25 lines
1.1 KiB
Plaintext
25 lines
1.1 KiB
Plaintext
#
|
|
#############################################################################
|
|
#
|
|
# This file is used by psad to elevate/decrease the danger levels of IP
|
|
# addresses (or networks in CIDR notation) so that psad does not have to
|
|
# apply the normal signature logic. This is useful if certain IP addresses
|
|
# or networks are known trouble makers and should automatically be assigned
|
|
# higher danger levels than would normally be assigned. Also, psad can be
|
|
# made to ignore certain IP addresses or networks if a danger level of "0" is
|
|
# specified. Optionally, danger levels for IPs/networks can be influenced
|
|
# based on protocol (tcp, udp, icmp).
|
|
#
|
|
#############################################################################
|
|
#
|
|
|
|
# <IP address> <danger level> <optional protocol>/<optional ports>;
|
|
#
|
|
# Examples:
|
|
#
|
|
# 10.111.21.23 5; # Very bad IP.
|
|
# 127.0.0.1 0; # Ignore this IP.
|
|
# 10.10.1.0/24 0; # Ignore traffic from this entire class C.
|
|
# 192.168.10.4 3 tcp; # Assign danger level 3 if protocol is tcp.
|
|
# 10.10.1.0/24 3 tcp/1-1024; # Danger level 3 for tcp port range
|