tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
pandorafms/pandora_plugins/IPTraf/passive.collector.conf

68 lines
2.1 KiB
Plaintext
Raw Blame History

#############################################################################
# Collector Parameters
# Passive Collector
# Version 0.1
#############################################################################
# Pandora data in path
incomingdir /home/dario/incoming_iptraf/
# Interval
interval 300
# Interface where the IPTraf will search. 'interface all' for search on all interfaces
iface all
# Min size of each register of the log that will be stored
min_size 0
# IPTraf log file full path. This log will be deleted and created again in each execution
log_path /var/log/iptraf-ng/ip_traffic-1.log
#############################################################################
# Rules
#############################################################################
# Process rules:
# This rules will process all the packages that match with anyone of them
#
# Discard rules:
# This rules will discard all the packages that match with anyone of them
#
# Side of search:
# IPs and Ports could be searched in source or destination. Prefix 'src_' is
# to search on source and prefix 'dst_' is to search on destination.
#
# Ip match:
# The IP after 'dst_ip' or 'src_ip' will be searched. If the Ip is followed
# by '/' and a net mask, all of the IPs of this net will searched
#
# Port match:
# The Port after 'dst_port' or 'src_port' will be searched.
# If appear various ports separated by ',' (i.e.: 8080,80,21,22), all the
# list ports will be searched.
# If appear two ports separated by '-' (i.e.: 21-80), all the ports of this
# range will be searched.
#
# Negation:
# Is possible to negate a condition with the symbol '!' before the following
# strings: 'src_ip' and 'dst_ip' to negate the ip condition or 'src_port'
# and 'dst_port' to negate the port condition.
#
# Rules examples:
#
# discard src_ip 192.168.80.0/24 !src_port 8080
# process !dst_ip 192.168.40.23 src_port 8080
# process !dst_ip 192.168.50.1/32 !dst_port 21
#
#############################################################################
# Process rules
process src_ip 192.168.70.0/24 !src_port 0 protocol TCP,UDP
Reference in New Issue View Git Blame Copy Permalink