edgecase
Author: StJohn Piano
Published: 2019-04-27
Datafeed Article 107
This article has been digitally signed by Edgecase Datafeed.
This article has been digitally signed by its author.
9309 words - 3002 lines - 76 pages





GOAL



Set up IRC client on Shovel.

Register #edgecase channel on Freenode.

Test joining #edgecase channel and speaking on it.

Set up IRC bouncer on a new Digital Ocean VM.

IRC = Internet Relay Chat




CONTENTS



- Goal
- Contents
- Brief Summary
- Summary
- Access
- Commands
- Project Log




BRIEF SUMMARY



I set up this IRC system:
- local Irssi chat client, which connects to:
- ZNC bouncer on a Digital Ocean cloud virtual machine, which connects to:
- Freenode IRC network

On Freenode, I registered my nick (stjohn_piano_2), a channel (#edgecase2), and made myself a channel operator for #edgecase2.




SUMMARY



- Irssi client installed on local system.
- I connected via Irssi to Freenode network.
- I registered my nick (stjohn_piano_2) with NickServ on Freenode and set an alternate nick (stjohn_piano_2_a).
- I joined #edgecase channel and found that it was already registered on freenode.
- I joined the #edgecase2 channel, which didn't exist. Joining it caused it to exist.
- I registered the #edgecase2 channel with ChanServ, which made me its channel owner.
- I made myself a channel operator on #edgecase2.
- I joined the #freenode channel and asked for an "unaffiliated" cloak.
- I set up a new virtual machine (VM) on Digital Ocean (a cloud VM provider). I named it "bouncer" and set the domain edgecase-test.net to point to its IP address.
- A channel operator on #freenode (emilsp) gave me (or rather, my registered nick on the Freenode IRC network) an unaffiliated cloak.
- On bouncer VM, I installed the Yum repo EPEL (Extra Packages for Enterprise Linux), and then the ZNC IRC bouncer.
- I generated an initial ZNC configuration.
- I turned on ZNC. I also set the CentOS system to automatically start it on boot.
- I logged in to ZNC's web admin interface. I set Allowed IPs to be just my local IP address. I added the Freenode network (under my nick's specific settings, not the global settings) and set it to use my Freenode password for my nick when making the connection (this required some experimentation and testing to get right). At first, I set the channel #edgecase2 here as well, but this caused Irssi to open multiple windows, for some sequence of reasons that I didn't fully grasp.
- I configured Irssi to connect to the ZNC bouncer, and to call this connection "Freenode". This connection requires the ZNC password (set earlier), not the Freenode password.
- I tested the process of disconnecting my local Irssi client from the ZNC bouncer, waiting a while (two hours), and then reconnecting to the ZNC bouncer. ZNC remained connected to the #freenode channel, buffered the broadcast messages, and sent them to my client when I reconnected.
- I tested that powercycling the bouncer VM caused ZNC to be started on boot.


Notes:

Using an IRC bouncer accomplishes two things: It prevents another user or bot from easily and immediately seeing your local IP address, and it prevents join/part spam in a channel (the bouncer will usually be on a better Internet connection, if it is in a data centre, and therefore will not lose its connection to the channel as often as your local client would).

On Freenode IRC network:
- NickServ handles user registration and settings.
- ChanServ handles channel registration and settings.
- Any NickServ/ChanServ commands or queries should be sent only in a private chat with NickServ/ChanServ, to avoid the possibility of accidentally sending the message to a public channel.

Irssi thinks in terms of chat windows, servers, and channels.

You connect to a server. Servers contain channels. Windows show channels or private chats. You can list windows and toggle between them.






ACCESS



freenode nickserve:
- email: [deleted]
- pw: [deleted]
- nick: stjohn_piano_2
- alt nick: stjohn_piano_2_a


znc instance:
- admin username: stjohn_piano_2
- pw: [deleted]
- nick: stjohn_piano_2
- alternate nick: stjohn_piano_2_a
- Ident: stjohn_piano_2
- real name: StJohn Piano
- port: 1025


[ ** ] To connect to this ZNC you need to connect to it as your IRC server
[ ** ] using the port that you supplied. You have to supply your login info
[ ** ] as the IRC server password like this: user/network:pass.
[ ** ]
[ ** ] Try something like this in your IRC client...
[ ** ] /server <znc_server_ip> 1025 stjohn_piano_2:<pass>
[ ** ]
[ ** ] To manage settings, users and networks, point your web browser to
[ ** ] http://<znc_server_ip>:1025/







COMMANDS



$ irssi


within irssi:

[connect to server]
/connect irc.freenode.net

[disconnect from server]
/disconnect

/msg NickServ IDENTIFY [nick] [password]

[list channelnames containing "edgecase"]
/msg alis LIST edgecase

/msg alis help

[details about current window]
/window

[shortcut for /window]
/win

[list all windows]
/win list

[change to window 2]
/win 2

[set irssi to create a new window for different channels / chats e.g. for a private chat between you and another user]
/SET autocreate_windows ON
[this will also cause commands such as "/msg alis help" to be run in a new window]

[open a private chat]
/query [nick]

[close a private chat]
/q

[join a channel]
/join [channel]
e.g.
/join #edgecase2

[leave a channel]
/part

[to close a window after parting from a channel or leaving a private chat:]
/win close

[to close a window, referring to it by number:]
/win close 2

[get info about a nick]
/whois [nick]

[view the topic for the current channel]
/topic/

[show help for NickServ]
/msg nickserv help

[show help for specific command on NickServ]
/msg nickserv help [command]

[register an email and password with NickServ]
/msg nickserv REGISTER [password] [email]

[ask NickServ not to reveal your email to other users]
/msg nickserv set hidemail on

[force anyone using your nick to identify themselves to NickServ using the password within 30 seconds or get kicked]
/msg nickserv set enforce on

[send a message to a channel i.e. speak]
[type some text and press enter to send it]

[send message that will be altered so that it refers to you in the third person]
/me does all his programming with a magnetised needle and a steady hand.
will send:
* stjohn_piano_2 does all his programming with a magnetised needle and a steady hand.

[see nicks of users who are present in the current channel]
/names

[see nicks of users who are present in another channel]
/who [channel]
e.g.
/who #lisp

[I think that the first user who joins an empty, unregistered channel causes it to exist, and then the register command (shown immediately below) registers the channel permanently, with your nick as its owner.]
Example: channel #edgecase2 does not exist.
/join #edgecase2

[the register command:]
/msg chanserv register #CHANNEL_NAME

[show ops and privileged users for a channel, if the listings are not private]
/msg chanserv access #channel list

[set a user to be a channel operator]
/msg chanserv flags #edgecase2 stjohn_piano_2 +oO

[set topic of channel]
/topic [message]
e.g.
/topic edgecase.net

[view channel modes (information will be printed in relevant channel window)]
/mode #edgecase2

[lock the topic of the channel]
/msg chanserv set #edgecase2 mlock +t

[Invite the freenode bot (ChanServ), who will preserve channel settings if everyone else leaves.]
/msg chanserv set #CHANNEL_NAME guard on
e.g.
/msg chanserv set #edgecase2 guard on

[quit the irssi program]
/quit

["remove reconnections" - stop irssi trying to keep reconnect to a server]
/rmreconns




Useful links:

https://irssi.org/documentation/startup/

https://meta.wikimedia.org/wiki/IRC/Instructions

https://freenode.net/kb/answer/channelmodes

https://irssi.org/documentation/settings/

https://quadpoint.org/articles/irssisplit/












PROJECT LOG





System details:
- Name: Shovel
- Specifications: HP 6005 Pro SFF. 3 GHz x86_64 processor (AMD II x4 B95 Quad Core), 4 GB RAM, 1 TB hard drive. Running CentOS 7.6.1810 (Core).
- More information: New computer: Shovel
- Installed items: GCC 4.8.5, Make 3.82, Vim 7.4, Python 2.7.5, Python 3.3.2, Gnome 3.28.2, gedit 3.28.1, GPG 1.4.10.





IRC client candidates:
- irssi (terminal)
- weechat (terminal, GUI)
- xchat (terminal, GUI, precursor to hexchat)
- hexchat (terminal, GUI)
- mirc (GUI, proprietary)


IRC bouncer candidates:
- znc
- BNC
- psyBNC


https://en.wikipedia.org/wiki/Comparison_of_Internet_Relay_Chat_clients


Let's look at irssi.



https://en.wikipedia.org/wiki/Irssi

Irssi is an IRC client program for Linux, FreeBSD, macOS and Microsoft Windows. It was originally written by Timo Sirainen, and released under the terms of the GNU General Public License in January 1999.

Irssi is written in the C programming language and in normal operation uses a text-mode user interface.

Numerous Perl scripts have been made available for Irssi to customise how it looks and operates.

Irssi may be configured by using its user interface or by manually editing its configuration files, which use a syntax resembling Perl data structures.




Some searching suggests that there is no python-based IRC client.


