Chapter 3. Creating policies

Table of Contents
Reading the policy
Python overview
Overview of Zorp classes
Creating an example policy

The configuration and decision policy used by Zorp is made up by standard Python statements, which use the services provided by the Zorp core and utility classes. This chapter contains a step by step introduction to the policy structure with a small overview of the Python language.

Reading the policy

The policy file is read in two steps. First the file policy.boot file is read, and if it's processed successfully, the file provided by the administrator /etc/zorp/policy.py is processed.

policy.boot file is used internally, you normally won't need to touch it. It is used to initialize the Zorp - policy interface.

/etc/zorp/policy.py is the local firewall policy, and contains valid Python statements describing the configuration of your firewall.