Projects/Irc/Ircproxy

Ircproxy 1.3.6

ircproxy multi-user IRC bouncer with SSL and IPv6 support for UNIX compatible systems.

ircproxy is an advanced multi-user IRC bouncer written in C with IPv6 and SSL support. It should work on most UNIX, or Linux systems and is known to be working on FreeBSD, OpenBSD, GNU/Linux, Solaris and HP-UX.
It can proxy simultaneous users at the same time to different IRC servers.
The IRC connection can stay connected to IRC when the IRC client disconnects, the user can then later reattach to the same IRC connection.
Private messages and channel activity can an be logged when no IRC clients are attached. You can then see what you have been missing while you're offline.
It is also possible to attach multiple IRC clients on the same IRC connection. This is useful if you want to be connected from home and work at the same time without cloning.

Features

Some of the features of ircproxy:
  • Open-Source, written in C and platform independent.
  • Runs as a daemon in the background (no graphical interface).
  • Works on GNU/Linux, FreeBSD, NetBSD, OpenBSD, Solaris, HP-UX, AIX, OSF1, WIN32 and more.
  • Full asynchronous operation for both sockets and DNS, uses the c-ares library.
  • Can listen to multiple host:ports for incoming connections.
  • Multi-user. Can proxy simultaneous users at the same time to different IRC servers.
  • Multiple users can connect to the proxy at the same time.
  • Users can connect to the bouncer from multiple machines at the same time and share one single connection.
  • Unlimited number of IRC connections controlled through a configuration file. Each connection is belonging to a specific user.
  • Can control which IP-addresses or hostnames are allowed or denied connection through a configuration file.
  • User configuration file with encrypted passwords. The IRC client authentication through IRC server password (/PASS password)
  • Optional feature to use system passwords for authentication when the daemon is started as root (Not supported on all systems).
  • IRC connections are defined in a configuration file and stay connected to IRC independent of users. This also give ircproxy administrator control over where users connect.
  • Stays connected to IRC when the user disconnects from the proxy. The user can easily "attach" to the session and resume the connection to IRC.
  • Connections can automatically reconnect if disconnected and rejoin channels.
  • The bouncer will automatically set correct ident for a IRC connection when the ircproxy is started as root and the machine has a ident server running. Assumed that the system must support seteuid().
  • An optionally built-in ident daemon can be enabled.
  • Optional logging for connections, log files is placed in users home directory if the bouncer is started as root.
  • SendQ mechanism with throttling functionality to prevent connections from sending to much data too fast to the IRC server. Can be limited both by buffer per seconds and lines per seconds.
  • Support for IPv6 and SSL.

Configuration

These instructions are for 1.3.x only.

Once you have installed ircproxy you will need to create a few directories and edit a few configuration files.
Create the following directories:
mkdir ∼/.ircproxy
mkdir ∼/.ircproxy/cert
mkdir ∼/.ircproxy/logs
Copy the configuration files from /prefix/share/ircproxy to ∼/.ircproxy, where prefix is where you installed ircproxy, for example: /usr/local/share/ircproxy or ∼/share/ircproxy:
cp /prefix/share/ircproxy/* ∼/.ircproxy
Edit the following configuration files in ∼/.ircproxy:
Lines starting with # are comments, it is common for all configuration files.
ircproxyd.conf - Main configuration file
In this file you specify basic settings, like where to look for the configuration files and where to store logs, etc.
ircproxyd-listen.conf - Listen configuration file
Basicially the only thing you need to change here is the port that ircproxy should listen on for incoming connections. It's the port that you connect to from you're IRC client.
ircproxyd-access.conf - Access configuration file
Select which hosts that are allowed to connect to ircproxy. Unless the default rule is set to ALLOW, ircproxy will drop clients from hosts who doesn't match a ALLOW rule.
ircproxyd-user.conf - User configuration file
Define usernames and passwords combinations that will be allowed access.
Unless you set CRYPTPASSWD to no in ircproxyd.conf you will need to encrypt the password with the imkpasswd utility. This is simply done by running imkpasswd and enter the password you would like.
ircproxyd-conn.conf - Connection configuration file
In here you must specify the IRC servers that the specific users are allowed to connect to. A user can have as many connections as you wish. Most of what you need to know is written in the comments. The name you configure for USER will be the owner of the connection and must be a valid user in ircproxyd-user.conf.
If you set UNIXPASSWD to yes in ircproxyd.conf, it must be a valid user on the system and you must start ircproxyd as root!
ircproxyd-autoop.conf [OPTIONAL] - Auto-OP configuration file
In here you can configure nick!user!host masks that should be auto-opped by the bouncer.
Create a self-signed SSL certificate
If you don't want SSL support or don't understand any of it you can skip this step, you must then set SSLSUPPORT to no in ircproxyd.conf
cd ∼/.ircproxy/cert
openssl genrsa -des3 -out ca.key 4096 openssl req -new -x509 -days 365 -key ca.key -out ca.crt openssl genrsa -des3 -out ircproxy.key.secure 4096 openssl req -new -key ircproxy.key.secure -out ircproxy.csr openssl x509 -req -days 365 -in ircproxy.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out ircproxy.crt
To make ircproxyd not prompt for the passphase each time it starts you will need to create an insecure version of the key:
openssl rsa -in ircproxy.key.secure -out ircproxy.key
Once you have edited all the files. You can start ircproxyd with the command:
ircproxyd -c ∼/.ircproxy/ircproxyd-conf

Usage

These instructions are for 1.3.x only.

Once you have edited the configuration. You can start ircproxyd with the command:
ircproxyd -c /home/user/.ircproxy/ircproxyd-conf
Where /home/user/.ircproxy/ircproxyd-conf is the configuration file you want to use.
If something doesn't work as expected, the first thing you should do is to look in the log files. If no errors are logged, check that the log directory has write permissions.
In your IRC client specify the username configured in ircproxd-user.conf as username and the password specified in ircproxd-user.conf as IRC server password.
It is important that the username / userid in your IRC client is set to the one configured in ircproxyd-user.conf with the accurate password (or the user account on the UNIX machine if you set UNIXPASSWD to yes in ircproxyd.conf) and that you specify the accurate password as server password in your IRC client.
A quick connect can be done in most IRC clients with the /server command:
/server server port /pass password
Once connected, you should be able to attach to the IRC server by issuing the PATTACH command:
/PATTACH *
If you are not connected to IRC then, use:
/pconnect *
This will make ircproxy attempt to connect to the IRC server.

Installation

Using the FreeBSD ports system:
cd /usr/ports/irc/ircproxy make install clean
Using the FreeBSD pkg system:
pkg install irc/ircproxy