File: shield.conf

package info (click to toggle)
pam-shield 0.9.2-3.3~squeeze1
  • links: PTS
  • area: main
  • in suites: squeeze
  • size: 216 kB
  • ctags: 113
  • sloc: ansic: 988; sh: 461; makefile: 102
file content (74 lines) | stat: -rw-r--r-- 1,210 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#
#	/etc/security/shield.conf
#

#
#	log debugging info to syslog
#
debug on

#
#	block unknown-users		blocks only unknown users
#	block all-users			blocks everyone
#
block unknown-users

#
#	is it OK for the remote host to have no DNS entry?
#
allow_missing_dns no

#
#	is it OK for the remote host to have no reverse DNS entry?
#
allow_missing_reverse no

#
#	allow these hosts or networks by name
#
allow localhost
# allow .localdomain

#
#	never lock out this network
#	You should list all your local networks here to make sure no local user can
#	lock you out from the inside
#
allow 127.0.0.1/255.0.0.0

# this syntax is also supported:
#allow 127.0.0.1/8


#
#	location of the database file
#
db /var/lib/pam_shield/db

#
#	external command that is run when a site should be blocked/unblocked
#
trigger_cmd /usr/sbin/shield-trigger

#
#	number of connections per interval from one site that triggers us
#
max_conns 10

#
#	the interval and retention period may be specified in seconds, or
#	with a postfix:
#
#		1s	seconds				1w	weeks
#		1m	minutes				1M	months (30 days)
#		1h	hours				1y	years
#		1d	days
#
interval 5m

#
#	period until the entry expires from the database again
#
retention 1w

# EOB