oscam.conf(5)															     oscam.conf(5)



NAME
       oscam.conf - main configuration file for OSCam

SYNOPSIS
       The  main  configuration file for OSCam contains global parameters such as debugging, logging, monitor, protocols and anti-cascading.  sec‐
       tions in oscam.conf are nonrecurring. The [global] section is required. All other sections are optional.

DESCRIPTIONS
   The [global] section
       serverip = IP address
	  bind service to specified IP address, default:all

       cachedelay = milli-seconds
	  value to delay cached requests, default:0

       logfile = [filename][;syslog][;stdout]
	  logging targets, default: /var/log/oscam.log. You can define a maximum of one filename and additionally to log to stdout or syslog  (you
	  can also only log to stdout or syslog and omit the filename).

       disablelog = 0|1
	  1 = disable log file, default:0

       disableuserfile = 0|1
	  1 = avoid logging although logfile is set, default:0

       usrfile = filename
	  log file for user logging, default:none

	  log file format:

	   date
	   time
	   CWs per second
	   username
	   IP address of client
	   TCP/IP port
	   CWs found
	   CWs from cache
	   CWs not found
	   CWs ignored
	   CWs timed out
	   CWs tunneled
	   login time in unix/POSIX format
	   logout time in unix/POSIX format
	   protocol

       usrfileflag = 0|1
	  usrfile logging mode:

	    0 = only client logon/logoff will be logged in usrfile (default)
	    1 = each zapping of a client will be logged in usrfile

       cwlogdir = path
	  directory for CW logging, default:none

       clienttimeout = milli-seconds|seconds
	  value (clienttimeout in seconds < 100, else milli-seconds) for client process to wait for key, default:5

       fallbacktimeout = milli-seconds
	  time falling back to fallback reader, default:2500

       clientmaxidle = seconds
	  value for client process being idle before disconnect, default:120

       bindwait = seconds
	  value to wait for bind request to complete, default:120

       netprio = priority
	  network priority, default:system given

       resolvegethostbyname = 0|1
	  set mode for DNS resolving:

	    0 = getadressinfo (default)
	    1 = gethostbyname

       clientdyndns = 0|1
	  1  =	enable	DNS  resolving	of  clients, if you have already defined a hostname for your clients the parameter must be 1, otherwise no
	  authentication will be possible for this clients, default:0

       failbantime = minutes
	  time for IP based blocking for clients with an invalid login attempt, 0 = failban is disabled, default:0

       sleep = minutes
	  time waiting for inactive users, default:none, can be overwritten per user in oscam.user

       unlockparental = 0|1
	  1 = unlock parental mode option to disable Seca pin code request for adult movie, default:0

       nice = -20..+20
	  system priority, default:99

       serialreadertimeout = milli-seconds
	  timeout for serial reader, default:1500

       maxlogsize = kbytes
	  max log file size, default:10

       waitforcards = 0|1
	  1 = wait for local SCs on startup before opening network ports, default:1

       preferlocalcards = 0|1
	  1 = try decoding on local cards first, default:0

       readerrestartseconds = seconds
	  seconds beetween restarts, 0 = disable reader restart, default:5

       saveinithistory = 0|1
	  1 = save SC init history to /tmp/.oscam/reader<number>, default:0

       double_check = 0|1
	  1 = ECM will be send to two or more readers with the same SC and the CWs will be verified against each other, lb_nbest_readers  must	be
	  set to 2 or higher, default:0

       lb_mode = mode
	  loadbalance mode:

	   0 = loadbalance disabled, ECMs go to all readers (default)
	   1 = fastest reader first, after 5 ECMs the reader with the fastest
	       response time will be selected
	   2 = oldest reader first, reader with the longest no answer
	   3 = lowest usage level, the usage level will be calculated by the
	       sum of 5 ECMS response times, the higher a reader is busy, the
	       higher is usage level

       lb_save = 0|counts
	  save autoloadbalance statistics:

		0 = saving of autoloadbalance statistics disabled (default)
	   counts = save autoloadbalance statistics every counts ECMs
		    (minimum 100)

	  To save CPU power a minimum counts of 100 is recommended.

