--------------------------------------------------
# DEV_SPACE:device:min_space_kb
# arg "-dev" for disable.
DEV_SPACE:hda3:135000
DEV_SPACE:hda2:10000
DEV_SPACE:hda6:20000
DEV_SPACE:hda7:50000
--------------------------------------------------
# FS_SPACE:dir_or_file:max_space_kb
# arg "-fs" for disable.
FS_SPACE:/etc:50000
FS_SPACE:/var/log:5000
FS_SPACE:/usr/local/bin:100000
FS_SPACE:/var/log/syslog:2000
--------------------------------------------------
# PROC:prog_name:max_forks:max_size_kb, 0-ignore
# arg "-proc" for disable.
PROC:httpd:0:0
PROC:in.tproxyd:50:0
PROC:squid:0:30000
PROC:syslogd:0:30000
--------------------------------------------------
# NETSERVICE;host;port;timeout;send data;wait for data
# arg "-ns" for disable. !!! Use ';' instead ':' !!!
NETSERVICE;www.opennet.ru;80;5;GET http://www.opennet.me/under.shtml HTTP/1.0\\n\\n\\n;SKYNET
NETSERVICE;www.skyway.ru;80;5;GET http://www.skyway.ru/under.shtml HTTP/1.0\\n\\n\\n;SKYNET
NETSERVICE;www.linux.opennet.ru;80;5;GET http://www.linux.opennet.ru/index.html HTTP/1.0\\n\\n\\n;Chirkov
NETSERVICE;www.tyumen.ru;80;15;GET http://www.tyumen.ru/~mc/linux/index.html HTTP/1.0\\n\\n\\n;Chirkov
NETSERVICE;ftp.opennet.ru;21;5;QUIT;FTP server
NETSERVICE;boa.opennet.ru;25;5;QUIT;ESMTP
NETSERVICE;boa.opennet.ru;110;5;QUIT;POP3 Server
--------------------------------------------------
# DNS:name_server:host_name
# arg "-dns" for disable.
DNS:195.161.17.65:www.opennet.ru
DNS:ns.tyumen.ru:boa.opennet.ru
DNS:ns.sibtel.ru:pentagon.opennet.ru
DNS:www.opennet.ru:pentagon.opennet.ru
DNS:ns.tyumens.ru:boa.opennets.ru
DNS:ns.sibtel.ru:pentagon.opennets.ru
DNS:www.opennets.ru:pentagon.opennet.ru
--------------------------------------------------
# PING:host_name
# arg "-ping" for disable.
PING:boa.opennet.ru
PING:www.tyumen.ru
PING:127.0.0.1
--------------------------------------------------
# INTERFACE:infterface_name[-alias]
# arg "-if" for disable.
INTERFACE:cx0
INTERFACE:lo
INTERFACE:eth0
INTERFACE:eth0:0
INTERFACE:eth0:1
INTERFACE:eth0:2
INTERFACE:eth0:3
--------------------------------------------------
# ROUTE:ip_mask
# arg "-rt" for disable.
ROUTE:195.161.17.64
ROUTE:195.161.17.65
ROUTE:0.0.0.0
--------------------------------------------------
# SUID:dir_for_check:suid_prog_list_flag (1- list all suid programm, 0- silence)
# All suid files defined in stoplist will be ignored !
# arg "-suid" for disable.
SUID:/bin:1
SUID:/sbin:0
SUID:/usr/bin:0
SUID:/usr/sbin:0
--------------------------------------------------
# STOP_LIST:file_for_check
# arg "-make_stop_list" to create raw stoplist block at the end of the
# configuretion file.
# arg "-slist" for disable.
#
STOP_LIST:/bin/ping
STOP_LIST:/bin/su
STOP_LIST:/bin/login
STOP_LIST:/usr/bin/passwd
STOP_LIST:/usr/bin/traceroute
STOP_LIST:/usr/bin/sudo
STOP_LIST:/usr/sbin/sendmail
STOP_LIST:/usr/bin/procmail
STOP_LIST:/usr/sbin/pppd
--------------------------------------------------
# LOG_MON:log_path:perform_last_N_lines
# arg "-log" for disable.
LOG_MON:/var/log/messages:100
LOG_MON:/var/log/syslog:100
--------------------------------------------------
# LOG_INFO:regular_expressions for awk
# LOG_INFO:"END_OF_LIST"
LOG_INFO:getstatd.admin
LOG_INFO:getstatd.+request.+user
LOG_INFO:error
LOG_INFO:panic
LOG_INFO:failure
LOG_INFO:deny
LOG_INFO:fatal
LOG_INFO:ping
LOG_INFO:telnet
LOG_INFO:attack
LOG_INFO:reject
LOG_INFO:root
LOG_INFO:incorrect
LOG_INFO:illegal
LOG_INFO:wrong
LOG_INFO:failed
LOG_INFO:denied
LOG_INFO:refused
LOG_INFO:bad
LOG_INFO:permitted
LOG_INFO:END_OF_LIST
--------------------------------------------------
# Don't edit below ! Use arg "-make_stop_list" to create stoplist block.
[RAW_STOP_LIST]
|