Details of SMC_XXX environment variables
This section maps the names of environment variables prior to 3.4.0 and the names from version 3.4.0 onwards.
There are other variables that were not mentioned in this list as they are solely intended for the internal operations of the server.
Older FWADMIN_XXX variables will continue to be available and operational but will be removed in future versions.
Environment variables are configured in the /data/config/fwadmin-env.conf.local file. To know the purpose of the variables, refer to the sections of the SMC Administration guide or to the Stormshield Knowledge base.
-
Variables with names that end with "_ENABLED" must contain the boolean values “true” or “false”.
-
Variables with names that end with "_INT" must contain numbers. Check that the value matches the corresponding unit if there is one.
-
In all other cases, the variable values are considered character strings.
-
If the variable is not defined, the default value is the value chosen by SMC.
| Old name | New name | Unit | Default value |
|---|---|---|---|
| FWADMIN_AUTOBACKUP_EXCLUDE_PRIVATE_KEY | SMC_AUTOBACKUP_EXCLUDE_PRIVATE_KEY_ENABLED | false | |
| FWADMIN_ENABLED_BASE_STATION | SMC_BASE_STATION_ENABLED | false | |
| FWADMIN_CERT_SUBJECT_AS_PEER_LOCALID | SMC_CERT_SUBJECT_AS_PEER_LOCALID_ENABLED | false | |
| FWADMIN_ENABLED_CFGCHECK | SMC_CFGCHECK_ENABLED | true | |
| FWADMIN_CFGCHECK_INCOHERENCIES_LIMIT | SMC_CFGCHECK_INCOHERENCIES_INT | 100 | |
| FWADMIN_CONFIG_STATUS_CHECK_PERIOD | SMC_CONFIG_STATUS_CHECK_PERIOD_INT | msec | 120000 |
| FWADMIN_CSV_DELIMITER | SMC_CSV_DELIMITER | , | |
| FWADMIN_DECBACKUP_DIR | SMC_DECBACKUP_DIR | /opt/stormshield/security | |
| FWADMIN_SNS_DEPLOYMENT_TIMEOUT_BEFORE_ROLLBACK | SMC_DEPLOYMENT_TIMEOUT_BEFORE_ROLLBACK_INT | sec | 30 |
| FWADMIN_EXPORT_TIMEOUT | SMC_EXPORT_TIMEOUT_INT | msec | 30000 |
| FWADMIN_FW_CONFIG_GENERATION_TIMEOUT | SMC_FW_CONFIG_GENERATION_TIMEOUT_INT | msec | 900000 |
| FWADMIN_DEFAULT_FW_CONNECTION_TIMEOUT | SMC_FW_CONNECTION_TIMEOUT_INT | sec | 60 |
| FWADMIN_FW_DEPLOYMENT_DISABLE_ROLLBACK | SMC_FW_DEPLOYMENT_ROLLBACK_ENABLED | true | |
| FWADMIN_FW_DEPLOYMENT_TIMEOUT | SMC_FW_DEPLOYMENT_TIMEOUT_INT | sec | 300 |
| FWADMIN_FW_DEPLOYMENT_VPN_PEER_INACTIVITY | SMC_FW_DEPLOYMENT_VPN_PEER_INACTIVITY_INT | 0 | |
| FWADMIN_FW_LICENSE_CRITICAL | SMC_FW_LICENSE_CRITICAL_INT | days | 0 |
| FWADMIN_FW_LICENSE_WARNING | SMC_FW_LICENSE_WARNING_INT | days | 0 |
| FWADMIN_FW_TPM_DISABLED | SMC_FW_TPM_ENABLED | true | |
| FWADMIN_GETSA_POLLING_PERIOD | SMC_GETSA_POLLING_PERIOD_INT | msec | 30000 |
| FWADMIN_GETSPD_POLLING_PERIOD | SMC_GETSPD_POLLING_PERIOD_INT | msec | 30000 |
| FWADMIN_HAINFO_POLLING_PERIOD | SMC_HAINFO_POLLING_PERIOD_INT | msec | 30000 |
| FWADMIN_HASYNC_ON_DESYNCHRO | SMC_HASYNC_ON_DESYNCHRO_ENABLED | true | |
| FWADMIN_LDAP_FIELD_NAME_DN | SMC_LDAP_FIELD_NAME_DN | ||
| FWADMIN_LDAP_FIELD_NAME_LOGIN | SMC_LDAP_FIELD_NAME_LOGIN | ||
| FWADMIN_LDAP_FIELD_NAME_MEMBEROF | SMC_LDAP_FIELD_NAME_MEMBEROF | ||
| FWADMIN_MESSAGING_RESPONSE_CHUNK_TIMEOUT | SMC_MESSAGING_RESPONSE_CHUNK_TIMEOUT_INT | sec | 30 |
| FWADMIN_MESSAGING_RESPONSE_DEFAULT_TIMEOUT | SMC_MESSAGING_RESPONSE_DEFAULT_TIMEOUT_INT | sec | 120 |
| FWADMIN_MONITOR_STAT_POLLING_PERIOD | SMC_MONITOR_STAT_POLLING_PERIOD_INT | msec | 60000 |
| FWADMIN_PROXY_RESPONSE_TIMEOUT | SMC_PROXY_RESPONSE_TIMEOUT_INT | sec | 300 |
| FWADMIN_SNS_CERTS_PROBE_EXPIRATION_DELAY | SMC_SNS_CERTS_PROBE_EXPIRATION_INT | days | 30 |
| FWADMIN_SNS_CLI_ATTACHMENTS_DIR | SMC_SNS_CLI_ATTACHMENTS_DIR | /data/tmp/sns-cli/input | |
| FWADMIN_SNS_CLI_CSV_DELIMITER | SMC_SNS_CLI_CSV_DELIMITER | ; | |
| FWADMIN_SNS_CLI_OUTPUT_DIR | SMC_SNS_CLI_OUTPUT_DIR | /data/tmp/sns-cli/output | |
| FWADMIN_SNS_CLI_SCRIPT_MAX_UPLOAD_SIZE | SMC_SNS_CLI_SCRIPT_MAX_UPLOAD_SIZE_INT | bytes | 2097152 |
| FWADMIN_SNS_CLI_STEP_TIMEOUT | SMC_SNS_CLI_STEP_TIMEOUT_INT | sec | 120 |
| FWADMIN_SNS_DEPLOYMENT_TIMEOUT_ROLLBACK | SMC_SNS_DEPLOYMENT_ROLLBACK_TIMEOUT_INT | sec | 180 |
| FWADMIN_SYSTEM_PROP_POLLING_PERIOD | SMC_SYSTEM_PROP_POLLING_PERIOD_INT | msec | 3600000 |
| FWADMIN_UI_PORT | SMC_UI_PORT_INT | 443 | |
| FWADMIN_UI_SERVER_CERT_PATH | SMC_UI_SERVER_CERT_PATH | /etc/certs/uiserver | |
| FWADMIN_VPN_MESH_ROUTE_BASED_MAX_PEERS | SMC_VPN_MESH_ROUTE_BASED_MAX_PEERS_INT | 50 |