diff options
Diffstat (limited to 'conf')
-rw-r--r-- | conf/common/inter-server.conf | 3 | ||||
-rw-r--r-- | conf/global/sql_connection.conf | 3 | ||||
-rw-r--r-- | conf/import-tmpl/login-server.conf | 32 | ||||
-rw-r--r-- | conf/import-tmpl/login_conf.txt | 0 | ||||
-rw-r--r-- | conf/login-server.conf | 156 | ||||
-rw-r--r-- | conf/login/login-server.conf | 187 |
6 files changed, 225 insertions, 156 deletions
diff --git a/conf/common/inter-server.conf b/conf/common/inter-server.conf index fd55b27e5..888d4ad80 100644 --- a/conf/common/inter-server.conf +++ b/conf/common/inter-server.conf @@ -65,6 +65,9 @@ inter_configuration: { // this is meant for people who KNOW their stuff, and for some reason want to change their // database layout. [CLOWNISIUS] database_names: { + account_db: "login" + login_db: "loginlog" + ipban_table: "ipbanlist" char_db: "char" interlog_db: "interlog" ragsrvinfo_db: "ragsrvinfo" diff --git a/conf/global/sql_connection.conf b/conf/global/sql_connection.conf index 58c9e6d08..60fea5656 100644 --- a/conf/global/sql_connection.conf +++ b/conf/global/sql_connection.conf @@ -36,6 +36,9 @@ sql_connection: { // (Note that this feature requires MySQL 4.1+) //default_codepage: "" + // [LOGIN] Is `userid` in account_db case sensitive? + //case_sensitive: false + // For IPs, ideally under linux, you want to use localhost instead of 127.0.0.1. // Under windows, you want to use 127.0.0.1. If you see a message like // "Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)" diff --git a/conf/import-tmpl/login-server.conf b/conf/import-tmpl/login-server.conf new file mode 100644 index 000000000..feadef976 --- /dev/null +++ b/conf/import-tmpl/login-server.conf @@ -0,0 +1,32 @@ +//================= Hercules Configuration ================================ +//= _ _ _ +//= | | | | | | +//= | |_| | ___ _ __ ___ _ _| | ___ ___ +//= | _ |/ _ \ '__/ __| | | | |/ _ \/ __| +//= | | | | __/ | | (__| |_| | | __/\__ \ +//= \_| |_/\___|_| \___|\__,_|_|\___||___/ +//================= License =============================================== +//= This file is part of Hercules. +//= http://herc.ws - http://github.com/HerculesWS/Hercules +//= +//= Copyright (C) 2014-2016 Hercules Dev Team +//= +//= Hercules is free software: you can redistribute it and/or modify +//= it under the terms of the GNU General Public License as published by +//= the Free Software Foundation, either version 3 of the License, or +//= (at your option) any later version. +//= +//= This program is distributed in the hope that it will be useful, +//= but WITHOUT ANY WARRANTY; without even the implied warranty of +//= MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +//= GNU General Public License for more details. +//= +//= You should have received a copy of the GNU General Public License +//= along with this program. If not, see <http://www.gnu.org/licenses/>. +//========================================================================= +//= Login Server local configuration file. +//========================================================================= + +login_configuration: { + // See conf/login/login-server.conf for details +} diff --git a/conf/import-tmpl/login_conf.txt b/conf/import-tmpl/login_conf.txt deleted file mode 100644 index e69de29bb..000000000 --- a/conf/import-tmpl/login_conf.txt +++ /dev/null diff --git a/conf/login-server.conf b/conf/login-server.conf deleted file mode 100644 index 620fae327..000000000 --- a/conf/login-server.conf +++ /dev/null @@ -1,156 +0,0 @@ -// Hercules Login Server configuration file. -// Translated by Peter Kieser <pfak@telus.net> - -// Note: "Comments" are all text on the right side of a double slash "//" -// Whatever text is commented will not be parsed by the servers, and serves -// only as information/reference. - -// The login server listens on the interface with this IP address. -// NOTE: This allows you to run multiple servers on multiple interfaces -// while using the same ports for each server. -//bind_ip: 127.0.0.1 - -// Login Server Port -login_port: 6900 - -//Time-stamp format which will be printed before all messages. -//Can at most be 20 characters long. -//Common formats: -// %I:%M:%S %p (hour:minute:second 12 hour, AM/PM format) -// %H:%M:%S (hour:minute:second, 24 hour format) -// %d/%b/%Y (day/Month/year) -//For full format information, consult the strftime() manual. -//timestamp_format: [%d/%b %H:%M] - -//If redirected output contains escape sequences (color codes) -stdout_with_ansisequence: no - -//Makes server output more silent by omitting certain types of messages: -//1: Hide Information messages -//2: Hide Status messages -//4: Hide Notice Messages -//8: Hide Warning Messages -//16: Hide Error and SQL Error messages. -//32: Hide Debug Messages -//Example: "console_silent: 7" Hides information, status and notice messages (1+2+4) -console_silent: 0 - -// Can you use _M/_F to make new accounts on the server? -new_account: yes - -//If new_account is enabled, minimum length to userid and passwords should be 4? -//Must be 'Yes' unless your client uses both 'Disable 4 LetterUserID/Password' Diffs -new_acc_length_limit: yes - -// Account registration flood protection system -// allowed_regs is the number of registrations allowed in time_allowed (in seconds) -allowed_regs: 1 -time_allowed: 10 - -// To log the login server? -// NOTE: The login-sql server needs the login logs to enable dynamic pass failure bans. -log_login: yes - -// Indicate how to display date in logs, to players, etc. -date_format: %Y-%m-%d %H:%M:%S - -// Required account group id to connect to server. -// -1: disabled -// 0 or more: group id -group_id_to_connect: -1 - -// Minimum account group id required to connect to server. -// Will not function if group_id_to_connect config is enabled. -// -1: disabled -// 0 or more: group id -min_group_id_to_connect: -1 - -// Starting additional sec from now for the limited time at creation of account -// -1: new account are created with UNlimited time (default value) -// 0 or more: new accounts was created by addition of the value (in sec) to the actual time (to set first limited time) -start_limited_time: -1 - -// Check The clientversion set in the clientinfo ? -check_client_version: no - -// What version we would allow to connect? (if the options above is enabled..) -client_version_to_connect: 20 - -// Store passwords as MD5 hashes instead of plaintext ? -// NOTE: Will not work with clients that use <passwordencrypt> -use_MD5_passwords: no - -// Ipban features (SQL only) -ipban.enable: yes -//ipban.sql.db_hostname: 127.0.0.1 -//ipban.sql.db_port: 3306 -//ipban.sql.db_username: ragnarok -//ipban.sql.db_password: ragnarok -//ipban.sql.db_database: ragnarok -//ipban.sql.codepage: -//ipban.sql.ipban_table: ipbanlist -// Dynamic password failure ipban system -ipban.dynamic_pass_failure_ban: yes -ipban.dynamic_pass_failure_ban_interval: 5 -ipban.dynamic_pass_failure_ban_limit: 7 -ipban.dynamic_pass_failure_ban_duration: 5 - -// Interval (in seconds) to clean up expired IP bans. 0 = disabled. default = 60. -// NOTE: Even if this is disabled, expired IP bans will be cleaned up on login server start/stop. -// Players will still be able to login if an ipban entry exists but the expiration time has already passed. -ipban_cleanup_interval: 60 - -// Interval (in minutes) to execute a DNS/IP update. Disabled by default. -// Enable it if your server uses a dynamic IP which changes with time. -//ip_sync_interval: 10 - -// DNS Blacklist Blocking -// If enabled, each incoming connection will be tested against the blacklists -// on the specified dnsbl_servers (comma-separated list) -use_dnsbl: no -dnsbl_servers: bl.blocklist.de, socks.dnsbl.sorbs.net -// Here are some free DNS Blacklist Services: http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists -//============================================================================== -// dnsbl_servers Description -// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -// bl.blocklist.de IP-Addresses who attack other servers/honeypots over SSH, FTP, IMAP, etc. -// ircbl.ahbl.org AHBL (open proxies, compromised machines, comment spammers) -// safe.dnsbl.sorbs.net All zones in dnsbl.sorbs.net except "recent" and "escalations" -// sbl-xbl.spamhaus.org Spamhaus blacklist (spammers, open proxies) -// socks.dnsbl.sorbs.net