| Description of "FWCore.cfg", "FWCore_N.cfg" and "FWCore_O.cfg" |
| This
Knowledge Base article applies to: |
|
Amaranten Firewall will attempt to load the following configuration files, in order:
"FWCore.cfg" is the "standard" configuration file. Most of the time,
it is the only one of the above list that This document describes when "FWCore_N.cfg" exists, and how you can
use "FWCore_O.cfg" as a When you upload a new configuration, it will be temporarily stored as "FWCore_N.cfg". The firewall will then load the contents of it. If you successfully reconnect to the firewall within 30 seconds (default,
see "Advanced Settings" -> "Misc" or "RemoteAdmin" -> "NetConBiDirTimeout"),
the firewall will place the new configuration in "FWCore.cfg" If however you can not reconnect to the firewall, "FWCore_N.cfg"
will be deleted, and the firewall will fall If there is ever a problem with a newly uploaded configuation that prevents
your firewall from starting, you There, you can type the following commands: This removes the newly uploaded configuration, and allows the firewall
to start using the previous "FWCore_O.cfg" is not created by any automated process. You can, however,
create it yourself, so that To create an "FWCore_O.cfg", you can either go to the command-line interface
via the boot menu and use or you can use the fwctl tool to upload a configuration of your
choosing as "FWCore_O.cfg": "FWCore_O.cfg" will be used if the firewall fails to find or parse "FWCore_N.cfg" as well as "FWCore.cfg". This means that it can happen because you accidentally uploaded a much
older firewall core, so you should make sure that "FWCore_O.cfg" contains
only very basic configuration options if it is to be useful in such a
You can, of course, also force it to happen by simply deleting
your current configuration. But won't The firewall will assume that the policy and settings in FWCore_O.cfg
is too old to be trusted, and do two
|