IPTABLES_RESTORE="/sbin/iptables-restore"
# Location of the conntrack-command (full path).
-CONNTRACK=""
+CONNTRACK="/usr/sbin/conntrack"
# Location of the tc-command (full path).
TC=""
# Location of the modprobe-command (full path).
MODPROBE="/sbin/modprobe"
+# Maximum permissions for config and log files and directories.
+MAX_PERMISSION="755"
+
# Load modules if needed? (yes/no)
-LOAD_MODULES="Yes"
+LOAD_MODULES="No"
# Wait after loading a module in 1/10th of a second
MODULES_WAIT_TIME="10"
LOGDIR="/var/log/vuurmuur"
# The logfile where the kernel writes the logs to e.g. /var/log/messages (full path).
-SYSTEMLOG="/var/log/messages"
+SYSTEMLOG="/var/log/rsyslog/syslog"
# The loglevel to use when logging traffic. For use with syslog.
LOGLEVEL="info"
DYN_INT_INTERVAL="30"
# LOG_POLICY controls the logging of the default policy.
-LOG_POLICY="Yes"
+LOG_POLICY="No"
# LOG_POLICY_LIMIT sets the maximum number of logs per second.
LOG_POLICY_LIMIT="20"
# LOG_BLOCKLIST enables/disables logging of items on the blocklist.
-LOG_BLOCKLIST="Yes"
+LOG_BLOCKLIST="No"
# LOG_INVALID enables/disables logging of INVALID traffic.
-LOG_INVALID="Yes"
+LOG_INVALID="No"
# LOG_NO_SYN enables/disables logging of new tcp packets without the SIN flag set.
-LOG_NO_SYN="Yes"
+LOG_NO_SYN="No"
# LOG_PROBES enables/disables logging of probes. Probes are packets that are used in portscans.
-LOG_PROBES="Yes"
+LOG_PROBES="No"
# LOG_FRAG enables/disables logging of fragmented packets.
-LOG_FRAG="Yes"
+LOG_FRAG="No"
# LOG_TCP_OPTIONS controls the logging of tcp options. This is.
# not used by Vuurmuur itself. PSAD 1.4.x uses it for OS-detection.
projects / matthijs / servers / drsnuggles.git / blobdiff