## Sentry Firewall CD-ROM -- sentrycd-RH
## sentry.conf configuration file. (EXAMPLE)
## Questions/Comments: Obsid@Sentry.net

## I have tried to give a brief description of the setup here, please
## see the documentation at http://www.SentryFirewall.com/ for more
## details.

## All configuration directives are case sensitive. Anything after a '#'
## sign is considered a comment.

##-----------------------------------------------------------------------##
## Networking Support

 ## 'device' Directive Syntax:
 ##    device[#] = [device_name]:[driver_name]:[IP_Address]<|gateway>
 ##    device[#] = [device_name]:[driver_name]:dhcp<|hostname>
 ##    NOTE: 1) <hostname> and <gateway> are optional, but sometimes required.
 ##          2) Please see file: /SENTRY/scripts/cd-config/networking.pl for
 ##             list of supported devices.

 ## 'nameserver' Directive Syntax:
 ##    nameserver = <IP_address>

   ## Examples:
   # device1 = eth0:tulip:192.168.1.50|192.168.1.1
   # device2 = eth1:via-rhine:dhcp
   # nameserver = 192.168.1.10

 ## NOTE: 1) With network devices set up, the following configuration
 ##          syntax is supported(examples):
 ##          fstab = http://<user:passwd@>192.168.1.1/config1/fstab
 ##          fstab = https://<user:passwd@>192.168.1.1/config1/fstab
 ##          fstab = ftp://<user:passwd@>192.168.1.1/config1/fstab
 ##          fstab = sftp://<user:passwd@>192.168.1.1/config1/fstab
 ##          fstab = scp://<user:passwd@>192.168.1.1/config1/fstab

 ##    ** 2) Network device support is only used for system setup, devices are
 ##          taken down after setup is complete.  See /etc/sysconfig/network-scripts/ifcfg-*
 ##          for more permanant network setup.

 ## More networking options:
 
    ## Proxy Support
    # http_proxy = http://<proxy_server>:<port>/
    # ftp_proxy = http://<proxy_server>:<port>/
    # proxy-user = <proxy_username>
    # proxy-passwd = <proxy_password>
 
    ## Passive FTP Support
    # passive-ftp = <on|off>  ## Default == off


##-----------------------------------------------------------------------##
## Include directives.

## include = /floppy/config1/sentry.conf
## Or with network support:
## include = ftp://user:pass@192.168.1.69/config/sentry.conf


##-----------------------------------------------------------------------##
## /etc/rc.d boot scripts

# rc.local =
# rc.news =
# rc.firewall = /floppy/config1/rc.firewall
# rc.firewall.nat =


##-----------------------------------------------------------------------##
## Start/Stop system services.
## Sentry Firewall CD, v1.xRH specific directives.

  ## Start/Stop a service or daemon.
  ## Syntax: service:[start|stop] = <path/to/service_init_file>

  ## 'service' is a particular service or daemon whose startup script is
  ## usually kept in /etc/rc.d/init.d/ on a RedHat-like system.  'start|stop'
  ## tells the configuration scripts whether or not you would like this
  ## service started or stopped, so it can make the appropriate symlink
  ## in /etc/rc.d/rc3.d/.  The <path/to/service_init_file> option allows
  ## you to actually replace the init file kept in /etc/rc.d/init.d/.
  ## These are simply scripts that start/stop/restart/etc the service,
  ## and need not be replaced under normal circumstances.

