oscam.conf(5)																				    oscam.conf(5)



NAME
       oscam.conf - main configuration file for OSCam

SYNOPSIS
       The  main configuration file for OSCam contains global parameters such as debugging, logging, monitor, protocols and anti-cascading.  sections in oscam.conf are nonrecurring. The
       [global] section is required. All other sections are optional.

DESCRIPTIONS
   The [global] section
       serverip = IP address
	  bind service to specified IP address, default:all

       logfile = filename|/dev/null|/dev/tty|syslog
	  logging target, default: /var/log/oscam.log

       disablelog = 0|1
	  1 = disable log file, default:0

       disableuserfile = 0|1
	  1 = avoid logging although logfile is set, default:0

       pidfile = filename
	  PID file, default:no PID file

       usrfile = filename
	  log file for user logging, default:none

	  log file format:

	   date
	   time
	   CWs per second
	   username
	   IP address of client
	   TCP/IP port
	   CWs found
	   CWs from cache
	   CWs not found
	   CWs ignored
	   CWs timed out
	   CWs tunneled
	   login time in unix/POSIX format
	   logout time in unix/POSIX format
	   protocol

       cwlogdir = path
	  directory for CW logging, default:none

       clienttimeout = seconds
	  value for client process to wait for key, default:5

       fallbacktimeout = milli-seconds
	  time falling back to fallback reader, default:2

       clientmaxidle = seconds
	  value for client process being idle before disconnect, default:120

       bindwait = seconds
	  value to wait for bind request to complete, default:120

       netprio = priority
	  network priority, default:system given

       resolvedelay = seconds
	  delay for DNS resolving, default:30

       clientdyndns = 0|1
	  1 = enable DNS resolving of clients, if you have already defined a hostname for your clients the parameter must be 1, otherwise no authentication will  be  possible	for  this
	  clients, default:0

       sleep = minutes
	  time waiting for inactive users, default:none, can be overwritten per user in oscam.user

       unlockparental = 0|1
	  1 = unlock parental mode option to disable Seca pin code request for adult movie, default:0

       nice = -20..+20
	  system priority, default:99

       serialreadertimeout = milli-seconds
	  timeout for serial reader, default:1500

       maxlogsize = kbytes
	  max log file size, default:10

       waitforcards = 0|1
	  1 = wait for local SCs on startup before opening network ports, default:0

       preferlocalcards = 0|1
	  1 = try decoding on local cards first, default:0

       restartreaderseconds = seconds
	  seconds beetween restarts, 0 = disable reader restart, default:5

       saveinithistory = 0|1
	  1 = save SC init history to /tmp/.oscam/reader<number>, default:0

       readerautoloadbalance = 0|1
	  1 = enable ECM dynamic loadbalance, fallback reader will be disabled, default:0

   The [monitor] section
       port = 0|port
	  UDP port for monitor, port=0 monitor disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       nocrypt = IP address|IP address range[,IP address|IP address range]...
	  unsecured monitor connection, default:none

	   example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255

       aulow = minutes
	  time no EMM occurs so that client is set to low, default:30

       monlevel = 0|1|2|3|4
	  monitor level:

	   0 = no access to monitor
	   1 = only server and own procs
	   2 = all procs, but viewing only, default
	   3 = all procs, reload of oscam.user possible
	   4 = complete access

	  monlevel can be overwritten per user in oscam.user

       hideclient_to = seconds
	  time to hide clients in the monitor if not sending requests, 0 = disabled, default:0

       appendchaninfo = 0|1
	  1 = append channel name on log messages, default:0

   The [webif] section (only if web interface module enabled)
       httpport = port
	  port for web interface, 0 = disabled, default:none, required

       httpuser = username
	  username for password protection, default:none

       httppwd = password
	  password for password protection, default:none

       httpcss = path
	  path for external CSS file, default:none

       httptpl = path
	  path for external templates, default:none

       httprefresh = seconds
	  status refresh in seconds, default:none

       httptpl = path
	  path for external templates, default:none

       httphideidleclients = 0|1
	  1 = enables hiding clients after idle time set in parameter hideclient_to, default:0

       httpscript = path
	  path to an executable script which you wish to start from web interface, default:none

       httpallowed = IP address|IP address range[,IP address|IP address range]...
	  http web interface connections allowed, default:none
	   example: httpallowed = 127.0.0.1,192.168.0.0-192.168.255.255

