Details of SMC_XXX environment variables

This section maps the names of environment variables prior to 3.4.0 and the names from version 3.4.0 onwards.

There are other variables that were not mentioned in this list as they are solely intended for the internal operations of the server.

Older FWADMIN_XXX variables will continue to be available and operational but will be removed in future versions.

Environment variables are configured in the /data/config/fwadmin-env.conf.local file. To know the purpose of the variables, refer to the sections of the SMC Administration guide or to the Stormshield Knowledge base.

• Variables with names that end with "_ENABLED" must contain the boolean values “true” or “false”.

• Variables with names that end with "_INT" must contain numbers. Check that the value matches the corresponding unit if there is one.

• In all other cases, the variable values are considered character strings.

• If the variable is not defined, the default value is the value chosen by SMC.

 

Variable name	Unit	Default value
SMC_AUTOBACKUP_EXCLUDE_PRIVATE_KEY_ENABLED		false
SMC_BASE_STATION_ENABLED		false
SMC_CERT_SUBJECT_AS_PEER_LOCALID_ENABLED		false
SMC_CFGCHECK_BEFORE_DEPLOY_ENABLED		true
SMC_CFGCHECK_ENABLED		true
SMC_CFGCHECK_INCOHERENCIES_INT		100
SMC_CONFIG_STATUS_CHECK_PERIOD_INT	msec	120000
SMC_CSV_DELIMITER		,
SMC_DECBACKUP_DIR		/opt/stormshield/security
SMC_DEPLOYMENT_TIMEOUT_BEFORE_ROLLBACK_INT	sec	30
SMC_EXPORT_TIMEOUT_INT	msec	30000
SMC_FW_CONFIG_GENERATION_TIMEOUT_INT	msec	900000
SMC_FW_CONNECTION_TIMEOUT_INT	sec	60
SMC_FW_DEPLOYMENT_ROLLBACK_ENABLED		true
SMC_FW_DEPLOYMENT_TIMEOUT_INT	sec	300
SMC_FW_DEPLOYMENT_VPN_PEER_INACTIVITY_INT		0
SMC_FW_LICENSE_CRITICAL_INT	days	0
SMC_FW_LICENSE_WARNING_INT	days	0
SMC_FW_TPM_ENABLED		true
SMC_GETSA_POLLING_PERIOD_INT	msec	30000
SMC_GETSPD_POLLING_PERIOD_INT	msec	30000
SMC_HAINFO_POLLING_PERIOD_INT	msec	30000
SMC_HASYNC_ON_DESYNCHRO_ENABLED		true
SMC_LDAP_FIELD_NAME_DN
SMC_LDAP_FIELD_NAME_LOGIN
SMC_LDAP_FIELD_NAME_MEMBEROF
SMC_MESSAGING_RESPONSE_CHUNK_TIMEOUT_INT	sec	30
SMC_MESSAGING_RESPONSE_DEFAULT_TIMEOUT_INT	sec	120
SMC_MONITOR_ROUTE__POLLING_PERIOD_INT	msec	60000
SMC_MONITOR_STAT_POLLING_PERIOD_INT	msec	60000
SMC_PROXY_RESPONSE_TIMEOUT_INT	sec	300
SMC_SNS_CERTS_PROBE_EXPIRATION_INT	days	30
SMC_SNS_CLI_ATTACHMENTS_DIR		/data/tmp/sns-cli/input
SMC_SNS_CLI_CSV_DELIMITER		;
SMC_SNS_CLI_OUTPUT_DIR		/data/tmp/sns-cli/output
SMC_SNS_CLI_SCRIPT_MAX_UPLOAD_SIZE_INT	bytes	2097152
SMC_SNS_CLI_STEP_TIMEOUT_INT	sec	120
SMC_SNS_DEPLOYMENT_ROLLBACK_TIMEOUT_INT	sec	180
SMC_SNS_UPDATE_HA_LINK_TIMEOUT_INT	sec	1800
SMC_SNS_UPDATE_MAX_KEEP_DAYS_INT	days	14
SMC_SNS_UPDATE_SYSTEM_CLONE_TIMEOUT_INT	sec	1800
SMC_SYSTEM_PROP_POLLING_PERIOD_INT	msec	3600000
SMC_UI_PORT_INT		443
SMC_UI_SERVER_CERT_PATH		/etc/certs/uiserver
SMC_VPN_MESH_ROUTE_BASED_MAX_PEERS_INT		50