Update Configurations.md

Author: gustavo-iniguez-goya

wiki/Configurations.md

@@ -1,8 +1,8 @@
-### Daemon configuration (>= v1.6.5)
+### Daemon configuration (>= v1.7.0)
 
 The file _/etc/opensnitchd/default-config.json_ holds the daemon configuration:
 
-```
+```json
 {
   "Server": {
       "Address": "unix:///tmp/osui.sock",
@@ -24,11 +24,11 @@ The file _/etc/opensnitchd/default-config.json_ holds the daemon configuration:
         "ActionOnOverflow": "drop"
   },
   "Rules": {
-        "Path": "",
+        "Path": "/etc/opensnitchd/rules/",
         "EnableChecksums": true
   },
   "Ebpf": {
-        "ModulesPath": "/tmp/ebpf",
+        "ModulesPath": "/usr/lib/opensnitchd/ebpf/",
         "EventsWorkers": 8,
         "QueueEventsSize": 0
   },
@@ -46,30 +46,32 @@ The file _/etc/opensnitchd/default-config.json_ holds the daemon configuration:
 Option     | Value
 -----------|------
 Server.Address | Unix socket (unix:///tmp/osui.sock, the "unix:///" part is mandatory) or TCP socket (192.168.1.100:50051)
+_ |If the address is empty, it won't try to connect to the server (>= v1.7.1).
 Server.LogFile | file to write logs to (use /dev/stdout to write logs to standard output)
 Server.Authentication | https://github.com/evilsocket/opensnitch/wiki/Nodes-authentication#nodes-authentication-added-in-v161
 Server.Loggers | https://github.com/evilsocket/opensnitch/wiki/SIEM-integration
 DefaultAction [0] | allow, deny, reject (>= 1.6.6)
 _ | Warning: _reject_ option may cause in some services (dnsmasq, sshd, tinyproxy, ...) to enter in an infinite loop. Use it **at your own risk**
 ~DefaultDuration~ | ~once, always, until restart, 30s, 5m, 15m, 30m, 1h~ DEPRECATED
-InterceptUnknown [1] | true, false
+InterceptUnknown [1] | true, false (see [1] for more information).
+_ | Display popups to allow connections not associated with a process. Disabled by default.
 ProcMonitorMethod | ebpf, proc, audit
-LogLevel | 0 to 4 (debug, info, important, warning, error)
+LogLevel | -1 to 4 (trace, debug, info, important, warning, error)
 LogUTC | print the logs in UTC format (true, false)
 LogMicro | print the logs in microseconds (true, false)
-Firewall | "nftables" or "iptables"
-Stats.MaxEvents | Max events to send to the GUI every second. If you think that you're missing some connections increased this value.
+Firewall | "nftables" (default) or "iptables"
+Stats.MaxEvents | Max events to send to the GUI every second. If you think that you're missing some connections, increased this value.
 Stats.MaxStats | Max stats per item (port, host, IP, process, etc) to keep in the backlog.
-Stats.Workers | Max workers to handle the statistics
+Stats.Workers | Max workers to handle the statistics.
 Ebpf.ModulesPath (>= v1.6.5) | Alternative location of the eBPF modules (default /usr/lib/opensnitchd/ebpf)
 Ebpf.EventsWorkers (>= v1.6.5) | Number of goroutines to handle kernel events (default: 8).
-Ebpf.QueueEventsSize (>= v1.6.5) | Max number of events queued. Default 0, meaning that the events will be processed with the available goroutines. If the value is > 0 and the daemon can't handle the events fast enough, they'll be queued. Once the queue is full, it'll behave as it was of size 0.
+Ebpf.QueueEventsSize (>= v1.6.5) | Max number of events queued. Default 0, meaning that the events will be processed with the available goroutines. If the value is > 0 and the daemon can't handle the events fast enough, they'll be queued. Once the queue is full, queued elements are discarded.
 Rules.Path (>= v1.6.5) | Alternative location of to the rules.
+Rules.EnableChecksums (>= v1.7.0)| Obtain processes's checksums and allow create rules to filter by them.
 FwOptions.ConfigPath (>= v1.7.0) | Alternative path to the firewall configuration (default /etc/opensnitchd/system-fw.json)
 FwOptions.MonitorInterval (>= v1.7.0) | Interval time to check that interception rules are loaded. Default "15s", "0s" disables the monitor (value format in time.Duration: https://pkg.go.dev/time#ParseDuration)
-Rules.EnableChecksums (>= v1.7.0)| Obtain processes's checksums and allow create rules to filter by them.
 Internal.GCPercent (>= v1.7.0)| Option to configure how often the daemon frees up unused memory (https://tip.golang.org/doc/gc-guide#GOGC).
-Internal.FlushConnsOnStart | Option to kill established connections whenever the firewall is reloaded / started.
+Internal.FlushConnsOnStart | Option to kill established connections whenever the firewall is reloaded / started. Local connections are excluded.
 
 If you change the configuration or the rules under _/etc/opensnitchd/rules/_, they'll be reloaded automatically. No restart is needed.