#### $Id: example.conf 943 2007-04-07 14:00:26Z jhealy $ #### #### Example configuration for Exile #### # enable debugging until you're satisfied that the configuration works $DEBUG=1; ## ## Paths to configuration files and directories ## # provide pinters to the directory where you've installed exile $CONFIG_BASE = '/usr/local/exile/conf'; $RUN_BASE = '/usr/local/exile/run'; # your template file for PF rules $PF_CONF_TEMPLATE = "$CONFIG_BASE/example-pf.conf.template"; # your PF rule file for custom rules that should always be loaded $PF_CONF_LOCAL = "$CONFIG_BASE/example-pf.conf.local"; ## ## Network and interface options ## # define the LAN addresses that are "inside" your network $LAN_RANGE='192.168.0.0/16'; # the interface that's connected to the "inside" (LAN) $LAN_IF='em0'; # the interface that's connected to the "outside" (WAN) $WAN_IF='em1'; # define the interface to sniff on (usually the bridge between LAN and WAN) $LISTEN_IF='bridge0'; ## ## Link, Queue, and Threshold parameters. ## # See the perldoc description for @P_LIMIT to find out about computing # the settings for this section. # The following declarations are a reasonable default if you don't want # to tweak anything. In a nutshell, the rules assess increasingly severe # penalties against users who take up a large chunk of the "fair" bandwidth, # or who open a large number of connections (an indication of port-hopping # or p2p traffic). # Define the root parameters for the inbound traffic. This defines # the HFSC parameters for all traffic sourced outside your network, # but destined for machines on the inside. $P_LIMIT[$INBOUND][0][0][$P_RT] = '100kB'; $P_LIMIT[$INBOUND][0][0][$P_LS] = '100kB'; $P_LIMIT[$INBOUND][0][0][$P_UL] = '100kB'; # we'd like to hold about 20 users in this level, so divide UL by 20 $P_LIMIT[$INBOUND][1][1][$T_BPS] = '3.75%'; $P_LIMIT[$INBOUND][1][1][$T_CPS] = 0.25; $P_LIMIT[$INBOUND][1][1][$P_RT] = '95%'; $P_LIMIT[$INBOUND][1][1][$P_LS] = '60%'; $P_LIMIT[$INBOUND][1][1][$P_UL] = '75%'; $P_LIMIT[$INBOUND][1][2][$T_BPS] = '3.5%'; $P_LIMIT[$INBOUND][1][2][$T_CPS] = 0.5; $P_LIMIT[$INBOUND][1][2][$P_RT] = '90%'; $P_LIMIT[$INBOUND][1][2][$P_LS] = '50%'; $P_LIMIT[$INBOUND][1][2][$P_UL] = '70%'; # we'd like to hold about 10 users in this level, so divide UL by 10 $P_LIMIT[$INBOUND][2][1][$T_BPS] = '8.5%'; $P_LIMIT[$INBOUND][2][1][$T_CPS] = 0.5; $P_LIMIT[$INBOUND][2][1][$P_RT] = '95%'; $P_LIMIT[$INBOUND][2][1][$P_LS] = '70%'; $P_LIMIT[$INBOUND][2][1][$P_UL] = '85%'; $P_LIMIT[$INBOUND][2][2][$T_BPS] = '8%'; $P_LIMIT[$INBOUND][2][2][$T_CPS] = 1; $P_LIMIT[$INBOUND][2][2][$P_RT] = '90%'; $P_LIMIT[$INBOUND][2][2][$P_LS] = '70%'; $P_LIMIT[$INBOUND][2][2][$P_UL] = '80%'; # we'd like to hold about 5 users in this level, so divide UL by 5 $P_LIMIT[$INBOUND][3][1][$T_BPS] = '16%'; $P_LIMIT[$INBOUND][3][1][$T_CPS] = 5; $P_LIMIT[$INBOUND][3][1][$P_RT] = '95%'; $P_LIMIT[$INBOUND][3][1][$P_LS] = '90%'; $P_LIMIT[$INBOUND][3][1][$P_UL] = '95%'; $P_LIMIT[$INBOUND][3][2][$T_BPS] = '18%'; $P_LIMIT[$INBOUND][3][2][$T_CPS] = 10; $P_LIMIT[$INBOUND][3][2][$P_RT] = '90%'; $P_LIMIT[$INBOUND][3][2][$P_LS] = '80%'; $P_LIMIT[$INBOUND][3][2][$P_UL] = '90%'; # Define the root parameters for the outbound traffic. This defines # the HFSC parameters for all traffic sourced inside your network, # but destined for machines on the outside. $P_LIMIT[$OUTBOUND][0][0][$P_RT] = '100kB'; $P_LIMIT[$OUTBOUND][0][0][$P_LS] = '100kB'; $P_LIMIT[$OUTBOUND][0][0][$P_UL] = '100kB'; # we'd like to hold about 20 users in this level, so divide UL by 20 $P_LIMIT[$OUTBOUND][1][1][$T_BPS] = '3.75%'; $P_LIMIT[$OUTBOUND][1][1][$T_CPS] = 0.25; $P_LIMIT[$OUTBOUND][1][1][$P_RT] = '95%'; $P_LIMIT[$OUTBOUND][1][1][$P_LS] = '60%'; $P_LIMIT[$OUTBOUND][1][1][$P_UL] = '75%'; $P_LIMIT[$OUTBOUND][1][2][$T_BPS] = '3.5%'; $P_LIMIT[$OUTBOUND][1][2][$T_CPS] = 0.5; $P_LIMIT[$OUTBOUND][1][2][$P_RT] = '90%'; $P_LIMIT[$OUTBOUND][1][2][$P_LS] = '50%'; $P_LIMIT[$OUTBOUND][1][2][$P_UL] = '70%'; # we'd like to hold about 10 users in this level, so divide UL by 10 $P_LIMIT[$OUTBOUND][2][1][$T_BPS] = '8.5%'; $P_LIMIT[$OUTBOUND][2][1][$T_CPS] = 0.5; $P_LIMIT[$OUTBOUND][2][1][$P_RT] = '95%'; $P_LIMIT[$OUTBOUND][2][1][$P_LS] = '70%'; $P_LIMIT[$OUTBOUND][2][1][$P_UL] = '85%'; $P_LIMIT[$OUTBOUND][2][2][$T_BPS] = '8%'; $P_LIMIT[$OUTBOUND][2][2][$T_CPS] = 1; $P_LIMIT[$OUTBOUND][2][2][$P_RT] = '90%'; $P_LIMIT[$OUTBOUND][2][2][$P_LS] = '70%'; $P_LIMIT[$OUTBOUND][2][2][$P_UL] = '80%'; # we'd like to hold about 5 users in this level, so divide UL by 5 $P_LIMIT[$OUTBOUND][3][1][$T_BPS] = '16%'; $P_LIMIT[$OUTBOUND][3][1][$T_CPS] = 5; $P_LIMIT[$OUTBOUND][3][1][$P_RT] = '95%'; $P_LIMIT[$OUTBOUND][3][1][$P_LS] = '90%'; $P_LIMIT[$OUTBOUND][3][1][$P_UL] = '95%'; $P_LIMIT[$OUTBOUND][3][2][$T_BPS] = '18%'; $P_LIMIT[$OUTBOUND][3][2][$T_CPS] = 10; $P_LIMIT[$OUTBOUND][3][2][$P_RT] = '90%'; $P_LIMIT[$OUTBOUND][3][2][$P_LS] = '80%'; $P_LIMIT[$OUTBOUND][3][2][$P_UL] = '90%';