oscam.conf(5)							 oscam.conf(5)



NAME
       oscam.conf - main configuration file for OSCam

SYNOPSIS
       The  main  configuration file for OSCam contains global parameters such
       as debugging, logging, monitor, protocols and anti-cascading.  sections
       in  oscam.conf  are nonrecurring. The [global] section is required. All
       other sections are optional.

DESCRIPTIONS
   The [global] section
       serverip = IP address
	  bind service to specified IP address, default:all

       logfile = filename|/dev/null|/dev/tty|syslog
	  logging target, default: /var/log/oscam.log

       disablelog = 0|1
	  1 = disable log file, default:0

       disableuserfile = 0|1
	  1 = avoid logging although logfile is set, default:0

       pidfile = filename
	  PID file, default:no PID file

       usrfile = filename
	  log file for user logging, default:none

	  log file format:

	   date
	   time
	   CWs per second
	   username
	   IP address of client
	   TCP/IP port
	   CWs found
	   CWs from cache
	   CWs not found
	   CWs ignored
	   CWs timed out
	   CWs tunneled
	   login time in unix/POSIX format
	   logout time in unix/POSIX format
	   protocol

       cwlogdir = path
	  directory for CW logging, default:none

       clienttimeout = seconds
	  value for client process to wait for key, default:5

       fallbacktimeout = seconds
	  time falling back to fallback reader, default:2

       clientmaxidle = seconds
	  value for client process being idle before disconnect, default:120

       cachedelay = milli-seconds
	  value to delay cached requests , default:0

       bindwait = seconds
	  value to wait for bind request to complete, default:120

       netprio = priority
	  network priority, default:system given

       resolvedelay = seconds
	  delay for DNS resolving, default:30

       sleep = minutes
	  time waiting for inactive users, default:none,  can  be  overwritten
	  per user in oscam.user

       unlockparental = 0|1
	  1 = unlock parental mode option to disable Seca pin code request for
	  adult movie, default:0

       nice = -20..+20
	  system priority, default:99

       serialreadertimeout = milli-seconds
	  timeout for serial reader, default:1500

       maxlogsize = kbytes
	  max log file size, default:10

       waitforcards = 0|1
	  1 = wait for local SCs on  startup  before  opening  network	ports,
	  default:0

       preferlocalcards = 0|1
	  1 = try decoding on local cards first, default:0

   The [monitor] section
       port = 0|port
	  UDP port for monitor, port=0 monitor disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       nocrypt	= IP address|IP address range[,IP address|IP address range]...
	  unsecured monitor connection, default:none

	   example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255

       aulow = minutes
	  time no EMM occurs so that client is set to low, default:30

       monlevel = 0|1|2|3|4
	  monitor level:

	   0 = no access to monitor
	   1 = only server and own procs
	   2 = all procs, but viewing only, default
	   3 = all procs, reload of oscam.user possible
	   4 = complete access

	  monlevel can be overwritten per user in oscam.user

       hideclient_to = seconds
	  time to hide clients in the monitor if not  sending  requests,  0  =
	  disabled, default:0

       appendchaninfo = 0|1
	  1 = append channel name on log messages, default:0

   The [webif] section (only if web interface module enabled)
       httpport = port
	  port for web interface, 0 = disabled, default:none, required

       httpuser = username
	  username for password protection, default:none

       httppwd = password
	  password for password protection, default:none

       httpcss = path
	  path for external CSS file, default:none

       httptpl = path
	  path for external templates, default:none

       httprefresh = seconds
	  status refresh in seconds, default:none

       httptpl = path
	  path for external templates, default:none

       httphideidleclients = 0|1
	  1  =	enables  hiding clients after idle time set in parameter hide
	  client_to, default:0

       httpscript = path
	  path to an executable script which you wish to start from web inter
	  face, default:none

       httpallowed  =  IP  address|IP  address	range[,IP  address|IP  address
       range]...
	  http web interface connections allowed, default:none
	   example: httpallowed = 127.0.0.1,192.168.0.0-192.168.255.255

   The [camd33] section
       port = 0|port
	  TCP/IP port for camd 3.3x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       nocrypt = IP address|IP address range[,IP address|IP address  range]...
	  unsecured camd 3.3x client connection, default:none

	   example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255

       passive = 0|1
	  1=force passive camd 3.3x client, default:0

       key = 128 bit key
	  key for camd 3.3x client encryption, default:none

	   example: key = 01020304050607080910111213141516

   The [camd35] section
       port = 0|port
	  UDP port for camd 3.5x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

   The [newcamd] section
       port = port@CAID[:ident][,ident]...[;port@CAID[:ident][,ident]...]...
	  TCP port/CAID/ident definitions, default:none

	   example: port = 10000@0100:100000;20000@0200:200000,300000,400000

	  Each CAID requires a separate port.

       serverip = IP address
	  bind service to specified IP address, default:all

       allowed	= IP address|IP address range[,IP address|IP address range]...
	  client connections allowed from, default:none

	   example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255

       keepalive = 0|1
	  0 = disable keepalive, default:1

       key = DES key
	  key for newcamd client encryption, default:none

	   example key = 0102030405060708091011121314

   The [radegast] section
       port = 0|port
	  TCP/IP port for radegast clients, 0=disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       allowed = IP address|IP address range[,IP address|IP address  range]...
	  client connections allowed from, default:none

	   example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255

       user = username
	  user name for radegast client

   The [serial] section
       device = <user>@<device>[:baud][?option1=value1[&option2=value2]]
	  parameters:
	   user   = account
	   device = serial device name
	   option = timeout = milli-seconds, timeout for connection,
			      default:50
		    delay   = milli-seconds, additional delay between two
			      characters, default:0

	  supported serial devices:
	   HSIC    (humax sharing interface client)
	   SSSP    (simple serial sharing protocol)
	   bomba   (BOMBA firmware)
	   dsr9500 (DSR 9500)

   The [cs357x] section
       port = 0|port
	  UDP port for camd 3.57x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       suppresscmd08 = 0|1
	  0 = CMD08 enabled, 1 = CMD08 disabled, default:0

   The [cs378x] section
       port = 0|port@CAID[:ident][,ident]...[;port@CAID[:ident][,ident]...]...
	  TCP port/CAID/ident definitions for camd 3.78x clients,0 = disabled,
	  default:0

	   example: port = 10000@0100:100000;20000@0200:200000,300000,400000

	   Each CAID requires a separate port.

       serverip = IP address
	  bind service to specified IP address, default:all

       suppresscmd08 = 0|1
	  0 = CMD08 enabled, 1 = CMD08 disabled, default:0

   The [cccam] section
       port = 0|port
	  TCP/IP port for CCcam clients, 0 = disabled, default:0

       version = <main version>.<version>.<sub version>
	  define CCcam version, default:none

	   example: version = 1.2.34

       build = <4-digit number>
	  define CCcam build, default:none

	   example: build = 5678

       reshare = level
	  reshare level for CCcam clients, default:none

	   0 = no resharing
	   1 = resharing for direct peer only
	   2 = resharing for direct peer and next level
	   x = resharing for direct peer and next x level

   The [gbox] section
       password = password
	  password for gbox server

       maxdist = distance
	  maximum distance to gbox servers, default:5

       ignorelist = filename
	  listing of providers to be ignored, format: G:{<CAID><provider ID>},
	  default:none

	   example: G:{01001234}

       onlineinfos = filename
	  file to store online information, default:none

       cardinfos = filename
	  file to store card information, default:none

       locals = <CAID><provider ID>[,<CAID><provider ID>]...
	  backwards sharing of local cards,default:none

	   example: locals = 01001234,02005678

   The [dvbapi] section (only if DVB API module enabled)
       enabled = 0|1
	  1 = DVB API enabled, default:0

       user = username
	  user name for DVB API client, default:anonymous

       ignore = <CAID>[,<CAID>]...
	  CAIDs to be ignored, default:none

       priority = <CAID>:<provider ID>[,CAID:<provider ID>]...
	  CAIDs and provider IDs to be prioritized, default:CAIDs and provider
	  IDs of local SCs will be prioritized

       au = 0|1
	  1 = enable AU, default:0

       boxtype = dbox2|dreambox|ufs910
	  set	boxtype,   auto   detection   of  DVB  API  will  be  aspired,
	  default:dreambox