       lb_nbest_readers = counts
	  set count of best readers for loadbalancing, default:1

       lb_nfb_readers = counts
	  set count of fallback readers for loadbalancing, default:1

       lb_min_ecmcount = counts
	  minimal ECM count to evaluate loadbalancing values, default:5

       lb_max_ecmcount = counts
	  maximum ECM count before resetting loadbalancing values, default:500

       lb_reopen_seconds = seconds
	  time between retrying failed readers/CAIDs/providers/services, default:900

       lb_retrylimit = milli seconds
	  retry next readers only if response time is higher then lb_retrylimit, default:800

       lb_savepath = filename
	  filenanme for saving loadbalancing statistics, default:/tmp/.oscam/stat

       lb_stat_cleanup = hour
	  hours after the loadbalancing statistics will be deleted, default:336

       lb_use_locking = 0|1
	  1 = disable parallel and identical ECM requests, default:0

   The [monitor] section
       port = 0|port
	  UDP port for monitor, port=0 monitor disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       nocrypt = IP address|IP address range[,IP address|IP address range]...
	  unsecured monitor connection, default:none

	   example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255

       aulow = minutes
	  time no EMM occurs so that client is set to low, default:30

       monlevel = 0|1|2|3|4
	  monitor level:

	   0 = no access to monitor
	   1 = only server and own procs
	   2 = all procs, but viewing only, default
	   3 = all procs, reload of oscam.user possible
	   4 = complete access

	  monlevel can be overwritten per user in oscam.user

       hideclient_to = seconds
	  time to hide clients in the monitor if not sending requests, 0 = disabled, default:0

       appendchaninfo = 0|1
	  1 = append channel name on log messages, default:0

   The [webif] section
       httpport = [+]port
	  port for web interface, 0 = disabled, praefix + = enable SSL, default:none, required

       httpcert = file
	  file for http SSL certificate, default:oscam.pem

       httpuser = username
	  username for password protection, default:none

       httppwd = password
	  password for password protection, default:none

       httpcss = path
	  path for external CSS file, default:none

       httptpl = path
	  path for external templates, default:none

       httprefresh = seconds
	  status refresh in seconds, default:none

       httptpl = path
	  path for external templates, default:none

       httphideidleclients = 0|1
	  1 = enables hiding clients after idle time set in parameter hideclient_to, default:0

       httpscript = path
	  path to an executable script which you wish to start from web interface, default:none

       httpallowed = IP address|IP address range[,IP address|IP address range]...
	  http web interface connections allowed, default:none
	   example: httpallowed = 127.0.0.1,192.168.0.0-192.168.255.255

       httpdyndns = hostname
	  http web interface connections allowed, default:none
	   example: httpdyndns = host.example.com

       httpsavefullcfg = 0|1
	  write config:

	   0 = all not empty parameters, all not default parameters, all
	       parameters not containing the same value as the same
	       parameter in global configuration (default)
	   1 = all parameters

       httpreadonly = 0|1
	  1 = read only modus for web interface, default:0

       httphelplang = en|de|fr|<available wiki languages>
	  set right language for wiki entry point, default:en

   The [camd33] section
       port = 0|port
	  TCP/IP port for camd 3.3x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       nocrypt = IP address|IP address range[,IP address|IP address range]...
	  unsecured camd 3.3x client connection, default:none

	   example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255

       passive = 0|1
	  1=force passive camd 3.3x client, default:0

       key = 128 bit key
	  key for camd 3.3x client encryption, default:none

	   example: key = 01020304050607080910111213141516

   The [camd35] section
       port = 0|port
	  UDP port for camd 3.5x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

   The [newcamd] section
       mgclient = 0|1
	  1 = enable mgcamd extended newcamd protocol,	allowing for a single connection to work with mutliple providers, default:0

       key = DES key
	  default key for newcamd client encryption, default:none

	   example key = 0102030405060708091011121314

       port = port[{DES key}]@CAID[:ident][,ident]...[;port[{DES key}]@CAID[:ident][,ident]...]...
	  TCP port/DES key/CAID/ident definitions, default:none

	   example: port = 10000@0100:100000;20000{0102030405060708091011121314}@0200:200000,300000,400000

	  Each CAID requires a separate port. If you don't specify a DES key for a port, the default DES Key will be used.

       serverip = IP address
	  bind service to specified IP address, default:all

       allowed = IP address|IP address range[,IP address|IP address range]...
	  client connections allowed from, default:none

	   example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255

       keepalive = 0|1
	  0 = disable keepalive, default:1

   The [radegast] section
       port = 0|port
	  TCP/IP port for radegast clients, 0=disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       allowed = IP address|IP address range[,IP address|IP address range]...
	  client connections allowed from, default:none

	   example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255

       user = username
	  user name for radegast client

   The [serial] section
       device = <user>@<device>[:baud][?option1=value1[&option2=value2]]
	  parameters:
	   user   = account
	   device = serial device name
	   option = timeout = milli-seconds, timeout for connection,
			      default:50
		    delay   = milli-seconds, additional delay between two
			      characters, default:0

	  supported serial devices:
	   HSIC    (humax sharing interface client)
	   SSSP    (simple serial sharing protocol)
	   bomba   (BOMBA firmware)
	   dsr9500 (DSR 9500)