Lisp-based?
- cl-irc.
but on http://btcbase.org/log, I find:
trinque: relatedly I've read cl-irc and the thing is a haphazard mess



http://btcbase.org/log-search?q=irssi
suggests that irssi is in use.



http://danielpbarron.com/2018/irssi-on-pizarro-shared-hosting/



also:
asciilifeform: irssi rocks

and
mircea_popescu: i think everyone here uses xchat or irssi




So, I'll go with irssi.



[spiano@localhost ~]$ yum search irssi

Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirror.vorboss.net
* epel: epel.mirror.it2go.eu
* extras: mirror.sov.uk.goscomb.net
* rpmfusion-free-updates: ftp.nluug.nl
* updates: centos.serverspace.co.uk
============================== N/S matched: irssi ==============================
irssi-devel.i686 : Development package for irssi
irssi-devel.x86_64 : Development package for irssi
irssi-xmpp.x86_64 : XMPP plugin into irssi
quassel-irssi.x86_64 : An irssi plugin to connect to quassel core
irc-otr.x86_64 : Off-The-Record Messaging plugin for irssi
irssi.x86_64 : Modular text mode IRC client with Perl scripting

Name and summary matches only, use "search all" for everything.



[spiano@localhost ~]$ sudo yum install irssi

[sudo] password for spiano: Loaded plugins: fastestmirror, langpacks Loading mirror speeds from cached hostfile epel/x86_64/metalink | 27 kB 00:00 * base: mirror.freethought-internet.co.uk * epel: ftp.icm.edu.pl * extras: mirror.econdc.com * rpmfusion-free-updates: ftp.nluug.nl * updates: mirror.econdc.com base | 3.6 kB 00:00 epel | 4.7 kB 00:00 extras | 3.4 kB 00:00 forensics | 3.0 kB 00:00 forensics-splunk | 2.9 kB 00:00 rpmfusion-free-updates | 3.0 kB 00:00 updates | 3.4 kB 00:00 (1/6): extras/7/x86_64/primary_db | 188 kB 00:00 (2/6): rpmfusion-free-updates/x86_64/primary_db | 250 kB 00:00 (3/6): epel/x86_64/updateinfo | 992 kB 00:01 (4/6): updates/7/x86_64/primary_db | 3.4 MB 00:04 (5/6): forensics/7/x86_64/primary_db | 739 kB 00:05 (6/6): epel/x86_64/primary_db | 6.7 MB 00:05 Resolving Dependencies --> Running transaction check ---> Package irssi.x86_64 0:0.8.15-16.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: irssi x86_64 0.8.15-16.el7 base 699 k Transaction Summary ================================================================================ Install 1 Package Total download size: 699 k Installed size: 2.1 M Is this ok [y/d/N]: y Downloading packages: irssi-0.8.15-16.el7.x86_64.rpm | 699 kB 00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : irssi-0.8.15-16.el7.x86_64 1/1 Verifying : irssi-0.8.15-16.el7.x86_64 1/1 Installed: irssi.x86_64 0:0.8.15-16.el7 Complete!




[spiano@localhost ~]$ irssi --version

irssi 0.8.15 (20100403 1617)



[spiano@localhost ~]$ irssi --help

Usage: irssi [OPTION?] Help Options: -?, --help Show help options Application Options: --config=PATH Configuration file location (~/.irssi/config) --home=PATH Irssi home dir location (~/.irssi) -c, --connect=SERVER Automatically connect to server/network -w, --password=PASSWORD Autoconnect password -p, --port=PORT Autoconnect port -!, --noconnect Disable autoconnecting -n, --nick Specify nick to use -h, --hostname Specify host name to use -d, --dummy Use the dummy terminal mode -v, --version Display irssi version





https://quadpoint.org/articles/irssi/




I altered some settings in ~/.irssi/config
to:
settings = { core = { real_name = "StJohn Piano 2"; user_name = "stjohn_piano_2"; nick = "stjohn_piano_2"; };




can connect to or disconnect from servers. servers have channels. can join / leave channels.



irssi commands:
---

/help

/CONNECT Freenode

/rmreconns

/CONNECT -ssl Freenode

/connect irc.freenode.net 8001

/connect irc.freenode.net

/msg nickserv REGISTER [password] [email]

/msg NickServ help

[detailed information on your nick]
/msg NickServ info

/disconnect

/msg NickServ IDENTIFY [nick] [password]

[list channelnames containing "edge"]
/msg alis LIST edge

/msg alis LIST edgecase

[send message that refers to yourself in the third person]
/me eyeballs stack of books next to desk

/window

/window list

/win 2

[creates a new window for e.g. private messages between you and another user]
/SET autocreate_windows ON

/whois [nick]

[can be used for leaving a channel, but not a private chat]
/part

To close a private chat, type:
/q

To close the window after parting from a channel or leaving a private chat:
/win close


---




https://ubuntuforums.org/showthread.php?t=1010780

Register with Freenode ...

It is a very good idea to formally register your nick with Freenode and it is easy enough to do. Don't forget to substitute your own details here:

/msg nickserv REGISTER <password> <email>

NickServ will send an email to your email address with copy and paste instructions to verify you nick details. So your email address is not obvious to all users (although this setting is usually the default) then issue the following command:

/msg NickServ SET HIDEMAIL ON





https://freenode.net/kb/answer/cloaks



19:26 -!- Irssi: You are now talking in #edgecase
19:26 -!- stjohn_piano_2 [~stjohn_pi@[deleted]] has joined
#edgecase
19:26 -!- ServerMode/#edgecase [+ns] by weber.freenode.net
19:26 [Users #edgecase]
19:26 [@stjohn_piano_2]
19:26 -!- Irssi: #edgecase: Total of 1 nicks [1 ops, 0 halfops, 0 voices, 0 normal]
19:26 -!- ServerMode/#edgecase [-o stjohn_piano_2] by services.
19:26 !weber.freenode.net *** Notice -- TS for #edgecase changed from 1556216761 to 1330097977
19:26 -!- ServerMode/#edgecase [+ct-s] by services.
19:26 -!- ChanServ [ChanServ@services.] has joined #edgecase
19:26 -!- ServerMode/#edgecase [+o ChanServ] by services.
19:26 -!- Channel #edgecase created Fri Feb 24 15:39:37 2012
19:26 -!- Irssi: Join to #edgecase was synced in 2 secs
19:26 -!- Irssi: Starting query in freenode with alis







Using
/join #edgecase
apparently created the channel and made me the channel operator automatically.


hm. maybe not.

/msg ChanServ register #edgecase
19:33 <stjohn_piano_2> register #edgecase
19:33 -ChanServ(ChanServ@services.)- #edgecase is already registered to freenode-staff.




Ah: this line has the year 2012:
19:26 -!- Channel #edgecase created Fri Feb 24 15:39:37 2012



it already existed.





https://meta.wikimedia.org/wiki/IRC/Instructions
IRC clients typically have an option to use an 'alternate nickname' to use if the primary nickname is in use when you connect (for example, if someone else is using it, or if you have been abruptly disconnected and a "ghost" of your original connection remains). Freenode recommends that you group this alternate nick (/msg nickserv help group) to your primary nickname. This "alternate" grouping is also required in order to obtain IRC channel cloaks.

Once your nick is registered, you can enable 'enforce' (or 'secure'). This will force any user claiming the nick to identify with the password within 30 seconds. This protects you from imposters taking your nick while you're offline. Since you configured your client to automatically identify, nothing changes for you (except being protected). Use /msg nickserv set enforce on or /msg nickserv set secure on





/join #edgecase2

19:42 -!- Irssi: You are now talking in #edgecase2
19:42 -!- stjohn_piano_2 [~stjohn_pi@[deleted]] has joined
#edgecase2
19:42 -!- ServerMode/#edgecase2 [+ns] by weber.freenode.net
19:42 [Users #edgecase2]
19:42 [@stjohn_piano_2]
19:42 -!- Irssi: #edgecase2: Total of 1 nicks [1 ops, 0 halfops, 0 voices, 0 normal]
19:42 -!- Channel #edgecase2 created Thu Apr 25 19:42:22 2019
19:42 -!- Irssi: Join to #edgecase2 was synced in 1 secs
19:42 <stjohn_piano_2> register #edgecase23
19:42 -ChanServ(ChanServ@services.)- The channel #edgecase23 must exist in order to register it.
19:42 <stjohn_piano_2> register #edgecase2
19:42 -ChanServ(ChanServ@services.)- #edgecase2 is now registered to stjohn_piano_2.
19:42 -ChanServ(ChanServ@services.)-
19:42 -ChanServ(ChanServ@services.)- Channel guidelines can be found on the freenode website:
19:42 -ChanServ(ChanServ@services.)- http://freenode.net/changuide
19:42 -ChanServ(ChanServ@services.)- This is a primary namespace channel as per
19:42 -ChanServ(ChanServ@services.)- http://freenode.net/policies#channel-ownership
19:42 -ChanServ(ChanServ@services.)- If you do not own this name, please consider
19:42 -ChanServ(ChanServ@services.)- dropping #edgecase2 and using ##edgecase2 instead.
19:42 -!- mode/#edgecase2 [-s+tc] by ChanServ






19:48 <stjohn_piano_2> access #edgecase2 list
19:48 -ChanServ(ChanServ@services.)- Entry Nickname/Host Flags
19:48 -ChanServ(ChanServ@services.)- ----- ---------------------- -----
19:48 -ChanServ(ChanServ@services.)- 1 stjohn_piano_2 +AFRefiorstv [modified 6m 19s ago]
19:48 -ChanServ(ChanServ@services.)- ----- ---------------------- -----
19:48 -ChanServ(ChanServ@services.)- End of #edgecase2 FLAGS listing.




