1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
Last revised: June 27, 2019
Ident Module
This module adds Eggdrop support for the externally-provided oident
service, or alternatively the ability for Eggdrop to act as its own
ident daemon.
Traditionally, an IRC server queries port 113 on an irc client's host to
determine the ident for the client. The client's host normally replies
with the username of the account. If the host machine is running oident
as its ident service, Eggdrop can now interact with oident to instead
reply with a custom ident specified by Eggdrop (oidentd is an external
service not specific to Eggdrop nor maintained by Eggheads developers,
thus no support for it can be given).
Alternatively, this module can also allow Eggdrop to act as its own
ident daemon, answering queries from the IRC server directly. While this
option may be of use to a very specific group of people, it requires
additional external configuration via root access. Because most modern
OSs do not allow user-level programs to bind to port 113, required by
this option, a user must either:
- Allow Eggdrop to bind to ports <1024 via the command:
sudo setcap "cap_net_bind_service=+ep" /path/to/eggdrop
Warning: this will allow Eggdrop to any port below 1024, potentially
allowing a user to impersonate a standard system service with
Eggdrop
- Use iptables to re-route ident queries destined for port 113 to
a >1024 port that Eggdrop can bind to, for example by running:
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport \
113 -j REDIRECT --to-port <ident port in config>'
Additionally, using Eggdrop as a built-in ident daemon can cause issues
when running multiple bots from the same account. The ident server is
only activated and bound to the configured ident port while Eggdrop is
connecting to an IRC server, but only one Eggdrop can bind to port 113
at a time. If multiple bots were to start at the same time, such as
after a netsplit or host reboot, only one bot can bind to port 113 at a
time, creating ident conflicts. Thus, this option is best suited for
single-bot environments.
This module requires:
- oident to be running on your shell host, configured to allow
user spoofing, for the oidentd method.
Put this line into your Eggdrop configuration file to load the ident
module:
loadmodule ident
There are also some variables you can set in your config file:
set ident-method 0
This sets which ident method you wish to use:
0 = oidentd / Your bot will overwrite $HOME/.oidentd.conf right before
opening the socket to the IRC server with the global
reply.
1 = Builtin / Your bot will automatically turn its builtin identd on and
off when needed so it shouldn't conflict with other
identds that do the same. Ident port 113 is normally
restricted to privileged processes on UNIX systems.
set ident-port 113
This sets the port which port Eggdrop will attempt to bind to for
option 1 of ident-method. Most OSs do not allow non-privileged
programs such as Eggdrop to bind to ports <1024; please read the
beginning of this document for potential ways to implement this
setting.
Copyright (C) 2019 - 2025 Eggheads Development Team
|
