dsc-statistics-collector 201203250530-2 / etc / dsc-statistics / dsc-collector.cfg

This file is indexed.

/etc/dsc-statistics/dsc-collector.cfg is in dsc-statistics-collector 201203250530-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
# local_address
#
#	specifies a local IP address.  used to determine the
#	"direction" of an IP packet: sending or receiving or other.
#	Repeat any number of times for all local addresses.
#
DSClocal_addressDSC

# run_dir
#
#	dsc passes this directory to chdir() after starting.
#
run_dir "DSClibdirDSC";

# minfree_bytes
#
#	If the filesystem has less than this amount of free
#	space, then dsc will not write its XML files to disk.
#	The data will be lost.
#
minfree_bytes 5000000;

# pid_file
#
#	filename where DSC should store its process-id
#
pid_file "DSCpidfileDSC";

# bpf_program
#
#	a berkely packet filter program.  it can be used to limit
#	the number and type of queries that the application receives
#	from the kernel.  note if you limit it to "udp port 53" the
#	IP-based collectors do not work
#
#	NOTE: bpf_program must GO BEFORE interface
#
# use this to see only DNS messages
#bpf_program "udp port 53";
#
# use this to see only DNS *queries*
#bpf_program "udp dst port 53 and udp[10:2] & 0x8000 = 0";
DSCbpf_programDSC

# interface
#
# 	specifies a network interface to sniff packets from.
#	can specify more than one.
#
DSCinterfaceDSC

# qname_filter
#
#	Defines a custom QNAME-based filter for DNS messages.  If
#	you refer to this named filter on a dataset line, then only
#	queries or replies for matching QNAMEs will be counted.
#	The QNAME argument is a regular expression.  For example:
#
#	qname_filter WWW-Only ^www\. ;
#	dataset qtype dns All:null Qtype:qtype queries-only,WWW-Only ;


#
# datasets
#
#	please see the DSC manual for more information.
dataset qtype dns All:null Qtype:qtype queries-only;
dataset rcode dns All:null Rcode:rcode replies-only;
dataset opcode dns All:null Opcode:opcode queries-only;
dataset rcode_vs_replylen dns Rcode:rcode ReplyLen:msglen replies-only;
dataset client_subnet dns All:null ClientSubnet:cip4_net queries-only max-cells=200;
dataset qtype_vs_qnamelen dns Qtype:qtype QnameLen:qnamelen queries-only;
dataset qtype_vs_tld dns Qtype:qtype TLD:tld queries-only,popular-qtypes max-cells=200;
dataset certain_qnames_vs_qtype dns CertainQnames:certain_qnames Qtype:qtype queries-only;
dataset client_subnet2 dns Class:query_classification ClientSubnet:cip4_net queries-only max-cells=200;
dataset client_addr_vs_rcode dns Rcode:rcode ClientAddr:client replies-only max-cells=50;
dataset chaos_types_and_names dns Qtype:qtype Qname:qname chaos-class,queries-only;
dataset idn_qname dns All:null IDNQname:idn_qname queries-only;
dataset edns_version dns All:null EDNSVersion:edns_version queries-only;
dataset edns_bufsiz dns All:null EDNSBufSiz:edns_bufsiz queries-only;
dataset do_bit dns All:null D0:do_bit queries-only;
dataset rd_bit dns All:null RD:rd_bit queries-only;
dataset idn_vs_tld dns All:null TLD:tld queries-only,idn-only;
dataset ipv6_rsn_abusers dns All:null ClientAddr:client queries-only,aaaa-or-a6-only,root-servers-net-only max-cells=50;
dataset transport_vs_qtype dns Transport:transport Qtype:qtype queries-only;
dataset client_port_range dns All:null PortRange:dns_sport_range queries-only;
#dataset second_ld_vs_rcode dns Rcode:rcode SecondLD:second_ld replies-only max-cells=50;
#dataset third_ld_vs_rcode dns Rcode:rcode ThirdLD:third_ld replies-only max-cells=50;

dataset direction_vs_ipproto ip Direction:ip_direction IPProto:ip_proto any;
# dataset dns_ip_version_vs_qtype dns IPVersion:dns_ip_version Qtype:qtype queries-only;

# datasets for collecting data on priming queries at root nameservers
# dataset priming_queries dns Transport:transport EDNSBufSiz:edns_bufsiz priming-query,queries-only;
# dataset priming_responses dns All:null ReplyLen:msglen priming-query,replies-only;

# bpf_vlan_tag_byte_order
#
#	Set this to 'host' on FreeBSD-4 where the VLAN id that we
#	get from BPF appears to already be in host byte order.
#bpf_vlan_tag_byte_order host;

# match_vlan
#
#	A whitespace-separated list of VLAN IDs.  If set, only the
#	packets with these VLAN IDs will be analyzed by DSC.
#
#match_vlan 100 200;

APT Browse - Built by Thomas Orozco.