junkview configuration 1.00 /etc/junkview.conf -- 2006-04-04
#
# configuration for the junkview suite, see
# for further information
#
# Copyright (C) 2006 Grant Coady GPLv2
#
# Format
# ```````
# - do not alter signature line -> "junkview configuration 1.00 ".
# - comments start with '#' and extend to end of line, blank lines are ignored
# - options are keyword value pairs
# - there is no null string -- comment out the key, value line instead.
# - take care not to embed a keyword within another keyword ;)
#
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# code and data paths
# ````````````````````
# pick one pair only ;)
#
codepath /usr/local # /usr/local
datapath /usr/local/share/junkview # /usr/local/share/junkview
#codepath /usr # /usr/local
#datapath /usr/share/junkview # /usr/local/share/junkview
#
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# ip2cn-server
# `````````````
inetaddr localhost # listen machine (default localhost)
inetport 4743 # listen port (default 4743)
logquery 0 # log queries if set to 1, else 0
logreply 0 # log replies if set to 1, else 0
datamode 1 # '1' = ip2c-data, '0' = ip2c-index
ndxdata0 ip2c-index # ip2c-index for sf4sf mode
ndxdata1 ip2c-data # ip2c-data for junkview mode
namedata ip2c-names # no alternative at the moment
#
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# database source files
# ``````````````````````
# See junkview-update-database for data extraction details
ip2c_url http://software77.net/cgi-bin/ip-country/geo-ip.pl?action=download
ip2c_src IpToCountry.csv
#
# alternate data source
ip2ccurl http://www.maxmind.com/download/geoip/database/GeoIPCountryCSV.zip
ip2ccsrc GeoIPCountryWhois.csv
ip2ccdat ip2ccdata
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# data filenames
# ```````````````
# used by: ip2c-server, junkview -- only specified here
ip2cfile ip2c-data # ip2c data, required
namesfile ip2c-names # optional, comment out to disable
# used by: junkview
classify classify-text # optional, comment out to disable
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# junkview
# `````````
# setup log file parser
prefix JLE:inp:drop # must match first word iptables --log-prefix
# set hours, start and finish on junkview's CLI options, not here,
# perhaps use a wrapper script to call junkview with your options
# general
verbose 1 # use "-v verbose=n" to display .conf reader info
# hits / port chart
chartlen 16 # number of bars in chart
nochart 0 # non-zero to diable chart
logchart 1 # '0' for autoscale linear, '1' for log scale (new)
# hits summary
client 1 # we using ip2c-server
min_hits 3 # 3 threshold for displaying hits
showaddr 10 # max number of addr/hits detail
showdest 0 # '1' to display destination address
showhits 10 # max number of hits displayed
maxports 3 # max lines of hits/port detail
widthmax 79 # max width of report lines, n - 1, accepts 71..131
# hot list: ports hits that must be reported, comment whole line to disable
hot_list 22 # colon separated port numbers
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# debug, special, misc
# `````````````````````
# DNS host name lookup control
nohostname 0 # non-zero to disable DNS lookups
dns_wait 15 # number of seconds to wait for a reply
noshowport 0 # non-zero: no port summary, hostnames instead
# end