summaryrefslogblamecommitdiff
path: root/conf-tmpl/packet_athena.conf
blob: 22d44c1d16ecc13b2d38617ff17379caab04ffa9 (plain) (tree)


















                                                                                             

                                       

                    




                                                                                    




                         



                                                                                                  



                            
             



                  

                                                                                                     
 

                                       

                   

                               

             


                                                                                 



                                     
// Athena sockets Configuration file
// translated (davidsiaw)


// Display debug reports (iWhen something goes wrong during the report, the report is saved.)
debug: no

// How long can a socket stall before closing the connection (in seconds)
stall_time: 60

// When enabled, sets TCP_NODELAY (disable nagel Algorythm) on all connections
mode_neg: yes

// frame packet size as considered by the server (when there's enough
// information in queue to fill the frame_size, a "send" is forced)
//frame_size: 1054

//----- IP Rules Settings -----

// If IP's are checked when connecting.
// This also enables DDoS protection.
enable_ip_rules: yes

// Order of the checks
//   deny,allow     : Checks deny rules, then allow rules. Allows if no rules match.
//   allow,deny     : Checks allow rules, then deny rules. Allows if no rules match.
//   mutual-failure : Allows only if an allow rule matches and no deny rules match.
// (default is deny,allow)

order: deny,allow
// order: allow,deny
// order: mutual-failture

// IP rules
//   allow : Accepts connections from the ip range (even if flagged as DDoS)
//   deny  : Rejects connections from the ip range
// The rules are processed in order, the first matching rule of each list (allow and deny) is used

// allow: 127.0.0.1
// allow: 192.168.0.0/16
// allow: 10.0.0.0/255.0.0.0
// allow: all

// deny: 127.0.0.1


//---- DDoS Protection Settings ----
// If ddos_count connection request are made within ddos_interval msec, it assumes it's a DDoS attack

// Consecutive attempts interval (msec)
// (default is 3000 msecs, 3 seconds)
ddos_interval: 3000

// Consecutive attempts trigger
// (default is 10 attemps)
ddos_count: 5

// The time interval after which the threat of DDoS is assumed to be gone. (msec)
// After this amount of time, the DDoS restrictions are lifted.
// (default is 600000 msecs, 10 minutes)
ddos_autoreset: 600000


//import: conf/import/packet_conf.txt