82 líneas
2.8 KiB
JavaScript
82 líneas
2.8 KiB
JavaScript
/**
|
|
* Network Packet Capture Configuration
|
|
* Adjust these settings according to your environment and requirements
|
|
*/
|
|
|
|
module.exports = {
|
|
// Elasticsearch configuration
|
|
elasticsearch: {
|
|
node: process.env.ES_NODE || 'http://localhost:9200',
|
|
auth: {
|
|
username: process.env.ES_USERNAME || 'elastic',
|
|
password: process.env.ES_PASSWORD || 'changeme'
|
|
},
|
|
index: process.env.ES_INDEX || 'network-packets'
|
|
},
|
|
|
|
// Network capture settings
|
|
capture: {
|
|
// Network interfaces to capture from (empty array = all available interfaces)
|
|
// Example: ['eth0', 'wlan0']
|
|
interfaces: process.env.CAPTURE_INTERFACES ? process.env.CAPTURE_INTERFACES.split(',') : [],
|
|
|
|
// Enable promiscuous mode (capture all packets on the network segment)
|
|
promiscuousMode: process.env.PROMISCUOUS_MODE === 'true' || false,
|
|
|
|
// Buffer size in bytes for packet capture
|
|
bufferSize: parseInt(process.env.BUFFER_SIZE) || 10 * 1024 * 1024, // 10 MB
|
|
|
|
// Capture filter (BPF syntax)
|
|
// This will be built dynamically based on the filters below
|
|
filter: process.env.CAPTURE_FILTER || null
|
|
},
|
|
|
|
// Packet filtering options
|
|
filters: {
|
|
// Protocols to capture (empty array = all protocols)
|
|
// Options: 'tcp', 'udp', 'icmp'
|
|
protocols: process.env.FILTER_PROTOCOLS ? process.env.FILTER_PROTOCOLS.split(',') : [],
|
|
|
|
// Ports to exclude from capture
|
|
// Example: [22, 80, 443]
|
|
excludePorts: process.env.EXCLUDE_PORTS ? process.env.EXCLUDE_PORTS.split(',').map(Number) : [],
|
|
|
|
// Port ranges to exclude from capture
|
|
// Example: [[8000, 9000], [3000, 3100]]
|
|
excludePortRanges: process.env.EXCLUDE_PORT_RANGES ?
|
|
JSON.parse(process.env.EXCLUDE_PORT_RANGES) : [],
|
|
|
|
// Ports to include (if specified, only these ports will be captured)
|
|
includePorts: process.env.INCLUDE_PORTS ? process.env.INCLUDE_PORTS.split(',').map(Number) : []
|
|
},
|
|
|
|
// Content indexing settings
|
|
content: {
|
|
// Maximum content size to index (in bytes)
|
|
// Content larger than this will not be indexed
|
|
maxContentSize: parseInt(process.env.MAX_CONTENT_SIZE) || 1024 * 1024, // 1 MB
|
|
|
|
// Try to detect and index ASCII/readable content
|
|
indexReadableContent: process.env.INDEX_READABLE_CONTENT !== 'false'
|
|
},
|
|
|
|
// Cache settings for Elasticsearch failover
|
|
cache: {
|
|
// Maximum number of documents to keep in memory cache
|
|
// when Elasticsearch is unavailable
|
|
maxSize: parseInt(process.env.CACHE_MAX_SIZE) || 10000,
|
|
|
|
// Interval to check ES availability and flush cache (in milliseconds)
|
|
checkInterval: parseInt(process.env.CACHE_CHECK_INTERVAL) || 5000
|
|
},
|
|
|
|
// Logging options
|
|
logging: {
|
|
// Log level: 'debug', 'info', 'warn', 'error'
|
|
level: process.env.LOG_LEVEL || 'info',
|
|
|
|
// Log packet statistics every N seconds
|
|
statsInterval: parseInt(process.env.STATS_INTERVAL) || 60
|
|
}
|
|
};
|