Procházet zdrojové kódy

Added files needed by the package.

git-svn-id: https://svn.microneil.com/svn/PKG-SNF4CGP-WIN/trunk@23 7d91e7c8-5a61-404e-b06a-95855fde9112
master
adeniz před 11 roky
rodič
revize
d4989b962e

+ 11
- 0
BuildPackage/config_files/GBUdbIgnoreList.txt.sample Zobrazit soubor

@@ -0,0 +1,11 @@
# List of IPs to Ignore on startup
# THIS FILE MUST BE PRESENT FOR SNF TO START!
# Each IP in this list is set to Ignore in GBUdb when
# The configuration is loaded.
# Hash mark on the beginning of a line indicates a comment.
# Comments after an IP are also ignored.
# One line per IP. Sorry, no CIDR yet.
# Note that you can also use Drilldown directives to achieve CIDR like results automatically.
# Be sure to list ALL of your gateways :-)
127.0.0.1 # ignore localhost, of course.

+ 2
- 0
BuildPackage/config_files/identity.xml.sample Zobrazit soubor

@@ -0,0 +1,2 @@
<snf><identity licenseid='licensid' authentication='authenticationxx'/></snf>

+ 167
- 0
BuildPackage/config_files/snf_engine.xml.sample Zobrazit soubor

@@ -0,0 +1,167 @@
<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl"
href="snf-configuration.xsl"?>
<!-- SNFMulti V3.0 Configuration File, Setup: Typical of SNF4CGP -->
<!-- http://www.armresearch.com/support/articles/software/snfServer/config/snfEngine.jsp -->
<snf>
<node identity='C:\CommuniGatePro\CGPSNF\identity.xml'>
<paths>
<log path='C:\CommuniGatePro\CGPSNF\'/>
<rulebase path='C:\CommuniGatePro\CGPSNF\'/>
<workspace path='C:\CommuniGatePro\CGPSNF\'/>
</paths>
<logs>
<rotation localtime='no'/>
<status>
<second log='yes' append='no'/>
<minute log='yes' append='no'/>
<hour log='no' append='no'/>
</status>
<scan>
<identifier force-message-id='no'/>
<classic mode='api' rotate='yes' matches='unique'/>
<xml mode='file' rotate='yes' matches='all' performance='yes' gbudb='yes'/>
<xheaders>
<output mode='api'/>
<version on-off='off'>X-MessageSniffer-Version</version>
<license on-off='off'>X-MessageSniffer-License</license>
<rulebase on-off='off'>X-MessageSniffer-RulebaseUTC</rulebase>
<identifier on-off='off'>X-MessageSniffer-Identifier</identifier>
<gbudb on-off='on'>X-GBUdb-Analysis</gbudb>
<result on-off='on'>X-MessageSniffer-Scan-Result</result>
<matches on-off='on'>X-MessageSniffer-Rules</matches>
<black on-off='on'>X-MessageSniffer-Spam: Yes</black>
<white on-off='off'>X-MessageSniffer-White: Yes</white>
<clean on-off='off'>X-MessageSniffer-Clean: Yes</clean>
<symbol on-off='off' n='0'>X-MessageSniffer-SNF-Group: OK</symbol>
<symbol on-off='off' n='20'>X-MessageSniffer-SNF-Group: Truncated</symbol>
<symbol on-off='off' n='40'>X-MessageSniffer-SNF-Group: Caution</symbol>
<symbol on-off='off' n='63'>X-MessageSniffer-SNF-Group: Black</symbol>
<symbol on-off='off' n='62'>X-MessageSniffer-SNF-Group: Obfuscation</symbol>
<symbol on-off='off' n='61'>X-MessageSniffer-SNF-Group: Abstract</symbol>
<symbol on-off='off' n='60'>X-MessageSniffer-SNF-Group: General</symbol>
<symbol on-off='off' n='59'>X-MessageSniffer-SNF-Group: Casinos-Gambling</symbol>
<symbol on-off='off' n='58'>X-MessageSniffer-SNF-Group: Debt-Credit</symbol>
<symbol on-off='off' n='57'>X-MessageSniffer-SNF-Group: Get-Rich</symbol>
<symbol on-off='off' n='56'>X-MessageSniffer-SNF-Group: Ink-Toner</symbol>
<symbol on-off='off' n='55'>X-MessageSniffer-SNF-Group: Malware</symbol>
