1 files changed, 42 insertions, 0 deletions

diff --git a/collector_sample/packetq.conf b/collector_sample/packetq.conf
new file mode 100644
index 0000000..cec9ff7
--- /dev/null
+++ b/collector_sample/packetq.conf
@@ -0,0 +1,42 @@
+## packetq pid file
+pidfile=/var/run/packetq.pid
+
+## Name of the DNS server. Parameter is used first in filename when creating
+## tcpdump files.
+server="my_server"
+
+## Directory where pcap files are stored
+# make sure path ends with trailing "/"
+destdir=/tmp/
+
+## Name of the network interface(s) to monitor
+interface=eth0,eth1
+
+## How often to rotate dump file, in seconds
+interval=300
+
+## zip compression for pcap data  
+compression_level=9
+
+## BSD libtrace promiscous interface hack
+# (uses a tcpdump session on port 100 to keep the interface in promisc mode)
+#bsdpromischack=YES
+bsdpromischack=NO
+
+## path to the tcpdump binary (only needed for promisc hack above)
+tcpdump=tcpdump
+
+## path to the tracesplit binary
+#  tracesplit is distributed in the tools folder of the libtrace library
+#  which at the time of this writing could be obtained at:
+#  http://research.wand.net.nz/software/libtrace.php
+#  make sure it's built and installed.
+tracesplit=/usr/local/bin/tracesplit
+
+### choose a packet filter:
+## collect TCP and UDP, requests and responses:
+filter="port 53 and not host 192.168.1.3 and not host 192.168.1.8"
+
+## run command after moving file
+command="echo \"path:%P filename:%F server:%S interface:%I date:%Y %M %D time:%h %m %s\""
+