   The [cs357x] section
       port = 0|port
	  UDP port for camd 3.57x clients, 0 = disabled, default:0

       serverip = IP address
	  bind service to specified IP address, default:all

       suppresscmd08 = 0|1
	  0 = CMD08 enabled, 1 = CMD08 disabled, default:0

   The [cs378x] section
       port = 0|port@CAID[:ident][,ident]...[;port@CAID[:ident][,ident]...]...
	  TCP port/CAID/ident definitions for camd 3.78x clients,0 = disabled, default:0

	   example: port = 10000@0100:100000;20000@0200:200000,300000,400000

	   Each CAID requires a separate port.

       serverip = IP address
	  bind service to specified IP address, default:all

       suppresscmd08 = 0|1
	  0 = CMD08 enabled, 1 = CMD08 disabled, default:0

   The [cccam] section
       port = 0|port
	  TCP/IP port for CCcam clients, 0 = disabled, default:0

       version = <main version>.<version>.<sub version>
	  define CCcam version, minimum CCcam version 2.0.11, default:none

	   example: version = 1.2.34

       build = <4-digit number>
	  define CCcam build, default:none

	   example: build = 5678

       reshare = level
	  reshare level for CCcam clients:

	   0 = no resharing (default)
	   1 = resharing for direct peer only
	   2 = resharing for direct peer and next level
	   x = resharing for direct peer and next x level

       reshare_mode = mode
	  CCcam reshare mode:

	   0 = reader reshares only received SCs for CCcam readers,
	       defined filters/CAIDs/idents on other readers (default)
	   1 = reader reshares received SCs (like=0) and defined services
	   2 = reader reshares only defined reader services as virtual SCs
	   3 = reader reshares only defined user services as virtual SCs

	  Every server is shared as hop=0 and with defined reshare values.

	  Service reshare only works if positive services defined: no service - no reshare!


       ignorereshare = 0|1
	  CCcam reshare setting:

	   0 = use reshare setting of server (default)
	   1 = use reshare setting of reader or user

       stealth = 0|1
	  1= behaviour like the original CCcam: no activate partner detection and extended OSCam-CCcam protocol, prevent other OSCam to detect the
	  server as OSCam server, default:0

       minimizecards = mode
	  mode how to provide CCcam servers to CCcam clients:

	   0 = no aggregation, remove duplicates only (default)
	   1 = based on minimum hop: two SCs with different hops are
	       summarized, new SCs get a smaller hop
	   2 = aggregation based on CAIDs: all SCs with the same CAIDs
	       will be merged, provider will be removed

       updateinterval = seconds
	  interval to provide share list update to CCcam clients, default:240:

	    0 = updates based on server updates
	   -1 = disable

       keepconnected = 0|1
	  set CCcam keepalive modus:

	    0 = disconnect client when max idle time is reached
	    1 = keep client connected (default)

   The [gbox] section
       hostname = password
	  hostname for gbox server

       port = 0|port
	  UDP port for gbox clients, 0 = disabled, default:0

       password = password
	  password for gbox server

   The [dvbapi] section
       enabled = 0|1
	  1 = DVB API enabled, default:0

	  Create file /tmp/.pauseoscam to pause DVB API, e.g. if STB goes into standby and OSCam remains as SC server only.

       user = username
	  user name for DVB API client, default:anonymous

       ignore = <CAID>[,<CAID>]...
	  CAIDs to be ignored, default:none

       priority = <CAID>:<provider ID>[,CAID:<provider ID>]...
	  CAIDs and provider IDs to be prioritized, default:CAIDs and provider IDs of local SCs will be prioritized

       au = 0|1|2
	  AU mode:
	   0 = disable AU, default
	   1 = enable AU
	   2 = enable AU, override AU settings of client, set answering reader as AU reader

       pmt_mode = 0|1|2|3|4
	  PMT mode:
	   0 = use camd.socket and PMT file, default
	   1 = disable reading PMT file
	   2 = disable camd.socket
	   3 = read PMT file on startup only
	   4 = do not use signal handler for monitoring /tmp

       request_mode = 0|1
	  CAID request mode:
	   0 = try all possible CAIDs one by one, default
	   1 = try all CAIDs simultaneously

       boxtype = dbox2|dreambox|dm7000|duckbox|ufs910|ipbox|ipbox-pmt|qboxhd|coolstream|neumo
	  set boxtype, auto detection of DVB API will be aspired, default:dreambox

	  ipbox with camd.socket support, currently only with PGI image version 0.6 or above, verified on HD models only

	  ipbox-pmt can be used on any DGS based images (with or without camd.socket support), verified on HD models only

