote servers. If this option is enabled,
it affects BOTH local and global operators. |
| K |
OPER_KILL |
Operators (big O-lines) on this
server can kill users on any server. Local operators (little
O-lines) still can only kill local users |
| m |
M4_PREPROC |
This server uses a M4
preprocessor on the ircd.conf. This does not affect IRC itself. |
| M |
IDLE_FROM_MSG |
The idle time of a user is only
reset when he does a /MSG. If this option is not enabled, then
every command, except PING and PONG, will cause the idle time to
be reset. |
| p |
CRYPT_OPER_PASSWORD |
Indicates that the O-line
passwords in ircd.conf are encrypted. This option does not
affect IRC. |
| P |
CRYPT_LINK_PASSWORD |
Indicates that the N-line
passwords in ircd.conf are encrypted. This option does not
affect IRC. |
| N |
NICK_DELAY |
This server has nick-flood
protection. This normally means, that only 2 nick changes per 30
seconds allowed. |
| n |
NOSPOOF |
The server has IP spoofing
protection (the PING/PONG you see when connecting) |
| r |
LOCOP_RESTART |
Indicates that local operators
(little-O lines) are allowed to issue the /RESTART command |
| R |
OPER_RESTART |
Indicates that operators (big-O
lines) are allowed to issue the /RESTART command |
| T |
KPATH |
K-lines set via /KLINE and /UNKLINE
are recorded in a local file, so they'll survive a /REHASH |
| t |
OPER_REMOTE |
Indicates that operators can
also send commands to other servers. All servers should have
this defined, or they will be incompatible. |
| U |
DISALLOW_MIXED_CASE |
Disallows clients to use
mixed-case, or illegal characters in their userid. |
| u |
IRCII_KLUDGE |
Compiles in some extra code for
backwards compatibility with older ircII clients. |
| Y |
USE_SYSLOG |
Indicates that the server logs
errors to the system logfiles. Does not affect IRC. |
/UPING <server> <port> <start server>
<pings>
This command sends out a serie of PINGs to a server
(using methods similair to the unix "ping" command). If you
only specify a server name (wildcards ok), it will send out 5 pings to
that server, and report the number of successful pings, and ping times,
to you. If you want to ping from a remote server, you have to
specify a server, a port (always use port 7007), and a server to start
the pinging from. You can, as a fourth parameter, specify the number of
pings, although you can never have the server send out more than 20
pings with a single UPING. UPING should be used if a server link
seems to be slow, and you want to see if there's a better link available
- you would UPING all possible links for that server, and see if any
link is faster. Note that servers will only UPING servers to which
they can actually connect. If you try to have a server UPING another
server to which it can't connect, you'll receive an error message
complaining about the server not listed in the configuration file.
See server linking for more information.
/LIST
<Parameter>
Usage
on ircII: /QUOTE LIST parameters
on mIRC : /RAW LIST parameters
Where parameters is a space or comma separated
list of one or more of:
| space |
Show all channels |
| <max_users |
Show all channels with less then max_users. |
| >min_users |
Show all channels with more then min_users. |
| C<max_minutes |
Channels that have existed less then
max_minutes. |
| C>min_minutes |
Channels that exist more then min_minutes. |
| T<max_minutes |
Channels with a topic last set less then
max_minutes ago. |
| T>min_minutes |
Channels with a topic last set more then
min_minutes ago. |
Example: LIST <3,>1,C<10,T>0 ; 2
users, younger then 10 min., topic set.
Security considerations
Keep your password secure. Although obvious, this can not be
emphasized enough. Many people don't realize that things like running
scripts can expose them to risks. Even a simple, and a regularly used
mIRC event like 1:ON TEXT:!nick:*:/dcc send C:\mirc\wavs\ $+ $1 is
known to make all files on your C: drive accessible - including your
mirc.ini files, which usually contains your /oper and nick password!
It is very wise to not run any script, but if you really have to, be
very, very careful. In mIRC, usually /dcc send events, and events that
allow users to execute any command remotely, are dangerous. All other
clients have similar risks - running no script is usually the safest of
all. On a multiuser UNIX system, keep your .ircrc secure, if
that is where you store your password. The command chmod 600 .ircrc
should keep this file safe, but there's still the problem of
running an insecure copy of ircii itself, a root which can't be trusted,
hackers, etc... And of course, packet sniffers that read all data,
can pick up passwords. You can't protect against every possible password
steal attempt, but do whatever you can.
Restrict the O-line
Your server admin has the option to limit the hosts at which
/OPER can be used. Have the admin limit it to as few hosts as possible.
If you're on a static IP, only add that single host.
Don't use the same password twice
Never, ever, use an important password at multiple places.
O-lines have been hacked before, by ignorant users using the same
password they used for /oper, as an access password on a bot run by
someone else... Also, if you have a backup O-line on a second
server, then be sure to use a different password on that server.
Use different NickServ and /OPER passwords.
Most services commands also require NickServ authentication,
so making the NickServ password different is a bit more secure. Also, be
sure to /msg NickServ SET OPER ON, which will protect your nick from
expiring, so it can't be re-registered (or used by someone impersonating
you)
Other nickserv options
Unless you are on a static IP, enable secure. (If you are on
a static IP, then do update the access list - usually NickServ chooses a
mask like user@*.isp.com, change that to user@slip12.isp.com - the exact
hostname used. It's probably best to enable SECURE even if you are on a
static IP)
Vacation
If you won't be on IRC for a while, notify other operators,
so they know you're gone, and will get suspicious if someone will try to
impersonate you while you are gone. Even better is asking your server
admin to disable your O-line while you are gone.
Many of the recommendations and risks outlined here may seem to be a bit
far-fetched, but please, take any security measures possible. One single
oper password hack can cause enormous amount of damage to the network.
|