Convert monit to new packaging style
[openwrt.git] / openwrt / package / kismet / files / kismet.conf
1 # Kismet config file
2 # Most of the "static" configs have been moved to here -- the command line
3 # config was getting way too crowded and cryptic. We want functionality,
4 # not continually reading --help!
5
6 # Version of Kismet config
7 version=2005.01.R1
8
9 # Name of server (Purely for organiational purposes)
10 servername=Kismet
11
12 # User to setid to (should be your normal user)
13 suiduser=nobody
14
15 # Sources are defined as:
16 # source=cardtype,interface,name[,initialchannel]
17 # Card types and required drivers are listed in the README.
18 # The initial channel is optional, if hopping is not enabled it can be used
19 # to set the channel the interface listens on.
20 # YOU MUST CHANGE THIS TO BE THE SOURCE YOU WANT TO USE
21 source=wrt54g,prism0,wireless
22
23 # Comma-separated list of sources to enable. This is only needed if you defined
24 # multiple sources and only want to enable some of them. By default, all defined
25 # sources are enabled.
26 # For example:
27 # enablesources=prismsource,ciscosource
28
29 # Do we channelhop?
30 channelhop=true
31
32 # How many channels per second do we hop? (1-10)
33 channelvelocity=5
34
35 # By setting the dwell time for channel hopping we override the channelvelocity
36 # setting above and dwell on each channel for the given number of seconds.
37 #channeldwell=10
38
39 # Do we split channels between cards on the same spectrum? This means if
40 # multiple 802.11b capture sources are defined, they will be offset to cover
41 # the most possible spectrum at a given time. This also controls splitting
42 # fine-tuned sourcechannels lines which cover multiple interfaces (see below)
43 channelsplit=true
44
45 # Basic channel hopping control:
46 # These define the channels the cards hop through for various frequency ranges
47 # supported by Kismet. More finegrain control is available via the
48 # "sourcechannels" configuration option.
49 #
50 # Don't change the IEEE80211<x> identifiers or channel hopping won't work.
51
52 # Users outside the US might want to use this list:
53 # defaultchannels=IEEE80211b:1,7,13,2,8,3,14,9,4,10,5,11,6,12
54 defaultchannels=IEEE80211b:1,6,11,2,7,3,8,4,9,5,10
55
56 # 802.11g uses the same channels as 802.11b...
57 defaultchannels=IEEE80211g:1,6,11,2,7,3,8,4,9,5,10
58
59 # 802.11a channels are non-overlapping so sequential is fine. You may want to
60 # adjust the list depending on the channels your card actually supports.
61 # defaultchannels=IEEE80211a:36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,149,153,157,161,184,188,192,196,200,204,208,212,216
62 defaultchannels=IEEE80211a:36,40,44,48,52,56,60,64
63
64 # Combo cards like Atheros use both 'a' and 'b/g' channels. Of course, you
65 # can also explicitly override a given source. You can use the script
66 # extras/listchan.pl to extract all the channels your card supports.
67 defaultchannels=IEEE80211ab:1,6,11,2,7,3,8,4,9,5,10,36,40,44,48,52,56,60,64
68
69 # Fine-tuning channel hopping control:
70 # The sourcechannels option can be used to set the channel hopping for
71 # specific interfaces, and to control what interfaces share a list of
72 # channels for split hopping. This can also be used to easily lock
73 # one card on a single channel while hopping with other cards.
74 # Any card without a sourcechannel definition will use the standard hopping
75 # list.
76 # sourcechannels=sourcename[,sourcename]:ch1,ch2,ch3,...chN
77
78 # ie, for us channels on the source 'prism2source' (same as normal channel
79 # hopping behavior):
80 # sourcechannels=prism2source:1,6,11,2,7,3,8,4,9,5,10
81
82 # Given two capture sources, "prism2a" and "prism2b", we want prism2a to stay
83 # on channel 6 and prism2b to hop normally. By not setting a sourcechannels
84 # line for prism2b, it will use the standard hopping.