       httpdyndns = hostname
	  http web interface connections allowed, default:none
	   example: httpdyndns = my.dynexample.com

       httpreadonly = 0|1
	  1 = read only modus for web interface, default:0

   The [camd33] section
       port = 0|port
	  TCP/IP port for camd 3.3x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       nocrypt = IP address|IP address range[,IP address|IP address range]...
	  unsecured camd 3.3x client connection, default:none

	   example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255

       passive = 0|1
	  1=force passive camd 3.3x client, default:0

       key = 128 bit key
	  key for camd 3.3x client encryption, default:none

	   example: key = 01020304050607080910111213141516

   The [camd35] section
       port = 0|port
	  UDP port for camd 3.5x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

   The [newcamd] section
       mgclient = 0|1 (for beta testing only)
	  1 = enable mgcamd extended newcamd protocol,	allowing for a single connection to work with mutliple providers, default:0

       port = port@CAID[:ident][,ident]...[;port@CAID[:ident][,ident]...]...
	  TCP port/CAID/ident definitions, default:none

	   example: port = 10000@0100:100000;20000@0200:200000,300000,400000

	  Each CAID requires a separate port.

       serverip = IP address
	  bind service to specified IP address, default:all

       allowed = IP address|IP address range[,IP address|IP address range]...
	  client connections allowed from, default:none

	   example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255

       keepalive = 0|1
	  0 = disable keepalive, default:1

       key = DES key
	  key for newcamd client encryption, default:none

	   example key = 0102030405060708091011121314

   The [radegast] section
       port = 0|port
	  TCP/IP port for radegast clients, 0=disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       allowed = IP address|IP address range[,IP address|IP address range]...
	  client connections allowed from, default:none

	   example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255

       user = username
	  user name for radegast client

   The [serial] section
       device = <user>@<device>[:baud][?option1=value1[&option2=value2]]
	  parameters:
	   user   = account
	   device = serial device name
	   option = timeout = milli-seconds, timeout for connection,
			      default:50
		    delay   = milli-seconds, additional delay between two
			      characters, default:0

	  supported serial devices:
	   HSIC    (humax sharing interface client)
	   SSSP    (simple serial sharing protocol)
	   bomba   (BOMBA firmware)
	   dsr9500 (DSR 9500)

   The [cs357x] section
       port = 0|port
	  UDP port for camd 3.57x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       suppresscmd08 = 0|1
	  0 = CMD08 enabled, 1 = CMD08 disabled, default:0

   The [cs378x] section
       port = 0|port@CAID[:ident][,ident]...[;port@CAID[:ident][,ident]...]...
	  TCP port/CAID/ident definitions for camd 3.78x clients,0 = disabled, default:0

	   example: port = 10000@0100:100000;20000@0200:200000,300000,400000

	   Each CAID requires a separate port.

       serverip = IP address
	  bind service to specified IP address, default:all

       suppresscmd08 = 0|1
	  0 = CMD08 enabled, 1 = CMD08 disabled, default:0

   The [cccam] section
       port = 0|port
	  TCP/IP port for CCcam clients, 0 = disabled, default:0

       version = <main version>.<version>.<sub version>
	  define CCcam version, default:none

	   example: version = 1.2.34

       build = <4-digit number>
	  define CCcam build, default:none

	   example: build = 5678

       reshare = level
	  reshare level for CCcam clients, default:none

	   0 = no resharing
	   1 = resharing for direct peer only
	   2 = resharing for direct peer and next level
	   x = resharing for direct peer and next x level

   The [gbox] section
       password = password
	  password for gbox server

       maxdist = distance
	  maximum distance to gbox servers, default:5

       ignorelist = filename
	  listing of providers to be ignored, format: G:{<CAID><provider ID>}, default:none

	   example: G:{01001234}

       onlineinfos = filename
	  file to store online information, default:none

       cardinfos = filename
	  file to store card information, default:none

       locals = <CAID><provider ID>[,<CAID><provider ID>]...
	  backwards sharing of local cards,default:none

	   example: locals = 01001234,02005678

   The [dvbapi] section (only if DVB API module enabled)
       enabled = 0|1
	  1 = DVB API enabled, default:0

       user = username
	  user name for DVB API client, default:anonymous

       ignore = <CAID>[,<CAID>]...
	  CAIDs to be ignored, default:none

       priority = <CAID>:<provider ID>[,CAID:<provider ID>]...
	  CAIDs and provider IDs to be prioritized, default:CAIDs and provider IDs of local SCs will be prioritized

       au = 0|1
	  1 = enable AU, default:0

       boxtype = dbox2|dreambox|duckbox|ufs910|ipbox|ipbox-pmt|fortis
	  set boxtype, auto detection of DVB API will be aspired, default:dreambox

	  ipbox with camd.socket support, currently only with PGI image version 0.6 or above, verified on HD models only

	  ipbox-pmt can be used on any DGS based images (with or without camd.socket support), verified on HD models only

