oscam.conf(5) oscam.conf(5) NAME oscam.conf - main configuration file for OSCam SYNOPSIS The main configuration file for OSCam contains global parameters such as debugging, log‐ ging, monitor, protocols and anti-cascading. sections in oscam.conf are nonrecurring. The [global] section is required. All other sections are optional. DESCRIPTIONS The [global] section serverip = IP address bind service to specified IP address, default:all cachedelay = milli-seconds value to delay cached requests, default:0 logfile = filename|/dev/null|/dev/tty|syslog logging target, default: /var/log/oscam.log disablelog = 0|1 1 = disable log file, default:0 disableuserfile = 0|1 1 = avoid logging although logfile is set, default:0 pidfile = filename PID file, default:no PID file usrfile = filename log file for user logging, default:none log file format: date time CWs per second username IP address of client TCP/IP port CWs found CWs from cache CWs not found CWs ignored CWs timed out CWs tunneled login time in unix/POSIX format logout time in unix/POSIX format protocol cwlogdir = path directory for CW logging, default:none clienttimeout = seconds value for client process to wait for key, default:5 fallbacktimeout = milli-seconds time falling back to fallback reader, default:2 clientmaxidle = seconds value for client process being idle before disconnect, default:120 bindwait = seconds value to wait for bind request to complete, default:120 netprio = priority network priority, default:system given resolvedelay = seconds delay for DNS resolving, default:30 clientdyndns = 0|1 1 = enable DNS resolving of clients, if you have already defined a hostname for your clients the parameter must be 1, otherwise no authentication will be possible for this clients, default:0 sleep = minutes time waiting for inactive users, default:none, can be overwritten per user in oscam.user unlockparental = 0|1 1 = unlock parental mode option to disable Seca pin code request for adult movie, default:0 nice = -20..+20 system priority, default:99 serialreadertimeout = milli-seconds timeout for serial reader, default:1500 maxlogsize = kbytes max log file size, default:10 waitforcards = 0|1 1 = wait for local SCs on startup before opening network ports, default:1 preferlocalcards = 0|1 1 = try decoding on local cards first, default:0 readerrestartseconds = seconds seconds beetween restarts, 0 = disable reader restart, default:5 saveinithistory = 0|1 1 = save SC init history to /tmp/.oscam/reader, default:0 readerautoloadbalance = 0|1 loadbalance level: 0 = loadbalance disabled, ECMs go to all readers (default) 1 = fastest reader first, after 5 ECMs the reader with the fastest response time will be selected 2 = oldest reader first, reader with the longest no answer 3 = lowest usage level, the usage level will be calculated by the sum of 5 ECMS response times, the higher a reader is busy, the higher is usage level readerautoloadbalance_save = 0|counts save autoloadbalance statistics: 0 = saving of autoloadbalance statistics disabled (default) counts = save autoloadbalance statistics every counts ECMs To save CPU power a minimum counts of 100 is recommended. The [monitor] section port = 0|port UDP port for monitor, port=0 monitor disabled, default:0 serverip = IP address bind service to specified IP address, default:all nocrypt = IP address|IP address range[,IP address|IP address range]... unsecured monitor connection, default:none example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255 aulow = minutes time no EMM occurs so that client is set to low, default:30 monlevel = 0|1|2|3|4 monitor level: 0 = no access to monitor 1 = only server and own procs 2 = all procs, but viewing only, default 3 = all procs, reload of oscam.user possible 4 = complete access monlevel can be overwritten per user in oscam.user hideclient_to = seconds time to hide clients in the monitor if not sending requests, 0 = disabled, default:0 appendchaninfo = 0|1 1 = append channel name on log messages, default:0 The [webif] section (only if web interface module enabled) httpport = port port for web interface, 0 = disabled, default:none, required httpuser = username username for password protection, default:none httppwd = password password for password protection, default:none httpcss = path path for external CSS file, default:none httptpl = path path for external templates, default:none httprefresh = seconds status refresh