SYNOPSIS

nuaclgen [ --Schema eq|ineq ] [ --Aclname ACLDN ] [ --saddr NETWORK1 ] [ --daddr NETWORK2 ] [ --proto PROTONUMBER ] [ --sport P1[:P2] ] [ --dport P3[:P4] ] [ --OsName OSNAME ] [ --OsVersion OSVERSION ] [ --OsRelease OSRELEASE ] [ --AppName APPLICATION NAME ] [ --AppSig APPLICATION SIGNATURE ] [ --Separator SEPARATOR ] [ --jump [ACCEPT|DROP] ] [ --groups GROUPLIST ]

nuaclgen [ --List ] [ --groups Id Group ]

nuaclgen [ --Delete DN ]

nuaclgen [ --help ]

DESCRIPTION

This manual page documents the nuaclgen command.

nuaclgen is an Access control list generator for the ldap backend of Nuauth, the authentication server of the NUFW package.

Original packaging and informations and help can be found from http://www.nufw.org/

OPTIONS

--Schema eq|ineq

Use equality schema or not (Equality schema requires dport be specified, and is the default.

--AclName Acl DN

Add an acl in the ldap tree with dn Acl DN

--saddr Network

Specify source network for the acl, with network of the form : aaa.bbb.ccc.ddd[/ee]. Default value : 0.0.0.0/0

--daddr Network

Specify destination network for the acl, with network of the form : aaa.bbb.ccc.ddd[/ee]. Default value : 0.0.0.0/0

--proto Protocol number

Specify protocol type for the acl

--sport Source port

Specify source port(s) for the Acl. NNNN:MMMM can be used to specify a port range.

--dport Destination port

Specify destination port(s) for the Acl. NNNN:MMMM can be used to specify a port range.

--jump Decision

Specify decision for the Acl. Has to be ACCEPT or DROP.

--groups Groups list

Specify the user group(s) on which Acl apply. Must be of the form : Group1[,Group2[,...]]

--List --group Group ID

List Acls for the Group ID group

--Delete Dn

Deletes the Acl stored in the provided Dn

--help

Displays a brief resume of available options and quits

RELATED TO nuaclgen…

AUTHOR

Nuauth was designed and coded by Eric Leblond, aka Regit (<[email protected]>) , and Vincent Deffontaines, aka gryzor (<[email protected]>). Original idea in 2001, while working on NSM Ldap support.

This manual page was written by Eric Leblond and copyrighted by INL (2003-2005)

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 2 as published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts and no Back-Cover Texts.