oscam.conf(5)							 oscam.conf(5)



NAME
       oscam.conf - main configuration file for OSCam

SYNOPSIS
       The  main  configuration file for OSCam contains global parameters such
       as debugging, logging, monitor, protocols and anti-cascading.  sections
       in  oscam.conf  are nonrecurring. The [global] section is required. All
       other sections are optional.

DESCRIPTIONS
   The [global] section
       serverip = IP address
	  bind service to specified IP address, default:all

       logfile = filename|/dev/null|/dev/tty|syslog
	  logging target, default: /var/log/oscam.log

       pidfile = filename
	  PID file, default:no PID file

       usrfile = filename
	  log file for user logging, default:none

	  log file format:

	   date
	   time
	   CWs per second
	   username
	   IP address of client
	   TCP/IP port
	   CWs found
	   CWs from cache
	   CWs not found
	   CWs ignored
	   CWs timed out
	   CWs tunneled
	   login time in unix/POSIX format
	   logout time in unix/POSIX format
	   protocol

       cwlogdir = path
	  directory for CW logging, default:none

       clienttimeout = seconds
	  value for client process to wait for key, default:5

       fallbacktimeout = seconds
	  time falling back to fallback reader, default:2

       clientmaxidle = seconds
	  value for client process being idle before disconnect, default:120

       cachedelay = milli-seconds
	  value to delay cached requests , default:0

       bindwait = seconds
	  value to wait for bind request to complete, default:120

       netprio = priority
	  network priority, default:system given

       resolvedelay = seconds
	  delay for DNS resolving, default:30

       sleep = minutes
	  time waiting for inactive users, default:none,  can  be  overwritten
	  per user in oscam.user

       unlockparental = 0|1
	  1 = unlock parental mode option to disable Seca pin code request for
	  adult movie, default:0

       nice = -20..+20
	  system priority, default:99

       serialreadertimeout = milli-seconds
	  timeout for serial reader, default:1500

       maxlogsize = kbytes
	  max log file size, default:10

       waitforcards = 0|1
	  1 = wait for local SCs on  startup  before  opening  network	ports,
	  default:0

       preferlocalcards = 0|1
	  1 = try decoding on local cards first, default:0

   The [monitor] section
       port = 0|port
	  UDP port for monitor, port=0 monitor disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       nocrypt	= IP address|IP address range[,IP address|IP address range]...
	  unsecured monitor connection, default:none

	   example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255

       aulow = minutes
	  time no EMM occurs so that client is set to low, default:30

       monlevel = 0|1|2|3|4
	  monitor level:

	   0 = no access to monitor
	   1 = only server and own procs
	   2 = all procs, but viewing only, default
	   3 = all procs, reload of oscam.user possible
	   4 = complete access

	  monlevel can be overwritten per user in oscam.user

       hideclient_to = seconds
	  time to hide clients in the monitor if not  sending  requests,  0  =
	  disabled, default:0

       httpport = port (only if web interface module enabled)
	  port for web interface, 0 = disabled, default:none, required

       httpuser = username (only if web interface module enabled)
	  username for password protection, default:none

       httppwd = password (only if web interface module enabled)
	  password for password protection, default:none

       httpcss = path (only if web interface module enabled)
	  path for external CSS file, default:none

       httptpl = path (only if web interface module enabled)
	  path for external templates, default:none

       httprefresh = seconds (only if web interface module enabled)
	  status refresh in seconds, default:none

       httptpl = path (only if web interface module enabled)
	  path for external templates, default:none

       httphideidleclients = 0|1 (only if web interface module enabled)
	  1  =	enables  hiding clients after idle time set in parameter hide
	  client_to, default:0

       httpscript = path (only if web interface module enabled)
	  path to an executable script which you wish to start from web inter
	  face, default:none

