Okay,
Code:
# the executable CMD name in the log chain. This is A FILTERING FEATURE, not an
# ACCESS CONTROL feature. That means EG_DROP_CMD is intended to DENY outbound
# access for specified programs, not ALLOW.
#
# Format is comma separated list of executable names you wish to ban from being
# able to transmit data out of your server.
++ $'\r'
: command not foundline 431:
# CMD-Match outbound (egress) denied applications
EG_DROP_CMD="eggdrop psybnc bitchx BitchX init udp.pl"
'+ EG_DROP_CMD='eggdrop psybnc bitchx BitchX init udp.pl
++ $'\r'
: command not foundline 434:
##
# [Remote Rule Imports]
##
# Project Honey Pot is the first and only distributed system for identifying
# spammers and the spambots they use to scrape addresses from your website.
# This aggregate list combines Harvesters, Spammers and SMTP Dictionary attacks
# from the PHP IP Data at: http://www.projecthoneypot.org/list_of_ips.php
DLIST_PHP="1"
++ DLIST_PHP=$'1\r'
++ $'\r'
: command not foundline 443:
DLIST_PHP_URL="rfxn.com/downloads/php_list"
++ DLIST_PHP_URL=rfxn.com/downloads/php_list
++ $'\r'
: command not foundline 444:
DLIST_PHP_URL_PROT="http"
++ DLIST_PHP_URL_PROT=http
++ $'\r'
: command not foundline 445:
++ $'\r'
: command not foundline 446:
# The Spamhaus Don't Route Or Peer List (DROP) is an advisory "drop all
# traffic" list, consisting of stolen 'zombie' netblocks and netblocks
# controlled entirely by professional spammers. For more information please
# see http://www.spamhaus.org/drop/.
DLIST_SPAMHAUS="1"
++ DLIST_SPAMHAUS=$'1\r'
++ $'\r'
: command not foundline 452:
DLIST_SPAMHAUS_URL="www.spamhaus.org/drop/drop.lasso"
++ DLIST_SPAMHAUS_URL=www.spamhaus.org/drop/drop.lasso
++ $'\r'
: command not foundline 453:
DLIST_SPAMHAUS_URL_PROT="http"
++ DLIST_SPAMHAUS_URL_PROT=http
++ $'\r'
: command not foundline 454:
++ $'\r'
: command not foundline 455:
# DShield collects data about malicious activity from across the Internet.
# This data is cataloged, summarized and can be used to discover trends in
# activity, confirm widespread attacks, or assist in preparing better firewall
# rules. This is a list of top networks that have exhibited suspicious activity.
DLIST_DSHIELD="1"
++ DLIST_DSHIELD=$'1\r'
++ $'\r'
: command not foundline 461:
DLIST_DSHIELD_URL="feeds.dshield.org/top10-2.txt"
++ DLIST_DSHIELD_URL=feeds.dshield.org/top10-2.txt
++ $'\r'
: command not foundline 462:
DLIST_DSHIELD_URL_PROT="http"
++ DLIST_DSHIELD_URL_PROT=http
++ $'\r'
: command not foundline 463:
++ $'\r'
: command not foundline 464:
# The reserved networks list is addresses which ARIN has marked as reserved
# for future assignement and have no business as valid traffic on the internet.
# Such addresses are often used as spoofed (Fake) hosts during attacks, this
# will update the reserved networks list in order to prevent new ip assignments
# on the internet from getting blocked; this option is only important when
# BLK_RESNET is set to enabled.
DLIST_RESERVED="1"
++ DLIST_RESERVED=$'1\r'
++ $'\r'
: command not foundline 472:
DLIST_RESERVED_URL="rfxn.com/downloads/reserved.networks"
++ DLIST_RESERVED_URL=$'rfxn.com/downloads/reserved.networks\r'
DLIST_RESERVED_URL_PROT="http"
++ DLIST_RESERVED_URL_PROT=http
++ $'\r'
: command not foundline 474:
++ $'\r'
: command not foundline 475:
