32 lines
699 B
Plaintext
32 lines
699 B
Plaintext
enable_ban = on
|
|
ban_time = 1900
|
|
ban_for_pps = on
|
|
ban_for_bandwidth = on
|
|
ban_for_flows = off
|
|
threshold_pps = 20000
|
|
threshold_mbps = 1000
|
|
threshold_flows = 3500
|
|
ban_details_records_count = 500
|
|
redis_port = 6379
|
|
redis_host = 127.0.0.1
|
|
check_period = 1
|
|
sort_parameter = packets
|
|
max_ips_in_list = 7
|
|
notify_script_path = /usr/local/bin/notify_about_attack.sh
|
|
redis_enabled = no
|
|
interfaces = eth3,eth4
|
|
netflow = off
|
|
netflow_port = 2055
|
|
netflow_host = 0.0.0.0
|
|
sflow = off
|
|
sflow_port = 6343
|
|
sflow_host = 127.0.0.1
|
|
mirror = on
|
|
mirror_netmap = off
|
|
pcap = off
|
|
average_calculation_time = 5
|
|
enable_connection_tracking = off
|
|
enable_pf_ring_zc_mode = off
|
|
process_incoming_traffic = on
|
|
process_outgoing_traffic = on
|