  ## The directives below express the default values for the symlinks
  ## in /etc/rc.d/rc3.d/

     ## Service            ## Start/Stop

#	innd		:	stop
#	mysqld		:	stop
#	gpm		:	stop
#	httpd		:	stop
#	rarpd		:	stop
#	bootparamd	:	stop
#	nfs		:	stop
#	rstatd		:	stop
#	rusersd		:	stop
#	rwhod		:	stop
#	squid		:	stop
#	amd		:	stop
#	yppasswdd	:	stop
#	dhcpd		:	stop
#	smb		:	stop
#	mars-nwe	:	stop
#	named		:	stop
#	arpwatch	:	stop
#	radvd		:	stop
#	snmpd		:	stop
#	routed		:	stop
#	identd		:	stop
#	ntpd		:	stop
#	ups		:	stop
#	ypserv		:	stop
#	ypxfrd		:	stop
#	gated		:	stop
#	sendmail	:	stop
#	iscsi		:	stop
#	apmd		:	stop
#	bgpd		:	stop
#	ospf6d		:	stop
#	ospfd		:	stop
#	ripd		:	stop
#	ripngd		:	stop
#	zebra		:	stop
#	bcm5820		:	stop
#	irda		:	stop
#	kudzu		:	start
#	ipchains	:	start
#	iptables	:	start
#	isdn		:	start
#	network		:	start
#	syslog		:	start
#	portmap		:	start
#	nfslock		:	start
#	keytable	:	start
#	random		:	start
#	netfs		:	start
#	autofs		:	start
#	snortd		:	start
#	sshd		:	start
#	rawdevices	:	start
#	xinetd		:	start
#	lpd		:	start
#	crond		:	start
#	anacron		:	start
#	atd		:	start
#	local		:	start


##-----------------------------------------------------------------------##
## Common system and configuration files.

# fstab = /floppy/config1/fstab
# ftpusers =
# group =
# hosts.equiv =
# hostname =
# hosts = /floppy/config1/hosts
# inittab =
# openssl.cnf =
# passwd =
# profile =
# resolv.conf =
# shadow = /floppy/config1/shadow
# shells =


##-----------------------------------------------------------------------##
## Common daemon configuration files

# gated.conf =
# httpd.conf =
# named.conf =
# pppoe.conf =
# proftpd.conf =
# pptpd.conf =
# smb.conf =
# snort.conf =
# squid.conf =
# syslog-ng.conf =
# syslog.conf =
# xinetd.conf = 
# zebra.conf =


##-----------------------------------------------------------------------##
## More Sentry Firewall CD, v1.xRH specific directives.
## Unlike many of the previous directives, these refer to actual
## directories kept on the configuration floppy or on the remote system.

  ## /etc/sysconfig directory.  Need only contain files you want to
  ## replace, that is, you don't need to mirror the entire /etc/sysconfig
  ## directory.  Those files you don't replace will be symlinked to default
  ## files.

     # sysconf_dir = ftp://user:pass@server/node1234/sysconfig/

  ## /etc/xinetd.d directory.  Contains files for the services you would
  ## like xinetd to run.  Same as above, needs only to contain those
  ## files you want replaced.

     # xinetd_dir = /floppy/config1/xinetd.d/


##-----------------------------------------------------------------------##
## Place to mount cdrom. If not declared we can still try to rely on
## rc.cdrom to mount the correct cdrom drive.  It is highly recommended,
## however, that you utilize this directive.

# cdrom = /dev/hdc


##-----------------------------------------------------------------------##
## /etc/ssh configuration files and host keys.
## If no host keys are specified rc.sshd creates them at
## boot time.  No default host keys are present on the rootdisk,
## for obvious reasons.

# shosts.equiv =
# ssh_config =
# sshd_config =
# ssh_host_key =
# ssh_host_key.pub =
# ssh_host_dsa_key =
# ssh_host_dsa_key.pub =
# ssh_host_rsa_key =
# ssh_host_rsa_key.pub =
# ssh_known_hosts =
# ssh_known_hosts2 =


##-----------------------------------------------------------------------##
## Other Configuration Directives

## Replace user's crontab file(/var/spool/cron/crontabs/).
## Syntax: cron:<USERNAME> = <CRONTAB FILE>

  # Example:
  # cron:root = /floppy/config/crontab_file


## Make symlink called /etc/daemon.conf that points to /root/daemon.conf
## Syntax: dest_file => source_file(file symlink points to)

  ## Examples:
  # /etc/daemon.conf => /root/daemon.conf

  ## Set Timezone(GMT is the default)
  # /etc/localtime => /usr/share/zoneinfo/GMT


## Copy file /floppy/daemon.conf to /etc/daemon.conf
## Syntax: source_file |= dest_file

  # Example:
  # /floppy/daemon.conf |= /etc/daemon.conf







## _EOF_ ##