   The [camd33] section
       port = 0|port
	  TCP/IP port for camd 3.3x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       nocrypt	= IP address|IP address range[,IP address|IP address range]...
	  unsecured camd 3.3x client connection, default:none

	   example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255

       passive = 0|1
	  1=force passive camd 3.3x client, default:0

       key = 128 bit key
	  key for camd 3.3x client encryption, default:none

	   example: key = 01020304050607080910111213141516

   The [camd35] section
       port = 0|port
	  UDP port for camd 3.5x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

   The [newcamd] section
       port = port@CAID[:ident][,ident]...[;port@CAID[:ident][,ident]...]...
	  TCP port/CAID/ident definitions, default:none

	   example: port = 10000@0100:100000;20000@0200:200000,300000,400000

	  Each CAID requires a separate port.

       serverip = IP address
	  bind service to specified IP address, default:all

       allowed = IP address|IP address range[,IP address|IP address  range]...
	  client connections allowed from, default:none

	   example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255

       keepalive = 0|1
	  0 = disable keepalive, default:1

       key = DES key
	  key for newcamd client encryption, default:none

	   example key = 0102030405060708091011121314

   The [radegast] section
       port = 0|port
	  TCP/IP port for radegast clients, 0=disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       allowed	= IP address|IP address range[,IP address|IP address range]...
	  client connections allowed from, default:none

	   example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255

       user = username
	  user name for radegast client

   The [serial] section
       device = <user>@<device>[:baud][?option1=value1[&option2=value2]]
	  parameters:
	   user   = account
	   device = serial device name
	   option = timeout = milli-seconds, timeout for connection,
			      default:50
		    delay   = milli-seconds, additional delay between two
			      characters, default:0

	  supported serial devices:
	   HSIC    (humax sharing interface client)
	   SSSP    (simple serial sharing protocol)
	   bomba   (BOMBA firmware)
	   dsr9500 (DSR 9500)

   The [cs357x] section
       port = 0|port
	  UDP port for camd 3.57x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       suppresscmd08 = 0|1
	  0 = CMD08 enabled, 1 = CMD08 disabled, default:0

   The [cs378x] section
       port = 0|port@CAID[:ident][,ident]...[;port@CAID[:ident][,ident]...]...
	  TCP port/CAID/ident definitions for camd 3.78x clients,0 = disabled,
	  default:0

	   example: port = 10000@0100:100000;20000@0200:200000,300000,400000

	   Each CAID requires a separate port.

       serverip = IP address
	  bind service to specified IP address, default:all

       suppresscmd08 = 0|1
	  0 = CMD08 enabled, 1 = CMD08 disabled, default:0

   The [cccam] section
       port = 0|port
	  TCP/IP port for CCcam clients, 0 = disabled, default:0

       version = <main version>.<version>.<sub version>
	  define CCcam version, default:none

	   example: version = 1.2.34

       build = <4-digit number>
	  define CCcam build, default:none

	   example: build = 5678

       reshare = level
	  reshare level for CCcam clients, default:none

	   0 = no resharing
	   1 = resharing for direct peer only
	   2 = resharing for direct peer and next level
	   x = resharing for direct peer and next x level

   The [gbox] section
       password = password
	  password for gbox server

       maxdist = distance
	  maximum distance to gbox servers, default:5

       ignorelist = filename
	  listing of providers to be ignored, format: G:{<CAID><provider ID>},
	  default:none

	   example: G:{01001234}

       onlineinfos = filename
	  file to store online information, default:none

       cardinfos = filename
	  file to store card information, default:none

       locals = <CAID><provider ID>[,<CAID><provider ID>]...
	  backwards sharing of local cards,default:none

	   example: locals = 01001234,02005678

   The [dvbapi] section (only if DVB API module enabled)
       enabled = 0|1
	  1 = DVB API enabled, default:0

       user = username
	  user name for DVB API client, default:anonymous

       ignore = <CAID>[,<CAID>]...
	  CAIDs to be ignored, default:none

       priority = <CAID>:<provider ID>[,CAID:<provider ID>]...
	  CAIDs and provider IDs to be prioritized, default:CAIDs and provider
	  IDs of local SCs will be prioritized

       au = 0|1
	  1 = enable AU, default:0

       boxtype = dbox2|dreambox|ufs910
	  set  boxtype,  auto  detection  of  DVB   API   will	 be   aspired,
	  default:dreambox