85 # sourcechannels=prism2a:6
86
87 # To assign the same custom hop channel to multiple sources, or to split the
88 # same custom hop channel over two sources (if splitchannels is true), list
89 # them all on the same sourcechannels line:
90 # sourcechannels=prism2a,prism2b,prism2c:1,6,11
91
92 # Port to serve GUI data
93 tcpport=2501
94 # People allowed to connect, comma seperated IP addresses or network/mask
95 # blocks. Netmasks can be expressed as dotted quad (/255.255.255.0) or as
96 # numbers (/24)
97 allowedhosts=127.0.0.1
98 # Maximum number of concurrent GUI's
99 maxclients=5
100
101 # Do we have a GPS?
102 gps=false
103 # Host:port that GPSD is running on. This can be localhost OR remote!
104 gpshost=localhost:2947
105 # Do we lock the mode? This overrides coordinates of lock "0", which will
106 # generate some bad information until you get a GPS lock, but it will
107 # fix problems with GPS units with broken NMEA that report lock 0
108 gpsmodelock=false
109
110 # Packet filtering options:
111 # filter_tracker - Packets filtered from the tracker are not processed or
112 # recorded in any way.
113 # filter_dump - Packets filtered at the dump level are tracked, displayed,
114 # and written to the csv/xml/network/etc files, but not
115 # recorded in the packet dump
116 # filter_export - Controls what packets influence the exported CSV, network,
117 # xml, gps, etc files.
118 # All filtering options take arguments containing the type of address and
119 # addresses to be filtered. Valid address types are 'ANY', 'BSSID',
120 # 'SOURCE', and 'DEST'. Filtering can be inverted by the use of '!' before
121 # the address. For example,
122 # filter_tracker=ANY(!00:00:DE:AD:BE:EF)
123 # has the same effect as the previous mac_filter config file option.
124 # filter_tracker=...
125 # filter_dump=...
126 # filter_export=...
127
128 # Alerts to be reported and the throttling rates.
129 # alert=name,throttle/unit,burst
130 # The throttle/unit describes the number of alerts of this type that are
131 # sent per time unit. Valid time units are second, minute, hour, and day.
132 # Burst describes the number of alerts sent before throttling takes place.
133 # For example:
134 # alert=FOO,10/min,5
135 # Would allow 5 alerts through before throttling is enabled, and will then
136 # limit the number of alerts to 10 per minute.
137 # A throttle rate of 0 disables throttling of the alert.
138 # See the README for a list of alert types.
139 alert=NETSTUMBLER,5/min,2
140 alert=WELLENREITER,5/min,2
141 alert=LUCENTTEST,5/min,2
142 alert=DEAUTHFLOOD,5/min,4
143 alert=BCASTDISCON,5/min,4
144 alert=CHANCHANGE,5/min,4
145 alert=AIRJACKSSID,5/min,2
146 alert=PROBENOJOIN,5/min,2
147 alert=DISASSOCTRAFFIC,5/min,2
148 alert=NULLPROBERESP,5/min,5
149 alert=BSSTIMESTAMP,5/min,5
150
151 # Known WEP keys to decrypt, bssid,hexkey. This is only for networks where
152 # the keys are already known, and it may impact throughput on slower hardware.
153 # Multiple wepkey lines may be used for multiple BSSIDs.
154 # wepkey=00:DE:AD:C0:DE:00,FEEDFACEDEADBEEF01020304050607080900
155
156 # Is transmission of the keys to the client allowed? This may be a security
157 # risk for some. If you disable this, you will not be able to query keys from
158 # a client.
159 allowkeytransmit=true
160
161 # How often (in seconds) do we write all our data files (0 to disable)
162 writeinterval=300
163
164 # Where do we get our manufacturer fingerprints from? Assumed to be in the
165 # default config directory if an absolute path is not given.
166 ap_manuf=ap_manuf
167 client_manuf=client_manuf
168
169 # Use metric measurements in the output?
170 metric=false
171
172 # Do we write waypoints for gpsdrive to load? Note: This is NOT related to
173 # recent versions of GPSDrive's native support of Kismet.
174 waypoints=false
175 # GPSMap waypoint file. This WILL be truncated.
176 waypointdata=%h/.gpsdrive/way_kismet.txt
177
178 # How many alerts do we backlog for new clients? Only change this if you have
179 # a -very- low memory system and need those extra bytes, or if you have a high
180 # memory system and a huge number of alert conditions.
