4okunma
Kod ParçacığıBASH

Advanced Policy Firewall (APF ayar dosyası)

· Slaweally
advanced-policy-firewall-apf-ayar-dosyasi.Bash BASH
140 lines
DEVEL_MODE="0"
INSTALL_PATH="/etc/apf"
IFACE_UNTRUSTED="eth0"
IFACE_TRUSTED=""
USE_IPV6="1"
SET_VERBOSE="1"
SET_FASTLOAD="1"
SET_VNET="0"
SET_ADDIFACE="0"
SET_MONOKERN="0"
DOCKER_COMPAT="auto"
SET_EXPIRE="600"
PERMBLOCK_COUNT="5"
PERMBLOCK_INTERVAL="86400"
SET_REFRESH="10"
SET_REFRESH_MD5="1"
FQDN_TIMEOUT="10"
SET_TRIM="500"
VF_ROUTE="1"
VF_LGATE=""
RAB="1"
RAB_SANITY="1"
RAB_PSCAN_LEVEL="2"
RAB_HITCOUNT="1"
RAB_TIMER="600"
RAB_TRIP="1"
RAB_LOG_HIT="1"
RAB_LOG_TRIP="0"
TCP_STOP="DROP"
UDP_STOP="DROP"
ALL_STOP="DROP"
PKT_SANITY="1"
PKT_SANITY_INV="0"
PKT_SANITY_FUDP="1"
PKT_SANITY_PZERO="1"
TOS_DEF="0"
TOS_DEF_RANGE="512:65535"
TOS_0=""
TOS_2=""
TOS_4=""
TOS_8="21,20,80,443"
TOS_16="22,25,110,143"
TCR_PASS="1"
TCR_PORTS="33434:33534"
ICMP_LIM="30/s"
IG_TCP_CLIMIT="80:60,443:120,8443:15"
IG_UDP_CLIMIT=""
SYNFLOOD="1"
SYNFLOOD_RATE="100/s"
SYNFLOOD_BURST="150"
RESV_DNS="1"
RESV_DNS_DROP="1"
BLK_P2P_PORTS="1214,2323,4660_4678,6257,6699,6346,6347,6881_6889,7778"
BLK_PORTS="135_139,111,513,520,445,1433,1434,1234,1524,3127"
BLK_MCATNET="1"
BLK_PRVNET="0"
BLK_RESNET="1"
BLK_TCP_SACK_PANIC="0"
BLK_IDENT="1"
SYSCTL_CONNTRACK="262144"
SYSCTL_CONNTRACK_ADAPTIVE="1"
SYSCTL_CONNTRACK_INCREMENT="65536"
SYSCTL_CONNTRACK_HIGH="1048576"
SYSCTL_CONNTRACK_BUCKETS="32768"
SYSCTL_TCP="1"
SYSCTL_TCP_NOSACK="0"
SYSCTL_SYN="1"
SYSCTL_ROUTE="1"
SYSCTL_LOGMARTIANS="1"
SYSCTL_ECN="0"
SYSCTL_SYNCOOKIES="1"
SYSCTL_OVERFLOW="0"
HELPER_SSH="1"
HELPER_SSH_PORT="22"
HELPER_FTP="0"
HELPER_FTP_PORT="21"
HELPER_FTP_DATA="20"
IG_TCP_CPORTS="22,80,443,8443"
IG_UDP_CPORTS=""
IG_ICMP_TYPES="3,5,11,0,30,8"
IG_ICMPV6_TYPES="1,2,3,4,128,129"
EGF="0"
EG_TCP_CPORTS="21,25,80,443,43"
EG_UDP_CPORTS="20,21,53"
EG_ICMP_TYPES="all"
EG_ICMPV6_TYPES="all"
EG_TCP_UID=""
EG_UDP_UID=""
EG_DROP_CMD="eggdrop,psybnc,bitchx,BitchX,init,udp.pl"
SMTP_BLOCK="0"
SMTP_PORTS="25,465,587"
SMTP_ALLOWUSER=""
SMTP_ALLOWGROUP=""
DLIST_PHP="1"
DLIST_PHP_URL="https://cdn.rfxn.com/downloads/php_list"
DLIST_SPAMHAUS="1"
DLIST_SPAMHAUS_URL="https://www.spamhaus.org/drop/drop.lasso"
DLIST_DSHIELD="1"
DLIST_DSHIELD_URL="https://feeds.dshield.org/top10-2.txt"
DLIST_RESERVED="1"
DLIST_RESERVED_URL="https://cdn.rfxn.com/downloads/reserved.networks"
DLIST_ECNSHAME="0"
DLIST_ECNSHAME_URL="https://cdn.rfxn.com/downloads/ecnshame.lst"
USE_RGT="0"
GA_URL="https://yourhost.com/glob_allow.rules"
GD_URL="https://yourhost.com/glob_deny.rules"
USE_IPSET="auto"
IPSET_LOG_RATE="30"
IPSET_REFRESH="21600"
CC_LOG="1"
CC_LOG_ONLY="0"
CC_SRC="auto"
CC_CACHE_TTL="24"
CC_INTERVAL="7"
CC_IPV6="1"
CT_LIMIT="0"
CT_INTERVAL="30"
CT_BLOCK_TIME="1800"
CT_PORTS=""
CT_STATES=""
CT_SKIP_TIME_WAIT="0"
CT_PERMANENT="0"
CT_SKIP=""
USE_GRE="0"
GRE_PERSIST="1"
GRE_KEEPALIVE="10 3"
GRE_MTU=""
GRE_TTL="255"
LOG_DROP="1"
LOG_LEVEL="crit"
LOG_TARGET="LOG"
LOG_IA="1"
LOG_LGATE="0"
LOG_EXT="0"
LOG_RATE="30"
LOG_APF="/var/log/apf_log"
IPT_LOCK_SUPPORT="auto"
IPT_LOCK_TIMEOUT="3"
CNFINT="$INSTALL_PATH/internals/internals.conf"
. "$CNFINT"

Kullanım Notları

Merhabalar efenim, bu dosya da APF'in gerekli olan yapılandırma dosyıdır. direkt olarak ayar dosyasına ekleyebilirsiniz.

comments[] (0)

Henüz yorum yok. İlk yorumu siz yazın.

Yorum Yaz

stats
site.metrics
403bugün ziyaretçi
1817bugün görüntülenme
10873toplam ziyaretçi
44947toplam görüntülenme
124içerik
468yorum