19:49 <stjohn_piano_2> access #edgecase list
19:49 -ChanServ(ChanServ@services.)- Entry Nickname/Host Flags
19:49 -ChanServ(ChanServ@services.)- ----- ---------------------- -----
19:49 -ChanServ(ChanServ@services.)- 1 freenode-staff +AFRefiorstv [modified 3y 29w 3d
ago]
19:49 -ChanServ(ChanServ@services.)- ----- ---------------------- -----
19:49 -ChanServ(ChanServ@services.)- End of #edgecase FLAGS listing.







https://irssi.org/documentation/startup/




https://forums.mirc.com/ubbthreads.php/topics/200974/%22+%22_or_%22@%22
You cant just "get" a +/@ in front of your nickname. + refers to voice status and @ refers to operator status-- both of these have to be given to you by someone with operator status (@).




https://freenode.net/kb/answer/channelmodes






There's an "Activity" plugin (included and enabled by default) that will show "Act" + window numbers in which new lines have been received.





https://freenode.net/kb/answer/usermodes
- can set user mode to "ignore private messages from unknown users"





https://ubuntuforums.org/showthread.php?t=1010780

It is not mandatory but often a good idea to create an alternate nick and then group this with your account. So while logged on with your primary nick run the following:

/nick <alternate_nick>
/msg nickserv group



In convo with NickServ:
/nick stjohn_piano_2_alt
-> shortened to stjohn_piano_2_a, which suggests a nick maximum length of 16 chars.
/msg nickserv group
09:38 -NickServ(NickServ@services.)- Nick stjohn_piano_2_a is now registered to your account.



/join #freenode

10:45 < stjohn_piano_2> hello. i understand that cloaks are only very basic IP protection. may i have one anyway?
10:49 < JohnnyMnemonic> stjohn_piano_2, not even basic protection
10:54 < stjohn_piano_2> JohnnyMnemonic: ah no? i thought a cloak prevented passive logging of IPs. am i wrong?
10:55 < JohnnyMnemonic> lol.
10:55 < stjohn_piano_2> (passive logging by other users / bots, not by freenode or traffic sniffers)
10:56 < JohnnyMnemonic> what are you afraid of
10:56 < stjohn_piano_2> nothing much
10:57 < stjohn_piano_2> just thought it would be nice to avoid the (very small) chance of ddos by someone who
decides to be annoying.
10:57 < JohnnyMnemonic> cloaks are used to show affilliation, or lack there-of, with a FOSS project
10:57 < stjohn_piano_2> ah
10:57 < JohnnyMnemonic> yeah.
10:58 < stjohn_piano_2> hm. could i have an "unaffiliated" cloak?
10:59 < JohnnyMnemonic> probably. but you'll have to wait
10:59 < stjohn_piano_2> ok
10:59 < stjohn_piano_2> thanks
11:00 < JohnnyMnemonic> null perspiration.




Well, while waiting, I'll set up a bouncer.



Log in to Digital Ocean.




I have an SSH key already made on Shovel:

[spiano@localhost ~]$ ls -1 ~/.ssh

id_rsa
id_rsa.pub
known_hosts

[spiano@localhost ~]$ cat .ssh/id_rsa.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCaL7/KWql5WCI6STk5cq7LSXjPo9l0xDNCOtr/59e6eKaG/a3YQHPkjygbq4F4D6TXJbY0LIWN9BbRZrV4QuTBDB1AGujfucIf2Rm1bE4a5NaJu6PN1Plqrd/I+6bg3MrkYJCWrCcEORV59PWG8PKke0iYtLvmTm5e9raowWr4cjUIHjRepW8t8a/DM289LJCHveBUYkyXkW5Cmm3xzZck3zkm2wC9r3gBVUIdkPGhGittxQ3ERF2nfu8C5VF8IABdlHfYjCN49j1QZNoKQ94bxCafOUrXDTjgc/DBJUcYb+w+7w2T2ItFoqHVx1+nIqvD6mU0xNpSPXMLCXxz03K9 spiano@localhost.localdomain




In DigitalOcean / Account / Security, a key with the name "shovel" is already listed.


In DigitalOcean / Manage / Droplets, click Create, then Droplets.

I now see the "Create Droplets" interface.

Choose these droplet details:
- Distribution = CentOS 7.6 x64
- Memory = 1 GB
- vCPUS = 1 vCPU
- SSD Disk = 25 GB
- Transfer = 1000 GB
- Price = $5/mo, $0.007/hr
- Datacentre region = London

In the section "Add your SSH keys", choose "shovel".

Set hostname to "bouncer".

Click Create.


I now see the Project interface. New droplet is being created.

New droplet finished. It has the IP address 206.189.119.239.


I have a spare domain: edgecase-test.net

Click it. The "Create new record" interface opens.


It already has 3 Nameserver records pointing to the DigitalOcean nameservers.

It also has an A record left over from a previous project.

Edit the A record. Set it to point to "bouncer".

"TTL (Seconds)" is set to 3600.

3600 seconds = 1 hour.

Click Save.



[a minute or so passes]


[spiano@localhost ~]$ ping 206.189.119.239

PING 206.189.119.239 (206.189.119.239) 56(84) bytes of data.
64 bytes from 206.189.119.239: icmp_seq=1 ttl=50 time=21.4 ms
64 bytes from 206.189.119.239: icmp_seq=2 ttl=50 time=24.1 ms
64 bytes from 206.189.119.239: icmp_seq=3 ttl=50 time=56.9 ms
^C
--- 206.189.119.239 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 21.483/34.199/56.952/16.126 ms


[spiano@localhost ~]$ ping edgecase-test.net

PING edgecase-test.net (206.189.119.239) 56(84) bytes of data.
64 bytes from 206.189.119.239 (206.189.119.239): icmp_seq=1 ttl=50 time=29.0 ms
64 bytes from 206.189.119.239 (206.189.119.239): icmp_seq=2 ttl=50 time=23.0 ms
64 bytes from 206.189.119.239 (206.189.119.239): icmp_seq=3 ttl=50 time=22.2 ms
64 bytes from 206.189.119.239 (206.189.119.239): icmp_seq=4 ttl=50 time=21.1 ms
^C
--- edgecase-test.net ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 21.148/23.862/29.083/3.085 ms




That was a quick changeover.






more from #freenode: [I haven't included all chat lines here e.g. join/part notifications, people talking about other things]

