Mercurial > hg > maltfilter
comparison example.conf @ 61:8b33436dd18b
Update example configuration and documentation.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Mon, 17 Aug 2009 08:22:38 +0300 |
parents | 19dace24ad46 |
children | d2e2b82dd2f2 |
comparison
equal
deleted
inserted
replaced
60:38885f5f34f6 | 61:8b33436dd18b |
---|---|
12 # modification of netfilter/iptables, printing the iptables commands to | 12 # modification of netfilter/iptables, printing the iptables commands to |
13 # stdout instead. | 13 # stdout instead. |
14 # NOTICE! IF YOU DON'T CHANGE THIS TO 0, MALTFILTER WILL NOT DAEMONIZE! | 14 # NOTICE! IF YOU DON'T CHANGE THIS TO 0, MALTFILTER WILL NOT DAEMONIZE! |
15 DRY_RUN = 1 | 15 DRY_RUN = 1 |
16 | 16 |
17 # Full path to iptables binary | |
18 IPTABLES = "/sbin/iptables" | |
19 | |
17 # Maltfilter logfile path and name (set empty "" if you don't want logging) | 20 # Maltfilter logfile path and name (set empty "" if you don't want logging) |
18 LOGFILE = "/var/log/maltfilter" | 21 LOGFILE = "/var/log/maltfilter" |
19 | |
20 # Full path to iptables binary | |
21 IPTABLES = "/sbin/iptables" | |
22 | 22 |
23 # System passwd file location (default is /etc/passwd), this file | 23 # System passwd file location (default is /etc/passwd), this file |
24 # is checked to figure out system account names. See also SYSACCT_ | 24 # is checked to figure out system account names. See also SYSACCT_ |
25 # settings below. | 25 # settings below. |
26 #PASSWD = "/etc/passwd" | 26 #PASSWD = "/etc/passwd" |
159 | 159 |
160 | 160 |
161 ## If disabled (0), instead of full timestamps, first/last hit times | 161 ## If disabled (0), instead of full timestamps, first/last hit times |
162 ## will be printed as "W weeks, D days, H hours ago." etc. | 162 ## will be printed as "W weeks, D days, H hours ago." etc. |
163 #FULL_TIME = 1 | 163 #FULL_TIME = 1 |
164 | |
165 | |
166 ############################################################################# | |
167 ### Evidence gathering | |
168 ############################################################################# | |
169 ## By enabling EVIDENCE=1 and setting EVIDENCE_DIR to existing directory | |
170 ## writable by the effective UID which Maltfilter runs as, it will be | |
171 ## populated by *.data and *.hosts files. If succesfully retrieved, .data | |
172 ## files will have contents of the attempted XSS URI. *.hosts files | |
173 ## list which hosts have attempted to exploit this specific URI. | |
174 | |
175 #EVIDENCE = 0 | |
176 #EVIDENCE_DIR = "/var/run/malt-evidence" |