-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdshield-ulog.conf
67 lines (59 loc) · 2.58 KB
/
dshield-ulog.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# Configuration file for dshield-ulog
#
# This paths for this file may be /etc/dshield-ulog.conf, ~/.dshield-ulogrc,
# or as specified on the command line with the -C switch.
#
# Questions to [email protected]
#
# These are the configurable items when using the dshield-ulog script to
# submit your iptables/ulogd firewall logs to dshield.org.
#
# NB: This file contains password data for the database, so make sure the
# permissions are tight (600 and owned by the user that runs the script).
#
# Thanks to dshield for providing a helpful service.
# User ID: the dshield.org user ID for whom the data should be submitted.
# Required: userid
userid your_userid_from_dshield
# Destination eMail address: the eMail address at dshield that accepts
# log submissions. You may want to set your own address here until you're
# comfortable that everything is working properly.
# Default: email is [email protected]
#email [email protected]
#email [email protected]
# cc eMail address: an eMail address to send a copy of the report to. Handy
# if you want to keep track of what you're sending in.
# Default: not used
# Mailer: the path to the mailer program. Needs to work like exim and sendmail
# such that `mailer [email protected]` starts and eMail message and close
# sends it.
# Default: mailer is /usr/sbin/exim (for debian users)
#mailer /usr/sbin/exim
# Database host, port, username, and password.
# Required: host, username, password
# Default: port is 3306
host mysql_host
#port 3306
username ulog_username
password ulog_password
# Maximum log period: the maximum number of hours worth of logs to submit.
# Since it runs as a cron job the timing is set in the crontab, but this
# option sets the maximum number of hours to look back for log entries.
# From dshield.org: "Please submit at least once a day, if possible, but
# no more often than once an hour."
# Default: maxperiod is 6 hours.
#maxperiod 6
# Cache directory: directory that holds cache information. The script stores
# the last time it was run and the period it scraped to avoid submitting
# duplicate entries. Please note that this directory must exist and be rw
# for the user who runs the script.
# Default: cache is /var/cache/dshield-ulog
#cache /var/cache/dshield-ulog
# Target obfuscation: per the dshield.org website, this item allows one to
# hide the target IP address, if desired. The values are:
# none -- the target IP is passed to dshield.org
# partial -- the first octet of the target IP is replaced with '10'
# complete -- the target IP is submitted as '10.0.0.1'
# Default: obfuscation is none
#obfuscation none