Mercurial > hg > maltfilter
comparison example.conf @ 69:b090ddfccdab
Cleanups. Improve IP/host definitions.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Wed, 26 Aug 2009 15:19:08 +0300 |
parents | 42889eed0ce8 |
children | 532169789f52 |
comparison
equal
deleted
inserted
replaced
68:bac5931b8312 | 69:b090ddfccdab |
---|---|
20 | 20 |
21 ## IP addresses that should NOT be blocked under any circumstances. You should | 21 ## IP addresses that should NOT be blocked under any circumstances. You should |
22 ## set this if you wish to have a surefire open channel from some host, even in | 22 ## set this if you wish to have a surefire open channel from some host, even in |
23 ## the case someone tries to spoof IPs for denial of service. | 23 ## the case someone tries to spoof IPs for denial of service. |
24 ## | 24 ## |
25 ## NOTICE! This setting supports only IPv4 addresses, no IPv6 or DNS names. | 25 ## NOTICE! This setting supports only IPv4 addresses and address ranges, no |
26 ## You can have any number of NOACTION_IPS settings. | 26 ## IPv6 or DNS names. You can have any number of NOACTION_IPS settings. |
27 #NOACTION_IPS = "192.121.86.15" | 27 #NOACTION_IPS = "192.121.86.15" |
28 #NOACTION_IPS = "74.125.45.100" | 28 #NOACTION_IPS = "74.125.45.100" |
29 | |
30 ## Also ranges defined via CIDR notation can be used: | |
31 #NOACTION_IPS = "213.129.224.0/19" | |
29 | 32 |
30 ## For how many hours to keep general information about IP. Affects from | 33 ## For how many hours to keep general information about IP. Affects from |
31 ## how long period statistics dump shows data. Also hitcount thresholds | 34 ## how long period statistics dump shows data. Also hitcount thresholds |
32 ## take the old data into account, meaning that if FILTER_MAX_AGE < GLOBAL_MAX_AGE | 35 ## take the old data into account, meaning that if FILTER_MAX_AGE < GLOBAL_MAX_AGE |
33 ## hit data older than FILTER_MAX_AGE will be counted towards THRESHOLD. | 36 ## hit data older than FILTER_MAX_AGE will be counted towards THRESHOLD. |
36 ## System passwd file location (default is /etc/passwd), this file | 39 ## System passwd file location (default is /etc/passwd), this file |
37 ## is checked to figure out system account names. See also SYSACCT_* | 40 ## is checked to figure out system account names. See also SYSACCT_* |
38 ## settings below. | 41 ## settings below. |
39 #PASSWD = "/etc/passwd" | 42 #PASSWD = "/etc/passwd" |
40 | 43 |
41 ## Set range of system account UIDs here, default is 1-100. | 44 ## Set range of system account UIDs here, default is 1-999. |
42 ## Root account is handled by CHK_ROOT_SSH_PWD check. | 45 ## Root account is handled by CHK_ROOT_SSH_PWD check. |
43 #SYSACCT_MIN_UID = 1 | 46 #SYSACCT_MIN_UID = 1 |
44 #SYSACCT_MAX_UID = 100 | 47 #SYSACCT_MAX_UID = 999 |
45 | 48 |
46 | 49 |
47 ############################################################################# | 50 ############################################################################# |
48 ### Netfilter actions | 51 ### Netfilter actions |
49 ############################################################################# | 52 ############################################################################# |