tpotce/docker/dionaea/dist/etc/dionaea.cfg

[dionaea]
download.dir=/opt/dionaea/var/dionaea/binaries/
modules=curl,python,emu
processors=filter_streamdumper,filter_emu

listen.mode=getifaddrs
# listen.addresses=127.0.0.1
# listen.interfaces=eth0,tap0

# Country
ssl.default.c=AU
# Common Name/domain name
ssl.default.cn=Some-State
# Organization
ssl.default.o=Internet Widgits Pty Ltd
# Organizational Unit
ssl.default.ou=

[logging]
#default.filename=/opt/dionaea/var/dionaea/dionaea.log
#default.levels=all
#default.domains=*

errors.filename=/opt/dionaea/var/dionaea/dionaea-errors.log
errors.levels=warning,error
errors.domains=*

[processor.filter_streamdumper]
name=filter
config.allow.0.types=accept
config.allow.1.types=connect
config.allow.1.protocols=ftpctrl
config.deny.0.protocols=ftpdata,ftpdatacon,xmppclient
next=streamdumper

[processor.streamdumper]
name=streamdumper
config.path=/opt/dionaea/var/dionaea/bistreams/%Y-%m-%d/

[processor.filter_emu]
name=filter
config.allow.0.protocols=smbd,epmapper,nfqmirrord,mssqld
next=emu

[processor.emu]
name=emu
config.limits.files=3
#512 * 1024
config.limits.filesize=524288
config.limits.sockets=3
config.limits.sustain=120
config.limits.idle=30
config.limits.listen=30
config.limits.cpu=120
#// 1024 * 1024 * 1024
config.limits.steps=1073741824

[module.nl]
# set to yes in case you are interested in the mac address  of the remote (only works for lan)
lookup_ethernet_addr=yes

[module.python]
imports=dionaea.log,dionaea.services,dionaea.ihandlers
sys_paths=default
service_configs=/opt/dionaea/etc/dionaea/services/*.yaml
ihandler_configs=/opt/dionaea/etc/dionaea/ihandlers/*.yaml
include docker repos ... skip emobility since it is a dev repo 2017-10-13 18:58:14 +00:00			`[dionaea]`
			`download.dir=/opt/dionaea/var/dionaea/binaries/`
			`modules=curl,python,emu`
			`processors=filter_streamdumper,filter_emu`

			`listen.mode=getifaddrs`
			`# listen.addresses=127.0.0.1`
			`# listen.interfaces=eth0,tap0`

			`# Country`
tweaking 2018-05-15 20:30:44 +00:00			`ssl.default.c=AU`
include docker repos ... skip emobility since it is a dev repo 2017-10-13 18:58:14 +00:00			`# Common Name/domain name`
tweaking 2018-05-15 20:30:44 +00:00			`ssl.default.cn=Some-State`
include docker repos ... skip emobility since it is a dev repo 2017-10-13 18:58:14 +00:00			`# Organization`
tweaking 2018-05-15 20:30:44 +00:00			`ssl.default.o=Internet Widgits Pty Ltd`
include docker repos ... skip emobility since it is a dev repo 2017-10-13 18:58:14 +00:00			`# Organizational Unit`
			`ssl.default.ou=`

			`[logging]`
			`#default.filename=/opt/dionaea/var/dionaea/dionaea.log`
			`#default.levels=all`
			`#default.domains=*`

			`errors.filename=/opt/dionaea/var/dionaea/dionaea-errors.log`
			`errors.levels=warning,error`
			`errors.domains=*`

			`[processor.filter_streamdumper]`
			`name=filter`
			`config.allow.0.types=accept`
			`config.allow.1.types=connect`
			`config.allow.1.protocols=ftpctrl`
			`config.deny.0.protocols=ftpdata,ftpdatacon,xmppclient`
			`next=streamdumper`

			`[processor.streamdumper]`
			`name=streamdumper`
			`config.path=/opt/dionaea/var/dionaea/bistreams/%Y-%m-%d/`

			`[processor.filter_emu]`
			`name=filter`
			`config.allow.0.protocols=smbd,epmapper,nfqmirrord,mssqld`
			`next=emu`

			`[processor.emu]`
			`name=emu`
			`config.limits.files=3`
			`#512 * 1024`
			`config.limits.filesize=524288`
			`config.limits.sockets=3`
			`config.limits.sustain=120`
			`config.limits.idle=30`
			`config.limits.listen=30`
			`config.limits.cpu=120`
			`#// 1024 * 1024 * 1024`
			`config.limits.steps=1073741824`

			`[module.nl]`
			`# set to yes in case you are interested in the mac address of the remote (only works for lan)`
			`lookup_ethernet_addr=yes`

			`[module.python]`
			`imports=dionaea.log,dionaea.services,dionaea.ihandlers`
			`sys_paths=default`
			`service_configs=/opt/dionaea/etc/dionaea/services/*.yaml`
			`ihandler_configs=/opt/dionaea/etc/dionaea/ihandlers/*.yaml`