   The [anticasc] section (only if anti-cascading enabled)
       enabled = 0|1
	  1 = enabled anti-cascading, default:0

       numusers = quantity
	  anti-cascading: user per account, 0 = anti-cascading disabled, default:0

       sampletime = minutes
	  duration of sample, default:2

       samples = quantity
	  quantity of samples over limit, default:10

       penalty = 0|1|2
	  level of penalty:

	   0 = only logging
	   1 = send fake CWs
	   2 = disbable user temporary

	  default:0, penalty can be overwritten per user in oscam.user

       aclogfile = filename
	  file for anti-cascading logging, default:none

       fakedelay = milli-seconds
	  fake delay time, default:1000

       denysamples = quantity
	  How many samples should be penalized?, default:8

MONITOR
       monitor commands:

       ·  login <user> <password>

	  login (for unencrypted connections only)


       ·  setuser <user> <parameter>=<value>

	  set parameter for user


       ·  exit

	  exit monitor


       ·  log <on|onwohist|off>

	  enable|enable without hitory|disable logging for 2 minutes


       ·  status

	  list of current processes and clients


       ·  shutdown

	  shutdown OSCam


       ·  reload

	  reinit user db, clients and anti-cascading, for newcamd connections: after reloading the ident, please restart newcamd client


       ·  details <PID>

	  details about selected PID


       ·  debug <level>

	  set debug level (monlevel > 3 required)

	  debug level mask:
	     0 = no debugging (default)
	     2 = ATR parsing info, ECM dumps, CW dumps
	     4 = traffic from/to the reader
	     8 = traffic from/to the clients
	    16 = traffic to the reader-device on IFD layer
	    32 = traffic to the reader-device on I/O layer
	    64 = EMM logging
	   255 = debug all

       ·  version

	  show OSCam version


       ·  commands

	  show all valid monitor commands

WEB INTERFACE
       ·  template system

	  The web interface allows you to create your own template. For developing your own template request the orignal template with the non-linked page savetemplates.html. Store your
	  own template in the directory specified by httptpl.

       ·  SSL connection to the web interface

	  The Apache module mod_proxy can be used to proxy requests to the web interface. With this module it's also possible to use a SSL connection to the web interface.

	   ProxyRequests Off
	    <Proxy *>
	     Order deny,allow
	     Allow from all
	    </Proxy>
	    ProxyPass /oscam/ http://localhost:8080/
	    ProxyPassReverse /oscam/ http://localhost:8080/

	  For further information please read the Apache documentation.

       ·  known issues

	  Login is not possible by now with the Safari browser because of incorrect stale flag handling. Increasing the AUTHNONCEVALIDSECS in oscam-http.h would  be  a  workaround,  but
	  also a small security risk.

EXAMPLES
	[global]
	logfile      = /var/log/oscam/oscam.log
	usrfile      = /var/log/oscam/oscamuser.log
	pidfile      = /var/run/oscam.pid

	waitforcards = 1

	[monitor]
	port	     = 988
	monlevel     = 1
	nocrypt      = 127.0.0.1

	[webif]
	httpport     = 8888
	httpuser     = myusername
	httppwd      = mypassword

	[newcamd]
	key	     = 0102030405060708091011121314
	port	     = 10000@0100:100000;20000@0200:200000,300000,400000

	[radegast]
	port	     = 30000
	user	     = radegastuser
	allowed      = 127.0.0.1,192.168.0.0-192.168.255.255

	[camd33]
	port	     = 40000
	serverip     = 192.168.0.1
	key	     = 01020304050607080910111213141516

	[cs378x]
	port	     = 50000@0300:600000

SEE ALSO
       list_smargo(1), oscam(1), oscam.ac(5), oscam.cert(5), oscam.guess(5), oscam.ird(5), oscam.provid(5), oscam.server(5), oscam.services(5), oscam.srvid(5), oscam.user(5)



																					    oscam.conf(5)