Open SOCKS proxy servers -// tor.ahbl.org Current tor relay and exit nodes - - -// Account data storage configuration -// SQL -//account.sql.db_hostname: 127.0.0.1 -//account.sql.db_port: 3306 -//account.sql.db_username: ragnarok -//account.sql.db_password: ragnarok -//account.sql.db_database: ragnarok -//account.sql.codepage: -//account.sql.case_sensitive: no -//account.sql.account_db: login -//account.sql.accreg_db: global_reg_value - -// Client MD5 hash check -// If turned on, the login server will check if the client's hash matches -// the value below, and will not connect tampered clients. -// Note: see doc/md5_hashcheck.txt for more details. -client_hash_check: off - -// Client MD5 hashes -// The client with the specified hash can be used to log in by players with -// a group_id equal to or greater than the given value. -// If you specify 'disabled' as hash, players with a group_id greater than or -// equal to the given value will be able to log in regardless of hash (and even -// if their client does not send a hash at all.) -// Format: group_id, hash -// Note: see doc/md5_hashcheck.txt for more details. -//client_hash: 0, 113e195e6c051bb1cfb12a644bb084c5 -//client_hash: 10, cb1ea78023d337c38e8ba5124e2338ae -//client_hash: 99, disabled - - -import: conf/inter-server.conf -import: conf/import/login_conf.txt diff --git a/conf/login/login-server.conf b/conf/login/login-server.conf new file mode 100644 index 000000000..71928e3d0 --- /dev/null +++ b/conf/login/login-server.conf @@ -0,0 +1,187 @@ +//================= Hercules Configuration ================================ +//= _ _ _ +//= | | | | | | +//= | |_| | ___ _ __ ___ _ _| | ___ ___ +//= | _ |/ _ \ '__/ __| | | | |/ _ \/ __| +//= | | | | __/ | | (__| |_| | | __/\__ \ +//= \_| |_/\___|_| \___|\__,_|_|\___||___/ +//================= License =============================================== +//= This file is part of Hercules. +//= http://herc.ws - http://github.com/HerculesWS/Hercules +//= +//= Copyright (C) 2014-2016 Hercules Dev Team +//= +//= Hercules is free software: you can redistribute it and/or modify +//= it under the terms of the GNU General Public License as published by +//= the Free Software Foundation, either version 3 of the License, or +//= (at your option) any later version. +//= +//= This program is distributed in the hope that it will be useful, +//= but WITHOUT ANY WARRANTY; without even the implied warranty of +//= MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +//= GNU General Public License for more details. +//= +//= You should have received a copy of the GNU General Public License +//= along with this program. If not, see <http://www.gnu.org/licenses/>. +//========================================================================= +//= Login Server configuration file. +//========================================================================= + +login_configuration: { + // Login-server's console configuration + @include "conf/global/console.conf" + + inter: { + // The login server listens on the interface with this IP address. + // NOTE: This allows you to run multiple servers on multiple interfaces + // while using the same ports for each server. + //bind_ip: "127.0.0.1" + + // Login Server Port + login_port: 6900 + + // Interval (in minutes) to execute a DNS/IP update. Disabled by default. + // Enable it if your server uses a dynamic IP which changes with time. + //ip_sync_interval: 10 + } + + log: { + // To log the login server? + // NOTE: The login-sql server needs the login logs to enable dynamic pass failure bans. + log_login: true + + // Indicate how to display date in logs, to players, etc. + date_format: "%Y-%m-%d %H:%M:%S" + } + + // Account engine configuration + account: { + // Can you use _M/_F to make new accounts on the server? + new_account: true + + //If new_account is enabled, minimum length to userid and passwords should be 4? + //Must be 'true' unless your client uses both 'Disable 4 LetterUserID/Password' Diffs + new_acc_length_limit: true + + // Account registration flood protection system + // allowed_regs is the number of registrations allowed in time_allowed (in seconds) + allowed_regs: 