Bouncer {

# Socket through which we receive log messages
ListenOn	/var/run/bouncer.sock

# On the first login failure, we remember that an IP address is suspect
# and start counting failures. After too much failures, the address is banned.
MaxFailures	10

# When a suspect address generates no more failure for this many seconds,
# it is forgotten.
MaxSuspectTime	600

# Bans are lifted after this many seconds.
MaxBannedTime	3600

# When a ban is lifted, the address is again considered suspect
# and its number of failures is set to MaxFailures - Probation (0=disable).
Probation	2

# Limit on the number of suspect addresses and bans we keep in memory
MaxSuspects	1000
MaxBanned	1000

# We log all messages to the log stream configured below
# LogStream	syslog

# Names of ipsets we feed the banned addresses to
# (you can omit either to disable processing of IPv4 or IPv6)
IPv4Set		bouncer4
IPv6Set		bouncer6

}

# Configuration of logging (see libucw docs for details)
Logging {
	Stream {
		Name		syslog
		SyslogFacility	daemon
		# Levels:remove	debug
	}
}