Provided by: shorewall6-lite_4.2.10-1_all bug


       shorewall6-lite.conf - Shorewall6 Lite global configuration file




       This file sets options that apply to Shorewall6 Lite as a whole.

       The file consists of Shell comments (lines beginning with ´#´), blank
       lines and assignment statements (variable=value). Each variable´s
       setting is preceded by comments that describe the variable and it´s

       Any option not specified in this file gets its value from the
       shorewall6.conf file used during compilation of
       /var/lib/shorewall6-lite/firewall. Those settings may be found in the
       file /var/lib/shorewall6-lite/firewall.conf.


       The following options may be set in shorewall6.conf.

           This parameter names the ip6tables executable to be used by
           Shorewall6. If not specified or if specified as a null value, then
           the ip6tables executable located using the PATH option is used.

           This parameter tells the /sbin/shorewall6 program where to look for
           Shorewall6 messages when processing the dump, logwatch, show log,
           and hits commands. If not assigned or if assigned an empty value,
           /var/log/messages is assumed.

           The value of this variable generate the --log-prefix setting for
           Shorewall6 logging rules. It contains a “printf” formatting
           template which accepts three arguments (the chain name, logging
           rule number (optional) and the disposition). To use LOGFORMAT with
           fireparse, set it as:

                   LOGFORMAT="fp=%s:%d a=%s "
           If the LOGFORMAT value contains the substring “%d” then the logging
           rule number is calculated and formatted in that position; if that
           substring is not included then the rule number is not included. If
           not supplied or supplied as empty (LOGFORMAT="") then
           “Shorewall6:%s:%s:” is assumed.

           Determines the order in which Shorewall6 searches directories for
           executable files.

           Specifies the simple name of a file in /var/lib/shorewall6 to be
           used as the default restore script in the shorewall6 save,
           shorewall6 restore, shorewall6 forget and shorewall6 -f start

           This option is used to specify the shell program to be used to
           interpret the compiled script. If not specified or specified as a
           null value, /bin/sh is assumed. Using a light-weight shell such as
           ash or dash can significantly improve performance.

           This parameter should be set to the name of a file that the
           firewall should create if it starts successfully and remove when it
           stops. Creating and removing this file allows Shorewall6 to work
           with your distribution´s initscripts. For RedHat, this should be
           set to /var/lock/subsys/shorewall6. For Debian, the value is
           /var/state/shorewall6 and in LEAF it is /var/run/shorwall.

           Shorewall6 has traditionally been very noisy (produced lots of
           output). You may set the default level of verbosity using the

           Values are:

               0 - Silent. You may make it more verbose using the -v

               1 - Major progress messages displayed

               2 - All progress messages displayed (old default
                           behavior) If not specified, then 2 is assumed.




       shorewall6-lite(8), shorewall6-accounting(5), shorewall6-actions(5),
       shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),
       shorewall6-ipsec(5), shorewall6-maclist(5), shorewall6-masq(5),
       shorewall6-nat(5), shorewall6-netmap(5), shorewall6-params(5),
       shorewall6-policy(5), shorewall6-providers(5), shorewall6-proxyarp(5),
       shorewall6-route_rules(5), shorewall6-routestopped(5),
       shorewall6-rules(5), shorewall6-tcclasses(5), shorewall6-tcdevices(5),
       shorewall6-tcrules(5), shorewall6-tos(5), shorewall6-tunnels(5),

                                  06/18/2009              SHOREWALL6-LITE.C(5)