cwcatd.cfg
Prev Kernun UTM Reference (5) Next

Name

cwcatd.cfg — format of cwcatd program configuration file

DESCRIPTION

General syntax rules of Kernun Firewall configuration files are described in configuration(7). This man page describes types, sections and items specific for the cwcatd.cfg configuration file.

Repeatable sections/items are marked by the '*' before section/item name.

TYPES

Configuration directives have attributes of several value-types. For the basic types description, see configuration(7).

Enumeration is a list of words (names) representing integer values. Some enumerations accept both names and direct integer values; in this case, enumeration description contains values for every name (in parenthesis next to name). For other enumerations, using of names is obligatory.

The following enumerations are used in cwcatd.cfg configuration directives:

lock-type (see ipc(5))

enabling (see common(5))

yes-no (see common(5))

ip-version (see common(5))

time-cond (see common(5))

zip-mode (see common(5))

dbglev (see log(5))

logfail-mode (see log(5))

source-address-mode (see source-address(5))

log-in-vain-proto (see sysctl(5))

blackhole-proto (see sysctl(5))

ITEMS AND SECTIONS

Program cwcatd recognizes following items and sections:


  clear-web-db { ... }
* resolver name { ... }
  sysctl { ... }
  use-resolver ... ;
* cwcatd name { ... }
    

Description:

clear-web-db {


  internal-servers ... ;
  db ... ;
  lock ... ;
  local-db { ... }
}

        

The clear-web-db section is derived from clear-web-db section prototype. For detail description of it, see clear-web-db(5).

resolver name {


* server ... ;
  search ... ;
  preference ... ;
  edns ... ;
  conf-timeout ... ;
  initial-timeout ... ;
  final-timeout ... ;
  conn-timeout ... ;
  disable-deresolution ... ;
}

        

The resolver section is derived from resolver section prototype. For detail description of it, see resolver(5).

sysctl {


* variable ... ;
  portrange-default ... ;
  portrange-high ... ;
  portrange-low ... ;
  portrange-reserved ... ;
  somaxconn ... ;
  log-in-vain ... ;
  blackhole ... ;
}

        

The sysctl section is derived from sysctl section prototype. For detail description of it, see sysctl(5).

use-resolver name;

Resolver Section Specification.

This item defines name of global (system) resolver section used in particular configuration environment. Namely, it is applicable within SYSTEM section and within any section derived from PROXY prototype. The former usage defines system-wide values, the latter one values valid for particular proxy.

name (type: name of resolver, see resolver(5))

cwcatd name {


  phase ... ;
* tag ... ;
  log-debug { ... }
  log-stats { ... }
  use-resolver ... ;
  cfg-resolution ... ;
  monitoring { ... }
  stats-daily { ... }
  stats-weekly { ... }
  stats-monthly { ... }
  nodaemon ... ;
  singleproc ... ;
  app-user ... ;
  idle-timeout ... ;
  run-block-sigalrm ... ;
  wakeup ... ;
  retry ... ;
  sitemarker ... ;
}

        

The cwcatd section is derived from cwcatd section prototype. For detail description of it, see above.

SEE ALSO

configuration(7), cwcatd(8), clear-web-db(5), common(5), ipc(5), log(5), resolver(5), source-address(5), sysctl(5)

Prev Up Next
common Home dhcp-server