Scroll to navigation

ZORP(8) [FIXME: manual] ZORP(8)

NAME

zorp_ - Zorp Firewall Suite

SYNOPSIS

zorp [options]

DESCRIPTION

The zorp command is the main entry point for a Zorp instance, and as such it is generally called by zorpctl(8) with command line parameters specified in instances.conf(5).

OPTIONS

--version or -V
Display version number and compilation information.
--as <name> or -a <name>
Set instance name to <name>. Instance names may consist of the characters [a-zA-Z0-9_] and must begin with a letter. Log messages of this instance are prefixed with this name.
--also-as <name> or -A <name>
Add a secondary instance named <name>. Secondary instances share the same Zorp process but they have a separate section in the configuration file.
--policy <name> or -p <name>
Use the file called <name> as policy. This file must be a valid policy file.
--verbose <verbosity> or -v <verbosity>
Set verbosity level to <verbosity>, or if <verbosity> is omitted increment it by one. Default the verbosity level is 3; possible values are 0-10.
--pidfile <pidfile> or -P <pidfile>
Set path to the PID file where the pid of the main process is stored.
--foreground or -F
Do not daemonize, run in the foreground.
--process-mode <mode>
Set processing mode to one of background, safe-background or foreground.
--no-syslog or -l
Send log messages to the standard output instead of syslog.
--log-tags or -T
Prepend log category and log level to each message.
--log-escape
Escape non-printable characters to avoid binary log files. Each character less than 0x20 and greater than 0x7F are escaped in the form <XX>.
--log-spec <spec> or -s <spec>
Set verbosity mask on a per category basis. Each log message has an assigned multi-level category, where levels are separated by a dot. For example, HTTP requests are logged under http.request. <spec> is a comma separated list of log specifications. A single log specification consists of a wildcard matching log category, a colon, and a number specifying the verbosity level of that given category. Categories match from left to right. E.g.: --logspec 'http.*:5,core:3'. The last matching entry will be used as the verbosity of the given category. If no match is found the default verbosity specified with --verbose is used.
--threads <num> or -t <num>
Set the maximum number of threads that can be used in parallel by this Zorp instance.
--idle-threads <num> or -I
Set the maximum number of idle threads; this option has effect only if threadpools are enabled (see the option --threadpools).
--threadpools or -O
Enable the use of threadpools, which means that threads associated with sessions are not automatically freed, only if the maximum number of idle threads is exceeded.
--user <user> or -u <user>
Switch to the supplied user after starting up.
--group <group> or -g <group>
Switch to the supplied group after starting up.
--chroot <dir> or -R <dir>
Change root to the specified directory before reading the configuration file. The directory must be set up accordingly.
--caps <caps> or -C <caps>
Switch to the supplied set of capabilities after starting up. This should contain the required capabilities in the permitted set. For the syntax of capability description see the man page cap_from_text(3).
--no-caps or -N
Do not change capabilities at all.
--crypto-engine <engine> or -E <engine>
Set the OpenSSL crypto engine to be used for hardware accelerated crypto support.
--stack-size <size> or -S <size>
Set the maximum stack size used by threads. Note that the maximum number of parallel threads is influenced by the size specified here. The default stack size is 512 KB, the maximum you can set is 8192 KB.

FILES

 
/etc/zorp/
 
/etc/zorp/policy.py
 
/etc/zorp/instances.conf

AUTHOR

This manual page was written by the BalaBit Documentation Team <documentation@balabit.com>.

COPYRIGHT

Copyright © 2006 BalaBit IT Security Ltd. All rights reserved. For more information about the legal status of this document please read: http://www.balabit.com/products/zorp/docs/legal_notice.bbq
03/06/2012 [FIXME: source]