Sophie

Sophie

distrib > Mandriva > 2010.1 > x86_64 > media > contrib-backports > by-pkgid > caa8f98abc5853479a3e21b8ccd7ec01 > files > 29

nufw-2.4.2-1mdv2010.1.x86_64.rpm

<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [

<!-- Process this file with docbook-to-man to generate an nroff manual
     page: `docbook-to-man manpage.sgml > manpage.1'.  You may view
     the manual page with: `docbook-to-man manpage.sgml | nroff -man |
     less'.  A typical entry in a Makefile or Makefile.am is:

manpage.1: manpage.sgml
	docbook-to-man $< > $@


	The docbook-to-man binary is found in the docbook-to-man package.
	Please remember that if you create the nroff version in one of the
	debian/rules file targets (such as build), you will need to include
	docbook-to-man in your Build-Depends control field.

  -->

  <!-- Fill in your name for FIRSTNAME and SURNAME. -->
  <!ENTITY dhfirstname "<firstname>Vincent</firstname>">
  <!ENTITY dhsurname   "<surname>Deffontaines</surname>">
  <!-- Please adjust the date whenever revising the manpage. -->
  <!ENTITY dhdate      "<date>june 26, 2007</date>">
  <!-- SECTION should be 1-8, maybe w/ subsection other parameters are
       allowed: see man(7), man(1). -->
  <!ENTITY dhsection   "<manvolnum>8</manvolnum>">
  <!ENTITY dhemail     "<email>vincent@gryzor.com</email>">
  <!ENTITY dhemail2    "<email>eric@regit.org</email>">
  <!ENTITY dhusername  "Vincent Deffontaines">
  <!ENTITY dhucpackage "<refentrytitle>nuauth</refentrytitle>">
  <!ENTITY dhpackage   "nuauth">

  <!ENTITY gnu         "<acronym>GNU</acronym>">
  <!ENTITY gpl         "&gnu; <acronym>GPL</acronym>">

]>

<refentry>
  <refentryinfo>
    <address>
      &dhemail;
    </address>
    <author>
      &dhfirstname;
      &dhsurname;
    </author>
    <copyright>
      <year>2003-2005</year>
      <holder>&dhusername;</holder>
    </copyright>
    &dhdate;
  </refentryinfo>
  <refmeta>
    &dhucpackage;

    &dhsection;
  </refmeta>
  <refnamediv>
    <refname>&dhpackage;</refname>

    <refpurpose>NUFW authentication server</refpurpose>
  </refnamediv>
  <refsynopsisdiv>
    <cmdsynopsis>
      <command>&dhpackage;</command>

      <arg><option>-h</option></arg>
      <arg><option>-V</option></arg>
      <arg><option>-v[v...]</option></arg>
      <arg><option>-l <replaceable>(local, for clients) port</replaceable></option></arg>
      <arg><option>-C <replaceable>(local, for clients) address</replaceable></option></arg>
      <arg><option>-L <replaceable>(local, for nufw) address</replaceable></option></arg>
      <arg><option>-p <replaceable>(local, for nufw) port</replaceable></option></arg>
      <arg><option>-t <replaceable>timeout</replaceable></option></arg>
      <arg><option>-D</option></arg>

    </cmdsynopsis>
  </refsynopsisdiv>
  <refsect1>
    <title>DESCRIPTION</title>

    <para>This manual page documents the
      <command>&dhpackage;</command> command.</para>

      <para>Nuauth is the authentication server of the NUFW package. Whenever a
      client sends a packet(1) to start a connection through the gateway, the
      client program (nutcpc), installed on the client's station, sends an
      authentication packet(2) to nuauth. The gateway's firewall queues the
      packet(1) and sends informations about it directly to the nuauth server.
      Nuauth's job is to analyse both packets(1) and (2), and check user owns
      the right to initialize the connection (s)he has tried to. If Nuauth finds
      so, Nuauth sends authorization to Nufw to accept the packet(1) through,
      and the connection gets initialized. If not, the connection is Dropped.</para>

      <para>Nuauth can use a backend LDAP server for user and groups
      definitions, as well as Access Lists associated with those groups.
      Interface to Users/Groups database can also be performed through PAM/NSS.
      An option is also to store the user database in DBM files. It should be
      noted that dynamic modifications of the users base can currently
      only be performed if an LDAP database is used.</para>

      <para>Original packaging and informations and help can be found from http://www.nufw.org/</para>