13:00 < thumbs> stjohn_piano_2: a cloak will do nothing to prevent a DDoS, either way.
13:13 < stjohn_piano_2> thumbs: true. if someone already knows your IP, cloak offers no protection. my
understanding (currently) is that a cloak prevents a non-freenode user/bot from
passively logging your IP. Seems like a small but mildly useful optimisation to have
an unaffiliated cloak, vs not having one. am i incorrect?
13:14 < thumbs> stjohn_piano_2: anyone that wants your IP can get it in seconds, even if you are cloaked.
13:14 < thumbs> stjohn_piano_2: and folks that don't get to get your IP will not want to "attack" you as
such, either.
13:14 < stjohn_piano_2> thumbs: ah. did not know that. or are you referring to traffic sniffing?
13:14 < thumbs> stjohn_piano_2: no.
13:15 < stjohn_piano_2> i see
13:15 < thumbs> also, s/get to get/want to get/
13:16 < thumbs> stjohn_piano_2: for instance, I have no interest in what your IP is, or where your client is
running.
13:16 < stjohn_piano_2> right
13:17 < mouses> solution: use a VPN or SSH tunnel, and mind what you click on.
13:17 < stjohn_piano_2> for morbid curiosity, how can someone see past the unaffiliated cloak in order to get
another user's IP?
13:17 <@emilsp> stjohn_piano_2: yes
13:17 < stjohn_piano_2> mouses: yup, setting up a znc on digitalocean atm
13:17 < mouses> stjohn_piano_2: that's not something anyone is going to discuss
13:17 < thumbs> stjohn_piano_2: for obvious reasons, I won't get recipes for that here.
13:17 < mouses> stjohn_piano_2: good call, that's how I do it - also you can spin openVPN on that droplet
13:18 < mouses> stjohn_piano_2: and that way you can be less paranoid about clicking a link someone posts on
a server they control and simply grepping the webserver logs to harvest IP's
13:18 < stjohn_piano_2> mouses, thumbs: thanks. cool
13:18 < stjohn_piano_2> mouses: ah. makes sense.
13:19 <@emilsp> stjohn_piano_2: if you still want a cloak, I can give you one.
13:20 < thumbs> stjohn_piano_2: the only thing a cloak does well is prevent passive logging, provided you use
SASL.
13:20 < stjohn_piano_2> emilsp: sure. thanks.
13:21 < stjohn_piano_2> thumbs: ah. i see. makes sense.
13:22 -!- unaffiliated/stjohn-piano-2/x-9740860 is now your hidden host (set by services.)
13:22 < micmac-> the only way someone could get your IP so easily, is because your irc client is leaking it
somehow
13:23 < thumbs> micmac-: incorrect.
13:23 < micmac-> so there must be some "recipes" that exploit irc client weaknesses
13:23 < thumbs> micmac-: no. Services always know your IP.
13:23 < [itchyjunk]> there used to be a bunch back in the 90's
13:23 < [itchyjunk]> sadly those bastards kept patching them over the last 30 years
13:23 < thumbs> micmac-: folks can get your IP in seconds without even interacting with your client.
13:23 < stjohn_piano_2> emilsp: thanks for the cloak.
13:23 < micmac-> so, freenode services would provide them with your IP ?
13:24 < micmac-> weird
13:24 -!- smaudet [~smaudet@190.2.28.97] has joined #freenode
13:24 < swarfega> the cloak isnt meant for security
13:24 -!- kjackal [~quassel@2a02:587:9a0e:900:d97d:a226:af4d:1270] has quit [Ping timeout: 252 seconds]
13:24 < swarfega> its just a show of affiliation or lack of
13:24 <@emilsp> there are side-channels which don't exploit weaknesses in your or our infrastructure
13:27 < mouses> If you want security, use a VPN or a SSH tunnel and mind what you click / who you associate
with
13:29 < micmac> ssh tunnel from your own connection to.. where ? some dedicated server ?
13:29 < [itchyjunk]> to where might depend on your use case and what security means to you.
13:36 < AEonFyr> emilsp: may I have an unafilliated cloak too, please?
13:39 <@emilsp> AEonFyr: just be aware, the cloak won't actually hide your IP.
13:39 < AEonFyr> emilsp: Noted, thank you.
13:41 < micmac> so, some people know how to exploit weaknesses in the network infrastructure in order to get
the IPs
13:42 < micmac> and the cloaks seem to provide a false sens of security, and you have to constantly remind
people about that
13:43 < thumbs> micmac: only some folks still believe that they provide security. Likely read some older
material, or have misconceptions.
13:44 < micmac> shouldn't there be a way to secure more the infrastructure ? (I'm not criticizing)
13:44 < thumbs> micmac: it would actually cripple it - services need to know your IP.
13:44 < micmac> ok
13:46 < micmac> so services need to know your IP, but somehow they can leak it to anybody really wanting to
13:46 <@e> it would be relatively easy to make services not leak IPs, and i intend to
13:47 <@e> one of these days when some of that mysterious "free time" thing you hear about in stories is in
greater abundance
13:47 < micmac> :)







Let's press on.



[spiano@localhost ~]$ ssh root@edgecase-test.net


[spiano@localhost ~]$ ssh root@edgecase-test.net

The authenticity of host 'edgecase-test.net (206.189.119.239)' can't be established.
ECDSA key fingerprint is SHA256:/IEpLRct8eCmuon2P8hxggv48YsrEWJ6oCKfGC6NNWw.
ECDSA key fingerprint is MD5:35:c6:d9:5c:0f:4a:5d:c5:41:77:51:66:24:fb:0f:dd.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'edgecase-test.net,206.189.119.239' (ECDSA) to the list of known hosts.

[root@bouncer ~]# ls -1

anaconda-ks.cfg
original-ks.cfg

[root@bouncer ~]# pwd

/root

[root@bouncer ~]# hostname

bouncer

[root@bouncer ~]# ping -c 1 google.com

PING google.com (216.58.213.14) 56(84) bytes of data.
64 bytes from lhr25s25-in-f14.1e100.net (216.58.213.14): icmp_seq=1 ttl=51 time=9.87 ms

--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 9.871/9.871/9.871/0.000 ms

[root@bouncer ~]# znc --version

-bash: znc: command not found

[root@bouncer ~]# yum --version

3.4.3 Installed: rpm-4.11.3-35.el7.x86_64 at 2019-01-28 20:53 Built : CentOS BuildSystem <http://bugs.centos.org> at 2018-10-30 19:27 Committed: Pavlina Moravcova Varekova <pmoravco@redhat.com> at 2018-06-19 Installed: yum-3.4.3-161.el7.centos.noarch at 2019-01-28 20:54 Built : CentOS BuildSystem <http://bugs.centos.org> at 2018-11-05 01:54 Committed: CentOS Sources <bugs@centos.org> at 2018-10-30 Installed: yum-plugin-fastestmirror-1.1.31-50.el7.noarch at 2019-01-28 20:54 Built : CentOS BuildSystem <http://bugs.centos.org> at 2018-10-30 22:58 Committed: Michal Domonkos <mdomonko@redhat.com> at 2018-08-24


[root@bouncer ~]# yum search znc

Loaded plugins: fastestmirror Determining fastest mirrors * base: mirror.clustered.net * extras: mirror.sov.uk.goscomb.net * updates: mirror.sov.uk.goscomb.net base | 3.6 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 (1/4): base/7/x86_64/group_gz | 166 kB 00:00:00 (2/4): extras/7/x86_64/primary_db | 188 kB 00:00:00 (3/4): updates/7/x86_64/primary_db | 3.4 MB 00:00:00 (4/4): base/7/x86_64/primary_db | 6.0 MB 00:00:00 Warning: No matches found for: znc No matches found



[root@bouncer ~]# yum repolist

Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.clustered.net * extras: mirror.sov.uk.goscomb.net * updates: mirror.sov.uk.goscomb.net repo id repo name status base/7/x86_64 CentOS-7 - Base 10,019 extras/7/x86_64 CentOS-7 - Extras 386 updates/7/x86_64 CentOS-7 - Updates 1,580 repolist: 11,985







https://wiki.znc.in/Installation

Fedora/CentOS/Red Hat Enterprise Linux

Fedora has znc packaged in it's main repository and their Extra Packages for Enterprise Linux (EPEL) repository provides them for CentOS/RHEL.

If using RHEL install the EPEL repository by downloading the appropriate package linked on EPEL's website [ https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F ].

Once you have EPEL installed (or are on Fedora), execute:

sudo yum install znc

Once installed you can configure znc by running:

sudo -u znc znc --makeconf # this creates /var/lib/znc/.znc

Then finally to start it you can run:

sudo systemctl start znc # or enable if you want it to autostart




https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F

NOTE for CentOS users
You can install EPEL by running yum install epel-release. The package is included in the CentOS Extras repository, enabled by default.





[root@bouncer ~]# yum install epel-release

Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.clustered.net * extras: mirror.sov.uk.goscomb.net * updates: mirror.sov.uk.goscomb.net Resolving Dependencies --> Running transaction check ---> Package epel-release.noarch 0:7-11 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================== Package Arch Version Repository Size ============================================================================================================== Installing: epel-release noarch 7-11 extras 15 k Transaction Summary ============================================================================================================== Install 1 Package Total download size: 15 k Installed size: 24 k Is this ok [y/d/N]: y Downloading packages: warning: /var/cache/yum/x86_64/7/extras/packages/epel-release-7-11.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY Public key for epel-release-7-11.noarch.rpm is not installed epel-release-7-11.noarch.rpm | 15 kB 00:00:00 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Importing GPG key 0xF4A80EB5: Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>" Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5 Package : centos-release-7-6.1810.2.el7.centos.x86_64 (installed) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 Is this ok [y/N]: y Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : epel-release-7-11.noarch 1/1 Verifying : epel-release-7-11.noarch 1/1 Installed: epel-release.noarch 0:7-11 Complete!