181 alertbacklog=50
182
183 # File types to log, comma seperated
184 # dump - raw packet dump
185 # network - plaintext detected networks
186 # csv - plaintext detected networks in CSV format
187 # xml - XML formatted network and cisco log
188 # weak - weak packets (in airsnort format)
189 # cisco - cisco equipment CDP broadcasts
190 # gps - gps coordinates
191 logtypes=dump,network,csv,xml,weak,cisco,gps
192
193 # Do we track probe responses and merge probe networks into their owners?
194 # This isn't always desireable, depending on the type of monitoring you're
195 # trying to do.
196 trackprobenets=true
197
198 # Do we log "noise" packets that we can't decipher? I tend to not, since
199 # they don't have anything interesting at all in them.
200 noiselog=false
201
202 # Do we log corrupt packets? Corrupt packets have enough header information
203 # to see what they are, but someting is wrong with them that prevents us from
204 # completely dissecting them. Logging these is usually not a bad idea.
205 corruptlog=true
206
207 # Do we log beacon packets or do we filter them out of the dumpfile
208 beaconlog=true
209
210 # Do we log PHY layer packets or do we filter them out of the dumpfile
211 phylog=true
212
213 # Do we mangle packets if we can decrypt them or if they're fuzzy-detected
214 mangledatalog=true
215
216 # Do we do "fuzzy" crypt detection? (byte-based detection instead of 802.11
217 # frame headers)
218 # valid option: Comma seperated list of card types to perform fuzzy detection
219 # on, or 'all'
220 fuzzycrypt=wtapfile,wlanng,wlanng_legacy,wlanng_avs,hostap,wlanng_wext
221
222 # What type of dump do we generate?
223 # valid option: "wiretap"
224 dumptype=wiretap
225 # Do we limit the size of dump logs? Sometimes ethereal can't handle big ones.
226 # 0 = No limit
227 # Anything else = Max number of packets to log to a single file before closing
228 # and opening a new one.
229 dumplimit=0
230
231 # Do we write data packets to a FIFO for an external data-IDS (such as Snort)?
232 # See the docs before enabling this.
233 #fifo=/tmp/kismet_dump
234
235 # Default log title
236 logdefault=Kismet
237
238 # logtemplate - Filename logging template.
239 # This is, at first glance, really nasty and ugly, but you'll hardly ever
240 # have to touch it so don't complain too much.
241 #
242 # %n is replaced by the logging instance name
243 # %d is replaced by the current date as Mon-DD-YYYY
244 # %D is replaced by the current date as YYYYMMDD
245 # %t is replaced by the starting log time
246 # %i is replaced by the increment log in the case of multiple logs
247 # %l is replaced by the log type (dump, status, crypt, etc)
248 # %h is replaced by the home directory
249 # ie, "netlogs/%n-%d-%i.dump" called with a logging name of "Pok" could expand
250 # to something like "netlogs/Pok-Dec-20-01-1.dump" for the first instance and
251 # "netlogs/Pok-Dec-20-01-2.%l" for the second logfile generated.
252 # %h/netlots/%n-%d-%i.dump could expand to
253 # /home/foo/netlogs/Pok-Dec-20-01-2.dump
254 #
255 # Other possibilities: Sorting by directory
256 # logtemplate=%l/%n-%d-%i
257 # Would expand to, for example,
258 # dump/Pok-Dec-20-01-1
259 # crypt/Pok-Dec-20-01-1
260 # and so on. The "dump", "crypt", etc, dirs must exist before kismet is run
261 # in this case.
262 logtemplate=%n-%d-%i.%l
263
264 # Where do we store the pid file of the server?
265 piddir=/var/run/
266
267 # Where state info, etc, is stored. You shouldnt ever need to change this.
268 # This is a directory.
269 configdir=%h/.kismet/
270
271 # cloaked SSID file. You shouldn't ever need to change this.
272 ssidmap=ssid_map
273
274 # Group map file. You shouldn't ever need to change this.
275 groupmap=group_map
276
277 # IP range map file. You shouldn't ever need to change this.
278 ipmap=ip_map
279
This page took 0.054068 seconds and 5 git commands to generate.