tcp_listen_port
This is a numeric value in the range 1..65535 which, if
specified, causes auditd to listen on the corresponding TCP port
for audit records from remote systems. The audit daemon may be
linked with tcp_wrappers. You may want to controll access with
an entry in the hosts.allow and deny files.
tcp_listen_queue
This is a numeric value which indicates how many pending
(requested but unaccepted) connections are allowed. The default
is 5. Setting this too small may cause connections to be
rejected if too many hosts start up at exactly the same time,
such as after a power failure.