Initial Settings

Testing mode - TESTING
Enable firewall testing mode. This option will enable a CRON job that will clear iptables when you start the firewall. This should be enabled until you are sure that the firewall works. The login failure daemon will not start while this is enabled. Make sure to disable this option and restart the firewall after everything is configured correctly.
Default: 1 Range: 0-1

Testing interval - TESTING_INTERVAL
The testing interval in minutes when the CRON job will clear iptables. This option uses the servers system clock so the CRON job will run past the hour and not from when you issue the firewall start command.
Default: 5 Range: 1-60

Restrict syslog - RESTRICT_SYSLOG
Syslog and rsyslog are vulnerable to spoofing (they allow end-users to log messages to some system logs via the same unix socket that other local services use). This option can disable all LFD features that rely on syslog and rsyslog logs.
Default: 2 Range: 0-3

Restrict syslog group - RESTRICT_SYSLOG_GROUP
This setting is used if RESTRICT_SYSLOG is set to "Restrict syslog/rsyslog access to RESTRICT_SYSLOG_GROUP". It restricts write access to the syslog/rsyslog unix socket(s). The group must not already exist in /etc/groups before setting RESTRICT_SYSLOG to 3, so set the option to a unique name for the server. Using this option will prevent some legitimate logging, e.g. end-user cronjob logs.
Default: mysyslog

Restricts the ability to modify some firewall settings from within the user interface. If the panel interface was compromised these restricted options could be used to further compromise the server.
Default: 0

Auto updates - AUTO_UPDATES
Enable firewall auto updates. This option adds a daily CRON job that will update the firewall and login failure daemon automatically if an update is available.
Default: 1 Range: 0-1