[root@bouncer ~]# yum repolist

Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile epel/x86_64/metalink | 15 kB 00:00:00 * base: mirror.clustered.net * epel: d2lzkl7pfhq30w.cloudfront.net * extras: mirror.sov.uk.goscomb.net * updates: mirror.sov.uk.goscomb.net epel | 4.7 kB 00:00:00 (1/3): epel/x86_64/group_gz | 88 kB 00:00:00 epel/x86_64/updateinfo FAILED http://mirror.seas.harvard.edu/epel/7/x86_64/repodata/67cf7a518c57a5dfeae248198d901133eb95edbec7ae7b7e6578ca361941a4d0-updateinfo.xml.bz2: [Errno 14] HTTP Error 404 - Not Found Trying other mirror. To address this issue please refer to the below wiki article https://wiki.centos.org/yum-errors If above article doesn't help to resolve this issue please use https://bugs.centos.org/. (2/3): epel/x86_64/updateinfo | 992 kB 00:00:00 epel/x86_64/primary_db FAILED https://epel.mirror.constant.com/7/x86_64/repodata/b5ec306da43f784f698cf1fb2e695112f5ab60649fce8179718b115fd9beb97a-primary.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found Trying other mirror. (3/3): epel/x86_64/primary_db | 6.7 MB 00:00:00 repo id repo name status base/7/x86_64 CentOS-7 - Base 10,019 *epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,082 extras/7/x86_64 CentOS-7 - Extras 386 updates/7/x86_64 CentOS-7 - Updates 1,580 repolist: 25,067





[root@bouncer ~]# yum search znc

Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.clustered.net * epel: d2lzkl7pfhq30w.cloudfront.net * extras: mirror.sov.uk.goscomb.net * updates: mirror.sov.uk.goscomb.net ============================================== N/S matched: znc ============================================== znc-devel.x86_64 : Development files needed to compile ZNC modules znc-modperl.x86_64 : Perl module for ZNC znc-modpython.x86_64 : Python3 module for ZNC znc-modtcl.x86_64 : TCL module for ZNC znc.x86_64 : An advanced IRC bouncer Name and summary matches only, use "search all" for everything.





Interesting. I note the existence of a Python module, which I assume allows the loading of Python plugins.

https://wiki.znc.in/Modpython




[root@bouncer ~]# yum install znc

Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.clustered.net * epel: d2lzkl7pfhq30w.cloudfront.net * extras: mirror.sov.uk.goscomb.net * updates: mirror.sov.uk.goscomb.net Resolving Dependencies --> Running transaction check ---> Package znc.x86_64 0:1.7.3-1.el7 will be installed --> Processing Dependency: libicudata.so.50()(64bit) for package: znc-1.7.3-1.el7.x86_64 --> Processing Dependency: libicuuc.so.50()(64bit) for package: znc-1.7.3-1.el7.x86_64 --> Running transaction check ---> Package libicu.x86_64 0:50.1.2-17.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ============================================================================================================== Package Arch Version Repository Size ============================================================================================================== Installing: znc x86_64 1.7.3-1.el7 epel 2.0 M Installing for dependencies: libicu x86_64 50.1.2-17.el7 base 6.9 M Transaction Summary ============================================================================================================== Install 1 Package (+1 Dependent package) Total download size: 8.9 M Installed size: 31 M Is this ok [y/d/N]: y Downloading packages: (1/2): libicu-50.1.2-17.el7.x86_64.rpm | 6.9 MB 00:00:00 warning: /var/cache/yum/x86_64/7/epel/packages/znc-1.7.3-1.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 352c64e5: NOKEY Public key for znc-1.7.3-1.el7.x86_64.rpm is not installed (2/2): znc-1.7.3-1.el7.x86_64.rpm | 2.0 MB 00:00:01 -------------------------------------------------------------------------------------------------------------- Total 5.1 MB/s | 8.9 MB 00:00:01 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 Importing GPG key 0x352C64E5: Userid : "Fedora EPEL (7) <epel@fedoraproject.org>" Fingerprint: 91e9 7d7c 4a5e 96f1 7f3e 888f 6a2f aea2 352c 64e5 Package : epel-release-7-11.noarch (@extras) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 Is this ok [y/N]: y Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : libicu-50.1.2-17.el7.x86_64 1/2 Installing : znc-1.7.3-1.el7.x86_64 2/2 Verifying : znc-1.7.3-1.el7.x86_64 1/2 Verifying : libicu-50.1.2-17.el7.x86_64 2/2 Installed: znc.x86_64 0:1.7.3-1.el7 Dependency Installed: libicu.x86_64 0:50.1.2-17.el7 Complete!





https://stackoverflow.com/questions/31666247/what-is-the-difference-between-the-nick-username-and-real-name-in-irc-and-wha

The nickname supplied with NICK is the name that's used to address you on IRC. The nickname must be unique across the network, so you can't use a nickname that's already in use at the time.

The username supplied with USER is simply the user part in your user@host hostmask that appears to others on IRC, showing where your connection originates from (if you've never seen these, then your client may be hiding them). In the early days of IRC it was typical for people to run their IRC client on multi-user machines, and the username corresponded to their local username on that machine. Some people do still use IRC from multi-user shell servers, but for the most part the username is vestigal.

The real name supplied with USER is used to populate the real name field that appears when someone uses the WHOIS command on your nick. Unlike the other two fields, this field can be fairly long and contain most characters (including spaces). Some people do put their real name here, but many do not.

The PASS command is optional. It is used to supply a password if the IRC server you are using requires one. Some servers will use the password supplied to attempt to log you on to IRC services.


edited Nov 26 '18 at 0:41
answered Jul 30 '15 at 2:10
caf




https://wiki.znc.in/ZNC

Generate an initial configuration via znc --makeconf.

- Each ZNC user can connect to several IRC networks, though you'll need to connect your IRC client to ZNC several times (once per network).
- You can later change settings (add more users, tune existing ones, etc.) via the web interface or from IRC.




[root@bouncer ~]# sudo -u znc znc --makeconf
[ .. ] Checking for list of available modules...
[ ** ]
[ ** ] -- Global settings --
[ ** ]
[ ?? ] Listen on port (1025 to 65534): 1025
[ ?? ] Listen using SSL (yes/no) [no]: no
[ ?? ] Listen using both IPv4 and IPv6 (yes/no) [yes]: no
[ .. ] Verifying the listener...
[ ** ] Unable to locate pem file: [/var/lib/znc/.znc/znc.pem], creating it
[ .. ] Writing Pem file [/var/lib/znc/.znc/znc.pem]...
[ ** ] Enabled global modules [webadmin]
[ ** ]
[ ** ] -- Admin user settings --
[ ** ]
[ ?? ] Username (alphanumeric): stjohn_piano_2
[ ?? ] Enter password:
[ ?? ] Confirm password:
[ ?? ] Nick [stjohn_piano_2]:
[ ?? ] Alternate nick [stjohn_piano_2_]: stjohn_piano_2_a
[ ?? ] Ident [stjohn_piano_2]:
[ ?? ] Real name (optional): StJohn Piano
[ ?? ] Bind host (optional):
[ ** ] Enabled user modules [chansaver, controlpanel]
[ ** ]
[ ?? ] Set up a network? (yes/no) [yes]: no
[ ** ]
[ .. ] Writing config [/var/lib/znc/.znc/configs/znc.conf]...
[ ** ]
[ ** ] To connect to this ZNC you need to connect to it as your IRC server
[ ** ] using the port that you supplied. You have to supply your login info
[ ** ] as the IRC server password like this: user/network:pass.
[ ** ]
[ ** ] Try something like this in your IRC client...
[ ** ] /server <znc_server_ip> 1025 stjohn_piano_2:<pass>
[ ** ]
[ ** ] To manage settings, users and networks, point your web browser to
[ ** ] http://<znc_server_ip>:1025/
[ ** ]
[ ?? ] Launch ZNC now? (yes/no) [yes]: no



