The Policy.py file has a strict structure that you must obey when modifying the configuration manually. It consists of the following code modules:

These modules are of varying length, depending on the complexity of the policy configuration.

These blocks, the zone definition, proxy class definition, instance definition, service definitions, and rule definitions make up the policy.py file. The provided example is simple, yet it provides a lot of information on the correct syntax and on the possible contents of the policy.py file.

The other configuration file, instances.conf is much more simple: it lists the instances to be run, and supplies some runtime arguments for them such as log level. The only compulsory argument for running an instance is the name of the Python file containing the corresponding instance definition. Although the example uses a single policy file ( policy.py) to store all definitions, it is possible to separate the policy to different .py files if it makes maintenance or archiving easier.

In the following example instance definitions are separated into two files, policy-http.py and policy-plug.py:

#instance arguments
#zorp_http --verbose=5 --policy /etc/zorp/policy-http.py
#zorp_plug --policy /etc/zorp/policy-plug.py

For more information on the configuration files, see the manual pages for instances.conf and Application-level Gateway (man instances.conf and man zorp — installed by default on PNS) and Proxedo Network Security Suite 1.0 Reference Guide, published by . It is available on the PNS CD-ROM and can also be downloaded from https://docs.balasys.hu/.