.\" This manpage has been automatically generated by docbook2man 
.\" from a DocBook document.  This tool can be found at:
.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> 
.\" Please send any bug reports, improvements, comments, patches, 
.\" etc. to Steve Cheng <steve@ggi-project.org>.
.TH "NUACLGEN" "8" "12 mars 2007" "" ""

.SH NAME
nuaclgen \- NUFW acl generator
.SH SYNOPSIS

\fBnuaclgen\fR [ \fB--Schema \fIeq|ineq\fB\fR ] [ \fB--Aclname \fIACLDN\fB\fR ] [ \fB--saddr \fINETWORK1\fB\fR ] [ \fB--daddr \fINETWORK2\fB\fR ] [ \fB--proto \fIPROTONUMBER\fB\fR ] [ \fB--sport \fIP1[:P2]\fB\fR ] [ \fB--dport \fIP3[:P4]\fB\fR ] [ \fB--OsName \fIOSNAME\fB\fR ] [ \fB--OsVersion \fIOSVERSION\fB\fR ] [ \fB--OsRelease \fIOSRELEASE\fB\fR ] [ \fB--AppName \fIAPPLICATION NAME\fB\fR ] [ \fB--AppSig \fIAPPLICATION SIGNATURE\fB\fR ] [ \fB--Separator \fISEPARATOR\fB\fR ] [ \fB--jump \fI[ACCEPT|DROP]\fB\fR ] [ \fB--groups \fIGROUPLIST\fB\fR ]


\fBnuaclgen\fR [ \fB--List\fR ] [ \fB--groups \fIId Group\fB\fR ]


\fBnuaclgen\fR [ \fB--Delete \fIDN\fB\fR ]


\fBnuaclgen\fR [ \fB--help\fR ]

.SH "DESCRIPTION"
.PP
This manual page documents the
\fBnuaclgen\fR command.
.PP
nuaclgen is an Access control list generator
for the ldap backend of Nuauth, the authentication server of the NUFW package.
.PP
Original packaging and informations and help can be found from http://www.nufw.org/
.SH "OPTIONS"
.TP
\fB--Schema \fIeq|ineq\fB \fR
Use equality schema or not (Equality schema requires dport be
specified, and is the default.
.TP
\fB--AclName \fIAcl DN\fB \fR
Add an acl in the ldap tree with dn \fIAcl DN\fR
.TP
\fB--saddr \fINetwork\fB \fR
Specify source network for the acl, with network of the form : aaa.bbb.ccc.ddd[/ee]. Default value : 0.0.0.0/0
.TP
\fB--daddr \fINetwork\fB \fR
Specify destination network for the acl, with network of the form : aaa.bbb.ccc.ddd[/ee]. Default value : 0.0.0.0/0
.TP
\fB--proto \fIProtocol number\fB \fR
Specify protocol type for the acl
.TP
\fB--sport \fISource port\fB \fR
Specify source port(s) for the Acl. NNNN:MMMM can be used to specify a port range.
.TP
\fB--dport \fIDestination port\fB \fR
Specify destination port(s) for the Acl. NNNN:MMMM can be used to specify a port range.
.TP
\fB--jump \fIDecision\fB \fR
Specify decision for the Acl. Has to be ACCEPT or DROP.
.TP
\fB--groups \fIGroups list\fB \fR
Specify the user group(s) on which Acl apply. Must be of the form : Group1[,Group2[,...]]
.TP
\fB--List --group \fIGroup ID\fB \fR
List Acls for the \fIGroup ID\fR group
.TP
\fB--Delete \fIDn\fB \fR
Deletes the Acl stored in the provided Dn
.TP
\fB--help \fR
Displays a brief resume of available options and quits
.SH "SEE ALSO"
.PP
nufw(8)
.PP
nuauth(8)
.SH "AUTHOR"
.PP
Nuauth was designed and coded by Eric Leblond, aka Regit (<eric@regit.org>) , and Vincent
Deffontaines, aka gryzor (<vincent@gryzor.com>). Original idea in 2001, while working on NSM Ldap
support.
.PP
This manual page was written by Eric Leblond and copyrighted by INL
(2003-2005)
.PP
Permission is
granted to copy, distribute and/or modify this document under
the terms of the GNU Free Documentation
License, Version 2 as published by the Free
Software Foundation; with no Invariant Sections, no Front-Cover
Texts and no Back-Cover Texts.