'\" t
.\" Title: zorp
.\" Author: [see the "Author" section]
.\" Generator: DocBook XSL Stylesheets v1.75.2
.\" Date: 03/06/2012
.\" Manual: [FIXME: manual]
.\" Source: [FIXME: source]
.\" Language: English
.\"
.TH "ZORP" "8" "03/06/2012" "[FIXME: source]" "[FIXME: manual]"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
zorp_ \- Zorp Firewall Suite
.SH "SYNOPSIS"
.HP \w'\fBzorp\fR\ 'u
\fBzorp\fR [options]
.SH "DESCRIPTION"
.PP
The
\fBzorp\fR
command is the main entry point for a Zorp instance, and as such it is generally called by
zorpctl(8)
with command line parameters specified in
instances\&.conf(5)\&.
.SH "OPTIONS"
.PP
\fB\-\-version\fR or \fB\-V\fR
.RS 4
Display version number and compilation information\&.
.RE
.PP
\fB\-\-as \fR or \fB\-a \fR
.RS 4
Set instance name to \&. Instance names may consist of the characters [a\-zA\-Z0\-9_] and must begin with a letter\&. Log messages of this instance are prefixed with this name\&.
.RE
.PP
\fB\-\-also\-as \fR or \fB\-A \fR
.RS 4
Add a secondary instance named \&. Secondary instances share the same Zorp process but they have a separate section in the configuration file\&.
.RE
.PP
\fB\-\-policy \fR or \fB\-p \fR
.RS 4
Use the file called as policy\&. This file must be a valid policy file\&.
.RE
.PP
\fB\-\-verbose \fR or \fB\-v \fR
.RS 4
Set verbosity level to , or if is omitted increment it by one\&. Default the verbosity level is 3; possible values are 0\-10\&.
.RE
.PP
\fB\-\-pidfile \fR or \fB\-P \fR
.RS 4
Set path to the PID file where the pid of the main process is stored\&.
.RE
.PP
\fB\-\-foreground\fR or \fB\-F\fR
.RS 4
Do not daemonize, run in the foreground\&.
.RE
.PP
\fB\-\-process\-mode \fR
.RS 4
Set processing mode to one of background, safe\-background or foreground\&.
.RE
.PP
\fB\-\-no\-syslog\fR or \fB\-l\fR
.RS 4
Send log messages to the standard output instead of syslog\&.
.RE
.PP
\fB\-\-log\-tags\fR or \fB\-T\fR
.RS 4
Prepend log category and log level to each message\&.
.RE
.PP
\fB\-\-log\-escape\fR
.RS 4
Escape non\-printable characters to avoid binary log files\&. Each character less than 0x20 and greater than 0x7F are escaped in the form \&.
.RE
.PP
\fB\-\-log\-spec \fR or \fB\-s \fR
.RS 4
Set verbosity mask on a per category basis\&. Each log message has an assigned multi\-level category, where levels are separated by a dot\&. For example, HTTP requests are logged under
\fIhttp\&.request\fR\&.
\fB\fR
is a comma separated list of log specifications\&. A single log specification consists of a wildcard matching log category, a colon, and a number specifying the verbosity level of that given category\&. Categories match from left to right\&. E\&.g\&.:
\fB\-\-logspec \*(Aqhttp\&.*:5,core:3\*(Aq\fR\&. The last matching entry will be used as the verbosity of the given category\&. If no match is found the default verbosity specified with
\fB\-\-verbose\fR
is used\&.
.RE
.PP
\fB\-\-threads \fR or \fB\-t \fR
.RS 4
Set the maximum number of threads that can be used in parallel by this Zorp instance\&.
.RE
.PP
\fB\-\-idle\-threads \fR or \fB\-I\fR
.RS 4
Set the maximum number of idle threads; this option has effect only if threadpools are enabled (see the option
\fB\-\-threadpools\fR)\&.
.RE
.PP
\fB\-\-threadpools\fR or \fB\-O\fR
.RS 4
Enable the use of threadpools, which means that threads associated with sessions are not automatically freed, only if the maximum number of idle threads is exceeded\&.
.RE
.PP
\fB\-\-user \fR or \fB\-u \fR
.RS 4
Switch to the supplied user after starting up\&.
.RE
.PP
\fB\-\-group \fR or \fB\-g \fR
.RS 4
Switch to the supplied group after starting up\&.
.RE
.PP
\fB\-\-chroot \fR or \fB\-R \fR
.RS 4
Change root to the specified directory before reading the configuration file\&. The directory must be set up accordingly\&.
.RE
.PP
\fB\-\-caps \fR or \fB\-C \fR
.RS 4
Switch to the supplied set of capabilities after starting up\&. This should contain the required capabilities in the permitted set\&. For the syntax of capability description see the man page
cap_from_text(3)\&.
.RE
.PP
\fB\-\-no\-caps\fR or \fB\-N\fR
.RS 4
Do not change capabilities at all\&.
.RE
.PP
\fB\-\-crypto\-engine \fR or \fB\-E \fR
.RS 4
Set the OpenSSL crypto engine to be used for hardware accelerated crypto support\&.
.RE
.PP
\fB\-\-stack\-size \fR or \fB\-S \fR
.RS 4
Set the maximum stack size used by threads\&. Note that the maximum number of parallel threads is influenced by the size specified here\&. The default stack size is 512 KB, the maximum you can set is 8192 KB\&.
.RE
.SH "FILES"
.PP
/etc/zorp/
.PP
/etc/zorp/policy\&.py
.PP
/etc/zorp/instances\&.conf
.SH "AUTHOR"
.PP
This manual page was written by the BalaBit Documentation Team \&.
.SH "COPYRIGHT"
.PP
Copyright \(co 2006 BalaBit IT Security Ltd\&. All rights reserved\&. For more information about the legal status of this document please read:
\m[blue]\fBhttp://www\&.balabit\&.com/products/zorp/docs/legal_notice\&.bbq\fR\m[]