1SHOREWALL-LITE.CO(5)          Configuration Files         SHOREWALL-LITE.CO(5)
2
3
4

NAME

6       shorewall-lite.conf - Shorewall Lite global configuration file
7

SYNOPSIS

9       /etc/shorewall-lite/shorewall-lite.conf
10

DESCRIPTION

12       This file sets options that apply to Shorewall Lite as a whole.
13
14       The file consists of Shell comments (lines beginning with '#'), blank
15       lines and assignment statements (variable=value). Each variable's
16       setting is preceded by comments that describe the variable and it's
17       effect.
18
19       Any option not specified in this file gets its value from the
20       shorewall.conf file used during compilation of
21       /var/lib/shorewall-lite/firewall. Those settings may be found in the
22       file /var/lib/shorewall-lite/firewall.conf.
23

OPTIONS

25       The following options may be set in shorewall.conf.
26
27       IPTABLES=[pathname]
28           This parameter names the iptables executable to be used by
29           Shorewall. If not specified or if specified as a null value, then
30           the iptables executable located using the PATH option is used.
31
32       LOGFILE=[pathname]
33           This parameter tells the /sbin/shorewall program where to look for
34           Shorewall messages when processing the dump, logwatch, show log,
35           and hits commands. If not assigned or if assigned an empty value,
36           /var/log/messages is assumed.
37
38       LOGFORMAT=["formattemplate"]
39           The value of this variable generate the --log-prefix setting for
40           Shorewall logging rules. It contains a “printf” formatting template
41           which accepts three arguments (the chain name, logging rule number
42           (optional) and the disposition). To use LOGFORMAT with fireparse,
43           set it as:
44
45                   LOGFORMAT="fp=%s:%d a=%s "
46
47           If the LOGFORMAT value contains the substring “%d” then the logging
48           rule number is calculated and formatted in that position; if that
49           substring is not included then the rule number is not included. If
50           not supplied or supplied as empty (LOGFORMAT="") then
51           “Shorewall:%s:%s:” is assumed.
52
53       PATH=pathname[:pathname]...
54           Determines the order in which Shorewall searches directories for
55           executable files.
56
57       RESTOREFILE=[filename]
58           Specifies the simple name of a file in /var/lib/shorewall to be
59           used as the default restore script in the shorewall save, shorewall
60           restore, shorewall forget and shorewall -f start commands.
61
62       SHOREWALL_SHELL=[pathname]
63           This option is used to specify the shell program to be used to run
64           the Shorewall compiler and to interpret the compiled script. If not
65           specified or specified as a null value, /bin/sh is assumed. Using a
66           light-weight shell such as ash or dash can significantly improve
67           performance.
68
69       SUBSYSLOCK=[pathname]
70           This parameter should be set to the name of a file that the
71           firewall should create if it starts successfully and remove when it
72           stops. Creating and removing this file allows Shorewall to work
73           with your distribution's initscripts. For RedHat, this should be
74           set to /var/lock/subsys/shorewall. For Debian, the value is
75           /var/state/shorewall and in LEAF it is /var/run/shorewall.
76
77       VERBOSITY=[number]
78           Shorewall has traditionally been very noisy (produced lots of
79           output). You may set the default level of verbosity using the
80           VERBOSITY OPTION.
81
82           Values are:
83               0 - Silent. You may make it more verbose using the -v
84                           option
85               1 - Major progress messages displayed
86               2 - All progress messages displayed (old default
87                           behavior)
88           If not specified, then 2 is assumed.
89

FILES

91       /etc/shorewall-lite/shorewall.conf
92

SEE ALSO

94       https://shorewall.org/Documentation_Index.html
95
96       shorewall-lite(8), shorewall-accounting(5), shorewall-actions(5),
97       shorewall-blacklist(5), shorewall-hosts(5), shorewall-interfaces(5),
98       shorewall-ipsec(5), shorewall-maclist(5), shorewall-masq(5),
99       shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
100       shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5),
101       shorewall-route_rules(5), shorewall-routestopped(5),
102       shorewall-rules(5), shorewall-tcclasses(5), shorewall-tcdevices(5),
103       shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
104       shorewall-zones(5)
105
106
107
108Configuration Files               09/24/2020              SHOREWALL-LITE.CO(5)
Impressum