# HG changeset patch
# User Matti Hamalainen <ccr@tnsp.org>
# Date 1251820127 -10800
# Node ID 1cbefe9c26c18b08c0cbe39423435736dd17cefb
# Parent  ca0fd7f3909b0520964de057ef44132508ed36dd
Swap defaults for filter and dronebl threshold values.

diff -r ca0fd7f3909b -r 1cbefe9c26c1 example.conf
--- a/example.conf	Mon Aug 31 11:58:05 2009 +0300
+++ b/example.conf	Tue Sep 01 18:48:47 2009 +0300
@@ -58,7 +58,7 @@
 
 ## How many "hits" the IP needs until it is eligible to be filtered.
 ## (the "hits" can be from any check, e.g. sshd crack, httpd, etc.)
-FILTER_THRESHOLD = 3
+FILTER_THRESHOLD = 5
 
 ## Weeding threshold in hours. Entries older than this will be removed
 ## off from current netfilter settings. Also, entries older than this
@@ -202,7 +202,7 @@
 ## Number of hits required before host IP goes to submission queue.
 ## This setting is independent of the general THRESHOLD value and
 ## only affects DroneBL submissions.
-DRONEBL_THRESHOLD    = 5
+DRONEBL_THRESHOLD    = 3
 
 ## Maximum age of hits counted towards DroneBL submission threshold.
 ## NOTICE! Value this is in _minutes_!
diff -r ca0fd7f3909b -r 1cbefe9c26c1 maltfilter
--- a/maltfilter	Mon Aug 31 11:58:05 2009 +0300
+++ b/maltfilter	Tue Sep 01 18:48:47 2009 +0300
@@ -34,7 +34,7 @@
   "SYSACCT_MAX_UID"     => 999,
 
   "FILTER"              => 0,
-  "FILTER_THRESHOLD"    => 3,
+  "FILTER_THRESHOLD"    => 5,
   "FILTER_MAX_AGE"      => 168,  # in hours
   "FILTER_TARGET"       => "DROP",
   "FILTER_CHAIN"        => "INPUT",
@@ -59,7 +59,7 @@
   "EVIDENCE_DIR"        => "",
 
   "DRONEBL"             => 0,
-  "DRONEBL_THRESHOLD"   => 5,
+  "DRONEBL_THRESHOLD"   => 3,
   "DRONEBL_MAX_AGE"     => 30, # in minutes
   "DRONEBL_RPC_URI"     => "http://dronebl.org/RPC2",
   "DRONEBL_RPC_KEY"     => "",