1 + time_allowed: 10 + + // Starting additional sec from now for the limited time at creation of account + // -1: new account are created with UNlimited time (default value) + // 0 or more: new accounts was created by addition of the value (in sec) to the actual time (to set first limited time) + start_limited_time: -1 + + // Store passwords as MD5 hashes instead of plaintext ? + // NOTE: Will not work with clients that use <passwordencrypt> + use_MD5_passwords: false + + // Account data engine storage configuration + @include "conf/global/sql_connection.conf" + + //================================================================== + // IP banning system + //================================================================== + ipban: { + enabled: true + + // Interval (in seconds) to clean up expired IP bans. 0 = disabled. default = 60. + // NOTE: Even if this is disabled, expired IP bans will be cleaned up on login server start/stop. + // Players will still be able to login if an ipban entry exists but the expiration time has already passed. + cleanup_interval: 60 + + // SQL connection settings + @include "conf/global/sql_connection.conf" + + // Dynamic password failure ipban system + dynamic_pass_failure: { + enabled: true + + // Interval in minutes between failed tries + // Only failed tries between this interval will be accounted when banning + ban_interval: 5 + + // How many failures before adding a temporary ban entry? + ban_limit: 7 + + // Duration of the ban in minutes + ban_duration: 5 + } + } // login_configuration.account.ipban + } // login_configuration.account + + permission: { + // Required account group id to connect to server. + // -1: disabled + // 0 or more: group id + group_id_to_connect: -1 + + // Minimum account group id required to connect to server. + // Will not function if group_id_to_connect config is enabled. + // -1: disabled + // 0 or more: group id + min_group_id_to_connect: -1 + + // Check The clientversion set in the clientinfo ? + check_client_version: false + + // What version we would allow to connect? (if check_client_version is enabled) + client_version_to_connect: 20 + + //================================================================== + // Client hash checking system + //================================================================== + // Note: see doc/md5_hashcheck.txt for more details. + hash: { + // Client MD5 hash check + // If turned on, the login server will check if the client's hash matches + // the value below, and will not connect tampered clients. + enabled: false + + // Client MD5 hashes + // The client with the specified hash can be used to log in by players with + // a group_id equal to or greater than the given value. + // If you specify 'disabled' as hash, players with a group_id greater than or + // equal to the given value will be able to log in regardless of hash (and even + // if their client does not send a hash at all.) + MD5_hashes: ( + //{ + // group_id: group id + // hash: client hash + //}, + //{ + // group_id: 0 + // hash: "113e195e6c051bb1cfb12a644bb084c5" + //}, + //{ + // group_id: 10 + // hash: "cb1ea78023d337c38e8ba5124e2338ae" + //}, + //{ + // group_id: 99 + // hash: "disabled" + //}, + ) + } // login_configuration.permission.hash + + DNS_blacklist: { + // DNS Blacklist Blocking + // If enabled, each incoming connection will be tested against the blacklists + // on the specified dnsbl_servers + enabled: false + + dnsbl_servers: ( + // Here are some free DNS Blacklist Services: http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists + "bl.blocklist.de", // IP-Addresses who attack other servers/honeypots over SSH, FTP, IMAP, etc. + //"ircbl.ahbl.org", // AHBL (open proxies, compromised machines, comment spammers) + //"safe.dnsbl.sorbs.net", // All zones in dnsbl.sorbs.net except "recent" and "escalations" + //"sbl-xbl.spamhaus.org", // Spamhaus blacklist (spammers, open proxies) + "socks.dnsbl.sorbs.net", // Open SOCKS proxy servers + //"tor.ahbl.org", // Current tor relay and exit nodes + ) + } // login_configuration.DNS_blacklist + } // login_configuration.permission +} + +import: "conf/import/login-server.conf" |