Sophie

Sophie

distrib > Mandriva > mes5 > x86_64 > by-pkgid > 45723c51178a73df679c2a8284d8eeff > files > 149

shorewall-doc-4.0.15-0.2mdvmes5.noarch.rpm

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>shorewall-lite.conf</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.73.2" /></head><body><div class="refentry" lang="en" xml:lang="en"><a id="id257171"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>shorewall-lite.conf — Shorewall Lite global configuration file</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">/etc/shorewall-lite/shorewall-lite.conf</code> </p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id257202"></a><h2>Description</h2><p>This file sets options that apply to Shorewall Lite as a
    whole.</p><p>The file consists of Shell comments (lines beginning with '#'),
    blank lines and assignment statements
    (<span class="emphasis"><em>variable</em></span>=<span class="emphasis"><em>value</em></span>). Each
    variable's setting is preceded by comments that describe the variable and
    it's effect.</p><p>Any option not specified in this file gets its value from the
    shorewall.conf file used during compilation of
    /var/lib/shorewall-lite/firewall. Those settings may be found in the file
    /var/lib/shorewall-lite/firewall.conf.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id257228"></a><h2>OPTIONS</h2><p>The following options may be set in shorewall.conf.</p><div class="variablelist"><dl><dt><span class="term"><span class="bold"><strong>IPTABLES=</strong></span>[<span class="emphasis"><em>pathname</em></span>]</span></dt><dd><p>This parameter names the iptables executable to be used by
          Shorewall. If not specified or if specified as a null value, then
          the iptables executable located using the PATH option is
          used.</p></dd><dt><span class="term"><span class="bold"><strong>LOGFILE=</strong></span>[<span class="emphasis"><em>pathname</em></span>]</span></dt><dd><p>This parameter tells the /sbin/shorewall program where to look
          for Shorewall messages when processing the <span class="bold"><strong>dump</strong></span>, <span class="bold"><strong>logwatch</strong></span>, <span class="bold"><strong>show
          log</strong></span>, and <span class="bold"><strong>hits</strong></span> commands.
          If not assigned or if assigned an empty value, /var/log/messages is
          assumed.</p></dd><dt><span class="term"><span class="bold"><strong>LOGFORMAT=</strong></span>[<span class="bold"><strong>"</strong></span><span class="emphasis"><em>formattemplate</em></span><span class="bold"><strong>"</strong></span>]</span></dt><dd><p>The value of this variable generate the --log-prefix setting
          for Shorewall logging rules. It contains a “printf” formatting
          template which accepts three arguments (the chain name, logging rule
          number (optional) and the disposition). To use LOGFORMAT with
          fireparse, set it as:</p><pre class="programlisting">    LOGFORMAT="fp=%s:%d a=%s "</pre><p>If the LOGFORMAT value contains the substring “%d” then the
          logging rule number is calculated and formatted in that position; if
          that substring is not included then the rule number is not included.
          If not supplied or supplied as empty (LOGFORMAT="") then
          “Shorewall:%s:%s:” is assumed.</p></dd><dt><span class="term">PATH=[<span class="emphasis"><em>pathname</em></span>[<span class="bold"><strong>:</strong></span><span class="emphasis"><em>pathname</em></span>]...]</span></dt><dd><p>Determines the order in which Shorewall searches directories
          for executable files.</p></dd><dt><span class="term"><span class="bold"><strong>RESTOREFILE=</strong></span>[<span class="emphasis"><em>filename</em></span>]</span></dt><dd><p>Specifies the simple name of a file in /var/lib/shorewall to
          be used as the default restore script in the <span class="bold"><strong>shorewall save</strong></span>, <span class="bold"><strong>shorewall restore</strong></span>, <span class="bold"><strong>shorewall forget </strong></span>and <span class="bold"><strong>shorewall -f start</strong></span> commands.</p></dd><dt><span class="term"><span class="bold"><strong>SHOREWALL_SHELL=</strong></span>[<span class="emphasis"><em>pathname</em></span>]</span></dt><dd><p>This option is used to specify the shell program to be used to
          run the Shorewall compiler and to interpret the compiled script. If
          not specified or specified as a null value, /bin/sh is assumed.
          Using a light-weight shell such as ash or dash can significantly
          improve performance.</p></dd><dt><span class="term"><span class="bold"><strong>SUBSYSLOCK=</strong></span>[<span class="emphasis"><em>pathname</em></span>]</span></dt><dd><p>This parameter should be set to the name of a file that the
          firewall should create if it starts successfully and remove when it
          stops. Creating and removing this file allows Shorewall to work with
          your distribution's initscripts. For RedHat, this should be set to
          /var/lock/subsys/shorewall. For Debian, the value is
          /var/state/shorewall and in LEAF it is /var/run/shorwall.</p></dd><dt><span class="term">VERBOSITY=[<span class="bold"><strong>number</strong></span>]</span></dt><dd><p>Shorewall has traditionally been very noisy (produced lots of
          output). You may set the default level of verbosity using the
          VERBOSITY OPTION.</p><p>Values are:</p><table class="simplelist" border="0" summary="Simple list"><tr><td>0 - Silent. You may make it more verbose using the -v
            option</td></tr><tr><td>1 - Major progress messages displayed</td></tr><tr><td>2 - All progress messages displayed (old default
            behavior)</td></tr></table><p>If not specified, then 2 is assumed.</p></dd></dl></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id257509"></a><h2>FILES</h2><p>/etc/shorewall-lite/shorewall.conf</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id257519"></a><h2>See ALSO</h2><p><a class="ulink" href="http://www.shorewall.net/Documentation_Index.html" target="_self">http://www.shorewall.net/Documentation_Index.html</a></p><p>shorewall-lite(8), shorewall-accounting(5), shorewall-actions(5),
    shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
    shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
    shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
    shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
    shorewall-route_rules(5), shorewall-routestopped(5), shorewall-rules(5),
    shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5),
    shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5)</p></div></div></body></html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional