# vuurmuur config file # The directory containting the plugins (full path). PLUGINDIR="/etc/vuurmuur/plugins" # Which plugin to use for which type of data. SERVICES_BACKEND="textdir" ZONES_BACKEND="textdir" INTERFACES_BACKEND="textdir" RULES_BACKEND="textdir" # Location of the rulesfile (full path). RULESFILE="/etc/vuurmuur/rules.conf" # Location of the blocklistfile (full path). BLOCKLISTFILE="/etc/vuurmuur/blocked.list" # Location of the iptables-command (full path). IPTABLES="/sbin/iptables" # Location of the iptables-restore-command (full path). IPTABLES_RESTORE="/sbin/iptables-restore" # Location of the modprobe-command (full path). MODPROBE="/sbin/modprobe" # Load modules if needed? (yes/no) LOAD_MODULES="Yes" # If set to yes, each rule will be loaded into the system individually using # iptables. Otherwise iptables-restore will be used (yes/no). OLD_CREATE_METHOD="No" # The directory containting the scripts (full path). SCRIPTS_DIR="/usr/share/vuurmuur/scripts" # The directory where the logs will be written to (full path). LOGDIR="/var/log/vuurmuur" # The logfile where the kernel writes the logs to e.g. /var/log/messages (full path). SYSTEMLOG="/var/log/debug" # The loglevel to use when logging traffic. For use with syslog. LOGLEVEL="debug" # Check the dynamic interfaces for changes? DYN_INT_CHECK="No" # Check every x seconds. DYN_INT_INTERVAL="30" # LOG_POLICY controls the logging of the default policy. LOG_POLICY="Yes" # LOG_POLICY_LIMIT sets the maximum number of logs per second. LOG_POLICY_LIMIT="30" # LOG_TCP_OPTIONS controls the logging of tcp options. This is. # not used by Vuurmuur itself. PSAD 1.4.0 uses it for OS-detection. LOG_TCP_OPTIONS="No" # SYN_LIMIT sets the maximum number of SYN-packets per second. SYN_LIMIT="14" SYN_LIMIT_BURST="28" # UDP_LIMIT sets the maximum number of udp 'connections' per second. UDP_LIMIT="15" UDP_LIMIT_BURST="30" # Protect against syn-flooding? (yes/no) PROTECT_SYNCOOKIE="Yes" # Ignore echo-broadcasts? (yes/no) PROTECT_ECHOBROADCAST="Yes" # end of file