<symbol on-off='off' n='54'>X-MessageSniffer-SNF-Group: Porn-Dating-Adult</symbol>
<symbol on-off='off' n='53'>X-MessageSniffer-SNF-Group: Scam-Phishing</symbol>
<symbol on-off='off' n='52'>X-MessageSniffer-SNF-Group: Snake-Oil</symbol>
<symbol on-off='off' n='51'>X-MessageSniffer-SNF-Group: Spamware</symbol>
<symbol on-off='off' n='50'>X-MessageSniffer-SNF-Group: Media-Theft</symbol>
<symbol on-off='off' n='49'>X-MessageSniffer-SNF-Group: AV-Push</symbol>
<symbol on-off='off' n='48'>X-MessageSniffer-SNF-Group: Insurance</symbol>
<symbol on-off='off' n='47'>X-MessageSniffer-SNF-Group: Travel</symbol>
</xheaders>
</scan>
</logs>
<network>
<sync secs='30' host='sync.messagesniffer.net' port='25'/>
<update-script on-off='on' call='C:\CommuniGatePro\CGPSNF\getRulebase.cmd' guard-time='180'/>
</network>
<xci on-off='on' port='9001'/>
<gbudb>
<database>
<condense minimum-seconds-between='600'>
<time-trigger on-off='on' seconds='86400'/>
<posts-trigger on-off='off' posts='1200000'/>
<records-trigger on-off='off' records='600000'/>
<size-trigger on-off='on' megabytes='150'/>
</condense>
<checkpoint on-off='on' secs='3600'/>
</database>
<regions>
<white on-off='on' symbol='0'>
<edge probability='-1.0' confidence='0.4'/>
<edge probability='-0.8' confidence='1.0'/>
<panic on-off='on' rule-range='1000'/>
</white>
<caution on-off='on' symbol='40'>
<edge probability='0.4' confidence='0.0'/>
<edge probability='0.8' confidence='0.5'/>
</caution>
<black on-off='on' symbol='63'>
<edge probability='0.8' confidence='0.2'/>
<edge probability='0.8' confidence='1.0'/>
<truncate on-off='on' probability='0.9' peek-one-in='5' symbol='20'/>
<sample on-off='on' probability='0.8' grab-one-in='5' passthrough='no' passthrough-symbol='0'/>
</black>
</regions>
<training on-off='on'>
<bypass>
<!-- <header name='To:' find='spam@example.com'/> -->
<!-- <header name='Received:' ordinal='1' find='friendlyhost.com'/> -->
</bypass>
<drilldown>
<!-- <received ordinal='0' find='[12.34.56.'/> where we want to ignore 12.34.56.0/24 -->
<!-- <received ordinal='0' find='mixed-source.com'/> -->
<!-- <received ordinal='1' find='mixed-source-internal.com'/> -->
</drilldown>
<source>
<!-- <header name='X-Use-This-Source:' received='mixedsource.com [' ordinal='0' /> -->
<!-- <header name='X-Originating-IP:' received='hotmail.com [' ordinal='0' /> -->
</source>
<white>
<result code='1'/>
<!-- <header name='Received:' ordinal='0' find='.friendlyhost.com'/> -->
</white>
</training>
</gbudb>
<rule-panics>
<!--
<rule id='123456'/>
<rule id='123457'/>
-->
</rule-panics>
<platform>
<snf4cgp>
<ham action='Allow' reason='Message OK' comment='Message OK' headers='no' classic='no' xml='no'>
<result code='0' comment='(0) Not Spam/Malware' />
<result code='1' comment='(1) White Rule/IP-Range' />
</ham>
<spam action='Allow' reason='Spam/Malware' comment='Spam/Malware' headers='yes' classic='no' xml='no' hold-path='quarantine'>
<result code='40' action='Postpone' reason='Source IP suspect (GBUdb/caution)' comment='(40) Caution' />
<result code='63' action='Postpone' reason='Source IP suspect (GBUdb/black)' comment='(63) Black' />
<result code='20' action='Reject' reason='Source IP black listed (GBUdb/truncate)' comment='(20) Truncate' />
</spam>
</snf4cgp>
</platform>
<msg-file type='cgp'/>
</node>
</snf>

Načítá se…
Zrušit
Uložit