/etc/arno-iptables-firewall/plugins/ids-protection.conf is in arno-iptables-firewall 2.0.1.d-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 | # ------------------------------------------------------------------------------
# -= Arno's iptables firewall - IDS Protection plugin =-
# ------------------------------------------------------------------------------
# To actually enable this plugin make ENABLED=1:
# ------------------------------------------------------------------------------
ENABLED=0
# Interface(s) that should be protected by IDS. Default is all external interfaces
# ------------------------------------------------------------------------------
IDS_INTERFACE=""
# Specify here the hosts you want to allow to bypass the IDS protection checks
# ------------------------------------------------------------------------------
IDS_TRUSTED_HOSTS=""
# Specify here the TCP & UDP ports you like to exclude from IDS checking
# ------------------------------------------------------------------------------
IDS_EXCLUDE_TCP=""
IDS_EXCLUDE_UDP=""
# 1st set of maximum allowed connection attempts (default: 4 connections/60 seconds)
# ------------------------------------------------------------------------------
IDS_MAX_RATE1="4"
IDS_MAX_TIME1="60"
# 2nd set of maximum allowed connection attempts (default: 10 connections/1800 seconds)
# ------------------------------------------------------------------------------
IDS_MAX_RATE2="10"
IDS_MAX_TIME2="1800"
# (EXPERT SETTING!) If ip6tables '-m recent' IPv6 support is not available:
# Disable (0) if the kernel module xt_recent is not available, only IPv4 will be used.
# ------------------------------------------------------------------------------
IDS_IPV6_ENABLE=1
|