31 lines
1.5 KiB
Plaintext
31 lines
1.5 KiB
Plaintext
# Example configuration file for ddos-mitigator.sh.
|
|
# PLEASE TAKE CARE not to put any whitespace around the '=' signs, as this file is directly sourced by the script
|
|
# file and this needs to conform to the BASH syntax. Also, make sure to declare the COUNTRIES variable with the
|
|
# correct array syntax: COUNTRIES=("AA" "BB" "CC"), or to comment it out altogether.
|
|
|
|
# The path to the GeoIP2 database file (must be either country or city database). This parameter is mandatory. If it is
|
|
# not specified here, it must be given on the command line (through the -d option).
|
|
DATABASE_FILE="/path/to/geoip/country-or-city-database.mmdb"
|
|
|
|
# Enable the autopilot for automatically banning IP addresses of the desired countries (see also COUNTRIES option).
|
|
# Only ban IP addresses with at least AUTOPILOT current connections. If the value is not specified or 0, don't
|
|
# automatically ban IP addresses, but run in interactive mode.
|
|
AUTOPILOT="0"
|
|
|
|
# Defines the subnet size in bytes to be analyzed. Valid values are:
|
|
# - 8 for class A networks (X.0.0.0/8)
|
|
# - 16 for class B networks (X.X.0.0/16)
|
|
# - 24 for class C networks (X.X.X.0/24)
|
|
# - 32 for class D networks (X.X.X.X/32)
|
|
# If not specified, run in interactive mode and prompt for the netmask size.
|
|
NETMASK="8"
|
|
|
|
# The country-codes to block as an array. Defaults to "CN" (China).
|
|
#COUNTRIES=("CN" "HK" "TW")
|
|
|
|
# Specify the JAIL to use for banning the IP addresses. Defaults to 'apache-auth'.
|
|
#JAIL="apache-auth"
|
|
|
|
# The desired port to monitor. Defaults to 443 (https).
|
|
#PORT="443"
|