Default config

diff --git a/config b/config
new file mode 100644 (file)
index 0000000..e8303b6
--- /dev/null
+++ b/config
@@ -0,0 +1,38 @@
+Bouncer {
+
+# Socket through which we receive log messages
+ListenOn       /var/run/bouncer.sock
+
+# On the first login failure, we remember that an IP address is suspect
+# and start counting failures. After too much failures, the address is banned.
+MaxFailures    10
+
+# When a suspect address generates no more failure for this many seconds,
+# it is forgotten.
+MaxSuspectTime 300
+
+# Bans are lifted after this many seconds.
+MaxBannedTime  3600
+
+# Limit on the number of suspect addresses and bans we keep in memory
+MaxSuspects    1000
+MaxBanned      1000
+
+# We log all messages to the log stream configured below
+# LogStream    syslog
+
+# Names of ipsets we feed the banned addresses to
+# (you can omit either to disable processing of IPv4 or IPv6)
+IPv4Set                bouncer4
+IPv6Set                bouncer6
+
+}
+
+# Configuration of logging (see libucw docs for details)
+Logging {
+       Stream {
+               Name            syslog
+               SyslogFacility  daemon
+               # Levels:remove debug
+       }
+}