# ECN is an extension which helps reduce congestion. Unfortunately some
# clueless software/hardware vendors have setup their sites or implemented
# TCP/IP in a very broken manner. If you try to talk to these sites with ECN
# turned on, they will drop all packets from you. This feature uses the ECN
# hall of shame list to turn off ECN in packets to these hosts so your traffic
# is accepted as intended. This option is dependent on setting SYSCTL_ECN="1"
# otherwise it stays disabled.
DLIST_ECNSHAME="1"
++ DLIST_ECNSHAME=$'1\r'
++ $'\r'
: command not foundline 484:
DLIST_ECNSHAME_URL="rfxn.com/downloads/ecnshame.lst"
++ DLIST_ECNSHAME_URL=rfxn.com/downloads/ecnshame.lst
++ $'\r'
: command not foundline 485:
DLIST_ECNSHAME_URL_PROT="http"
++ DLIST_ECNSHAME_URL_PROT=http
++ $'\r'
: command not foundline 486:
++ $'\r'
: command not foundline 487:
##
# Global Trust
##
# This is an implementation of the trust rules (allow/deny_hosts) but
# on a global perspective. You can define below remote addresses from
# which the glob_allow/deny.rules files should be downloaded from on
# a daily basis. The files can be maintained in a static fashion by
# leaving USE_RGT=0, ideal for a host serving the files.
USE_RGT="0"
++ USE_RGT=$'0\r'
++ $'\r'
: command not foundline 497:
GA_URL="yourhost.com/glob_allow.rules"
++ GA_URL=yourhost.com/glob_allow.rules
++ $'\r'
: command not foundline 498:
GA_URL_PROT="http"
++ GA_URL_PROT=http
++ $'\r'
: command not foundline 499:
++ $'\r'
: command not foundline 500:
GD_URL="yourhost.com/glob_deny.rules"
++ GD_URL=yourhost.com/glob_deny.rules
++ $'\r'
: command not foundline 501:
GD_URL_PROT="http"
++ GD_URL_PROT=http
++ $'\r'
: command not foundline 502:
++ $'\r'
: command not foundline 503:
##
# [Logging and control settings]
##
# Log all traffic that is filtered by the firewall
LOG_DROP="0"
++ LOG_DROP=$'0\r'
++ $'\r'
: command not foundline 509:
# What log level should we send all log data too?
# refer to man syslog.conf for levels
LOG_LEVEL="crit"
++ LOG_LEVEL=$'crit\r'
++ $'\r'
: command not foundline 513:
# Where should we send all the logging data?
# ULOG (Allow ulogd to handle the logging)
# LOG (Default; sends logging to kernel log)
LOG_TARGET="LOG"
++ LOG_TARGET=$'LOG\r'
++ $'\r'
: command not foundline 518:
# Log interactive access over telnet & ssh; uses
# custom log prefix of ** SSH ** & ** TELNET **
LOG_IA="1"
++ LOG_IA=$'1\r'
++ $'\r'
: command not foundline 522:
# Log all foreign gateway traffic
LOG_LGATE="0"
++ LOG_LGATE=$'0\r'
++ $'\r'
: command not foundline 525:
# Extended logging information; this forces the output of tcp options and
# ip options for packets passing through the log chains
LOG_EXT="0"
++ LOG_EXT=$'0\r'
++ $'\r'
: command not foundline 529:
# Max firewall events to log per/minute. Log events exceeding these limits
# will be lost (1440 minutes/day * 30 events/minute = 43200 events per/day)
LOG_RATE="30"
++ LOG_RATE=$'30\r'
++ $'\r'
: command not foundline 533:
# Location of the apf status log; all startup, shutdown and runtime status
# sends outputs to this file
LOG_APF="/var/log/apf_log"
++ LOG_APF=$'/var/log/apf_log\r'
++ $'\r'
: command not foundline 537:
##
# [Import misc. conf]
##
# Internal variable file
CNFINT="$INSTALL_PATH/internals/internals.conf"
++ CNFINT=$'/etc/apf\r/internals/internals.conf\r'
. $CNFINT
++ . $'/etc/apf\r/internals/internals.conf\r\r'
: No such file or directory: /etc/apf
LinkBack URL
About LinkBacks
Reply With Quote
Bookmarks