From 13d2e049c7492cfdb7f7a9c45bbf74aef5b17b06 Mon Sep 17 00:00:00 2001 From: David Mirza Ahmad Date: Sun, 1 Oct 2017 18:25:03 +0000 Subject: [PATCH] Quick documentation on config file params --- README.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/README.md b/README.md index ce62ff0..3b5c801 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,30 @@ _Application firewalls_ cannot prevent all malicious code from connecting to the Sophisticated malicious code can subvert the _allowed_ connections to bypass the firewall. However, the firewall may alert the user of connection attempts by less sophisticated malicious code. +The configuration settings for Subgraph Firewall are stored in /etc/sgfw. + +From /etc/sgfw/sgfw.conf: + +Log level specifies the level of verbosity of logging: + + LogLevel = "NOTICE" + +Log redaction this tells SGFW to write destination hostnames to system logs, or not: + + LogRedact = true / false + +PromptExpanded controls the level of detail in the prompt: + + PromptExpanded = true / false + +PromptExpert enables or disables "export mode": + + PromptExpert = true / false + +Specifies the default rule action: + + DefaultAction = "SESSION" + Read more in the [Subgraph OS Handbook](https://subgraph.com/sgos-handbook/sgos_handbook.shtml#monitoring-outgoing-connections-with-subgraph-firewall).