summaryrefslogtreecommitdiff
blob: a93c5c10b207780d1a8863facbe160e300ac2c1a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# Config file for /etc/init.d/fprobe

# Do we want the interface in promiscous mode [yes/no]
#PROMISC=no

# Interface
IFACE=eth0

# If configured, only capture packets matching this tcpdump expression
#FILTER=""

# Flow state timers
#TIMER_EXPIRED=5
#TIMER_FRAGMENTED=30
#TIMER_IDLE=60
#TIMER_ACTIVE=300

# This is the default and should be left unless you know what you are doing
#FLOW_VER=5

# local ip. if configured fprobe will use this as the source IP for sending ALL flow data
# If you want to specify a specific source address per collecter, customize it below
#LOCALIP=

# SNMP iface id
SNMP_IFACE="${IFACE#eth}"

# Maximum number of concurrent flows to track
# using a specified amount of memory
#MEMBULK=10000
#MEMLIMIT=

# Pending queue
#PENDING=100

# Kernel capture buffer size (kB)
#KERNBUF=1024

# Realtime priority [0=disabled, 1..99]
#RTPRIO=0

# Delay N nanoseconds after each B bytes
#DELAY="0:0"

# How much of the start of each packet to grab
#SNAPLEN=256

# chroot() to this location after startup
CHROOT="/var/empty"

# User to run as. must have perms to the pidfile directory /var/run/fprobe/
USER=nobody

# logging level for syslog (0=EMERG, ..., 6=INFO, 7=DEBUG)
#LOGLEVEL=6

# If you want to run multiple instances of fprobe,
# You MUST set this variable to a unique INTEGER for each one!
PIDFILE_ID=''

# remote ip. this is where we send flows
REMOTEIP=127.0.0.1
# port to listen on
PORT=2055
# Collector type, see the manpage for valid types
TYPE=''

# If you want multiple collectors, just specify each one here
COLLECTORS="${REMOTEIP}:${PORT}/${LOCALIP}/${TYPE}"

# vim:ft=gentoo-conf-d: