User Statistic Request.

GETSTATD

--------------------------------------------------
#	DEV_SPACE:device:min_space_kb
#	arg "-dev" for disable.

DEV_SPACE:hda3:135000 
DEV_SPACE:hda2:10000
DEV_SPACE:hda6:20000
DEV_SPACE:hda7:50000

--------------------------------------------------
#    FS_SPACE:dir_or_file:max_space_kb
#	arg "-fs" for disable.

FS_SPACE:/etc:50000
FS_SPACE:/var/log:5000
FS_SPACE:/usr/local/bin:100000
FS_SPACE:/var/log/syslog:2000

--------------------------------------------------
#    PROC:prog_name:max_forks:max_size_kb, 0-ignore
#	arg "-proc" for disable.

PROC:httpd:0:0
PROC:in.tproxyd:50:0
PROC:squid:0:30000
PROC:syslogd:0:30000

--------------------------------------------------
#    NETSERVICE;host;port;timeout;send data;wait for data
#	arg "-ns" for disable. !!! Use ';' instead ':' !!!

NETSERVICE;www.opennet.ru;80;5;GET http://www.opennet.ru/under.shtml HTTP/1.0\\n\\n\\n;SKYNET
NETSERVICE;www.skyway.ru;80;5;GET http://www.skyway.ru/under.shtml HTTP/1.0\\n\\n\\n;SKYNET
NETSERVICE;www.linux.opennet.ru;80;5;GET http://www.linux.opennet.ru/index.html HTTP/1.0\\n\\n\\n;Chirkov
NETSERVICE;www.tyumen.ru;80;15;GET http://www.tyumen.ru/~mc/linux/index.html HTTP/1.0\\n\\n\\n;Chirkov
NETSERVICE;ftp.opennet.ru;21;5;QUIT;FTP server
NETSERVICE;boa.opennet.ru;25;5;QUIT;ESMTP
NETSERVICE;boa.opennet.ru;110;5;QUIT;POP3 Server

--------------------------------------------------
#    DNS:name_server:host_name
#	arg "-dns" for disable.

DNS:195.161.17.65:www.opennet.ru
DNS:ns.tyumen.ru:boa.opennet.ru
DNS:ns.sibtel.ru:pentagon.opennet.ru
DNS:www.opennet.ru:pentagon.opennet.ru
DNS:ns.tyumens.ru:boa.opennets.ru
DNS:ns.sibtel.ru:pentagon.opennets.ru
DNS:www.opennets.ru:pentagon.opennet.ru

--------------------------------------------------
#    PING:host_name
#	arg "-ping" for disable.

PING:boa.opennet.ru
PING:www.tyumen.ru
PING:127.0.0.1

--------------------------------------------------
#    INTERFACE:infterface_name[-alias]
#	arg "-if" for disable.

INTERFACE:cx0
INTERFACE:lo
INTERFACE:eth0
INTERFACE:eth0:0
INTERFACE:eth0:1
INTERFACE:eth0:2
INTERFACE:eth0:3

--------------------------------------------------
#    ROUTE:ip_mask
#	arg "-rt" for disable.

ROUTE:195.161.17.64
ROUTE:195.161.17.65
ROUTE:0.0.0.0

--------------------------------------------------
#    SUID:dir_for_check:suid_prog_list_flag (1- list all suid programm, 0- silence)
#	All suid files defined in stoplist will be ignored !
#	arg "-suid" for disable.

SUID:/bin:1
SUID:/sbin:0
SUID:/usr/bin:0
SUID:/usr/sbin:0

--------------------------------------------------
#    STOP_LIST:file_for_check
#	arg "-make_stop_list" to create raw stoplist block at the end of the 
#				configuretion file.
#	arg "-slist" for disable.
#

STOP_LIST:/bin/ping
STOP_LIST:/bin/su
STOP_LIST:/bin/login
STOP_LIST:/usr/bin/passwd
STOP_LIST:/usr/bin/traceroute
STOP_LIST:/usr/bin/sudo
STOP_LIST:/usr/sbin/sendmail
STOP_LIST:/usr/bin/procmail
STOP_LIST:/usr/sbin/pppd


--------------------------------------------------
#    LOG_MON:log_path:perform_last_N_lines
#	arg "-log" for disable.

LOG_MON:/var/log/messages:100
LOG_MON:/var/log/syslog:100

--------------------------------------------------
#    LOG_INFO:regular_expressions for awk
#    LOG_INFO:"END_OF_LIST"

LOG_INFO:getstatd.admin
LOG_INFO:getstatd.+request.+user
LOG_INFO:error
LOG_INFO:panic
LOG_INFO:failure
LOG_INFO:deny
LOG_INFO:fatal
LOG_INFO:ping
LOG_INFO:telnet
LOG_INFO:attack
LOG_INFO:reject
LOG_INFO:root
LOG_INFO:incorrect
LOG_INFO:illegal
LOG_INFO:wrong
LOG_INFO:failed
LOG_INFO:denied
LOG_INFO:refused
LOG_INFO:bad
LOG_INFO:permitted
LOG_INFO:END_OF_LIST

--------------------------------------------------
# Don't edit below ! Use arg "-make_stop_list" to create stoplist block.
[RAW_STOP_LIST]