Last revised: June 27, 2019

.. _ident:

============
Ident Module
============

This module adds Eggdrop support for the externally-provided oident
service, or alternatively the ability for Eggdrop to act as its own ident
daemon. 

Traditionally, an IRC server queries port 113 on an irc client's host to
determine the ident for the client. The client's host normally replies with
the username of the account. If the host machine is running oident as its
ident service, Eggdrop can now interact with oident to instead reply with
a custom ident specified by Eggdrop (oidentd is an external service not
specific to Eggdrop nor maintained by Eggheads developers, thus no support
for it can be given).

Alternatively, this module can also allow Eggdrop to act as its own ident
daemon, answering queries from the IRC server directly. While this option
may be of use to a very specific group of people, it requires additional
external configuration via root access. Because most modern OSs do not allow
user-level programs to bind to port 113, required by this option, a user must
either:

- Allow Eggdrop to bind to ports <1024 via the command::

    sudo setcap "cap_net_bind_service=+ep" /path/to/eggdrop

  Warning: this will allow Eggdrop to *any* port below 1024, potentially
  allowing a user to impersonate a standard system service with Eggdrop

- Use iptables to re-route ident queries destined for port 113 to a
  >1024 port that Eggdrop can bind to, for example by running::

    sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport \
    113 -j REDIRECT --to-port <ident port in config>'

Additionally, using Eggdrop as a built-in ident daemon can cause issues
when running multiple bots from the same account. The ident server is only
activated and bound to the configured ident port while Eggdrop is connecting
to an IRC server, but only one Eggdrop can bind to port 113 at a time. If
multiple bots were to start at the same time, such as after a netsplit or host
reboot, only one bot can bind to port 113 at a time, creating ident conflicts.
Thus, this option is best suited for single-bot environments.

This module requires: 
  - oident to be running on your shell host, configured to allow user
    spoofing, for the oidentd method.

Put this line into your Eggdrop configuration file to load the ident
module::

  loadmodule ident

There are also some variables you can set in your config file:

  set ident-method 0
    This sets which ident method you wish to use:
     0 = oidentd / Your bot will overwrite $HOME/.oidentd.conf right before
       opening the socket to the IRC server with the global reply.
     1 = Builtin / Your bot will automatically turn its builtin identd on and
       off when needed so it shouldn't conflict with other identds that do the
       same. Ident port 113 is normally restricted to privileged processes on
       UNIX systems.

  set ident-port 113
    This sets the port which port Eggdrop will attempt to bind to for option 1 
    of ident-method. Most OSs do not allow non-privileged programs such as
    Eggdrop to bind to ports <1024; please read the beginning of this document
    for potential ways to implement this setting.


Copyright (C) 2019 - 2024 Eggheads Development Team