  </refsect1>
  <refsect1>
    <title>OPTIONS</title>

    <variablelist>
      <varlistentry>
        <term><option>-h</option>
        </term>
        <listitem>
          <para>Issues usage details and exits.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-V</option>
        </term>
        <listitem>
          <para>Issues version and exits.</para> </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-v</option>
        </term>
        <listitem>
          <para>Increases verbosity level. Multiple switches are accepted and each
	  of them increases the verbosity level by one. Default verbosity level is 2, max is 10.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-l <replaceable>port</replaceable></option>
        </term>
        <listitem>
          <para>Specifies TCP port to listen on for clients.  Default value : 4129</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-L <replaceable>address</replaceable></option>
        </term>
        <listitem>
          <para>Address to listen on for NuFW packets. Default : 127.0.0.1</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-C <replaceable>address</replaceable></option>
        </term>
        <listitem>
          <para>Address to listen on for clients packets. Default : 0.0.0.0</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-d <replaceable>address</replaceable></option>
        </term>
        <listitem>
          <para>Network address of the nufw (gateway) servers. Only NuFW servers
          at those addresses will be allowed to talk to nuauth.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-p <replaceable>port</replaceable></option>
        </term>
        <listitem>
          <para>This option is DEPRECATED and was in use only in v1 of the
          protocol, which was proof of concept, non-encrypted.</para>
          <para>Specifies UDP port to send data to when addressing the nufw
	  (gateway) server. Nufw server must be setup to
	  listen on that port. Default value : 4128</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-t <replaceable>seconds</replaceable></option>
        </term>
        <listitem>
          <para>Specifies timeout to forget packets not identified, and
	  identification packets matching nothing.  Default value : 15 s.</para>
        </listitem>
      </varlistentry>
      <varlistentry>
        <term><option>-D</option>
        </term>
        <listitem>
          <para>Run as a daemon. If started as a daemon, nuauth logs message to syslog. If you don't specify this option,
          messages go to the console nuauth is running on, both on STDOUT and STDERR. Unless you are debugging something, you should
          run nuauth with this option.</para>
        </listitem>
      </varlistentry>
    </variablelist>
  </refsect1>
  <refsect1>
    <title>SIGNALS</title>
     <para>
      The <command>&dhpackage;</command> daemon is designed to deal with several
      signals : HUP, USR1, USR2, and POLL.
        <variablelist>
          <varlistentry>
            <term><option>HUP</option>
            </term>
            <listitem>
              <para>Reload configuration. The <command>&dhpackage;</command> daemon reloads its
              configuration when receiving this signal. Since 2.2.19, it also refreshes the CRL
              file content.</para>
            </listitem>
          </varlistentry>
          <varlistentry>
            <term><option>USR1</option>
            </term>
            <listitem>
              <para>Increases verbosity. The daemon then acts as if it had been
              launched with one supplementary '-v'.A line is also added to the system
              log to mention the signal event.</para>
            </listitem>
          </varlistentry>
          <varlistentry>
            <term><option>USR2</option>
            </term>
            <listitem>
              <para>Decreases verbosity. The daemon then acts as if it had been
              launched with one less '-v'. A line is also added to the system
              log to mention the signal event.</para>
            </listitem>
          </varlistentry>
          <varlistentry>
            <term><option>POLL</option>
            </term>
            <listitem>
              <para>Logs an "audit" line, mentioning how many network datagrams
              were received and sent since daemon startup.</para>
            </listitem>
          </varlistentry>
	  </variablelist>
     </para>
  </refsect1>
  <refsect1>
    <title>SEE ALSO</title>
    <para>nufw(8)</para>
  </refsect1>
  <refsect1>
    <title>AUTHOR</title>
    <para>Nuauth was designed and coded by Eric Leblond, aka Regit (&dhemail2;) , and Vincent
    Deffontaines, aka gryzor (&dhemail;). Original idea in 2001, while working on NSM Ldap
    support.</para>

    <para>This manual page was written by &dhusername;</para>
      <para>Permission is
      granted to copy, distribute and/or modify this document under
      the terms of the &gnu; Free Documentation
      License, Version 2 as published by the Free
      Software Foundation; with no Invariant Sections, no Front-Cover
      Texts and no Back-Cover Texts.</para>

  </refsect1>
</refentry>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:2
sgml-indent-data:t
sgml-parent-document:nil
sgml-default-dtd-file:nil
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional