/*
** $Id: example-iplog.conf,v 1.2 2000/12/31 18:40:40 odin Exp $
**
** Example iplog configuration file.
** Edit me and copy me to /etc/iplog.conf
**
** See iplog.conf(5) for details on syntax and a full description
** of available options.
*/

# Run as an unprivileged account with the login "iplog"
user iplog

# Run with group "nogroup"
group nogroup

# User "iplog" has write permission for the directory "/var/run/iplog"
pid-file /var/run/iplog/iplog.pid

# Log to /var/log/iplog
logfile /var/log/iplog

# Use the syslog(3) facility log_daemon.
facility log_daemon

# Use the syslog(3) priority (level) log_info.
priority log_info

# Log the IP address as well as the hostname of packets. 
set log_ip true

# Do not log the destination of packets.
set log_dest false

# Ignore DNS traffic from nameservers in /etc/resolv.conf.
set ignore_dns

# Listen on eth0 and eth1
#interface eth0,eth1
interface eth0

# Operate in promiscuous mode and watch the 192.168.0.x network
#promisc 192.168.0.0/24

/*
** Ignore DNS traffic from nameservers.
** Using the -d option will add similar rules for all nameservers
** listed in /etc/resolv.conf
*/
#ignore udp from 218.176.253.65 sport 53
#ignore udp from 43.224.255.20 sport 53

# Example log statement. 
#log tcp dport 1045:1055 sport ftp-data

# Ignore ftp-data connections from to ports 1024 and above.
ignore tcp dport 1024: sport 20

# Ignore WWW connections, if you're running a WWW server.
ignore tcp dport 80

# Ignore ICMP unreach.
ignore icmp type unreach

# Ignore all ICMP except ICMP echo packets.
#ignore icmp type !echo

# Ignore UDP traffic from the 127.1.2 network
#ignore udp from 127.1.2/24

# or
#ignore udp from 127.1.2/255.255.255.0

# Ignore Media
ignore udp dport 6970:7170 sport 1024:

# Ignore SSH
ignore tcp dport 22

# Ignore POP3
ignore tcp dport 110

# Ignore MSBLAST
#ignore tcp dport 135

ignore icmp type echo