authpf.8 - OpenGrok cross reference for /freebsd/contrib/pf/authpf/authpf.8

Deleted Added

sdiffudifftextold (67ecd4f3..)new (5ee7cd21..)

authpf.8 (67ecd4f3a477a0ca5b76a1694f89755df27a8679)	authpf.8 (5ee7cd2107c8ffd1fe70115deabd6599dffb313b)
	1.\" $FreeBSD$
1.\" $OpenBSD: authpf.8,v 1.43 2007/02/24 17:21:04 beck Exp $ 2.\" 3.\" Copyright (c) 1998-2007 Bob Beck (beck@openbsd.org>. All rights reserved. 4.\" 5.\" Permission to use, copy, modify, and distribute this software for any 6.\" purpose with or without fee is hereby granted, provided that the above 7.\" copyright notice and this permission notice appear in all copies. 8.\" 9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16.\"	2.\" $OpenBSD: authpf.8,v 1.43 2007/02/24 17:21:04 beck Exp $ 3.\" 4.\" Copyright (c) 1998-2007 Bob Beck (beck@openbsd.org>. All rights reserved. 5.\" 6.\" Permission to use, copy, modify, and distribute this software for any 7.\" purpose with or without fee is hereby granted, provided that the above 8.\" copyright notice and this permission notice appear in all copies. 9.\" 10.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17.\"
17.Dd January 10, 2002	18.Dd March 28, 2006
18.Dt AUTHPF 8 19.Os 20.Sh NAME 21.Nm authpf 22.Nd authenticating gateway user shell 23.Sh SYNOPSIS 24.Nm authpf 25.Sh DESCRIPTION --- 18 unchanged lines hidden (view full) --- 44can be used to ensure users are held accountable for their network traffic. 45.Pp 46.Nm 47can add filter and translation rules using the syntax described in 48.Xr pf.conf 5 . 49.Nm 50requires that the 51.Xr pf 4	19.Dt AUTHPF 8 20.Os 21.Sh NAME 22.Nm authpf 23.Nd authenticating gateway user shell 24.Sh SYNOPSIS 25.Nm authpf 26.Sh DESCRIPTION --- 18 unchanged lines hidden (view full) --- 45can be used to ensure users are held accountable for their network traffic. 46.Pp 47.Nm 48can add filter and translation rules using the syntax described in 49.Xr pf.conf 5 . 50.Nm 51requires that the 52.Xr pf 4
52system be enabled before use.	53system be enabled and a 54.Xr fdescfs 5 55file system be mounted at 56.Pa /dev/fd 57before use.
53.Nm 54can also maintain the list of IP address of connected users 55in the "authpf_users" 56.Pa table . 57.Pp 58.Nm 59is meant to be used with users who can connect via 60.Xr ssh 1 --- 441 unchanged lines hidden (view full) --- 502.It Pa /etc/authpf/authpf.allow 503.It Pa /etc/authpf/authpf.rules 504.It Pa /etc/authpf/authpf.message 505.It Pa /etc/authpf/authpf.problem 506.El 507.Sh SEE ALSO 508.Xr pf 4 , 509.Xr pf.conf 5 ,	58.Nm 59can also maintain the list of IP address of connected users 60in the "authpf_users" 61.Pa table . 62.Pp 63.Nm 64is meant to be used with users who can connect via 65.Xr ssh 1 --- 441 unchanged lines hidden (view full) --- 507.It Pa /etc/authpf/authpf.allow 508.It Pa /etc/authpf/authpf.rules 509.It Pa /etc/authpf/authpf.message 510.It Pa /etc/authpf/authpf.problem 511.El 512.Sh SEE ALSO 513.Xr pf 4 , 514.Xr pf.conf 5 ,
	515.Xr fdescfs 5 ,
510.Xr securelevel 7 , 511.Xr ftp-proxy 8 512.Sh HISTORY 513The 514.Nm 515program first appeared in 516.Ox 3.1 . 517.Sh BUGS 518Configuration issues are tricky. 519The authenticating 520.Xr ssh 1 521connection may be secured, but if the network is not secured the user may 522expose insecure protocols to attackers on the same network, or enable other 523attackers on the network to pretend to be the user by spoofing their IP 524address. 525.Pp 526.Nm 527is not designed to prevent users from denying service to other users.	516.Xr securelevel 7 , 517.Xr ftp-proxy 8 518.Sh HISTORY 519The 520.Nm 521program first appeared in 522.Ox 3.1 . 523.Sh BUGS 524Configuration issues are tricky. 525The authenticating 526.Xr ssh 1 527connection may be secured, but if the network is not secured the user may 528expose insecure protocols to attackers on the same network, or enable other 529attackers on the network to pretend to be the user by spoofing their IP 530address. 531.Pp 532.Nm 533is not designed to prevent users from denying service to other users.