Scroll to navigation

NUACLGEN(8) NUACLGEN(8)

NAME

nuaclgen - NUFW acl generator

SYNOPSIS

nuaclgen [ --Schema eq|ineq ] [ --Aclname ACLDN ] [ --saddr NETWORK1 ] [ --daddr NETWORK2 ] [ --proto PROTONUMBER ] [ --sport P1[:P2] ] [ --dport P3[:P4] ] [ --OsName OSNAME ] [ --OsVersion OSVERSION ] [ --OsRelease OSRELEASE ] [ --AppName APPLICATION NAME ] [ --AppSig APPLICATION SIGNATURE ] [ --Separator SEPARATOR ] [ --jump [ACCEPT|DROP] ] [ --groups GROUPLIST ]
 
 
nuaclgen [ --List ] [ --groups Id Group ]
 
 
nuaclgen [ --Delete DN ]
 
 
nuaclgen [ --help ]
 

DESCRIPTION

This manual page documents the nuaclgen command.
nuaclgen is an Access control list generator for the ldap backend of Nuauth, the authentication server of the NUFW package.
Original packaging and informations and help can be found from http://www.nufw.org/

OPTIONS

--Schema eq|ineq
Use equality schema or not (Equality schema requires dport be specified, and is the default.
--AclName Acl DN
Add an acl in the ldap tree with dn Acl DN
--saddr Network
Specify source network for the acl, with network of the form : aaa.bbb.ccc.ddd[/ee]. Default value : 0.0.0.0/0
--daddr Network
Specify destination network for the acl, with network of the form : aaa.bbb.ccc.ddd[/ee]. Default value : 0.0.0.0/0
--proto Protocol number
Specify protocol type for the acl
--sport Source port
Specify source port(s) for the Acl. NNNN:MMMM can be used to specify a port range.
--dport Destination port
Specify destination port(s) for the Acl. NNNN:MMMM can be used to specify a port range.
--jump Decision
Specify decision for the Acl. Has to be ACCEPT or DROP.
--groups Groups list
Specify the user group(s) on which Acl apply. Must be of the form : Group1[,Group2[,...]]
--List --group Group ID
List Acls for the Group ID group
--Delete Dn
Deletes the Acl stored in the provided Dn
--help
Displays a brief resume of available options and quits

SEE ALSO

nufw(8)
nuauth(8)

AUTHOR

Nuauth was designed and coded by Eric Leblond, aka Regit (<eric@regit.org>) , and Vincent Deffontaines, aka gryzor (<vincent@gryzor.com>). Original idea in 2001, while working on NSM Ldap support.
This manual page was written by Eric Leblond and copyrighted by INL (2003-2005)
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 2 as published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts and no Back-Cover Texts.
12 mars 2007