Mercurial > hg > maltfilter
diff example.conf @ 65:d2e2b82dd2f2
Work on DroneBL support.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Tue, 18 Aug 2009 00:43:10 +0300 |
parents | 8b33436dd18b |
children | 42889eed0ce8 |
line wrap: on
line diff
--- a/example.conf Mon Aug 17 17:46:15 2009 +0300 +++ b/example.conf Tue Aug 18 00:43:10 2009 +0300 @@ -34,19 +34,20 @@ ############################################################################# ### Actions, etc. settings ############################################################################# -## Weeding treshold in hours. Entries older than this will be removed -## off from current netfilter settings (e.g. they become unblocked again.) -#WEED_BLOCK = 168 +## Weeding threshold in hours. Entries older than this will be removed +## off from current netfilter settings. Also, entries older than this +## will not be added to netfilter to begin with. +#WEED_FILTER = 168 ## For how many hours to keep general information about IP. Affects from -## how long period statistics dump shows data. Also hitcount tresholds -## take the old data into account, meaning that if WEED_BLOCK < WEED_GLOBAL -## hit data older than WEED_BLOCK will be counted towards THRESHOLD. +## how long period statistics dump shows data. Also hitcount thresholds +## take the old data into account, meaning that if WEED_FILTER < WEED_GLOBAL +## hit data older than WEED_FILTER will be counted towards THRESHOLD. #WEED_GLOBAL = 336 ## How many "hits" the IP needs until it is eligible to be blocked. ## (the "hits" can be from any "source", e.g. sshd crack, httpd, etc.) -#TRESHOLD = 3 +#THRESHOLD = 3 ## Target iptables action for added entries, default is DROP, but you ## can use whatever rule chain name you want to here. @@ -174,3 +175,30 @@ #EVIDENCE = 0 #EVIDENCE_DIR = "/var/run/malt-evidence" + + +############################################################################# +### DroneBL submissions +############################################################################# +## Maltfilter can automatically submit entries to DroneBL DNSBL service. +## See <http://www.dronebl.org/> for more information. + +## 0 = submission disabled, otherwise enabled +DRONEBL = 0 + +## Number of hits required before host IP goes to submission queue. +## This setting is independent of the general THRESHOLD value and +## only affects DroneBL submissions. +DRONEBL_THRESHOLD = 5 + +## Maximum age of hits counted towards DroneBL submission threshold. +## There is currently no weeding of submissions. +DRONEBL_MAX_AGE = 30 + +## Your personal RPC key. This _MUST_ be set to a valid value, if you +## have enabled submissions. To get a personal key, go to: +## http://www.dronebl.org/rpckey_signup +DRONEBL_RPC_KEY = "" + +## RPC2 submission URI, usually you do not need to change this. +#DRONEBL_RPC_URI = "http://dronebl.org/RPC2"