OPTIONS¶
--version or -V
Display version number and compilation information.
--as <name> or -a <name>
Set instance name to <name>. Instance names may
consist of the characters [a-zA-Z0-9_] and must begin with a letter. Log
messages of this instance are prefixed with this name.
--also-as <name> or -A <name>
Add a secondary instance named <name>. Secondary
instances share the same Zorp process but they have a separate section in the
configuration file.
--policy <name> or -p <name>
Use the file called <name> as policy. This file
must be a valid policy file.
--verbose <verbosity> or -v
<verbosity>
Set verbosity level to <verbosity>, or if
<verbosity> is omitted increment it by one. Default the verbosity level
is 3; possible values are 0-10.
--pidfile <pidfile> or -P <pidfile>
Set path to the PID file where the pid of the main
process is stored.
--foreground or -F
Do not daemonize, run in the foreground. This option is a
convenience alias for '--process-mode=foreground'.
--process-mode <mode>
Set processing mode to one of background, safe-background
or foreground.
--no-syslog or -l
Send log messages to the standard output instead of
syslog. This option implies foreground mode, overriding the contradicting
process options if present.
--log-tags or -T
Prepend log category and log level to each message.
--log-escape
Escape non-printable characters to avoid binary log
files. Each character less than 0x20 and greater than 0x7F are escaped in the
form <XX>.
--log-spec <spec> or -s <spec>
Set verbosity mask on a per category basis. Each log
message has an assigned multi-level category, where levels are separated by a
dot. For example, HTTP requests are logged under http.request.
<spec> is a comma separated list of log specifications. A single
log specification consists of a wildcard matching log category, a colon, and a
number specifying the verbosity level of that given category. Categories match
from left to right. E.g.: --logspec 'http.*:5,core:3'. The last
matching entry will be used as the verbosity of the given category. If no
match is found the default verbosity specified with --verbose is
used.
--threads <num> or -t <num>
Set the maximum number of threads that can be used in
parallel by this Zorp instance.
--idle-threads <num> or -I
Set the maximum number of idle threads; this option has
effect only if threadpools are enabled (see the option
--threadpools).
--threadpools or -O
Enable the use of threadpools, which means that threads
associated with sessions are not automatically freed, only if the maximum
number of idle threads is exceeded.
--user <user> or -u <user>
Switch to the supplied user after starting up.
--group <group> or -g <group>
Switch to the supplied group after starting up.
--chroot <dir> or -R <dir>
Change root to the specified directory before reading the
configuration file. The directory must be set up accordingly.
--caps <caps> or -C <caps>
Switch to the supplied set of capabilities after starting
up. This should contain the required capabilities in the permitted set. For
the syntax of capability description see the man page of
cap_from_text(3).
--no-caps or -N
Do not change capabilities at all.
--crypto-engine <engine> or -E
<engine>
Set the OpenSSL crypto engine to be used for hardware
accelerated crypto support.