#############################################################################
# Collector Parameters
# Passive Collector
# Version 0.1
#############################################################################

# Pandora data in path

incomingdir /home/dario/incoming_iptraf/

# Interval

interval 300

# Interface where the IPTraf will search. 'interface all' for search on all interfaces

iface all

# Min size of each register of the log that will be stored

min_size 0

# IPTraf log file full path. This log will be deleted and created again in each execution

log_path /var/log/iptraf-ng/ip_traffic-1.log

#############################################################################
# Rules
#############################################################################
# Process rules:
# This rules will process all the packages that match with anyone of them
#
# Discard rules:
# This rules will discard all the packages that match with anyone of them
# 
# Side of search:
# IPs and Ports could be searched in source or destination. Prefix 'src_' is 
# to search on source and prefix 'dst_' is to search on destination.
#
# Ip match:
# The IP after 'dst_ip' or 'src_ip' will be searched. If the Ip is followed
# by '/' and a net mask, all of the IPs of this net will searched
#
# Port match:
# The Port after 'dst_port' or 'src_port' will be searched. 
# If appear various ports separated by ',' (i.e.: 8080,80,21,22), all the 
# list ports will be searched. 
# If appear two ports separated by '-' (i.e.: 21-80), all the ports of this
# range will be searched.
#
# Negation:
# Is possible to negate a condition with the symbol '!' before the following
# strings: 'src_ip' and 'dst_ip' to negate the ip condition or 'src_port'
# and 'dst_port' to negate the port condition.
#
# Rules examples:
#
#    discard src_ip 192.168.80.0/24 !src_port 8080
#    process !dst_ip 192.168.40.23 src_port 8080
#    process !dst_ip 192.168.50.1/32 !dst_port 21
#
#############################################################################

# Process rules

process src_ip 192.168.70.0/24 !src_port 0 protocol TCP,UDP