# Configuration file for linksysmon.conf # Path to the log file LogFile /var/log/linksys.log # Path to an alternative log file/device. #AlternateLogFile /dev/tty10 # Delimiter to use in log file, use "tab" to tab as delimiter Delimiter tab # path to snmptrapd TrapdPath /usr/sbin/snmptrapd # comma separated list of email addresses to send information and # reports to MailTo root@localhost, someoneelse@somehost.com # path to mail executable MailPath /bin/mail # Set to 1 to call external program when IP address changes, 0 # otherwise ProcessIPChanges 1 # External program to call when IP address changes. This program will # have 4 commandline parameters: hostname, new IP address, date, and # time IPChangeProgram /usr/sbin/linksysmon-ipchange # path to ez-ipupdate (needed only if you want to use ez-ipupdate to # update dynamic DNS EZPath /usr/sbin/ez-ipupdate # for each linksys firewall for which you want to update dynamic DNS, # you need one of these blocks. EZhost is the hostname from # /var/log/linksys.log. DNSName is the dynamic domain name # corresponding to EZHost. DNSService is the dynamic DNS service you # use with ez-ipupdate. Username & Password are the username and # password for the dynamic DNS service. <EZHost linksys.mydomain.com> DNSName mydomain.dyndns.org DNSService dyndns UserName test Password test </EZHost> # Set to 1 to ignore outbound connections in linksys-report. This # means that the only connections listed will be incoming. Set to 0 # to report on both incoming and outgoing. ReportIgnoreOutbound 1 # Set to 1 to ignore "secret" system entries in linksys-report. Set # to 0 to include them. ReportIgnoreSystem 1 # Comma separated list of (source and destination) ports to ignore in # linksysmon-report ReportIgnorePorts 53, 80 # Comma separated list of (source and destination) hosts to ignore in # linksysmon-report. This only does string matching, so if a host # shows up in /var/log/linksys.log by DNS name, listing the IP address # here will not block it. The linksys will sometimes log the DNS name # for outbound destination hosts ReportIgnoreHosts 1.2.3.4, 11.22.33.44, some.host.com # Set to 1 to not display repeated system messages in linksysmon-report, # but instead include one line with a repitition count ReportCountRepeats 1 # Comma separated list of incoming destination or outgoing source # ports that will trigger execution of WatchProgram WatchPorts 22 # Comma separated list of incoming source or outgoing destination # hosts that will trigger execution of WatchProgram WatchHosts 9.8.7.6, 99.88.77.66 # Comma separated list of incoming destination or outgoing source # ports that will never trigger execution of WatchProgram. # Overrides WatchHosts WatchIgnorePorts 80 # Comma separated list of incoming source or outgoing destination # hosts that will never trigger execution of WatchProgram. # Overrides WatchPorts WatchIgnoreHosts 19.18.17.16, 199.188.177.166 # Path to program to call when we get a hit on WatchPorts or # WatchHosts. This program will have 8 commanline parameters: host, # date, time in/out, source host, source port, destination host, # destination port WatchProgram /usr/sbin/linksysmon-watch # Comma separated list of email addresses that # /usr/sbin/linksysmon-watch will send mail to for activity on # WatchPorts or WatchHosts WatchMailTo root@localhost, mypager@pagerservice.com # Number of seconds before linksysmon will notify you again about a # particular host/port combination that triggers a watch hit. WatchTimeOut 3600