summaryrefslogtreecommitdiff
path: root/conf/common/socket.conf
blob: 13c0ed9ea0ffa17840fa3b63e9f8a721643bdf4b (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
//================= Hercules Configuration ================================
//=       _   _                     _
//=      | | | |                   | |
//=      | |_| | ___ _ __ ___ _   _| | ___  ___
//=      |  _  |/ _ \ '__/ __| | | | |/ _ \/ __|
//=      | | | |  __/ | | (__| |_| | |  __/\__ \
//=      \_| |_/\___|_|  \___|\__,_|_|\___||___/
//================= License ===============================================
//= This file is part of Hercules.
//= http://herc.ws - http://github.com/HerculesWS/Hercules
//=
//= Copyright (C) 2014-2018  Hercules Dev Team
//=
//= Hercules is free software: you can redistribute it and/or modify
//= it under the terms of the GNU General Public License as published by
//= the Free Software Foundation, either version 3 of the License, or
//= (at your option) any later version.
//=
//= This program is distributed in the hope that it will be useful,
//= but WITHOUT ANY WARRANTY; without even the implied warranty of
//= MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//= GNU General Public License for more details.
//=
//= You should have received a copy of the GNU General Public License
//= along with this program.  If not, see <http://www.gnu.org/licenses/>.
//=========================================================================
//= Hercules Sockets configuration file
//=========================================================================

socket_configuration: {
	// How long can a socket stall before closing the connection (in seconds)?
	stall_time: 90

	// Display debug reports (When something goes wrong during the report, the report is saved.)
	debug: false

	// Linux/Epoll: Maxmimum Events per cycle
	// Default Value:
	//	(Maxmimum Supported Connections)/2
	// NOTE: this controls the maximum collected socket-events per-cycle (call to epoll_wait())
	//       for example settings this to 32 will allow up to 32 events (incomming data/new connections
	//       per server-cycle.
	// NOTE: Recommended Settings is at least half the maxmimum supported connections
	//       Settings this to a lower value, may cause lags/delays
	//       Depending on available CPU Time
	// NOTE: This Setting is only available on Linux when build using EPoll as event dispatcher!
	//
	//epoll_maxevents: 1024

	// Maximum allowed size for clients packets in bytes.
	// Default Values:
	// 24576 (Clients < 20131223)
	// 65535 (Clients >= 20131223)
	// NOTE: To reduce the size of reported packets, lower the values of defines, which
	//       have been customized, such as MAX_STORAGE, MAX_GUILD_STORAGE or MAX_CART.
	// NOTE: Do not modify this setting, unless the client has been modified to support
	//       larger packets. The client will crash, when it receives larger packets.
	//socket_max_client_packet: 65535

	//----- IP Rules Settings -----
	ip_rules: {
		// If IP's are checked when connecting.
		// This also enables DDoS protection.
		enable: true

		// Order of the checks
		//   deny,allow     : Checks deny rules, then allow rules. Allows if no rules match.
		//   allow,deny     : Checks allow rules, then deny rules. Allows if no rules match.
		//   mutual-failure : Allows only if an allow rule matches and no deny rules match.
		// (default is deny,allow)
		order: "deny,allow"

		// IP rules
		//   allow : Accepts connections from the ip range (even if flagged as DDoS)
		//   deny  : Rejects connections from the ip range
		// The rules are processed in order, the first matching rule of each list (allow and deny) is used
		allow_list: (
			//"127.0.0.1",
			//"192.168.0.0/16",
			//"10.0.0.0/255.0.0.0",
			//"all",
		)
		deny_list: (
			//"127.0.0.1",
		)
	}

	//---- DDoS Protection Settings ----
	// If ddos.count connection request are made within ddos.interval ms, it assumes it's a DDoS attack
	ddos: {
		// Consecutive attempts interval (msec)
		// (default is 3000 msecs, 3 seconds)
		interval: 3000 //ddos_interval

		// Consecutive attempts trigger
		// (default is 5 attemps)
		count: 5 //ddos_count

		// The time interval after which the threat of DDoS is assumed to be gone (ms)
		// After this amount of time, the DDoS restrictions are lifted.
		// (default is 600000ms, 10min)
		autoreset: 600000 //ddos_autoreset
	}
}

import: "conf/import/socket.conf"