-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathiprepd.yaml.sample
107 lines (107 loc) · 4.31 KB
/
iprepd.yaml.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
---
# Address/port to listen on for API requests
listen: 0.0.0.0:8080
# Address/port for Redis connection
redis:
# The primary Redis server.
addr: 127.0.0.1:6379
# Support a Redis "cluster mode disabled" cluster with read replicas. Any read only replica
# instances can be added here.
#replicas:
# - 127.0.0.1:7000
# Read, write, and dial connection timeouts in ms (defaults shown).
readtimeout: 100
writetimeout: 100
dialtimeout: 250
# If 0, use go-redis default maximum client pool size (10 * runtime.NumCPU()). Set to non-zero to
# manually specify maximum pool size.
# https://godoc.org/github.com/go-redis/redis#Options
#maxpoolsize: 0
# The minimum number of idle connections to try to keep open with redis. If 0, the value will
# default to 20. If the maximum pool size is less than 20, it will default to the entire pool
# size.
#minidleconn: 0
auth:
# Configure any Hawk credentials here. Each credential should be specified as a key/value
# pair, where the key is the Hawk ID and the value is the secret.
hawk:
root: toor
# Configure any API key credentials here. Each credential should be specified as a key/value
# pair, where the key is just a descriptive ID and the value is the actual API key that would
# be submitted.
apikey:
testuser: test
# Configure any Read Only Hawk credentials here.
ROhawk:
roroot: rotoor
# Configure any Read Only API key credentials here.
ROapikey:
rotestuser: rotest
# Set disableauth to true to turn of all authentication.
disableauth: false
# The prefix to use with IPv6 address reputation updates or lookups. For example, if a reputation
# is set on an IPv6 address it will apply to all addresses within the prefix. We default to /64,
# which is an end-user allocation size.
#
# Note that changing this configuration value will invalidate all existing IPv6 reputation entries
# in the cache.
ip6prefix: 64
# Configure violations that can be used when submitting a violation for an object
# in this section.
#
# name: The name of a violation as would be submitted in a request to the API.
##
# penalty: The number of points this violation will decrease the reputation for
# an object by.
#
# decreaselimit: The lower limit by which a given violation will decrease the reputation
# for a given object to. For example, if a violation has a penalty of 25
# and a decreaselimit of 50, the first time this violation is applied to an
# object it will result in a reputation of 75. The second time, a reputation
# score of 50. And subsequent violations will not lower the reputation further.
violations:
- name: test
penalty: 50
decreaselimit: 50
- name: test2
penalty: 5
decreaselimit: 25
# The decay configuration controls how the reputation for an object recovers back to
# 100 over time.
#
# points: The number of points added to the reputation of an object every interval.
#
# interval: How often the points are added to the reputation.
decay:
points: 1
interval: 1s
# Exceptions control IP address exceptions in iprepd. Any IP that matches an exception will
# not be returned by iprepd if it is requested (e.g., it will effectively have a reputation
# score of 100). Useful for exempting internal IP addresses.
#
# Note the these exceptions only apply to requests for "ip" type objects, either through
# the legacy API endpoints or object requests of type "ip".
exceptions:
# List any files that contain a list of CIDR subnets, one per line, that are loaded as
# exceptions.
file:
- ./exception1.txt
- ./exception2.txt
# If aws is set to true, iprepd will periodically query for known AWS IP address ranges and
# add these to the exception list.
aws: false
# versionresponse specifies a path to a file, the contents of which will be returned on a
# request to the /__version__ endpoint. If the file isn't found a warning will be printed
# in the log and the daemon will not return any data at this endpoint.
versionresponse: ./version.json
# statsd address for metrics. To disable metrics collection, simply delete the below section.
statsd:
addr: "127.0.0.1:8125"
# sync config is used sync subcommands to create and upload ip blocklists
sync:
maxlimit: 20000
minimumreputation: 60
deletefile: false
gcs:
filename: "file-name"
bucketname: "bucket-name"