InspIRCd v4 is still early in development!
If you use this branch you may experience crashes, weird behaviour, and unannounced breaking changes.
You probably want to use InspIRCd v3 instead.
The "cloak_md5" Module (v4)
Description
This module adds the half and full cloaking methods for use with the cloak module. These methods are deprecated but exist for compatibility with v3.
Configuration
To load this module use the following <module> tag:
<module name="cloak_md5">
<cloak>
The <cloak> tag defines a cloaking profile. This tag can be defined as many times as required.
| Name | Type | Default Value | Description |
|---|---|---|---|
| class | String | None | If non-empty then a comma-delimited list of of connect classes that can receive this cloak. |
| domainparts | Number | 3 | If the half method is used then the maximum number of domain labels that should be visible. |
| prefix | Text | None | The value to prefix IP address cloaks with. |
| suffix | Text | .IP | The value to suffix IP address cloaks with. |
| key | Text | None | A random 30+ character value to use as a secret key when cloaking. The longer this is the more secure it is. |
| ignorecase | Boolean | No | Whether to to ignore the case of a FQDN when cloaking. |
This module also extends the <cloak:method> field with the following values:
| Name | Description |
|---|---|
| half | If the user has a DNS hostname then cloak all but the last few labels with a salted MD5 hash. Otherwise, cloak with a salted MD5 hash of the most unique /16 subnet of a IPv4 address or /48 subnet of a IPv6 address. Does not cloak UNIX socket users. |
| full | Cloak with three salted MD5 hashes of significant ranges of a user's IP address (IPv4: /16 /24 /32, IPv6: /32 /48 /64). Does not cloak UNIX socket users. |
Example Usage
Cloaking using the full method:
<cloak method="full"
class=""
key="changeme"
prefix="MyNet-"
suffix=".IP">
Cloaking using the half method:
<cloak method="half"
class=""
key="changeme"
prefix="MyNet-"
suffix=".IP"
domainparts="3"
ignorecase="yes">