added configuration variable documentation and filename documentation
This commit is contained in:
carnivuth
@@ -112,6 +112,8 @@ services:
|
||||
- TZ="Europe/Rome"
|
||||
volumes:
|
||||
- ./config.yaml:/app/config.yaml:ro
|
||||
# bind mount for firewall exporters
|
||||
- ./exports:/app/exports
|
||||
- krawl-data:/app/data
|
||||
restart: unless-stopped
|
||||
|
||||
@@ -204,6 +206,7 @@ Krawl uses a **configuration hierarchy** in which **environment variables take p
|
||||
| `KRAWL_DASHBOARD_SECRET_PATH` | Custom dashboard path | Auto-generated |
|
||||
| `KRAWL_PROBABILITY_ERROR_CODES` | Error response probability (0-100%) | `0` |
|
||||
| `KRAWL_DATABASE_PATH` | Database file location | `data/krawl.db` |
|
||||
| `KRAWL_EXPORTS_PATH` | Path where firewalls rule sets are exported | `exports` |
|
||||
| `KRAWL_DATABASE_RETENTION_DAYS` | Days to retain data in database | `30` |
|
||||
| `KRAWL_HTTP_RISKY_METHODS_THRESHOLD` | Threshold for risky HTTP methods detection | `0.1` |
|
||||
| `KRAWL_VIOLATED_ROBOTS_THRESHOLD` | Threshold for robots.txt violations | `0.1` |
|
||||
|
||||
@@ -14,6 +14,8 @@ class Iptables{ }
|
||||
note for Iptables "implements the getBanlist method for iptables rules"
|
||||
```
|
||||
|
||||
Rule sets are generated trough the `top_attacking_ips__export-malicious-ips` that writes down the files in the `exports_path` configuration path. Files are named after the specific firewall that they implement as `[firewall]_banlist.txt` except for raw file that is called `malicious_ips.txt` to support legacy
|
||||
|
||||
## Adding firewalls exporters
|
||||
|
||||
To add a firewall exporter create a new python class in `src/firewall` that implements `FWType` class
|
||||
|
||||
Reference in New Issue
Block a user