The following is a list of file directives currently supported by the various branches of the Sentry Firewall CD. Please note that this information is highly subject to change. Currently supported configuration directives can be found in the sample sentry.conf file available on the ISO image in the "SENTRY/scripts/cd-config" directory, or online at http://www.SentryFirewall.com/.
The following is a list of file directives currently supported in the SENTRYCD and SENTRYCD-DEVEL branches(slackware-based).
Initialization scripts:
rc.M Multiuser init script(runlevel 3). rc.6 Halt or reboot rc.dhcpd Startup script for ISC DHCP daemon. rc.netdevice Load modules for network devices(before rc.inet1 is run). rc.inet1 Set up ethernet interfaces. rc.inet1.conf Configuration file for rc.inet1. rc.inet2 Start network daemons. rc.inet2.conf Configuration file for rc.inet2. rc.keymap Load keyboard map. rc.local Local system init script. rc.modules Load any needed modules. rc.firewall Firewall script. rc.firewall.nat Nat-specific firewall script(not always used). rc.firewall.save Use if firewall script was generated using iptables-save. rc.ntpd ntpd initialization script. rc.sendmail Sendmail initialization script. rc.snort Snort initialization script.
Important system configuration files:
fstab fstab(5) ftpusers ftpusers(5) group group(5) hosts hosts(5) hosts.equiv hosts.equiv(5) hosts.allow hosts_access(5) hosts.deny hosts_access(5) inittab inittab modules.conf modules.conf(5) openssl.cnf OpenSSL configuration file. passwd passwd(5) profile bash(1) resolv.conf resolv.conf(5) shadow shadow(5) shells shells(5)
Daemon configuration files:
bgpd.conf Configuration file for bgpd(http://www.zebra.org/). dhcpd.conf Configuration file for dhcpd. dnsmasq.conf Configuration file for dnsmasq. httpd.conf Configuration file for Apache HTTP Daemon(http://www.apache.org/). inetd.conf Configuration file for inetd(8). ipsec.conf Configuration file for ipsec(http://www.freeswan.org/). ipsec.secrets IPSec secrets file for IKE/IPsec authentication. named.conf Configuration file for named(8). l2tpd.conf Configuration file for l2tpd, Layer 2 Tunnelling Protocol Daemon(http://www.l2tpd.org/) newsyslog.conf Configuration file for newsyslog. ospfd.conf Configuration file for ospfd(http://www.zebra.org/). portsentry.conf Configuration file for portsentry. pppoe.conf Configuration file for RP-PPPOE(http://www.roaringpenguin.com/pppoe/). pptpd.conf Configuration file for pptpd(http://poptop.lineo.com/). proftpd.conf Configuration file for proftpd(http://www.proftpd.net/). ntp.conf Configuration file for ntpd. rinetd.conf Configuration file for rinetd. ripd.conf Configuration file for ripd(http://www.zebra.org/). rndc.conf Configuration file for named control utility, rndc(8). sendmail.cf Configuration file for sendmail(http://www.sendmail.org/). smb.conf Configuration file for Samba(http://www.samba.org/). snort.conf Configuration file for snort(http://www.snort.org). squid.conf Configuration file for squid(http://www.squid-cache.org/). ss5.conf Configuration file for Socks Server 5(http://digilander.libero.it/matteo.ricchetti/) stunnel.conf Configuration file for stunnel(http://stunnel.mirt.net/). stunnel.pem Certificate chain PEM file for stunnel. syslog.conf syslogd(8) configuration file. syslog-ng.conf Configuration file for syslog-ng(http://www.balabit.com/products/syslog_ng/). vsftpd.conf Configuration file for vsftp daemon(http://vsftpd.beasts.org/). wlan.conf Configuration for prism based wireless cards(http://www.linux-wlan.com). gated.conf Configuration for GateD. ulogd.conf Configuration file for ulogd. zebra.conf Configuration file for zebra(http://www.zebra.org/).
OpenSSH configuration files:
ssh_config Configuration file for ssh(1). sshd_config Configuration file for sshd(8). shosts.equiv Like hosts.equiv(5) but for ssh. ssh_host_key Private rsa1 host key file. ssh_host_key.pub Private rsa1 host key file. ssh_host_dsa_key Private rsa1 host key file. ssh_host_dsa_key.pub Private rsa1 host key file. ssh_host_rsa_key Private rsa1 host key file. ssh_host_rsa_key.pub Private rsa1 host key file. ssh_known_hosts Public host keys of known ssh servers. ssh_known_hosts2 Public host keys of known ssh servers.
Configuration directives for Webmin(http://www.Webmin.com/).
start_webmin enable|disable Webmin. Default is "disable".
webmin_config Main Webmin configuration file(/etc/webmin/config).
miniserv.conf Config file for Webmin http(s) daemon.
miniserv.pem SSL cert for Webmin http(s) daemon.
An SSL cert will be created by rc.webmin if
one is not specified.
miniserv.users Password file used for Webmin.
Default user:pass is sentry:SENTRY.
NOTE: If this file is not replaced webmin
will NOT start.
Misc. configuration directives.
cron:<user> Replace <user>'s crontab with specified file. add_swap Initialize a swap partition at configuration time. root_size Change the size of root(/) at configuration time.
The following is a list of file directives currently supported in the SENTRYCD-DEB and SENTRYCD-DEB-DEVEL branches(debian-based).
UNDER CONSTRUCTION