@ -20,6 +20,30 @@ _Application firewalls_ cannot prevent all malicious code from connecting to the
Sophisticated malicious code can subvert the _allowed_ connections to bypass the firewall.
Sophisticated malicious code can subvert the _allowed_ connections to bypass the firewall.
However, the firewall may alert the user of connection attempts by less sophisticated malicious code.
However, the firewall may alert the user of connection attempts by less sophisticated malicious code.
The configuration settings for Subgraph Firewall are stored in /etc/sgfw.
From /etc/sgfw/sgfw.conf:
Log level specifies the level of verbosity of logging:
LogLevel = "NOTICE"
Log redaction this tells SGFW to write destination hostnames to system logs, or not:
LogRedact = true / false
PromptExpanded controls the level of detail in the prompt:
PromptExpanded = true / false
PromptExpert enables or disables "export mode":
PromptExpert = true / false
Specifies the default rule action:
DefaultAction = "SESSION"
Read more in the [Subgraph OS Handbook](https://subgraph.com/sgos-handbook/sgos_handbook.shtml#monitoring-outgoing-connections-with-subgraph-firewall).
Read more in the [Subgraph OS Handbook](https://subgraph.com/sgos-handbook/sgos_handbook.shtml#monitoring-outgoing-connections-with-subgraph-firewall).
David Mirza Ahmad
7 years ago
committed by