### # Common definitions for all subsequent programs of the master # the dynloaders and modules and module tools # Read-in as 'source ../../common.conf' by the dynloaders, modules # ---------------------------------------------------------------- export LANG=en_US.UTF-8 export LC_ALL=$LANG export HOST_IP=`dig $HOSTNAME +short` #-------------------------------------------------------------------------------- # Configuration section #-------------------------------------------------------------------------------- # # Protect yourself from lock-out by 'dynamic DNS access' # # DYN_PROVIDER ... is the 'domain name' of your DYN DNS provider # DYN_ADDRESS ... is the 'hostname', that you have assigned to your router # #DYN_PROVIDER=79.143.183.251 # DNS of root server hoster DYN_PROVIDER=ddnss.de DYN_ADDRESS=itcomserve.ddnss.de # Fully qualified domain name (FQDN) of the server and mailbox for crutial events # =================================================================== # Change this to YOUR reference address - or we get all your mail ;-) # =================================================================== REFADDR="comserve-it-services.de" # Mail address for the Watcher administrator MAILADDR="root@$REFADDR" # Mailbox for reports and statistics (from modules) # Can be over-written in a .conf file REPORTMAIL="hph@$REFADDR" # List some trusted static IP addresses separated by space ... # === DO NOT LEAVE THIS BLANK === # Must be at least your 'localhost' address "127.0.0.1" # Add other IPV4 addresses as you need them. # TRUSTED="127.0.0.1 $HOST_IP" # Common whitelist and blacklist files (in the MASTER_PATH) BLACKLIST=blacklist WHITELIST=whitelist # Path of the iptables and ipset programs on your system # *** Note for Debian-style and SuSE-Style systems ... # these are in /usr/sbin/... # It is more convenient to symlink them, than to change the values # here - i.e. # # ln -s /usr/sbin/iptables /sbin/iptables # # ln -s /usr/sbin/ipset /sbin/ipset # Watchout, that on some systems # /sbin/iptables and /usr/sbin/iptables # /sbin/ipset and /usr/sbin/ipset # are even hardlinks on the same filesystem. # Then just do nothing here. # ----- IPTABLES="/sbin/iptables -w" #IPSET="/sbin/ipset" IPSET="ipset" # Where Watcher drops its log files # LOG_DIR=/var/log # Base directory for the FIFOs (named pipes) # -------------------------------------------------------------- # NOTE: System loggers (rsyslog & syslog-ng as well) are # _not_ permitted to write outside the standard log # directory '/var/log' by SElinux rules. # So there is no other choice here. # Now exported by watcher.conf # -------------------------------------------------------------- FIFO_BASE="/var/log/.pipes" # Path where common tools are linked by the master and modules # Should be included in the PATH variable for 'root' # Now exported by watcher.conf TOOLS_LINK=/usr/local/sbin # *** (EXPERIMENTAL) *** # Publication path where public information is published # Set to an _EMPTY_STRING_ to disable PUB_PATH=/var/www/Watcher #--------------- End of configuration -------------------- ########################################################## # DON'T CHANGE BELOW ########################################################## TRUSTLIST=${TRUSTED// /|}