   The [anticasc] section (only if anti-cascading enabled)
       enabled = 0|1
	  1 = enabled anti-cascading, default:0

       numusers = quantity
	  anti-cascading:  user  per  account,	0  =  anti-cascading disabled,
	  default:0

       sampletime = minutes
	  duration of sample, default:2

       samples = quantity
	  quantity of samples over limit, default:10

       penalty = 0|1|2
	  level of penalty:

	   0 = only logging
	   1 = send fake CWs
	   2 = disbable user temporary

	  default:0, penalty can be overwritten per user in oscam.user

       aclogfile = filename
	  file for anti-cascading logging, default:none

       fakedelay = milli-seconds
	  fake delay time, default:1000

       denysamples = quantity
	  How many samples should be penalized?, default:8

MONITOR
       monitor commands:

	login <user> <password> = login (for unencrypted connections only)
	exit			= exit monitor
	log <on|onwohist|off>	= enable|enable without hitory|disable
				  logging for 2 minutes
	status			= list of current processes and clients
	shutdown		= showdown OSCam
	reload			= reinit user db, clients and anti-cascading,
				  for newcamd connections: after reloading
				  the ident, please restart newcamd client
	details <PID>		= details about selected PID
	debug <level>		= set debug level (monlevel > 3 required)
				   debug level mask:
				     0 = no debugging (default)
				     2 = ATR parsing info, ECM dumps, CW dumps
				     4 = traffic from/to the reader
				     8 = traffic from/to the clients
				    16	=  traffic to the reader-device on IFD
       layer
				    32 = traffic to the reader-device  on  I/O
       layer
				    63 = debug all
	version 		= show OSCam version

WEB INTERFACE
	 template system

	  The web interface allows you to create your own template. For devel
	  oping your own template request the orignal template with  the  non-
	  linked  page	savetemplates.html.  Store  your  own  template in the
	  directory specified by httptpl.

	 SSL connection to the web interface

	  The Apache module mod_proxy can be used to proxy requests to the web
	  interface.  With  this  module  its  also  possible  to  use	a SSL
	  connection to the web interface.

	   ProxyRequests Off
	    <Proxy *>
	     Order deny,allow
	     Allow from all
	    </Proxy>
	    ProxyPass /oscam/ http://localhost:8080/
	    ProxyPassReverse /oscam/ http://localhost:8080/

	  For further information please read the Apache documentation.

	 known issues

	  Login is not possible by now with  the  Safari  browser  because  of
	  incorrect  stale flag handling. Increasing the AUTHNONCEVALIDSECS in
	  oscam-http.h would be a workaround, but also a small security  risk.

EXAMPLES
	[global]
	logfile      = /var/log/oscam/oscam.log
	usrfile      = /var/log/oscam/oscamuser.log
	pidfile      = /var/run/oscam.pid

	waitforcards = 1

	[monitor]
	port	     = 988
	monlevel     = 1
	nocrypt      = 127.0.0.1

	[newcamd]
	key	     = 0102030405060708091011121314
	port	     = 10000@0100:100000;20000@0200:200000,300000,400000

	[radegast]
	port	     = 30000
	user	     = radegastuser
	allowed      = 127.0.0.1,192.168.0.0-192.168.255.255

	[camd33]
	port	     = 40000
	serverip     = 192.168.0.1
	key	     = 01020304050607080910111213141516

	[cs378x]
	port	     = 50000@0300:600000

SEE ALSO
       list_smargo(1),	    oscam(1),	   oscam.user(5),     oscam.server(5),
       oscam.srvid(5),	 oscam.guess(5),   oscam.cert(5),   oscam.services(5),
       oscam.ird(5), oscam.ac(5)



								 oscam.conf(5)
