X-Git-Url: https://git.stderr.nl/gitweb?a=blobdiff_plain;f=etc%2Fvuurmuur%2Fconfig.conf;h=37bc4587124f793b2896752691e49bb5cf0e96ac;hb=refs%2Fheads%2Fds-host;hp=4a4d959964286d445a99c25be32f8dcc2551d1e0;hpb=7a316c8f15d2e928179efbdd02e739b157d6a15d;p=matthijs%2Fservers%2Fdrsnuggles.git diff --git a/etc/vuurmuur/config.conf b/etc/vuurmuur/config.conf index 4a4d959..37bc458 100644 --- a/etc/vuurmuur/config.conf +++ b/etc/vuurmuur/config.conf @@ -30,6 +30,9 @@ TC="" # Location of the modprobe-command (full path). MODPROBE="/sbin/modprobe" +# Maximum permissions for config and log files and directories. +MAX_PERMISSION="755" + # Load modules if needed? (yes/no) LOAD_MODULES="No" @@ -44,7 +47,7 @@ OLD_CREATE_METHOD="No" LOGDIR="/var/log/vuurmuur" # The logfile where the kernel writes the logs to e.g. /var/log/messages (full path). -SYSTEMLOG="/var/log/messages" +SYSTEMLOG="/var/log/rsyslog/syslog" # The loglevel to use when logging traffic. For use with syslog. LOGLEVEL="info" @@ -56,38 +59,38 @@ DYN_INT_CHECK="No" DYN_INT_INTERVAL="30" # LOG_POLICY controls the logging of the default policy. -LOG_POLICY="Yes" +LOG_POLICY="No" # LOG_POLICY_LIMIT sets the maximum number of logs per second. LOG_POLICY_LIMIT="20" # LOG_BLOCKLIST enables/disables logging of items on the blocklist. -LOG_BLOCKLIST="Yes" +LOG_BLOCKLIST="No" # LOG_INVALID enables/disables logging of INVALID traffic. -LOG_INVALID="Yes" +LOG_INVALID="No" # LOG_NO_SYN enables/disables logging of new tcp packets without the SIN flag set. -LOG_NO_SYN="Yes" +LOG_NO_SYN="No" # LOG_PROBES enables/disables logging of probes. Probes are packets that are used in portscans. -LOG_PROBES="Yes" +LOG_PROBES="No" # LOG_FRAG enables/disables logging of fragmented packets. -LOG_FRAG="Yes" +LOG_FRAG="No" # LOG_TCP_OPTIONS controls the logging of tcp options. This is. # not used by Vuurmuur itself. PSAD 1.4.x uses it for OS-detection. LOG_TCP_OPTIONS="No" # SYN_LIMIT sets the maximum number of SYN-packets per second. -USE_SYN_LIMIT="Yes" +USE_SYN_LIMIT="No" SYN_LIMIT="15" SYN_LIMIT_BURST="30" # UDP_LIMIT sets the maximum number of udp 'connections' per second. -USE_UDP_LIMIT="Yes" +USE_UDP_LIMIT="No" UDP_LIMIT="10" UDP_LIMIT_BURST="60"