[root@bouncer ~]# systemctl status znc
- znc.service - ZNC, an advanced IRC bouncer Loaded: loaded (/usr/lib/systemd/system/znc.service; disabled; vendor preset: disabled) Active: inactive (dead)
[root@bouncer ~]# service znc status
Redirecting to /bin/systemctl status znc.service - znc.service - ZNC, an advanced IRC bouncer Loaded: loaded (/usr/lib/systemd/system/znc.service; disabled; vendor preset: disabled) Active: inactive (dead)
[root@bouncer ~]# service znc start
Redirecting to /bin/systemctl start znc.service
[root@bouncer ~]# service znc status
Redirecting to /bin/systemctl status znc.service - znc.service - ZNC, an advanced IRC bouncer Loaded: loaded (/usr/lib/systemd/system/znc.service; disabled; vendor preset: disabled) Active: active (running) since Fri 2019-04-26 13:41:09 UTC; 9s ago Main PID: 11426 (znc) CGroup: /system.slice/znc.service - 11426 /usr/bin/znc -f Apr 26 13:41:09 bouncer systemd[1]: Started ZNC, an advanced IRC bouncer. Apr 26 13:41:09 bouncer znc[11426]: Checking for list of available modules... Apr 26 13:41:09 bouncer znc[11426]: Opening config [/var/lib/znc/.znc/configs/znc.conf]... Apr 26 13:41:09 bouncer znc[11426]: Loading global module [webadmin]... Apr 26 13:41:09 bouncer znc[11426]: Binding to port [1025] using ipv4... Apr 26 13:41:09 bouncer znc[11426]: Loading user [stjohn_piano_2] Apr 26 13:41:09 bouncer znc[11426]: Loading user module [chansaver]... Apr 26 13:41:09 bouncer znc[11426]: Loading user module [controlpanel]... Apr 26 13:41:09 bouncer znc[11426]: Staying open for debugging [pid: 11426] Apr 26 13:41:09 bouncer znc[11426]: ZNC 1.7.3 - https://znc.in
[root@bouncer ~]# service znc stop
Redirecting to /bin/systemctl stop znc.service
[root@bouncer ~]# service znc status
Redirecting to /bin/systemctl status znc.service - znc.service - ZNC, an advanced IRC bouncer Loaded: loaded (/usr/lib/systemd/system/znc.service; disabled; vendor preset: disabled) Active: inactive (dead) Apr 26 13:41:09 bouncer znc[11426]: Opening config [/var/lib/znc/.znc/configs/znc.conf]... Apr 26 13:41:09 bouncer znc[11426]: Loading global module [webadmin]... Apr 26 13:41:09 bouncer znc[11426]: Binding to port [1025] using ipv4... Apr 26 13:41:09 bouncer znc[11426]: Loading user [stjohn_piano_2] Apr 26 13:41:09 bouncer znc[11426]: Loading user module [chansaver]... Apr 26 13:41:09 bouncer znc[11426]: Loading user module [controlpanel]... Apr 26 13:41:09 bouncer znc[11426]: Staying open for debugging [pid: 11426] Apr 26 13:41:09 bouncer znc[11426]: ZNC 1.7.3 - https://znc.in Apr 26 13:43:55 bouncer systemd[1]: Stopping ZNC, an advanced IRC bouncer... Apr 26 13:43:55 bouncer systemd[1]: Stopped ZNC, an advanced IRC bouncer.
[root@bouncer ~]# service --help
Usage: service < option > | --status-all | [ service_name [ command | --full-restart ] ]
[root@bouncer ~]# service znc help
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
[root@bouncer ~]# systemctl enable znc
Created symlink from /etc/systemd/system/multi-user.target.wants/znc.service to /usr/lib/systemd/system/znc.service.
[root@bouncer ~]# service znc status
Redirecting to /bin/systemctl status znc.service - znc.service - ZNC, an advanced IRC bouncer Loaded: loaded (/usr/lib/systemd/system/znc.service; enabled; vendor preset: disabled) Active: inactive (dead) Apr 26 13:41:09 bouncer znc[11426]: Opening config [/var/lib/znc/.znc/configs/znc.conf]... Apr 26 13:41:09 bouncer znc[11426]: Loading global module [webadmin]... Apr 26 13:41:09 bouncer znc[11426]: Binding to port [1025] using ipv4... Apr 26 13:41:09 bouncer znc[11426]: Loading user [stjohn_piano_2] Apr 26 13:41:09 bouncer znc[11426]: Loading user module [chansaver]... Apr 26 13:41:09 bouncer znc[11426]: Loading user module [controlpanel]... Apr 26 13:41:09 bouncer znc[11426]: Staying open for debugging [pid: 11426] Apr 26 13:41:09 bouncer znc[11426]: ZNC 1.7.3 - https://znc.in Apr 26 13:43:55 bouncer systemd[1]: Stopping ZNC, an advanced IRC bouncer... Apr 26 13:43:55 bouncer systemd[1]: Stopped ZNC, an advanced IRC bouncer.
[root@bouncer ~]# service znc start
Redirecting to /bin/systemctl start znc.service
[root@bouncer ~]# service znc status
Redirecting to /bin/systemctl status znc.service - znc.service - ZNC, an advanced IRC bouncer Loaded: loaded (/usr/lib/systemd/system/znc.service; enabled; vendor preset: disabled) Active: active (running) since Fri 2019-04-26 13:46:33 UTC; 2s ago Main PID: 11558 (znc) CGroup: /system.slice/znc.service - 11558 /usr/bin/znc -f Apr 26 13:46:33 bouncer systemd[1]: Started ZNC, an advanced IRC bouncer. Apr 26 13:46:33 bouncer znc[11558]: Checking for list of available modules... Apr 26 13:46:33 bouncer znc[11558]: Opening config [/var/lib/znc/.znc/configs/znc.conf]... Apr 26 13:46:33 bouncer znc[11558]: Loading global module [webadmin]... Apr 26 13:46:33 bouncer znc[11558]: Binding to port [1025] using ipv4... Apr 26 13:46:33 bouncer znc[11558]: Loading user [stjohn_piano_2] Apr 26 13:46:33 bouncer znc[11558]: Loading user module [chansaver]... Apr 26 13:46:33 bouncer znc[11558]: Loading user module [controlpanel]... Apr 26 13:46:33 bouncer znc[11558]: Staying open for debugging [pid: 11558] Apr 26 13:46:33 bouncer znc[11558]: ZNC 1.7.3 - https://znc.in






In Chrome, browse to:
http://206.189.119.239:1025

works.
{Welcome to ZNC's web interface!}

Can log in using admin name + password.
{This connection is not secure}

Go to Your Settings.

In Authentication / Allowed IPs, put in my local IP.

In Networks, click Add.
- Network Name: Freenode
- tick for {Disable certificate validation (takes precedence over TrustPKI). INSECURE!}
- no tick for {Trust the PKI:}
- Click Add under Hostname | Port | SSL | Password
-- Hostname: irc.freenode.net
-- Port: 6667
-- no tick for SSL
-- Password: [not included here]

To connect to this network from your IRC client, you can set the server password field as stjohn_piano_2/<network>:<password> or username field as stjohn_piano_2/<network>


Click {Add Network and continue}

Under Channels, click Add.
- Channel Name: edgecase2

Click {Add Channel and continue}
Click {Save and return}



https://superuser.com/questions/1307874/irc-terminology-network-vs-server
An IRC server has the meaning you'd expect: it's a single machine that's running an IRC daemon which you can connect to.

An IRC network is a group of IRC servers which are linked together. When servers are linked into a network, they behave like a single large server -- usernames and channels are shared within the network, and you can communicate with users on other servers within the network without any special steps. Users still connect to individual servers, but it's as if they are connected to the whole network.

Most large IRC networks are configured such that normal users don't need to think about individual servers. There will typically be names in DNS which can be used to connect to an arbitrary available server, e.g. "irc.example.com" to connect to any server, "us.irc.example.com" to connect to a server in the US, or so on.

answered Mar 26 '18 at 3:10
duskwuff




https://freenode.net/kb/answer/chat
You can connect to freenode by pointing your IRC client at chat.freenode.net on ports 6665-6667 and 8000-8002 for plain-text connections, or ports 6697, 7000 and 7070 for SSL-encrypted connections.



http://irc.netsplit.de/networks/top100.php
Each IRC network consists of one or more IRC servers that form a virtual chat network together. The communication on these virtual chat networks is based on the IRC protocol. According to this you talk about IRC networks. Users that are connected via directly or crabwise connected servers are able to chat together.






https://wiki.znc.in/ZNC
Configure your IRC client to connect to your ZNC server.

If your client has separate username and password fields, that works fine.
You can set username as username@clientid/network to connect to a specific network. The network needs to be configured already. Without /network client will be connected to some random network.
- If your client is broken and doesn't support specifying username in well... username, you can use username@clientid/network:password as the password.




In irssi, run
/help server
and read the results




/server -network freenode -host edgecase-test.net [port] [password] [nick]


nope. doesn't work.


https://wiki.znc.in/Irssi
Connecting to ZNC

Non SSL

/network add freenode
/server add -net freenode -auto my.bouncer.net 6667 username/freenode:password
/save
/connect freenode

[...]

Irssi by default will create new channel windows each time znc reconnects to the irc network. After you join all your channels you can enter /layout save to have irssi reuse channel windows instead of creating new windows.



/network add Freenode
/server add -net Freenode -auto edgecase-test.net 1025 stjohn_piano_2/Freenode:[password not shown here]
/save
/connect Freenode


The password is the one that was set for the ZNC instance, not the Freenode IRC network.


Result:
15:49 -!- Irssi: Looking up edgecase-test.net
15:49 -!- Irssi: Connecting to edgecase-test.net [206.189.119.239] port 1025
15:49 -!- Irssi: Connection to edgecase-test.net established
15:49 -!- Welcome to ZNC
15:49 -!- [verne.freenode.net] You have not registered
15:49 <*status> Error from server: Closing Link: 206.189.119.239 (Connection timed out)
15:49 <*status> Disconnected from IRC. Reconnecting...
15:49 <*status> Cannot connect to IRC (Network is unreachable). Retrying...
15:49 -!- Irssi: Removed reconnection to server edgecase-test.net port 1025
15:49 [Freenode2] -!- Irssi: Looking up edgecase-test.net
15:49 [Freenode2] -!- Irssi: Reconnecting to edgecase-test.net [206.189.119.239] port 1025 - use /RMRECONNS
to abort
15:49 [Freenode2] -!- Irssi: Connection to edgecase-test.net established
15:49 [Freenode2] -!- Invalid Password
15:49 -*status(znc@znc.in)- A client from [deleted] attempted to login as you, but was rejected: Invalid
Password
15:49 -!- Irssi: Connection lost to edgecase-test.net
15:49 !weber.freenode.net *** Looking up your hostname...
15:49 !weber.freenode.net *** Checking Ident
15:49 !weber.freenode.net *** Couldn't look up your hostname
15:49 !weber.freenode.net *** No Ident response
15:49 -!- Nick stjohn_piano_2 is temporarily unavailable
15:49 -!- Irssi: Your nickname is stjohn_piano_2
15:50 -!- [weber.freenode.net] You have not registered
15:50 Ref Name Active item Server Level 15:50 1 *status Freenode

15:50 <*status> Error from server: Closing Link: 206.189.119.239 (Connection timed out)
15:50 <*status> Disconnected from IRC. Reconnecting...
15:50 !tepper.freenode.net *** Looking up your hostname...
15:50 !tepper.freenode.net *** Checking Ident
15:50 !tepper.freenode.net *** Couldn't look up your hostname
15:50 !tepper.freenode.net *** No Ident response
15:50 -!- Nick stjohn_piano_2 is temporarily unavailable





Hm. Not sure why "Freenode2" appears.

