[module] desc = Packet Filter exec = /usr/share/epylog/modules/packets_mod.py files = /var/log/messages[.#] enabled = yes internal = yes outhtml = yes priority = 1 [conf] ## # Where to look for the trojans list. # trojan_list = /etc/epylog/trojans.list ## # If a remote host hits this many systems, then don't list them namely, # but collapse them into a nice report, e.g.: [50 hosts] # systems_collapse = 5 ## # Useful for massive portscans. Don't list all the ports namely, but # present them in a collapsed view. E.g.: [50 ports] ports_collapse = 5 ## # Enable iptables, ipchains, ipfilter, or all three. # enable_iptables = 1 enable_ipchains = 1 enable_ipfilter = 0 ## # Sort by any of the following: packets, source, system, port # sortby=port