| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 |
- # vim: syntax=sh
- eth0=enp5s0
- wan=enp1s0
- locnet=192.168.1.0/24
- lanip=192.168.1.1
- lanbro=192.168.1.255
- ## badips.com ##
- # ipset name
- banset=badips
- # set size, default 65536
- badmaxelems=131072
- # 0 - 5 , 0 will ban max
- banlevel=0
- # ban time in seconds, 1 week = 604800, 1 day = 86400
- banttl=604800
- # h,d,w,m,y
- rangecheck=1h
- # ssh,http... or any
- banservice=any
- ## whitenets ##
- #ipset name
- whiteset=goodips
- # set size, default 65536
- whitemaxelems=65536
- # default ttl
- whitettl=172800
- ## scannets ##
- #ipset name
- scanset=scanips
- # set size, default 65536
- scanmaxelems=65536
- # default ttl
- scanttl=172800
- ## DEBUG ##
- loginput=true
- logforward=true
- debugtcp=true
- debugudp=true
- debugicmp=true
- ## default hook order ##
- hooks=(
- base
- lan
- setup_wandroplog
- setup_fordroplog
- setup_whitenets
- setup_forward
- setup_badips
- setup_white
- setup_public
- setup_scanips
- setup_cast
- final
- )
- ## iptables invocation command ##
- iptables="iptables -w"
|