   The [anticasc] section
       enabled = 0|1
	  1 = enabled anti-cascading, default:0

       numusers = quantity
	  anti-cascading: user per account, 0 = anti-cascading disabled, default:0

       sampletime = minutes
	  duration of sample, default:2

       samples = quantity
	  quantity of samples over limit, default:10

       penalty = 0|1|2
	  level of penalty:

	   0 = only logging
	   1 = send fake CWs
	   2 = disbable user temporary

	  default:0, penalty can be overwritten per user in oscam.user

       aclogfile = filename
	  file for anti-cascading logging, default:none

       fakedelay = milli-seconds
	  fake delay time, default:1000

       denysamples = quantity
	  How many samples should be penalized?, default:8

MONITOR
       monitor commands:

       ·  login <user> <password>

	  login (for unencrypted connections only)


       ·  getuser <user> <parameter>=<value>

	  get parameter for user


       ·  setuser <user> <parameter>=<value>

	  set parameter for user


       ·  setserver <parameter>=<value>

	  set parameter for server


       ·  exit

	  exit monitor


       ·  log <on|onwohist|off>

	  enable|enable without hitory|disable logging for 2 minutes


       ·  status

	  list of current processes and clients


       ·  shutdown

	  shutdown OSCam


       ·  restart

	  restart OSCam


       ·  keepalive

	  send keepalive


       ·  reload

	  reinit user db, clients and anti-cascading, for newcamd connections: after reloading the ident, please restart newcamd client


       ·  details <PID>

	  details about selected PID


       ·  reread

	  read again


       ·  debug <level>

	  set debug level (monlevel > 3 required)

	  debug level mask:
	     0 = no debugging (default)
	     2 = ATR parsing info, ECM dumps, CW dumps
	     4 = traffic from/to the reader
	     8 = traffic from/to the clients
	    16 = traffic to the reader-device on IFD layer
	    32 = traffic to the reader-device on I/O layer
	    64 = EMM logging
	   255 = debug all

       ·  version

	  show OSCam version


       ·  commands

	  show all valid monitor commands

WEB INTERFACE
       ·  template system

	  The web interface allows you to create your own template. For developing your own template request the orignal template  with  the  non-
	  linked page savetemplates.html. Store your own template in the directory specified by httptpl.

       ·  known issues

	  Login  is  not  possible  by	now with the Safari browser because of incorrect stale flag handling. Increasing the AUTHNONCEVALIDSECS in
	  oscam-http.h would be a workaround, but also a small security risk.

EXAMPLES
	[global]
	logfile      = /var/log/oscam/oscam.log
	usrfile      = /var/log/oscam/oscamuser.log

	waitforcards = 1

	[monitor]
	port	     = 988
	monlevel     = 1
	nocrypt      = 127.0.0.1

	[webif]
	httpport     = 8888
	httpuser     = myusername
	httppwd      = mypassword

	[newcamd]
	key	     = 0102030405060708091011121314
	port	     = 10000@0100:100000;20000{0102030405060708091011121314}@0200:200000,300000,400000

	[radegast]
	port	     = 30000
	user	     = radegastuser
	allowed      = 127.0.0.1,192.168.0.0-192.168.255.255

	[camd33]
	port	     = 40000
	serverip     = 192.168.0.1
	key	     = 01020304050607080910111213141516

	[cs378x]
	port	     = 50000@0300:600000

	[gbox]
	hostname     = host.example.com
	port	     = 60000
	password     = mypassword

SEE ALSO
       list_smargo(1), oscam(1), oscam.ac(5), oscam.cert(5),  oscam.dvbapi(5),	oscam.guess(5),  oscam.ird(5),	oscam.provid(5),  oscam.server(5),
       oscam.services(5), oscam.srvid(5), oscam.tiers(5), oscam.user(5)



																     oscam.conf(5)
