Sophie

Sophie

distrib > Mageia > 7 > i586 > media > core-release > by-pkgid > c4baf510416d3106a3648b941f6ef964 > files > 1

iplog-2.2.3-25.mga7.i586.rpm

/*
** $Id: example-iplog.conf,v 1.1 2000/07/03 18:32:42 odin Exp $
**
** Example iplog configuration file.
** Edit me and copy me to /etc/iplog.conf
**
** See iplog.conf(5) for details on syntax and a full description
** of available options.
*/

# Run as user "nobody."
user nobody

# Run with group "nobody."
group nogroup

#
# Log to file or syslog, not both
#
# Log to /var/log/iplog
logfile /var/log/iplog

# Use the syslog(3) facility log_daemon.
#facility log_daemon

# Use the syslog(3) priority (level) log_info.
#priority log_info

# Log the IP address as well as the hostname of packets. 
set log_ip false

# Do not log the destination of packets.
set log_dest false

# Use custom DNS cache
set dns_cache true

# Listen on eth0 and eth1
#interface eth0,eth1
#interface eth0

# Operate in promiscuous mode and watch the 192.168.0.x network
# promisc 192.168.0.0/24

# Resolve ip addresses
set udp_resolve true
set tcp_resolve true
set icmp_resolve true

# Ignore DNS traffic from nameservers in /etc/resolv.conf.
set ignore_dns true

# Perform ident lookup on connections for listening port
#   note: not compatible with promisc flag
set get_ident false

# Log vanilla TCP, UDP, and ICMP
set tcp true
set udp true
set icmp true

# Detect port scans
set fin_scan true
set udp_scan true
set portscan true
set xmas_scan true
set null_scan true

# Try to fool nmap's OS detection
set fool_nmap true

# Detect attacks
set frag true
set smurf true
set bogus true
set syn_flood true
set ping_flood true

# Enable detecting only scans and floods
set scans_only false

# Detect traceroute
set traceroute true

# Ignore ntp
ignore tcp dport 123
ignore udp dport 123

# Ignore ftp-data connections from to ports 1024 and above.
ignore tcp dport 1024: sport 20

# Ignore WWW connections, if you're running a WWW server.
#ignore tcp dport 80

# Ignore ICMP unreach.
ignore icmp type unreach

# Ignore all ICMP except ICMP echo packets.
#ignore icmp type !echo

# Ignore UDP traffic from the 127.1.2 network
#ignore udp from 127.1.2/24

# or
#ignore udp from 127.1.2/255.255.255.0

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional