# the executable CMD name in the log chain. This is A FILTERING FEATURE, not an
# ACCESS CONTROL feature. That means EG_DROP_CMD is intended to DENY outbound
# access for specified programs, not ALLOW.
# Format is comma separated list of executable names you wish to ban from being
# able to transmit data out of your server.
: command not foundline 431:
# CMD-Match outbound (egress) denied applications
EG_DROP_CMD="eggdrop psybnc bitchx BitchX init udp.pl"
'+ EG_DROP_CMD='eggdrop psybnc bitchx BitchX init udp.pl
: command not foundline 434:
# [Remote Rule Imports]
# Project Honey Pot is the first and only distributed system for identifying
# spammers and the spambots they use to scrape addresses from your website.
# This aggregate list combines Harvesters, Spammers and SMTP Dictionary attacks
# from the PHP IP Data at: http://www.projecthoneypot.org/list_of_ips.php
: command not foundline 443:
: command not foundline 444:
: command not foundline 445:
: command not foundline 446:
# The Spamhaus Don't Route Or Peer List (DROP) is an advisory "drop all
# traffic" list, consisting of stolen 'zombie' netblocks and netblocks
# controlled entirely by professional spammers. For more information please
# see http://www.spamhaus.org/drop/.
: command not foundline 452:
: command not foundline 453:
: command not foundline 454:
: command not foundline 455:
# DShield collects data about malicious activity from across the Internet.
# This data is cataloged, summarized and can be used to discover trends in
# activity, confirm widespread attacks, or assist in preparing better firewall
# rules. This is a list of top networks that have exhibited suspicious activity.
: command not foundline 461:
: command not foundline 462:
: command not foundline 463:
: command not foundline 464:
# The reserved networks list is addresses which ARIN has marked as reserved
# for future assignement and have no business as valid traffic on the internet.
# Such addresses are often used as spoofed (Fake) hosts during attacks, this
# will update the reserved networks list in order to prevent new ip assignments
# on the internet from getting blocked; this option is only important when
# BLK_RESNET is set to enabled.
: command not foundline 472:
: command not foundline 474:
: command not foundline 475:
# ECN is an extension which helps reduce congestion. Unfortunately some
# clueless software/hardware vendors have setup their sites or implemented
# TCP/IP in a very broken manner. If you try to talk to these sites with ECN
# turned on, they will drop all packets from you. This feature uses the ECN
# hall of shame list to turn off ECN in packets to these hosts so your traffic
# is accepted as intended. This option is dependent on setting SYSCTL_ECN="1"
# otherwise it stays disabled.
: command not foundline 484:
: command not foundline 485:
: command not foundline 486:
: command not foundline 487:
# Global Trust
# This is an implementation of the trust rules (allow/deny_hosts) but
# on a global perspective. You can define below remote addresses from
# which the glob_allow/deny.rules files should be downloaded from on
# a daily basis. The files can be maintained in a static fashion by
# leaving USE_RGT=0, ideal for a host serving the files.
: command not foundline 497:
: command not foundline 498:
: command not foundline 499:
: command not foundline 500:
: command not foundline 501:
: command not foundline 502:
: command not foundline 503:
# [Logging and control settings]
# Log all traffic that is filtered by the firewall
: command not foundline 509:
# What log level should we send all log data too?
# refer to man syslog.conf for levels
: command not foundline 513:
# Where should we send all the logging data?
# ULOG (Allow ulogd to handle the logging)
# LOG (Default; sends logging to kernel log)
: command not foundline 518:
# Log interactive access over telnet & ssh; uses
# custom log prefix of ** SSH ** & ** TELNET **
: command not foundline 522:
# Log all foreign gateway traffic
: command not foundline 525:
# Extended logging information; this forces the output of tcp options and
# ip options for packets passing through the log chains
: command not foundline 529:
# Max firewall events to log per/minute. Log events exceeding these limits
# will be lost (1440 minutes/day * 30 events/minute = 43200 events per/day)
: command not foundline 533:
# Location of the apf status log; all startup, shutdown and runtime status
# sends outputs to this file
: command not foundline 537:
# [Import misc. conf]
# Internal variable file
++ . $'/etc/apf\r/internals/internals.conf\r\r'
: No such file or directory: /etc/apf