This file is indexed.

/etc/security/shield.conf is in libpam-shield 0.9.6-1.1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#
#	/etc/security/shield.conf
#

#
#	log debugging info to syslog
#
debug on

#
#	block unknown-users		blocks only unknown users
#	block all-users			blocks everyone
#
block unknown-users

#
#	is it OK for the remote host to have no DNS entry?
#
allow_missing_dns yes

#
#	is it OK for the remote host to have no reverse DNS entry?
#
allow_missing_reverse yes

#
#	allow these hosts or networks by name
#
allow localhost
# allow .localdomain

#
#	never lock out this network
#	You should list all your local networks here to make sure no local user can
#	lock you out from the inside
#
allow 127.0.0.1/255.0.0.0

# this syntax is also supported:
#allow 127.0.0.1/8


#
#	location of the database file
#
db /var/lib/pam_shield/db

#
#	external command that is run when a site should be blocked/unblocked
#
#default: block with null routing
trigger_cmd /usr/sbin/shield-trigger
#option: use iptables instead
#trigger_cmd /usr/sbin/shield-trigger-iptables
#option: use ufw instead
#trigger_cmd /usr/sbin/shield-trigger-ufw

#
#	number of connections per interval from one site that triggers us
#
max_conns 10

#
#	the interval and retention period may be specified in seconds, or
#	with a postfix:
#
#		1s	seconds				1w	weeks
#		1m	minutes				1M	months (30 days)
#		1h	hours				1y	years
#		1d	days
#
interval 5m

#
#	period until the entry expires from the database again
#
retention 1w

# EOB