<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [
<!-- Process this file with docbook-to-man to generate an nroff manual
page: `docbook-to-man manpage.sgml > manpage.1'. You may view
the manual page with: `docbook-to-man manpage.sgml | nroff -man |
less'. A typical entry in a Makefile or Makefile.am is:
manpage.1: manpage.sgml
docbook-to-man $< > $@
The docbook-to-man binary is found in the docbook-to-man package.
Please remember that if you create the nroff version in one of the
debian/rules file targets (such as build), you will need to include
docbook-to-man in your Build-Depends control field.
-->
<!-- Fill in your name for FIRSTNAME and SURNAME. -->
<!ENTITY dhfirstname "<firstname>Eric</firstname>">
<!ENTITY dhsurname "<surname>Leblond</surname>">
<!-- Please adjust the date whenever revising the manpage. -->
<!ENTITY dhdate "<date>july 29, 2004</date>">
<!-- SECTION should be 1-8, maybe w/ subsection other parameters are
allowed: see man(7), man(1). -->
<!ENTITY dhsection "<manvolnum>8</manvolnum>">
<!ENTITY dhemail2 "<email>vincent@gryzor.com</email>">
<!ENTITY dhemail "<email>eric@regit.org</email>">
<!ENTITY dhusername "Eric Leblond">
<!ENTITY dhucpackage "<refentrytitle>nuaclgen</refentrytitle>">
<!ENTITY dhpackage "nuaclgen">
<!ENTITY gnu "<acronym>GNU</acronym>">
<!ENTITY gpl "&gnu; <acronym>GPL</acronym>">
]>
<refentry>
<refentryinfo>
<address>
&dhemail;
</address>
<author>
&dhfirstname;
&dhsurname;
</author>
<copyright>
<year>2004</year>
<holder>&dhusername;</holder>
</copyright>
&dhdate;
</refentryinfo>
<refmeta>
&dhucpackage;
&dhsection;
</refmeta>
<refnamediv>
<refname>&dhpackage;</refname>
<refpurpose>NUFW acl generator</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>&dhpackage;</command>
<arg><option>--Schema <replaceable>eq|ineq</replaceable></option></arg>
<arg><option>--Aclname <replaceable>ACLDN</replaceable></option></arg>
<arg><option>--saddr <replaceable>NETWORK1</replaceable></option></arg>
<arg><option>--daddr <replaceable>NETWORK2</replaceable></option></arg>
<arg><option>--proto <replaceable>PROTONUMBER</replaceable></option></arg>
<arg><option>--sport <replaceable>P1[:P2]</replaceable></option></arg>
<arg><option>--dport <replaceable>P3[:P4]</replaceable></option></arg>
<arg><option>--OsName <replaceable>OSNAME</replaceable></option></arg>
<arg><option>--OsVersion <replaceable>OSVERSION</replaceable></option></arg>
<arg><option>--OsRelease <replaceable>OSRELEASE</replaceable></option></arg>
<arg><option>--AppName <replaceable>APPLICATION NAME</replaceable></option></arg>
<arg><option>--AppSig <replaceable>APPLICATION SIGNATURE</replaceable></option></arg>
<arg><option>--Separator <replaceable>SEPARATOR</replaceable></option></arg>
<arg><option>--jump <replaceable>[ACCEPT|DROP]</replaceable></option></arg>
<arg><option>--groups <replaceable>GROUPLIST</replaceable></option></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>&dhpackage;</command>
<arg><option>--List</option></arg>
<arg><option>--groups <replaceable>Id Group</replaceable></option></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>&dhpackage;</command>
<arg><option>--Delete </option><replaceable>DN</replaceable></arg>
</cmdsynopsis>
<cmdsynopsis>
<command>&dhpackage;</command>
<arg><option>--help</option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>This manual page documents the
<command>&dhpackage;</command> command.</para>
<para>&dhpackage; is an Access control list generator
for the ldap backend of Nuauth, the authentication server of the NUFW package.
</para>
<para>Original packaging and informations and help can be found from http://www.nufw.org/</para>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<variablelist>
<varlistentry>
<term><option>--Schema <replaceable>eq|ineq</replaceable></option>
</term>
<listitem>
<para>Use equality schema or not (Equality schema requires dport be
specified, and is the default.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--AclName <replaceable>Acl DN</replaceable></option>
</term>
<listitem>
<para>Add an acl in the ldap tree with dn <replaceable>Acl DN</replaceable></para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--saddr <replaceable>Network</replaceable></option>
</term>
<listitem>
<para>Specify source network for the acl, with network of the form : aaa.bbb.ccc.ddd[/ee]. Default value : 0.0.0.0/0</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--daddr <replaceable>Network</replaceable></option>
</term>
<listitem>
<para>Specify destination network for the acl, with network of the form : aaa.bbb.ccc.ddd[/ee]. Default value : 0.0.0.0/0</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--proto <replaceable>Protocol number</replaceable></option>
</term>
<listitem>
<para>Specify protocol type for the acl</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--sport <replaceable>Source port</replaceable></option>
</term>
<listitem>
<para>Specify source port(s) for the Acl. NNNN:MMMM can be used to specify a port range.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--dport <replaceable>Destination port</replaceable></option>
</term>
<listitem>
<para>Specify destination port(s) for the Acl. NNNN:MMMM can be used to specify a port range.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--jump <replaceable>Decision</replaceable></option>
</term>
<listitem>
<para>Specify decision for the Acl. Has to be ACCEPT or DROP.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--groups <replaceable>Groups list</replaceable></option>
</term>
<listitem>
<para>Specify the user group(s) on which Acl apply. Must be of the form : Group1[,Group2[,...]]</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--List --group <replaceable>Group ID</replaceable></option>
</term>
<listitem>
<para>List Acls for the <replaceable>Group ID</replaceable> group</para>
</listitem>
<varlistentry>
<term><option>--Delete <replaceable>Dn</replaceable></option>
</term>
<listitem>
<para>Deletes the Acl stored in the provided Dn</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--help</option>
</term>
<listitem>
<para>Displays a brief resume of available options and quits</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>nufw(8)</para>
<para>nuauth(8)</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>Nuauth was designed and coded by Eric Leblond, aka Regit (&dhemail;) , and Vincent
Deffontaines, aka gryzor (&dhemail2;). Original idea in 2001, while working on NSM Ldap
support.</para>
<para>This manual page was written by &dhusername; and copyrighted by INL
(2003-2005)</para>
<para>Permission is
granted to copy, distribute and/or modify this document under
the terms of the &gnu; Free Documentation
License, Version 2 as published by the Free
Software Foundation; with no Invariant Sections, no Front-Cover
Texts and no Back-Cover Texts.</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:2
sgml-indent-data:t
sgml-parent-document:nil
sgml-default-dtd-file:nil
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->