in seconds, default:none httptpl = path path for external templates, default:none httphideidleclients = 0|1 1 = enables hiding clients after idle time set in parameter hideclient_to, default:0 httpscript = path path to an executable script which you wish to start from web interface, default:none httpallowed = IP address|IP address range[,IP address|IP address range]... http web interface connections allowed, default:none example: httpallowed = 127.0.0.1,192.168.0.0-192.168.255.255 httpdyndns = hostname http web interface connections allowed, default:none example: httpdyndns = my.dynexample.com httpreadonly = 0|1 1 = read only modus for web interface, default:0 The [camd33] section port = 0|port TCP/IP port for camd 3.3x clients, 0 = disabled, default:0 serverip = IP address bind service to specified IP address, default:all nocrypt = IP address|IP address range[,IP address|IP address range]... unsecured camd 3.3x client connection, default:none example: nocrypt = 127.0.0.1,192.168.0.0-192.168.255.255 passive = 0|1 1=force passive camd 3.3x client, default:0 key = 128 bit key key for camd 3.3x client encryption, default:none example: key = 01020304050607080910111213141516 The [camd35] section port = 0|port UDP port for camd 3.5x clients, 0 = disabled, default:0 serverip = IP address bind service to specified IP address, default:all The [newcamd] section mgclient = 0|1 (for beta testing only) 1 = enable mgcamd extended newcamd protocol, allowing for a single connection to work with mutliple providers, default:0 key = DES key default key for newcamd client encryption, default:none example key = 0102030405060708091011121314 port = port[{DES key}]@CAID[:ident][,ident]...[;port[{DES key}]@CAID[:ident][,ident]...]... TCP port/DES key/CAID/ident definitions, default:none example: port = 10000@0100:100000;20000{0102030405060708091011121314}@0200:200000,300000,400000 Each CAID requires a separate port. If you don't specify a DES key for a port, the default DES Key will be used. serverip = IP address bind service to specified IP address, default:all allowed = IP address|IP address range[,IP address|IP address range]... client connections allowed from, default:none example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255 keepalive = 0|1 0 = disable keepalive, default:1 The [radegast] section port = 0|port TCP/IP port for radegast clients, 0=disabled, default:0 serverip = IP address bind service to specified IP address, default:all allowed = IP address|IP address range[,IP address|IP address range]... client connections allowed from, default:none example: allowed = 127.0.0.1,192.168.0.0-192.168.255.255 user = username user name for radegast client The [serial] section device = @[:baud][?option1=value1[&option2=value2]] parameters: user = account device = serial device name option = timeout = milli-seconds, timeout for connection, default:50 delay = milli-seconds, additional delay between two characters, default:0 supported serial devices: HSIC (humax sharing interface client) SSSP (simple serial sharing protocol) bomba (BOMBA firmware) dsr9500 (DSR 9500) The [cs357x] section port = 0|port UDP port for camd 3.57x clients, 0 = disabled, default:0 serverip = IP address bind service to specified IP address, default:all suppresscmd08 = 0|1 0 = CMD08 enabled, 1 = CMD08 disabled, default:0 The [cs378x] section port = 0|port@CAID[:ident][,ident]...[;port@CAID[:ident][,ident]...]... TCP port/CAID/ident definitions for camd 3.78x clients,0 = disabled, default:0 example: port = 10000@0100:100000;20000@0200:200000,300000,400000 Each CAID requires a separate port. serverip = IP address bind service to specified IP address, default:all suppresscmd08 = 0|1 0 = CMD08 enabled, 1 = CMD08 disabled, default:0 The [cccam] section port = 0|port TCP/IP port for CCcam clients, 0 = disabled, default:0 version =
