81
config.js
Archivo normal
81
config.js
Archivo normal
@@ -0,0 +1,81 @@
|
||||
/**
|
||||
* Network Packet Capture Configuration
|
||||
* Adjust these settings according to your environment and requirements
|
||||
*/
|
||||
|
||||
module.exports = {
|
||||
// Elasticsearch configuration
|
||||
elasticsearch: {
|
||||
node: process.env.ES_NODE || 'http://localhost:9200',
|
||||
auth: {
|
||||
username: process.env.ES_USERNAME || 'elastic',
|
||||
password: process.env.ES_PASSWORD || 'changeme'
|
||||
},
|
||||
index: process.env.ES_INDEX || 'network-packets'
|
||||
},
|
||||
|
||||
// Network capture settings
|
||||
capture: {
|
||||
// Network interfaces to capture from (empty array = all available interfaces)
|
||||
// Example: ['eth0', 'wlan0']
|
||||
interfaces: process.env.CAPTURE_INTERFACES ? process.env.CAPTURE_INTERFACES.split(',') : [],
|
||||
|
||||
// Enable promiscuous mode (capture all packets on the network segment)
|
||||
promiscuousMode: process.env.PROMISCUOUS_MODE === 'true' || false,
|
||||
|
||||
// Buffer size in bytes for packet capture
|
||||
bufferSize: parseInt(process.env.BUFFER_SIZE) || 10 * 1024 * 1024, // 10 MB
|
||||
|
||||
// Capture filter (BPF syntax)
|
||||
// This will be built dynamically based on the filters below
|
||||
filter: process.env.CAPTURE_FILTER || null
|
||||
},
|
||||
|
||||
// Packet filtering options
|
||||
filters: {
|
||||
// Protocols to capture (empty array = all protocols)
|
||||
// Options: 'tcp', 'udp', 'icmp'
|
||||
protocols: process.env.FILTER_PROTOCOLS ? process.env.FILTER_PROTOCOLS.split(',') : [],
|
||||
|
||||
// Ports to exclude from capture
|
||||
// Example: [22, 80, 443]
|
||||
excludePorts: process.env.EXCLUDE_PORTS ? process.env.EXCLUDE_PORTS.split(',').map(Number) : [],
|
||||
|
||||
// Port ranges to exclude from capture
|
||||
// Example: [[8000, 9000], [3000, 3100]]
|
||||
excludePortRanges: process.env.EXCLUDE_PORT_RANGES ?
|
||||
JSON.parse(process.env.EXCLUDE_PORT_RANGES) : [],
|
||||
|
||||
// Ports to include (if specified, only these ports will be captured)
|
||||
includePorts: process.env.INCLUDE_PORTS ? process.env.INCLUDE_PORTS.split(',').map(Number) : []
|
||||
},
|
||||
|
||||
// Content indexing settings
|
||||
content: {
|
||||
// Maximum content size to index (in bytes)
|
||||
// Content larger than this will not be indexed
|
||||
maxContentSize: parseInt(process.env.MAX_CONTENT_SIZE) || 1024 * 1024, // 1 MB
|
||||
|
||||
// Try to detect and index ASCII/readable content
|
||||
indexReadableContent: process.env.INDEX_READABLE_CONTENT !== 'false'
|
||||
},
|
||||
|
||||
// Cache settings for Elasticsearch failover
|
||||
cache: {
|
||||
// Maximum number of documents to keep in memory cache
|
||||
// when Elasticsearch is unavailable
|
||||
maxSize: parseInt(process.env.CACHE_MAX_SIZE) || 10000,
|
||||
|
||||
// Interval to check ES availability and flush cache (in milliseconds)
|
||||
checkInterval: parseInt(process.env.CACHE_CHECK_INTERVAL) || 5000
|
||||
},
|
||||
|
||||
// Logging options
|
||||
logging: {
|
||||
// Log level: 'debug', 'info', 'warn', 'error'
|
||||
level: process.env.LOG_LEVEL || 'info',
|
||||
|
||||
// Log packet statistics every N seconds
|
||||
statsInterval: parseInt(process.env.STATS_INTERVAL) || 60
|
||||
}
|
||||
};
|
||||
Referencia en una nueva incidencia
Block a user