From 20df2abc1aca00d6aa5dc78347133890f36b32f3 Mon Sep 17 00:00:00 2001 From: Saulc Date: Sat, 13 Jan 2018 20:50:42 +0100 Subject: Initial commit --- conf/common/socket.conf | 106 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 106 insertions(+) create mode 100644 conf/common/socket.conf (limited to 'conf/common/socket.conf') diff --git a/conf/common/socket.conf b/conf/common/socket.conf new file mode 100644 index 000000000..0dd5386cb --- /dev/null +++ b/conf/common/socket.conf @@ -0,0 +1,106 @@ +//================= Hercules Configuration ================================ +//= _ _ _ +//= | | | | | | +//= | |_| | ___ _ __ ___ _ _| | ___ ___ +//= | _ |/ _ \ '__/ __| | | | |/ _ \/ __| +//= | | | | __/ | | (__| |_| | | __/\__ \ +//= \_| |_/\___|_| \___|\__,_|_|\___||___/ +//================= License =============================================== +//= This file is part of Hercules. +//= http://herc.ws - http://github.com/HerculesWS/Hercules +//= +//= Copyright (C) 2014-2016 Hercules Dev Team +//= +//= Hercules is free software: you can redistribute it and/or modify +//= it under the terms of the GNU General Public License as published by +//= the Free Software Foundation, either version 3 of the License, or +//= (at your option) any later version. +//= +//= This program is distributed in the hope that it will be useful, +//= but WITHOUT ANY WARRANTY; without even the implied warranty of +//= MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +//= GNU General Public License for more details. +//= +//= You should have received a copy of the GNU General Public License +//= along with this program. If not, see . +//========================================================================= +//= Hercules Sockets configuration file +//========================================================================= + +socket_configuration: { + // How long can a socket stall before closing the connection (in seconds)? + stall_time: 60 + + // Display debug reports (When something goes wrong during the report, the report is saved.) + debug: false + + // Linux/Epoll: Maxmimum Events per cycle + // Default Value: + // (Maxmimum Supported Connections)/2 + // NOTE: this controls the maximum collected socket-events per-cycle (call to epoll_wait()) + // for example settings this to 32 will allow up to 32 events (incomming data/new connections + // per server-cycle. + // NOTE: Recommended Settings is at least half the maxmimum supported connections + // Settings this to a lower value, may cause lags/delays + // Depending on available CPU Time + // NOTE: This Setting is only available on Linux when build using EPoll as event dispatcher! + // + //epoll_maxevents: 1024 + + // Maximum allowed size for clients packets in bytes. + // Default Values: + // 24576 (Clients < 20131223) + // 65535 (Clients >= 20131223) + // NOTE: To reduce the size of reported packets, lower the values of defines, which + // have been customized, such as MAX_STORAGE, MAX_GUILD_STORAGE or MAX_CART. + // NOTE: Do not modify this setting, unless the client has been modified to support + // larger packets. The client will crash, when it receives larger packets. + //socket_max_client_packet: 65535 + + //----- IP Rules Settings ----- + ip_rules: { + // If IP's are checked when connecting. + // This also enables DDoS protection. + enable: true + + // Order of the checks + // deny,allow : Checks deny rules, then allow rules. Allows if no rules match. + // allow,deny : Checks allow rules, then deny rules. Allows if no rules match. + // mutual-failure : Allows only if an allow rule matches and no deny rules match. + // (default is deny,allow) + order: "deny,allow" + + // IP rules + // allow : Accepts connections from the ip range (even if flagged as DDoS) + // deny : Rejects connections from the ip range + // The rules are processed in order, the first matching rule of each list (allow and deny) is used + allow_list: ( + //"127.0.0.1", + //"192.168.0.0/16", + //"10.0.0.0/255.0.0.0", + //"all", + ) + deny_list: ( + //"127.0.0.1", + ) + } + + //---- DDoS Protection Settings ---- + // If ddos.count connection request are made within ddos.interval ms, it assumes it's a DDoS attack + ddos: { + // Consecutive attempts interval (msec) + // (default is 3000 msecs, 3 seconds) + interval: 3000 //ddos_interval + + // Consecutive attempts trigger + // (default is 5 attemps) + count: 5 //ddos_count + + // The time interval after which the threat of DDoS is assumed to be gone (ms) + // After this amount of time, the DDoS restrictions are lifted. + // (default is 600000ms, 10min) + autoreset: 600000 //ddos_autoreset + } +} + +import: "conf/import/socket.conf" -- cgit v1.2.3-70-g09d2