Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
220 lines (205 sloc) 4.83 KB
---
# Path of the sqlite database
db: assets/sqlite.db
# Settings related to Flask (web interface)
# It is recommended to setup a reverse proxy with Nginx instead of binding 0.0.0.0 directly
# See README.md to learn more about how to setup a remote access
host: 127.0.0.1
port: 5000
# Launch mode of the firewall (standalone|server|client)
# See README.md to learn more
mode: standalone
# Debugging
verbose: no
# Number of workers to use for the process pool (only used in standalone and server mode)
workers: 8
# Time interval between each refresh cycle
refreshDelay: 14400
# Settings related to DNS and HTTP(S) requests (to fetch feeds)
queryTimeout: 10
queryUserAgent: UPPERSAFE-OSFW (UPPERSAFE Open Source Firewall) https://github.com/dev2lead/uppersafe-osfw
# Group IP range (if set to no each IP range will be converted to a list of IP addresses)
groupRange: yes
# Settings related to filtering (classic|forward)
# See README.md to learn more
filterMode: classic
# Location of the file where the threats list must be saved (only used in server mode)
publish: /tmp/threats.txt
# Location of the file where iptables events can be retieved
monitor: /var/log/messages
# Settings related to network interfaces (used by iptables)
network:
eth: eth+
ppp: ppp+
tun: tun+
# Settings related to Unbound server
unbound:
verbosity: 1
hide-version: yes
interface: 0.0.0.0
access-control: 10.0.0.0/8 allow
# List of the feeds to fetch (must be correlated with the files in the feeds directory)
feeds:
- alienvault
- blocklist
- ciarmy
- greensnow
- openphish
- phishtank
- ransomware
- spamhaus
# List of IP addresses and domain names to ignore
# See README.md to learn more about the syntax
exemptions:
- 127.0.0.1
- 217.78.11.148
- "*?.163.com"
- "*?.360.cn"
- "*?.abuse.co"
- "*?.academia.edu"
- "*?.adf.ly"
- "*?.adjust.com"
- "*?.akamai.com"
- "*?.akamaiedge.com"
- "*?.akamaihd.com"
- "*?.alibaba.com"
- "*?.alienvault.com"
- "*?.aliexpress.com"
- "*?.amazon.tld"
- "*?.amazonaws.com"
- "*?.amzn.to"
- "*?.aol.com"
- "*?.aryaka.com"
- "*?.baidu.com"
- "*?.bing.com"
- "*?.bit.do"
- "*?.bit.ly"
- "*?.bitly.com"
- "*?.bitbucket.com"
- "*?.blocklist.de"
- "*?.box.com"
- "*?.buff.ly"
- "*?.buffer.com"
- "*?.cinsscore.com"
- "*?.cloudflare.com"
- "*?.discordapp.com"
- "*?.doubleclick.com"
- "*?.dropbox.com"
- "*?.duckduckgo.com"
- "*?.dyn.com"
- "*?.dyndns.com"
- "*?.emailretargeting.com"
- "*?.facebook.com"
- "*?.fb.com"
- "*?.fbcdn.com"
- "*?.free.fr"
- "*?.g.co"
- "*?.gandi.net"
- "*?.ggpht.com"
- "*?.github.com"
- "*?.githubusercontent.com"
- "*?.gitlab.com"
- "*?.gmail.com"
- "*?.goo.gl"
- "*?.google.tld"
- "*?.googleadservices.com"
- "*?.googleadwords.com"
- "*?.googleapis.com"
- "*?.googleapps.com"
- "*?.googlecache.com"
- "*?.googlecode.com"
- "*?.googledocs.com"
- "*?.googledrive.com"
- "*?.googlegroups.com"
- "*?.googleimages.com"
- "*?.googlemail.com"
- "*?.googleplus.com"
- "*?.googleproxy.com"
- "*?.googlesearch.com"
- "*?.googlesyndication.com"
- "*?.googletranslate.com"
- "*?.googleusercontent.com"
- "*?.greensnow.co"
- "*?.gstatic.com"
- "*?.gsuite.com"
- "*?.hotmail.com"
- "*?.hubspot.com"
- "*?.icloud.com"
- "*?.iconfinder.com"
- "*?.imageshack.us"
- "*?.imgbox.com"
- "*?.imgur.com"
- "*?.instagram.com"
- "*?.jsdelivr.com"
- "*?.jsfiddle.net"
- "*?.line.me"
- "*?.linkedin.com"
- "*?.live.com"
- "*?.lnkd.in"
- "*?.mailchimp.com"
- "*?.mailgun.com"
- "*?.mailjet.com"
- "*?.mandrill.com"
- "*?.mandrillapp.com"
- "*?.maxcdn.com"
- "*?.medium.com"
- "*?.messenger.com"
- "*?.microsoft.com"
- "*?.microsoftonline.com"
- "*?.microsoftonline-p.com"
- "*?.microsoftonline-int.com"
- "*?.microsoftstore.com"
- "*?.msdn.com"
- "*?.msft.com"
- "*?.msftncsi.com"
- "*?.msn.com"
- "*?.naver.com"
- "*?.netflix.com"
- "*?.office.com"
- "*?.office365.com"
- "*?.openphish.com"
- "*?.outlook.com"
- "*?.ovh.com"
- "*?.ow.ly"
- "*?.owncloud.org"
- "*?.pastebin.com"
- "*?.phishtank.com"
- "*?.pinterest.com"
- "*?.po.st"
- "*?.postimage.org"
- "*?.postimg.org"
- "*?.prestashop.com"
- "*?.qq.com"
- "*?.quora.com"
- "*?.reddit.com"
- "*?.shopify.com"
- "*?.similarcdn.com"
- "*?.similarweb.com"
- "*?.sina.com"
- "*?.smartsheet.com"
- "*?.sohu.com"
- "*?.spamhaus.org"
- "*?.t.co"
- "*?.telegram.org"
- "*?.tiny.cc"
- "*?.tinyurl.com"
- "*?.tumblr.com"
- "*?.twimg.com"
- "*?.twitch.com"
- "*?.twitter.com"
- "*?.uppersafe.tld"
- "*?.v.ht"
- "*?.vimeo.com"
- "*?.vk.com"
- "*?.weibo.com"
- "*?.whatsapp.com"
- "*?.wix.com"
- "*?.yahoo.com"
- "*?.yimg.com"
- "*?.ymail.com"
- "*?.youku.com"
- "*?.youtu.be"
- "*?.youtube.com"
- "*?.ytimg.com"
- "*?.yy.com"
- "*?.wetransfer.com"