Whole document tree


www.fifi.org
    Documentation
        Manpages
        GNU Info
        Debian document tree
        Whole document tree
    Trigance web page
    Public services
    User info
    Mailing lists
    Secure server
    Multilingual usage
 

Copyright (C) 2000-2012
Philippe Troin
<webmaster@fifi.org>.

Validate HTML
Validate CSS

    

Whole document tree

Sentry Firewall CD HOWTO: Overview of Available Configuration Directives Next Previous Contents

5. Overview of Available Configuration Directives

5.1 Replacing rc/config files

To replace a file that is supported by the configuration scripts, you may use the following syntax: 

     filename = /location/of/filename
Where the location of the file is often '/floppy/filename'

The following rc/config files are currently supported 

rc.M
rc.netdevice
rc.inet1
rc.inet2
rc.local
rc.modules
rc.firewall
rc.firewall.nat
fstab
passwd
shadow
group
shells
profile
resolv.conf
hosts
ftpusers
hostname
newsyslog.conf
openssl.cnf
syslog.conf
syslog-ng.conf
inetd.conf
proftpd.conf
squid.conf
httpd.conf
smb.conf
snort.conf
pptpd.conf
pppoe.conf
gated.conf
zebra.conf
hosts.equiv
shosts.equiv
ssh_config
sshd_config
ssh_host_key
ssh_host_key.pub
ssh_host_dsa_key
ssh_host_dsa_key.pub
ssh_host_rsa_key
ssh_host_rsa_key.pub
ssh_known_hosts
ssh_known_hosts2

To replace files not supported by the configuration scripts, use the '|=' file copy directive discussed below.


5.2 'device' directive support

Set up an ethernet device to use during configuration. 

     device[#] = [device_name]:[driver_name]:[IP_Address]<|gateway>
     device[#] = [device_name]:[driver_name]:dhcp<|hostname>

     NOTE: 1) <hostname> and <gateway> are optional, but sometimes required.
           2) Most ethernet devices are supported.  If you find one that isn't
              and you think it should be, please let me know.
           3) "device1" to "device10" are supported.

Examples:
     device1 = eth0:tulip:192.168.1.50|192.168.1.1
     device2 = eth1:via-rhine:dhcp


5.3 'nameserver' directive

Set up a nameserver to use during configuration. 

     nameserver = <DNS_IP>


5.4 'include' directive

Retrieve and parse another 'sentry.conf' file. 

     include = </location/of/sentry.conf>

     Or, with network support -

     include = <ftp|http>://[<user>:<pass>@]<SERVER_IP></path/to/sentry.conf>


5.5 Copying files (|=)

Copy file from one location to the other. 

     Syntax: source_file |= dest_file

Example:
     Copy file /floppy/daemon.conf to /etc/daemon.conf
     /floppy/daemon.conf |= /etc/daemon.conf


5.6 Making Symlinks (=>)

Create a symlink 

     Syntax: dest_file => source_file(where the symlink points to)

Example:
     Make symlink called /etc/somefile.conf that points to /etc/otherfile.conf
     /etc/somefile.conf => /etc/otherfile.conf


5.7 'cdrom' directive

Defines which device the CDROM is. Most of the time the CDROM is detected and mounted using the /etc/rc.d/rc.cdrom script. But this makes the process less error-prone. 

     Syntax: cdrom = <DEVICE>

Example:
     cdrom = /dev/hdc


5.8 'cron' directive

Replace a user's crontab file(located in /var/spool/cron/crontabs/). 

Syntax: cron:<USERNAME> = </LOCATION/OF/CRONTAB_FILE>


5.9 hostname

Defines the hostname of the local machine. This directive can be used to either point to a file containing the hostname of the local machine, or to define the hostname itself. 

     Syntax: hostname = </path/to/file>
             or
             hostname = MYHOSTNAME


Next Previous Contents