You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63 lines
2.0 KiB
63 lines
2.0 KiB
## |
|
## flowscan-cuflow.cf -- flowscan(1) CUFlow reporter configuration |
|
## |
|
|
|
# the Round-Robin-Database (RRD) storage location |
|
OutputDir @l_prefix@/var/flowscan/cuflow/rrd |
|
|
|
# generate top N and over-time-average top N reports |
|
Scoreboard 10 @l_prefix@/var/flowscan/cuflow/web @l_prefix@/var/flowscan/cuflow/web/topten.html |
|
AggregateScore 10 @l_prefix@/var/flowscan/cuflow/web/aggregate.txt @l_prefix@/var/flowscan/cuflow/web/overall.html |
|
|
|
# multicast tracking support |
|
Multicast |
|
|
|
# the NetFlow exporters |
|
Router 192.168.0.1 router1.example.com |
|
Router 192.168.0.2 router2.example.com |
|
|
|
# subnets (to determine whether a packet is inbound our outbound) |
|
Subnet 192.168.0.0/24 |
|
|
|
# track by networks |
|
Network 192.168.0.0/24 example.com |
|
Network 192.168.0.1/32,192.168.0.2/32 host.example.com |
|
|
|
# track by services |
|
Service 20-21/tcp ftp |
|
Service 22/tcp ssh |
|
Service 23/tcp telnet |
|
Service 25/tcp smtp |
|
Service 53/udp,53/tcp dns |
|
Service 69/udp tftp |
|
Service 80/tcp http |
|
Service 110/tcp pop3 |
|
Service 111/udp,111/tcp sunrpc |
|
Service 113/tcp ident |
|
Service 119/tcp nntp |
|
Service 123/udp,123/tcp ntp |
|
Service 142-143/tcp imap |
|
Service 161-162/udp snmp |
|
Service 389/tcp ldap |
|
Service 443/tcp https |
|
Service 514/udp syslog |
|
Service 540/tcp uucp |
|
Service 563/tcp nntps |
|
Service 636/tcp ldaps |
|
Service 873/tcp rsync |
|
Service 989-990/tcp ftps |
|
Service 993/tcp imaps |
|
Service 995/tcp pop3s |
|
Service 1645-1646/udp,1812-1813/udp radius |
|
Service 194/tcp,6665-6669/tcp irc |
|
|
|
# track by protocols |
|
Protocol 1 icmp |
|
Protocol 6 tcp |
|
Protocol 17 udp |
|
Protocol 112 vrrp |
|
|
|
# track by ToS |
|
TOS 0 normal |
|
TOS 1-255 other |
|
|
|
|