Sophie

Sophie

distrib > Fedora > 14 > x86_64 > by-pkgid > f041150d7faea47577bb1bbdab1d0a00 > files > 2

nuauth-2.4.0-2.fc14.x86_64.rpm

# ACLs file for the plaintext module
#
# Example of ACL
# ==============
#
# [Sample ACL]
# gid=100,101           # which groups are concerned
# gid=103               # several lines can be used
# uid=100,101           # which user ids are concerned
# uid=103               # several lines can be used
# proto=6               # IP protocol: 1=ICMP, 6=TCP (default), 17=UDP
# type=0                # Type, for ICMP protocol only
# SrcIP=10.10.0.1       # Source IP, equivalent to 10.10.0.1/32
# SrcPort=1024-65535    # List of source ports (a single port is ok)
# DstIP=10.10.0.5       # Destination IP address
# DstIP=10.10.0.8, 10.10.1.0/24 # There can be several IP addresses/lines
# DstPort=5150-5153     # List of destination ports
# DstPort=22,25         # There can be several lines
# decision=1            # 0=drop, 1=accept, 3=reject (2 is reserved: "no decide")
#
# Default values:
#    - decision: 1 (ACCEPT)
#    - protocol: 6 (TCP)
#    - SrcIP: any IP address
#    - DstIP: any IP address
#    - SrcPort: any port
#    - DstPort: any port
#
# Application filtering:
#     App=/usr/bin/perl
# Several applications can be given:
#     App=/usr/bin/ssh
#     App=/usr/bin/nc
#
# OS checking:
#     OS = Linux
# You can give the kernel release:
#     OS = Linux ; 2.6.8
# and the kernel version:
#     OS = Linux ; 2.6.8 ; #3 Fri Aug 27 20:37:38 CEST 2004
# (Several OS can be given)
# 
# Interface checking:
#     [indev|outdev|physindev|physoutdev] = eth0
# You have to specify complete interface name and blob are
# not allowed.
#
# Log prefix:
#     log_prefix = ssh
#
# You need to use period defined in your period handling module:
#     period = 24x7
#
# ACL flags is an integer coding properties of the ACL:
#     flags = 1
#
# Flags value are used by bit comparison. You can combien the following
# value
#  * 1: do aysnchronous login on packet accepted by ACL, equivalent
#  to don't do Single Sign On on the ACL.
#  * 2: Don't log
#  * 4: Log synchronously (set it for SSO if not globally set)
#  * 8: Log strictly (set it for SSO)
# Flag bits can be used to set a mark on packet. See mark_flag module.
# Authentication quality can be used to limit authorization following the
# type of authentication used
#     authquality = LEVEL
# defined levels are: 0 auth by IP fallback method, 1 auth by SASL, 2 auth by certificate

[ssh]
gid=100
DstPort=22
App=/usr/bin/ssh
OS=Linux

[http]
gid=100,102,103
DstPort=80

[https]
gid=100
gid=102
DstPort=443

[full access for group 103]
gid=103

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional