1SHOREWALL6-LITE.C(5) Configuration Files SHOREWALL6-LITE.C(5)
2
3
4
6 shorewall6-lite.conf - Shorewall6 Lite global configuration file
7
9 /etc/shorewall6-lite/shorewall6-lite.conf
10
12 This file sets options that apply to Shorewall6 Lite as a whole.
13
14 The file consists of Shell comments (lines beginning with '#'), blank
15 lines and assignment statements (variable=value). Each variable's
16 setting is preceded by comments that describe the variable and it's
17 effect.
18
19 Any option not specified in this file gets its value from the
20 shorewall6.conf file used during compilation of
21 /var/lib/shorewall6-lite/firewall. Those settings may be found in the
22 file /var/lib/shorewall6-lite/firewall.conf.
23
25 The following options may be set in shorewall6.conf.
26
27 IP6TABLES=[pathname]
28 This parameter names the ip6tables executable to be used by
29 Shorewall6. If not specified or if specified as a null value, then
30 the ip6tables executable located using the PATH option is used.
31
32 LOGFILE=[pathname]
33 This parameter tells the /sbin/shorewall6 program where to look for
34 Shorewall6 messages when processing the dump, logwatch, show log,
35 and hits commands. If not assigned or if assigned an empty value,
36 /var/log/messages is assumed.
37
38 LOGFORMAT=["formattemplate"]
39 The value of this variable generate the --log-prefix setting for
40 Shorewall6 logging rules. It contains a “printf” formatting
41 template which accepts three arguments (the chain name, logging
42 rule number (optional) and the disposition). To use LOGFORMAT with
43 fireparse, set it as:
44
45 LOGFORMAT="fp=%s:%d a=%s "
46
47 If the LOGFORMAT value contains the substring “%d” then the logging
48 rule number is calculated and formatted in that position; if that
49 substring is not included then the rule number is not included. If
50 not supplied or supplied as empty (LOGFORMAT="") then
51 “Shorewall6:%s:%s:” is assumed.
52
53 PATH=pathname[:pathname]...
54 Determines the order in which Shorewall6 searches directories for
55 executable files.
56
57 RESTOREFILE=[filename]
58 Specifies the simple name of a file in /var/lib/shorewall6 to be
59 used as the default restore script in the shorewall6 save,
60 shorewall6 restore, shorewall6 forget and shorewall6 -f start
61 commands.
62
63 SHOREWALL_SHELL=[pathname]
64 This option is used to specify the shell program to be used to
65 interpret the compiled script. If not specified or specified as a
66 null value, /bin/sh is assumed. Using a light-weight shell such as
67 ash or dash can significantly improve performance.
68
69 SUBSYSLOCK=[pathname]
70 This parameter should be set to the name of a file that the
71 firewall should create if it starts successfully and remove when it
72 stops. Creating and removing this file allows Shorewall6 to work
73 with your distribution's initscripts. For RedHat, this should be
74 set to /var/lock/subsys/shorewall6. For Debian, the value is
75 /var/state/shorewall6 and in LEAF it is /var/run/shorewall.
76
77 VERBOSITY=[number]
78 Shorewall6 has traditionally been very noisy (produced lots of
79 output). You may set the default level of verbosity using the
80 VERBOSITY OPTION.
81
82 Values are:
83 0 - Silent. You may make it more verbose using the -v
84 option
85 1 - Major progress messages displayed
86 2 - All progress messages displayed (old default
87 behavior)
88 If not specified, then 2 is assumed.
89
91 /etc/shorewall6-lite/shorewall6.conf
92
94 https://shorewall.org/Documentation_Index.html
95
96 shorewall6-lite(8), shorewall6-accounting(5), shorewall6-actions(5),
97 shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),
98 shorewall6-ipsec(5), shorewall6-maclist(5), shorewall6-masq(5),
99 shorewall6-nat(5), shorewall6-netmap(5), shorewall6-params(5),
100 shorewall6-policy(5), shorewall6-providers(5), shorewall6-proxyarp(5),
101 shorewall6-route_rules(5), shorewall6-routestopped(5),
102 shorewall6-rules(5), shorewall6-tcclasses(5), shorewall6-tcdevices(5),
103 shorewall6-tcrules(5), shorewall6-tos(5), shorewall6-tunnels(5),
104 shorewall6-zones(5)
105
106
107
108Configuration Files 09/24/2020 SHOREWALL6-LITE.C(5)