enable_ban = on
ban_time = 1900
ban_for_pps = on
ban_for_bandwidth = on
ban_for_flows = off
threshold_pps = 20000
threshold_mbps = 1000
threshold_flows = 3500
ban_details_records_count = 500
redis_port = 6379
redis_host = 127.0.0.1
check_period = 1
sort_parameter = packets
max_ips_in_list = 7
notify_script_path = /usr/local/bin/notify_about_attack.sh
redis_enabled = no
interfaces = eth3,eth4
netflow = off
netflow_port = 2055
netflow_host = 0.0.0.0
sflow = off
sflow_port = 6343
sflow_host = 127.0.0.1
mirror = on
mirror_netmap = off
pcap = off
average_calculation_time = 5
enable_connection_tracking = off
enable_pf_ring_zc_mode = off
process_incoming_traffic = on
process_outgoing_traffic = on