From d70d3cff8f0295b93c2035114aef2fa705177748 Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Tue, 8 Oct 2024 13:51:59 +0200 Subject: Fixed missing `set_config_from()`. * added additional missing config options * added some documentation in the config file Signed-off-by: Toni Uhlig --- ndpid.conf.example | 35 +++++++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) (limited to 'ndpid.conf.example') diff --git a/ndpid.conf.example b/ndpid.conf.example index 8cb4cd4ac..0d980d4b7 100644 --- a/ndpid.conf.example +++ b/ndpid.conf.example @@ -1,6 +1,12 @@ [general] +# Set the network interface from which packets are captured and processed. +# Leave it empty to let nDPId choose the default network interface. #netif = eth0 + +# Set a Berkeley Packet Filter. +# This will work for libpcap as well as with PF_RING. #bpf = udp or tcp + pidfile = /tmp/ndpid.pid user = nobody #group = nogroup @@ -8,12 +14,33 @@ user = nobody #categories = /path/to/libnDPI/example/categories.txt #ja3 = /path/to/libnDPI/example/ja3_fingerprints.csv #sha1 = /path/to/libnDPI/example/sha1_fingerprints.csv -# Collector endpoint as UNIX socket -#collector = /tmp/ndpid-collector.sock -# Collector endpoint as UDP socket -collector = 127.0.0.1:7777 + +# Collector endpoint as UNIX socket (usually nDPIsrvd) +collector = /var/run/ndpisrvd-collector +# Collector endpoint as UDP socket (usually a custom application) +#collector = 127.0.0.1:7777 + +# Set a name for this nDPId instance #alias = myhostname +# Process only internal initial connections +#internal = true + +# Process only external initial connections +#external = true + +# Enable zLib compression of flow memory for long lasting flows +compression = true + +# Enable "analyse" events, which can be used for machine learning +analysis = true + +# Force poll() on systems that support epoll() as well +#poll = false + +# Enable PF_RING packet capture instead of libpcap +#pfring = false + [tuning] max-flows-per-thread = 2048 max-idle-flows-per-thread = 64 -- cgit v1.2.3