.. define CCcam version, default:none example: version = 1.2.34 build = <4-digit number> define CCcam build, default:none example: build = 5678 reshare = level reshare level for CCcam clients, default:none 0 = no resharing 1 = resharing for direct peer only 2 = resharing for direct peer and next level x = resharing for direct peer and next x level The [gbox] section password = password password for gbox server maxdist = distance maximum distance to gbox servers, default:5 ignorelist = filename listing of providers to be ignored, format: G:{}, default:none example: G:{01001234} onlineinfos = filename file to store online information, default:none cardinfos = filename file to store card information, default:none locals = [,]... backwards sharing of local cards,default:none example: locals = 01001234,02005678 The [dvbapi] section (only if DVB API module enabled) enabled = 0|1 1 = DVB API enabled, default:0 Create file /tmp/.pauseoscam to pause DVB API, e.g. if STB goes into standby and OSCam remains as SC server only. user = username user name for DVB API client, default:anonymous ignore = [,]... CAIDs to be ignored, default:none priority = :[,CAID:]... CAIDs and provider IDs to be prioritized, default:CAIDs and provider IDs of local SCs will be prioritized au = 0|1 1 = enable AU, default:0 pmt_mode = 0|1|2|3 PMT mode: 0 = use camd.socket and PMT file, default 1 = disable reading PMT file 2 = disable camd.socket 3 = read PMT file on startup only boxtype = dbox2|dreambox|duckbox|ufs910|ipbox|ipbox-pmt|fortis set boxtype, auto detection of DVB API will be aspired, default:dreambox ipbox with camd.socket support, currently only with PGI image version 0.6 or above, verified on HD models only ipbox-pmt can be used on any DGS based images (with or without camd.socket support), verified on HD models only The [anticasc] section (only if anti-cascading enabled) enabled = 0|1 1 = enabled anti-cascading, default:0 numusers = quantity anti-cascading: user per account, 0 = anti-cascading disabled, default:0 sampletime = minutes duration of sample, default:2 samples = quantity quantity of samples over limit, default:10 penalty = 0|1|2 level of penalty: 0 = only logging 1 = send fake CWs 2 = disbable user temporary default:0, penalty can be overwritten per user in oscam.user aclogfile = filename file for anti-cascading logging, default:none fakedelay = milli-seconds fake delay time, default:1000 denysamples = quantity How many samples should be penalized?, default:8 MONITOR monitor commands: · login login (for unencrypted connections only) · setuser = set parameter for user · exit exit monitor · log enable|enable without hitory|disable logging for 2 minutes · status list of current processes and clients · shutdown shutdown OSCam · reload reinit user db, clients and anti-cascading, for newcamd connections: after reloading the ident, please restart newcamd client · details details about selected PID · debug set debug level (monlevel > 3 required) debug level mask: 0 = no debugging (default) 2 = ATR parsing info, ECM dumps, CW dumps 4 = traffic from/to the reader 8 = traffic from/to the clients 16 = traffic to the reader-device on IFD layer 32 = traffic to the reader-device on I/O layer 64 = EMM logging 255 = debug all · version show OSCam version · commands show all valid monitor commands WEB INTERFACE · template system The web interface allows you to create your own template. For developing your own tem‐ plate request the orignal template with the non-linked page savetemplates.html. Store your own template in the directory specified by httptpl. · SSL connection to the web interface The Apache module mod_proxy can be used to proxy requests to the web interface. With this module it's also possible to use a SSL connection to the web interface. ProxyRequests Off Order deny,allow Allow from all ProxyPass /oscam/ http://localhost:8080/ ProxyPassReverse /oscam/ http://localhost:8080/ For further information please read the Apache documentation. · known issues Login is not possible by now with the Safari browser because of incorrect stale flag handling. Increasing the AUTHNONCEVALIDSECS in oscam-http.h would be a workaround, but also a small security risk. EXAMPLES [global] logfile = /var/log/oscam/oscam.log usrfile = /var/log/oscam/oscamuser.log pidfile = /var/run/oscam.pid waitforcards = 1 [monitor] port = 988 monlevel = 1 nocrypt = 127.0.0.1 [webif] httpport = 8888 httpuser = myusername httppwd = mypassword [newcamd] key = 0102030405060708091011121314 port = 10000@0100:100000;20000{0102030405060708091011121314}@0200:200000,300000,400000 [radegast] port = 30000 user = radegastuser allowed = 127.0.0.1,192.168.0.0-192.168.255.255 [camd33] port = 40000 serverip = 192.168.0.1 key = 01020304050607080910111213141516 [cs378x] port = 50000@0300:600000 SEE ALSO list_smargo(1), oscam(1), oscam.ac(5), oscam.cert(5), oscam.guess(5), oscam.ird(5), oscam.provid(5), oscam.server(5), oscam.services(5), oscam.srvid(5), oscam.user(5) oscam.conf(5)