2014-12-05 10:46:01 +01:00
|
|
|
enable_ban = on
|
2014-12-03 16:03:47 +01:00
|
|
|
ban_time = 1900
|
2014-12-02 16:07:33 +01:00
|
|
|
ban_for_pps = on
|
|
|
|
ban_for_bandwidth = on
|
|
|
|
ban_for_flows = off
|
2014-06-09 11:06:59 +02:00
|
|
|
threshold_pps = 20000
|
2014-10-29 10:33:11 +01:00
|
|
|
threshold_mbps = 1000
|
2014-12-03 15:25:49 +01:00
|
|
|
threshold_flows = 3500
|
2014-12-19 09:39:41 +01:00
|
|
|
ban_details_records_count = 500
|
2014-06-09 11:06:59 +02:00
|
|
|
redis_port = 6379
|
|
|
|
redis_host = 127.0.0.1
|
2014-12-04 17:12:45 +01:00
|
|
|
check_period = 1
|
2014-06-09 11:06:59 +02:00
|
|
|
sort_parameter = packets
|
|
|
|
max_ips_in_list = 7
|
|
|
|
notify_script_path = /usr/local/bin/notify_about_attack.sh
|
2014-06-09 12:33:07 +02:00
|
|
|
redis_enabled = no
|
2014-06-22 13:06:48 +02:00
|
|
|
interfaces = eth3,eth4
|
2015-01-23 17:49:37 +01:00
|
|
|
netflow = off
|
2015-03-12 19:56:55 +01:00
|
|
|
netflow_port = 2055
|
2015-03-15 21:02:24 +01:00
|
|
|
netflow_host = 0.0.0.0
|
2014-12-02 13:43:34 +01:00
|
|
|
sflow = off
|
2015-03-12 19:56:55 +01:00
|
|
|
sflow_port = 6343
|
2015-03-15 21:11:56 +01:00
|
|
|
sflow_host = 127.0.0.1
|
2014-12-02 13:43:34 +01:00
|
|
|
mirror = on
|
2015-03-10 15:17:01 +01:00
|
|
|
mirror_netmap = off
|
2015-01-27 10:56:16 +01:00
|
|
|
pcap = off
|
2014-12-02 15:11:27 +01:00
|
|
|
average_calculation_time = 5
|
2014-12-19 13:56:54 +01:00
|
|
|
enable_connection_tracking = off
|
|
|
|
enable_pf_ring_zc_mode = off
|
2015-01-28 08:50:36 +01:00
|
|
|
process_incoming_traffic = on
|
2015-01-28 08:49:12 +01:00
|
|
|
process_outgoing_traffic = on
|