projects / people / pmueller / ipfire-2.x.git / blame
| Commit | Line | Data |
|---|---|---|
| 7c4cc0d8 CS |
1 | # The machines IP address that is visable to the internet |
| 2 | # If this is left undefined, then guardian will attempt to get the information | |
| 3 | # from ifconfig, as long as it has an interface to use. This would be useful | |
| 4 | # for people on ppp links, or dhcp machines, or if you are lazy :) | |
| 5 | # HostIpAddr | |
| 6 | ||
| 7 | # Here we define the interface which we will use to guess the IP address, and | |
| 8 | # block incoming offending packets. This is the only option that is required | |
| 9 | # for guardian to run. If the rest are undefined, guardian will use the default. | |
| 10 | Interface ppp0 | |
| 11 | ||
| 12 | # The last octet of the ip address, which gives us the gateway address. | |
| 13 | HostGatewayByte 1 | |
| 14 | ||
| 15 | # Guardian's log file | |
| 16 | LogFile /var/log/guardian/guardian.log | |
| 17 | ||
| 18 | # Snort's alert file. This can be the snort.alert file, or a syslog file | |
| 19 | # There might be some snort alerts that get logged to syslog which guardian | |
| 20 | # might not see.. | |
| 21 | AlertFile /var/log/snort/alert | |
| 22 | ||
| 23 | # The list of ip addresses to ignore | |
| e55a2b81 | 24 | IgnoreFile /var/ipfire/guardian/guardian.ignore |
| 7c4cc0d8 CS |
25 | |
| 26 | # This is a list of IP addresses on the current host, in case there is more | |
| 27 | # than one. If this file doesn't exist, then it will assume you want to run | |
| 28 | # with the default setup (machine's ip address, and broadcast/network). | |
| e55a2b81 | 29 | TargetFile /var/ipfire/guardian/guardian.target |
| 7c4cc0d8 CS |
30 | |
| 31 | # The time in seconds to keep a host blocked. If undefined, it defaults to | |
| 32 | # 99999999, which basicly disables the feature. | |
| 33 | TimeLimit 86400 |