Aligned average calculatuon time for subnets and enabled per flow counters by default
This commit is contained in:
Pavel Odintsov
parent
f2f59a1339
commit
91599d87da
GPG Key ID:
4AEE18F83AFDEB23
@ -47,7 +47,7 @@ check_period = 1
|
||||
|
||||
# Connection tracking is very useful for attack detection because it provides huge amounts of information,
|
||||
# but it's very CPU intensive and not recommended in big networks
|
||||
enable_connection_tracking = off
|
||||
enable_connection_tracking = on
|
||||
|
||||
# Different approaches to attack detection
|
||||
ban_for_pps = on
|
||||
@ -137,7 +137,7 @@ interfaces = eth3,eth4
|
||||
average_calculation_time = 5
|
||||
|
||||
# We use average values for traffic speed for subnet and we calculate average over this time slice
|
||||
average_calculation_time_for_subnets = 20
|
||||
average_calculation_time_for_subnets = 5
|
||||
|
||||
# Netflow configuration
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user