May have retried something too many times.

I used /msg nickserv release stjohn_piano_2 at some point.


Hm. Something's succeeded.


Perhaps my nick "stjohn_piano_2" was still assigned to my local IP, preventing the ZNC instance (with its own, different IP) from connecting to Freenode with that nick.


Judging by the text in the nickserv private chat, the "release" command caused a password challenge to be sent to my ZNC instance, which answered it successfully.


15:52 -!- Irssi: Starting query in Freenode with nickserv
15:52 <stjohn_piano_2> help
15:53 <stjohn_piano_2> help
15:54 <stjohn_piano_2> release stjohn_piano_2
15:54 <stjohn_piano_2> release stjohn_piano_2
15:54 <stjohn_piano_2> release stjohn_piano_2
15:54 <stjohn_piano_2> release stjohn_piano_2
15:54 <stjohn_piano_2> release stjohn_piano_2
15:54 <stjohn_piano_2> release stjohn_piano_2
15:54 <stjohn_piano_2> release stjohn_piano_2
15:54 -NickServ(NickServ@services.)- This nickname is registered. Please choose a different nickname, or
identify via /msg NickServ identify <password>.
15:54 -NickServ(NickServ@services.)- You have 30 seconds to identify to your nickname before it is changed.
15:54 -NickServ(NickServ@services.)- You are now identified for stjohn_piano_2.







Hm. joining #edgecase2 appears to open two windows, one with server Freenode and the other with server Freenode2.

16:01 Ref Name Active item Server Level 16:01 1 *status Freenode 16:01 2 nickserv Freenode 16:01 3 #edgecase2 Freenode 16:01 4 #edgecase2 Freenode2



/server
shows
16:03 -!- Freenode: edgecase-test.net:1025 (Freenode)
16:03 -!- Freenode2: edgecase-test.net:1025 (Freenode)


made a mistake somewhere. repeated the command perhaps.



Run:
/network remove Freenode
/server remove edgecase-test.net


close the windows for Freenode and Freenode2.





Run:


/network add Freenode
/server add -net Freenode -auto edgecase-test.net 1025 stjohn_piano_2/Freenode:[password not shown here]
/save
/connect Freenode




Oh hey, works first time now.



join #edgecase2.




Hm.


/win list
shows
16:08 Ref Name Active item Server Level 16:08 1 *status Freenode 16:08 2 nickserv Freenode 16:08 3 #edgecase2 Freenode 16:08 4 #edgecase2 Freenode2 16:08 5 #edgecase2 Freenode3




why?




oh....

{Irssi by default will create new channel windows each time znc reconnects to the irc network. After you join all your channels you can enter /layout save to have irssi reuse channel windows instead of creating new windows.}


leave channel.

close windows 5, 4, and 3.


/win list
shows
16:10 Ref Name Active item Server Level 16:10 1 *status Freenode 16:10 2 nickserv Freenode 16:10 3 #edgecase2 Freenode 16:10 4 #edgecase2 Freenode2 16:10 5 #edgecase2 Freenode3




Hm. Don't leave channel, close windows 4 and 5.


Hm. closing window 5 auto-left #edgecase2.



close window 3.



/disconnect

/connect Freenode



Again.


On the web admin, the network Freenode is listed as having 3 clients.
- delete the network and recreate it. maybe this will reset everything to 1 client.
-- this time don't add channel #edgecase2 to network settings on ZNC.



connect to znc. everything seems ok.

reload web admin page. 1 client shown for Freenode network.



/join #edgecase2

/win list

16:29 Ref Name Active item Server Level 16:29 1 *status Freenode 16:29 2 #edgecase2 Freenode



Good.



in #edgecase2:

16:30 <@stjohn_piano_2> hello
16:30 <@stjohn_piano_2> testing
16:30 <@stjohn_piano_2> 1 2 3


works.




/join #freenode


/win list:
16:36 Ref Name Active item Server Level 16:36 1 *status Freenode 16:36 2 #edgecase2 Freenode 16:36 3 alis Freenode 16:36 4 #freenode Freenode



Now, let's try disconnecting from ZNC bouncer and reconnecting to it, and seeing if any buffered messages are sent to my client all at once.


command: /disconnect Freenode


16:37 -!- amosbird [~amosbird@123.206.66.49] has joined #freenode
16:37 -!- amosbird [~amosbird@123.206.66.49] has quit [Max SendQ exceeded]
16:37 -!- Irssi: Disconnecting from server edgecase-test.net: [leaving]
16:37 -!- Irssi: Connection lost to edgecase-test.net




/win list:
16:38 Ref Name Active item Server Level 16:38 1 *status 16:38 2 16:38 3 alis 16:38 4




Set timer for an hour.



[a couple hours have passed]



/connect Freenode


Cool. Lots of messages in #freenode, from the past couple of hours, all loaded into my client.


I haven't included all the buffered messages, but here is the start and end:


18:34 -!- Irssi: #freenode: Total of 1760 nicks [39 ops, 0 halfops, 0 voices, 1721 normal]
18:34 < ***> Buffer Playback...
18:34 < Nyashko-chan> [15:42:37] hello... guys :(
18:34 < Nyashko-chan> [15:44:02] i was banned from #anime channel... because of this bastard....
18:34 < Nyashko-chan> [15:44:23] for a 360 days.... :(
18:34 < MetaNova> [15:44:52] this is not the place to contest channel bans

[...]

18:34 < indomitable> [16:45:03] MetaNova, no, it's a star trek reference
18:34 < NotMyRealName> [16:49:35] Thanks dax. Someone ran a proxy some months ago with this IP so it's on a
blacklist
18:34 < ***> Playback Complete.
18:34 -!- You are no longer marked as being away
18:34 -!- Irssi: No new messages in awaylog
18:34 -!- Channel #freenode created Fri Feb 9 23:16:24 2001
18:34 -!- Irssi: Join to #freenode was synced in 3 secs
18:35 -!- f3ck4r [~n00k13@unaffiliated/f3ck4r] has joined #freenode
18:35 -!- Michel_ [~Michel@131.221.119.77] has quit [Ping timeout: 246 seconds]
18:36 -!- f3ck4r [~n00k13@unaffiliated/f3ck4r] has left #freenode []





I note that the ZNC-buffered messages are timestamped with my current time on my local computer. In place of the username and IP address / cloak, however, there is the original timestamp.







Let's test that rebooting the droplet will restart ZNC.



[root@bouncer ~]# exit

logout
Connection to edgecase-test.net closed.



In the DigitalOcean web application, power-cycle the droplet "bouncer".



In irssi, in #edgecase2, I see:

18:43 -!- Irssi: Connection lost to edgecase-test.net
18:43 -!- Irssi: Removed reconnection to server edgecase-test.net port 1025
18:43 -!- Irssi: Looking up edgecase-test.net
18:43 -!- Irssi: Reconnecting to edgecase-test.net [206.189.119.239] port 1025 - use /RMRECONNS to abort
18:43 -!- Irssi: Connection to edgecase-test.net established
18:43 -!- Welcome to ZNC
18:43 -!- [card.freenode.net] You have not registered
18:43 -!- [card.freenode.net] Welcome to the freenode Internet Relay Chat Network stjohn_piano_2
18:43 -!- Your host is card.freenode.net[38.229.70.22/6667], running version ircd-seven-1.1.7

[...]

18:43 -NickServ(NickServ@services.)- This nickname is registered. Please choose a different nickname, or
identify via /msg NickServ identify <password>.
18:43 -NickServ(NickServ@services.)- You have 30 seconds to identify to your nickname before it is changed.
18:43 -NickServ(NickServ@services.)- You are now identified for stjohn_piano_2.
18:43 -!- unaffiliated/stjohn-piano-2/x-9740860 is now your hidden host (set by services.)
18:43 -freenode-connect(frigg@freenode/utility-bot/frigg)- Welcome to freenode. To protect the network all
new connections will be scanned for vulnerabilities. This will not harm your computer, and
vulnerable hosts will be notified.
18:43 freenode-connect [frigg@freenode/utility-bot/frigg] requested CTCP VERSION from stjohn_piano_2:
18:43 -!- * stjohn_piano_2 H 0 ~stjohn_pi@unaffiliated/stjohn-piano-2/x-9740860 [StJohn Piano]
18:43 -!- End of /WHO list
18:43 -!- stjohn_piano_2 [~stjohn_pi@unaffiliated/stjohn-piano-2/x-9740860] has joined #edgecase2
18:43 -!- Topic for #edgecase2: edgecase.net
18:43 -!- Topic set by stjohn_piano_2 [~stjohn_pi@[deleted]] [Fri Apr
26 10:32:17 2019]
18:43 [Users #edgecase2]
18:43 [@ChanServ] [ stjohn_piano_2]
18:43 -!- Irssi: #edgecase2: Total of 2 nicks [1 ops, 0 halfops, 0 voices, 1 normal]
18:43 -!- mode/#edgecase2 [+o stjohn_piano_2] by ChanServ
18:43 -ChanServ(ChanServ@services.)- [#freenode] Please read the topic.
18:43 -!- Channel #edgecase2 created Thu Apr 25 19:42:22 2019
18:43 -!- Irssi: Join to #edgecase2 was synced in 24 secs







Obviously, restarting the ZNC bouncer vm causes a part then a join.

As indicated in this line:
18:43 -!- stjohn_piano_2 [~stjohn_pi@unaffiliated/stjohn-piano-2/x-9740860] has joined #edgecase2





Next day:

$ irssi


connects automatically to Freenode.


11:57 -!- Irssi: Looking up edgecase-test.net
11:57 -!- Irssi: Connecting to edgecase-test.net [206.189.119.239] port 1025
11:57 -!- Irssi: Connection to edgecase-test.net established
11:57 -!- Welcome to the freenode Internet Relay Chat Network stjohn_piano_2


Followed by MOTD (message of the day):

11:57 -!- Welcome to the freenode Internet Relay Chat Network stjohn_piano_2
11:57 -!- Your host is card.freenode.net[38.229.70.22/6667], running version ircd-seven-1.1.7
11:57 -!- This server was created Tue Sep 25 2018 at 13:22:00 UTC
11:57 -!- card.freenode.net ircd-seven-1.1.7 DOQRSZaghilopswz CFILMPQSbcefgijklmnopqrstvz bkloveqjfI
11:57 -!- CHANTYPES=# EXCEPTS INVEX CHANMODES=eIbq,k,flj,CFLMPQScgimnprstz CHANLIMIT=#:120
PREFIX=(ov)@+ MAXLIST=bqeI:100 MODES=4 NETWORK=freenode STATUSMSG=@+ CALLERID=g
CASEMAPPING=rfc1459 are supported by this server
11:57 -!- CHARSET=ascii NICKLEN=16 CHANNELLEN=50 TOPICLEN=390 DEAF=D FNC
TARGMAX=NAMES:1,LIST:1,KICK:1,WHOIS:1,PRIVMSG:4,NOTICE:4,ACCEPT:,MONITOR: EXTBAN=$,ajrxz
CLIENTVER=3.0 KNOCK CPRIVMSG CNOTICE are supported by this server
11:57 -!- WHOX SAFELIST ELIST=CTU ETRACE are supported by this server
11:57 -!- There are 104 users and 90147 invisible on 32 servers
11:57 -!- 36 IRC Operators online
11:57 -!- 53490 channels formed
11:57 -!- I have 4376 clients and 1 servers
11:57 -!- 4376 4637 Current local users 4376, max 4637
11:57 -!- 90251 92493 Current global users 90251, max 92493
11:57 -!- Highest connection count: 4638 (4637 clients) (84971 connections received)
11:57 -!- - card.freenode.net Message of the Day -
11:57 -!- -
11:57 -!- - Welcome to card.freenode.net in Washington, DC, US, kindly sponsored by
11:57 -!- - Team Cymru (http://www.team-cymru.org).
11:57 -!- -
11:57 -!- - CARD, ORSON SCOTT [1951-]. Born in Richland, Washington, Card grew up in
11:57 -!- - California, Arizona, and Utah. He lived in Brazil for two years as an unpaid
11:57 -!- - missionary for the Mormon Church. Author of the Ender and Alvin Maker books,
11:57 -!- - Card's science fiction and fantasy work is strongly influenced by his Mormon
11:57 -!- - cultural background. The first author to win the Hugo and Nebula novel awards
11:57 -!- - two years in a row, Card currently lives in Greensboro, North Carolina, US.
11:57 -!- -
11:57 -!- -
11:57 -!- - Welcome to freenode - supporting the free and open source
11:57 -!- - software communities since 1998.
11:57 -!- -
11:57 -!- - By connecting to freenode you indicate that you have read and
11:57 -!- - accept our policies and guidelines as set out on https://freenode.net
11:57 -!- -
11:57 -!- - In the event that you observe behaviour that contravenes our policies,
11:57 -!- - please notify a volunteer staff member via private message, or send us an
11:57 -!- - e-mail to complaints@freenode.net -- we will do our best to address the
11:57 -!- - situation within a reasonable period of time, and we may request further
11:57 -!- - information or, as appropriate, involve other parties such as channel operators
11:57 -!- - Group Contacts representing an on-topic group.
11:57 -!- -
11:57 -!- - freenode runs an open proxy scanner.
11:57 -!- -
11:57 -!- - If you are looking for assistance, you may be able to find a list of
11:57 -!- - volunteer staff on '/stats p' (shows only on-call staff) or by joining
11:57 -!- - #freenode and using the '/who freenode/staff/*' command. You may message
11:57 -!- - any of us at any time. Please note that freenode predominantly provides
11:57 -!- - assistance via private message, and while we have a network channel the
11:57 -!- - primary venue for support requests is via private message to a member
11:57 -!- - of the volunteer staff team.
11:57 -!- -
11:57 -!- - From time to time, volunteer staff may send server-wide notices relating to
11:57 -!- - the project, or the communities that we host. The majority of such notices
11:57 -!- - will be sent as wallops, and you can '/mode <yournick> +w' to ensure that you
11:57 -!- - do not miss them. Important messages relating to the freenode project, including
11:57 -!- - notices of upcoming maintenance and other scheduled downtime will be issued as
11:57 -!- - global notices.
11:57 -!- -
11:57 -!- - Representing an on-topic project? Don't forget to register, more information
11:57 -!- - can be found on the https://freenode.net website under "Group Registration".
11:57 -!- -
11:57 -!- - Thank you also to our server sponsors for the sustained support in keeping the
11:57 -!- - network going for close to two decades.
11:57 -!- -
11:57 -!- - Thank you to all of our attendees, sponsors, speakers, exhibitors, helpers,
11:57 -!- - and everyone else who made this year's freenode #live conference amazing.
11:57 -!- - https://freenode.net/news/live-2018
11:57 -!- -
11:57 -!- - Thank you for using freenode!
11:57 -!- End of /MOTD command.
11:57 -!- Mode change [+i] for user stjohn_piano_2
11:57 -!- You have been marked as being away
11:57 -!- You are no longer marked as being away
11:57 -!- Irssi: No new messages in awaylog





/join #edgecase2

11:57 -!- stjohn_piano_2 [~stjohn_pi@unaffiliated/stjohn-piano-2/x-9740860] has
joined #edgecase2
11:57 -!- Topic for #edgecase2: edgecase.net
11:57 -!- Topic set by stjohn_piano_2
[~stjohn_pi@[deleted]] [Fri
Apr 26 10:32:17 2019]
11:57 [Users #edgecase2]
11:57 [@ChanServ] [ stjohn_piano_2]
11:57 -!- Irssi: #edgecase2: Total of 2 nicks [1 ops, 0 halfops, 0 voices, 1
normal]
11:57 -!- mode/#edgecase2 [+o stjohn_piano_2] by ChanServ
11:57 -!- Channel #edgecase2 created Thu Apr 25 19:42:22 2019
11:57 -!- Irssi: Join to #edgecase2 was synced in 1 secs






I'd like to turn off the MOTD that appears whenever I reconnect via irssi from my local computer to Freenode.




Hm. After some searching and reading, I have not found a built-in option to do this. I think a solution would involve a script plugin for ZNC that filters out the Freenode MOTD message. I think that when I disconnect irssi from ZNC, my nick status is set to "away", and that the MOTD message is re-sent to my client whenever my nick status stops being "away".





I'll stop the project here. I have the functionality that I wanted to set up.










[start of notes]



Changes from the original text:
- I have not always preserved the format of any excerpts from webpages on other sites (e.g. not preserving the original bold/italic styles, changing the list structures, not preserving hyperlinks).
- I have not always preserved the format of any computer output (e.g. from running bash commands). Examples: Setting input lines in bold text, adding/removing newlines in order to make a sequence of commands easier to read, using hyphens for lists and sublists instead of indentation, breaking wide tables into consecutive sections.
- I've replaced personal information (e.g. email address, password(s), local IP or IP description) with "[deleted]".


[end of notes]