Mercurial > hg > maltfilter

changeset 12:d6da1a6567f8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update example configuration.
author Matti Hamalainen <ccr@tnsp.org>
date Fri, 14 Aug 2009 01:26:29 +0300
parents 26c2cc5077aa
children fc053b001027
files example.conf
diffstat 1 files changed, 35 insertions(+), 34 deletions(-) [+]
line wrap: on
line diff
--- a/example.conf	Fri Aug 14 01:19:58 2009 +0300
+++ b/example.conf	Fri Aug 14 01:26:29 2009 +0300
@@ -24,34 +24,34 @@
 #############################################################################
 ### Actions, etc. settings
 #############################################################################
-# Weeding treshold in hours. Entries older than this will be "weeded"
-# off from current netfilter settings.
-WEEDPERIOD = 72
+## Weeding treshold in hours. Entries older than this will be "weeded"
+## off from current netfilter settings.
+#WEEDPERIOD = 150
 
-# How many "hits" the IP needs until it is eligible to be blocked.
-# (the "hits" can be from any "source", e.g. sshd crack, httpd, etc.)
-TRESHOLD = 3
+## How many "hits" the IP needs until it is eligible to be blocked.
+## (the "hits" can be from any "source", e.g. sshd crack, httpd, etc.)
+#TRESHOLD = 3
 
-# Target iptables action for added entries, default is DROP, but you
-# can use whatever rule chain name you want to here.
-ACTION = "DROP"
+## Target iptables action for added entries, default is DROP, but you
+## can use whatever rule chain name you want to here.
+#ACTION = "DROP"
 
-# IP addresses that should NOT be blocked under any circumstances. You should
-# set this if you wish to have a surefire open channel from some host, even in
-# the case someone tries to spoof IPs for denial of service.
-#
-# NOTICE! This setting supports only IPv4 addresses, no IPv6 or DNS names.
-# You can have any number of NOBLOCK_IPS settings.
-NOBLOCK_IPS = "192.121.86.15"
-NOBLOCK_IPS = "74.125.45.100"
+## IP addresses that should NOT be blocked under any circumstances. You should
+## set this if you wish to have a surefire open channel from some host, even in
+## the case someone tries to spoof IPs for denial of service.
+##
+## NOTICE! This setting supports only IPv4 addresses, no IPv6 or DNS names.
+## You can have any number of NOBLOCK_IPS settings.
+#NOBLOCK_IPS = "192.121.86.15"
+#NOBLOCK_IPS = "74.125.45.100"
 
 
 #############################################################################
 ### Logfiles
 #############################################################################
-# Define system log files to scan. Only auth.log and Apache errorlog /
-# common log format files are supported for now. You can have as many
-# of SCANFILE settings as you wish.
+## Define system log files to scan. Only auth.log and Apache errorlog /
+## common log format files are supported for now. You can have as many
+## of SCANFILE settings as you wish.
 SCANFILE = "/var/log/auth.log"
 SCANFILE = "/var/log/httpd/error.log"
 SCANFILE = "/var/log/httpd/access.log"
@@ -60,30 +60,31 @@
 #############################################################################
 ### Checks / tests
 #############################################################################
-# Enabled checks (1 = enabled, 0 = disabled). Please read the test
-# descriptions from "check_log_line" function in the maltfilter script.
+## Enabled checks (1 = enabled, 0 = disabled). Please read the test
+## descriptions from "check_log_line" function in the maltfilter script.
 CHK_SSHD            = 1
 CHK_KNOWN_CGI       = 1
 CHK_PHP_XSS         = 1
 CHK_PROXY_SCAN      = 1
-CHK_GOOD_HOSTS      = "example.org|google.com|74.125.45.100"
+#CHK_GOOD_HOSTS      = "example.org|google.com|74.125.45.100"
 
-# Notice! ONLY enable this setting, if you have disabled password root
-# logins from sshd_config (e.g. you have "PermitRootLogin without-password")
-# or that alternatively you have defined "safe" hosts in NOBLOCK_HOSTS below.
+## Notice! ONLY enable this setting, if you have disabled password root
+## logins from sshd_config (e.g. you have "PermitRootLogin without-password")
+## or that alternatively you have defined "safe" hosts in NOBLOCK_HOSTS below.
 CHK_ROOT_SSH_PWD    = 0
 
   
 #############################################################################
 ### Reports
 #############################################################################
-# Define files for periodically updated status reports (refreshed once
-# every few minutes.) Leave empty ("") if you do not want status reports.
+## Define files for periodically updated status reports (refreshed once
+## every few minutes.) Leave empty ("") or commented if you do not want
+## status reports.
 
-# Plain ASCII text file rerpot
-STATUS_FILE_PLAIN = ""
+## Plain ASCII text file rerpot
+#STATUS_FILE_PLAIN = "/var/www/maltstatus.txt"
 
-# HTML file and optional CSS stylesheet URL for the HTML
-# (if left empty, no CSS is used)
-STATUS_FILE_HTML = ""
-STATUS_FILE_CSS = ""
+## HTML file and optional CSS stylesheet URL for the HTML
+## (if left empty, CSS is not used.)
+#STATUS_FILE_HTML = "/var/www/maltstatus.html"
+#STATUS_FILE_CSS = "cool.css"