   The [anticasc] section (only if anti-cascading enabled)
       enabled = 0|1
	  1 = enabled anti-cascading, default:0

       numusers = quantity
	  anti-cascading: user	per  account,  0  =  anti-cascading  disabled,
	  default:0

       sampletime = minutes
	  duration of sample, default:2

       samples = quantity
	  quantity of samples over limit, default:10

       penalty = 0|1|2
	  level of penalty:

	   0 = only logging
	   1 = send fake CWs
	   2 = disbable user temporary

	  default:0, penalty can be overwritten per user in oscam.user

       aclogfile = filename
	  file for anti-cascading logging, default:none

       fakedelay = milli-seconds
	  fake delay time, default:1000

       denysamples = quantity
	  How many samples should be penalized?, default:8

MONITOR
       monitor commands:

	 login <user> <password>

	  login (for unencrypted connections only)


	 setuser <user> <parameter>=<value>

	  set parameter for user


	 exit

	  exit monitor


	 log <on|onwohist|off>

	  enable|enable without hitory|disable logging for 2 minutes


	 status

	  list of current processes and clients


	 shutdown

	  shutdown OSCam


	 reload

	  reinit user db, clients and anti-cascading, for newcamd connections:
	  after reloading the ident, please restart newcamd client


	 details <PID>

	  details about selected PID


	 debug <level>

	  set debug level (monlevel > 3 required)

	  debug level mask:
	     0 = no debugging (default)
	     2 = ATR parsing info, ECM dumps, CW dumps
	     4 = traffic from/to the reader
	     8 = traffic from/to the clients
	    16 = traffic to the reader-device on IFD layer
	    32 = traffic to the reader-device on I/O layer
	    64 = EMM logging
	   255 = debug all

	 version

	  show OSCam version


	 commands

	  show all valid monitor commands

WEB INTERFACE
	 template system

	  The web interface allows you to create your own template. For devel
	  oping  your  own template request the orignal template with the non-
	  linked page savetemplates.html.  Store  your	own  template  in  the
	  directory specified by httptpl.

	 SSL connection to the web interface

	  The Apache module mod_proxy can be used to proxy requests to the web
	  interface. With this module its also possible to use a SSL  connec
	  tion to the web interface.

	   ProxyRequests Off
	    <Proxy *>
	     Order deny,allow
	     Allow from all
	    </Proxy>
	    ProxyPass /oscam/ http://localhost:8080/
	    ProxyPassReverse /oscam/ http://localhost:8080/

	  For further information please read the Apache documentation.

	 known issues

	  Login  is  not  possible  by	now with the Safari browser because of
	  incorrect stale flag handling. Increasing the AUTHNONCEVALIDSECS  in
	  oscam-http.h	would be a workaround, but also a small security risk.

EXAMPLES
	[global]
	logfile      = /var/log/oscam/oscam.log
	usrfile      = /var/log/oscam/oscamuser.log
	pidfile      = /var/run/oscam.pid

	waitforcards = 1

	[monitor]
	port	     = 988
	monlevel     = 1
	nocrypt      = 127.0.0.1

	[webif]
	httpport     = 8888
	httpuser     = myusername
	httppwd      = mypassword

	[newcamd]
	key	     = 0102030405060708091011121314
	port	     = 10000@0100:100000;20000@0200:200000,300000,400000

	[radegast]
	port	     = 30000
	user	     = radegastuser
	allowed      = 127.0.0.1,192.168.0.0-192.168.255.255

	[camd33]
	port	     = 40000
	serverip     = 192.168.0.1
	key	     = 01020304050607080910111213141516

	[cs378x]
	port	     = 50000@0300:600000

SEE ALSO
       list_smargo(1),	   oscam(1),	  oscam.user(5),      oscam.server(5),
       oscam.srvid(5),	 oscam.guess(5),   oscam.cert(5),   oscam.services(5),
       oscam.ird(5), oscam.ac(5)



								 oscam.conf(5)
