From c0e59c874786cdf3bc5863090934b8e18ba0336d Mon Sep 17 00:00:00 2001
From: Haru <haru@dotalux.com>
Date: Fri, 12 Feb 2016 16:17:30 +0100
Subject: Ported socket.conf (was packet.conf) to libconfig

Ported to modern Hercules and cleaned up from Panikon's commits: b10f2a88073882bea812c6278fdec7848102ab87, bc5007299a92898ea4630f2a977d9a1b42b6c145

Signed-off-by: Haru <haru@dotalux.com>
---
 conf/common/socket.conf | 106 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 conf/common/socket.conf

(limited to 'conf/common/socket.conf')

diff --git a/conf/common/socket.conf b/conf/common/socket.conf
new file mode 100644
index 000000000..0dd5386cb
--- /dev/null
+++ b/conf/common/socket.conf
@@ -0,0 +1,106 @@
+//================= Hercules Configuration ================================
+//=       _   _                     _
+//=      | | | |                   | |
+//=      | |_| | ___ _ __ ___ _   _| | ___  ___
+//=      |  _  |/ _ \ '__/ __| | | | |/ _ \/ __|
+//=      | | | |  __/ | | (__| |_| | |  __/\__ \
+//=      \_| |_/\___|_|  \___|\__,_|_|\___||___/
+//================= License ===============================================
+//= This file is part of Hercules.
+//= http://herc.ws - http://github.com/HerculesWS/Hercules
+//=
+//= Copyright (C) 2014-2016  Hercules Dev Team
+//=
+//= Hercules is free software: you can redistribute it and/or modify
+//= it under the terms of the GNU General Public License as published by
+//= the Free Software Foundation, either version 3 of the License, or
+//= (at your option) any later version.
+//=
+//= This program is distributed in the hope that it will be useful,
+//= but WITHOUT ANY WARRANTY; without even the implied warranty of
+//= MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//= GNU General Public License for more details.
+//=
+//= You should have received a copy of the GNU General Public License
+//= along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//=========================================================================
+//= Hercules Sockets configuration file
+//=========================================================================
+
+socket_configuration: {
+	// How long can a socket stall before closing the connection (in seconds)?
+	stall_time: 60
+
+	// Display debug reports (When something goes wrong during the report, the report is saved.)
+	debug: false
+
+	// Linux/Epoll: Maxmimum Events per cycle
+	// Default Value:
+	//	(Maxmimum Supported Connections)/2
+	// NOTE: this controls the maximum collected socket-events per-cycle (call to epoll_wait())
+	//       for example settings this to 32 will allow up to 32 events (incomming data/new connections
+	//       per server-cycle.
+	// NOTE: Recommended Settings is at least half the maxmimum supported connections
+	//       Settings this to a lower value, may cause lags/delays
+	//       Depending on available CPU Time
+	// NOTE: This Setting is only available on Linux when build using EPoll as event dispatcher!
+	//
+	//epoll_maxevents: 1024
+
+	// Maximum allowed size for clients packets in bytes.
+	// Default Values:
+	// 24576 (Clients < 20131223)
+	// 65535 (Clients >= 20131223)
+	// NOTE: To reduce the size of reported packets, lower the values of defines, which
+	//       have been customized, such as MAX_STORAGE, MAX_GUILD_STORAGE or MAX_CART.
+	// NOTE: Do not modify this setting, unless the client has been modified to support
+	//       larger packets. The client will crash, when it receives larger packets.
+	//socket_max_client_packet: 65535
+
+	//----- IP Rules Settings -----
+	ip_rules: {
+		// If IP's are checked when connecting.
+		// This also enables DDoS protection.
+		enable: true
+
+		// Order of the checks
+		//   deny,allow     : Checks deny rules, then allow rules. Allows if no rules match.
+		//   allow,deny     : Checks allow rules, then deny rules. Allows if no rules match.
+		//   mutual-failure : Allows only if an allow rule matches and no deny rules match.
+		// (default is deny,allow)
+		order: "deny,allow"
+
+		// IP rules
+		//   allow : Accepts connections from the ip range (even if flagged as DDoS)
+		//   deny  : Rejects connections from the ip range
+		// The rules are processed in order, the first matching rule of each list (allow and deny) is used
+		allow_list: (
+			//"127.0.0.1",
+			//"192.168.0.0/16",
+			//"10.0.0.0/255.0.0.0",
+			//"all",
+		)
+		deny_list: (
+			//"127.0.0.1",
+		)
+	}
+
+	//---- DDoS Protection Settings ----
+	// If ddos.count connection request are made within ddos.interval ms, it assumes it's a DDoS attack
+	ddos: {
+		// Consecutive attempts interval (msec)
+		// (default is 3000 msecs, 3 seconds)
+		interval: 3000 //ddos_interval
+
+		// Consecutive attempts trigger
+		// (default is 5 attemps)
+		count: 5 //ddos_count
+
+		// The time interval after which the threat of DDoS is assumed to be gone (ms)
+		// After this amount of time, the DDoS restrictions are lifted.
+		// (default is 600000ms, 10min)
+		autoreset: 600000 //ddos_autoreset
+	}
+}
+
+import: "conf/import/socket.conf"
-- 
cgit v1.2.3-60-g2f50