Provided by:
shorewall6-lite_4.4.6-1_all 
NAME
shorewall6-lite.conf - Shorewall6 Lite global configuration file
SYNOPSIS
/etc/shorewall6-lite/shorewall6-lite.conf
DESCRIPTION
This file sets options that apply to Shorewall6 Lite as a whole.
The file consists of Shell comments (lines beginning with ´#´), blank
lines and assignment statements (variable=value). Each variable´s
setting is preceded by comments that describe the variable and it´s
effect.
Any option not specified in this file gets its value from the
shorewall6.conf file used during compilation of
/var/lib/shorewall6-lite/firewall. Those settings may be found in the
file /var/lib/shorewall6-lite/firewall.conf.
OPTIONS
The following options may be set in shorewall6.conf.
IP6TABLES=[pathname]
This parameter names the ip6tables executable to be used by
Shorewall6. If not specified or if specified as a null value, then
the ip6tables executable located using the PATH option is used.
LOGFILE=[pathname]
This parameter tells the /sbin/shorewall6 program where to look for
Shorewall6 messages when processing the dump, logwatch, show log,
and hits commands. If not assigned or if assigned an empty value,
/var/log/messages is assumed.
LOGFORMAT=["formattemplate"]
The value of this variable generate the --log-prefix setting for
Shorewall6 logging rules. It contains a “printf” formatting
template which accepts three arguments (the chain name, logging
rule number (optional) and the disposition). To use LOGFORMAT with
fireparse, set it as:
LOGFORMAT="fp=%s:%d a=%s "
If the LOGFORMAT value contains the substring “%d” then the logging
rule number is calculated and formatted in that position; if that
substring is not included then the rule number is not included. If
not supplied or supplied as empty (LOGFORMAT="") then
“Shorewall6:%s:%s:” is assumed.
PATH=pathname[:pathname]...
Determines the order in which Shorewall6 searches directories for
executable files.
RESTOREFILE=[filename]
Specifies the simple name of a file in /var/lib/shorewall6 to be
used as the default restore script in the shorewall6 save,
shorewall6 restore, shorewall6 forget and shorewall6 -f start
commands.
SHOREWALL_SHELL=[pathname]
This option is used to specify the shell program to be used to
interpret the compiled script. If not specified or specified as a
null value, /bin/sh is assumed. Using a light-weight shell such as
ash or dash can significantly improve performance.
SUBSYSLOCK=[pathname]
This parameter should be set to the name of a file that the
firewall should create if it starts successfully and remove when it
stops. Creating and removing this file allows Shorewall6 to work
with your distribution´s initscripts. For RedHat, this should be
set to /var/lock/subsys/shorewall6. For Debian, the value is
/var/state/shorewall6 and in LEAF it is /var/run/shorwall.
VERBOSITY=[number]
Shorewall6 has traditionally been very noisy (produced lots of
output). You may set the default level of verbosity using the
VERBOSITY OPTION.
Values are:
0 - Silent. You may make it more verbose using the -v
option
1 - Major progress messages displayed
2 - All progress messages displayed (old default
behavior) If not specified, then 2 is assumed.
FILES
/etc/shorewall6-lite/shorewall6.conf
SEE ALSO
http://www.shorewall.net/Documentation_Index.html
shorewall6-lite(8), shorewall6-accounting(5), shorewall6-actions(5),
shorewall6-blacklist(5), shorewall6-hosts(5), shorewall6-interfaces(5),
shorewall6-ipsec(5), shorewall6-maclist(5), shorewall6-masq(5),
shorewall6-nat(5), shorewall6-netmap(5), shorewall6-params(5),
shorewall6-policy(5), shorewall6-providers(5), shorewall6-proxyarp(5),
shorewall6-route_rules(5), shorewall6-routestopped(5),
shorewall6-rules(5), shorewall6-tcclasses(5), shorewall6-tcdevices(5),
shorewall6-tcrules(5), shorewall6-tos(5), shorewall6-tunnels(5),
shorewall6-zones(5)
01/14/2010 SHOREWALL6-LITE.C(5)