/[gentoo]/xml/htdocs/proj/en/dynfw.xml
Gentoo

Diff of /xml/htdocs/proj/en/dynfw.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.4 Revision 1.5
5 5
6<guide type="project" link="dynfw.xml"> 6<guide type="project" link="dynfw.xml">
7<title>dynfw Dynamic Firewall Tools, v1.0</title> 7<title>dynfw Dynamic Firewall Tools, v1.0</title>
8<author title="Author"><mail link="drobbins@gentoo.org">Daniel Robbins</mail></author> 8<author title="Author"><mail link="drobbins@gentoo.org">Daniel Robbins</mail></author>
9<abstract></abstract> 9<abstract></abstract>
10<version>1.0.2</version> 10<version>1.0.3</version>
11<date>2005-03-26</date> 11<date>2005-09-08</date>
12 12
13<chapter> 13<chapter>
14<title>dynfw</title> 14<title>dynfw</title>
15 15
16<section> 16<section>
17<title>Introduction</title> 17<title>Introduction</title>
18<body> 18<body>
19 19
20<p>
20<p>Firewalls all good and fun, but what do you do when you need to make rapid, 21Firewalls all good and fun, but what do you do when you need to make rapid,
21complex changes to your netfilter-based firewall? Instead of feverishly 22complex changes to your netfilter-based firewall? Instead of feverishly
22hacking away at a complex master firewall script, use the dynfw Dynamic 23hacking away at a complex master firewall script, use the dynfw Dynamic
23Firewall Tools. This collection of robust bash scripts have been designed to 24Firewall Tools. This collection of robust bash scripts have been designed to
24work with nearly any existing netfilter-based firewall configuration. By using 25work with nearly any existing netfilter-based firewall configuration. By using
25these scripts, you'll be able to make near-immediate changes to your firewall 26these scripts, you'll be able to make near-immediate changes to your firewall
26configuration without risk of misconfiguration, resulting in vastly improved 27configuration without risk of misconfiguration, resulting in vastly improved
27network security and responsiveness. The dynfw firewall scripts were 28network security and responsiveness. The dynfw firewall scripts were
28originally featured in <uri 29originally featured in <uri
29link="http://www-106.ibm.com/developerworks/linux/library/l-fw/?n-l-4191">this 30link="http://www-106.ibm.com/developerworks/linux/library/l-fw/?n-l-4191">this
30IBM developerWorks article</uri>.</p> 31IBM developerWorks article</uri>.
32</p>
31 33
34<p>
32<p>You can download the current version of dynfw here: 35You can download the current version of dynfw here:
33<uri>http://tirpitz.iat.sfu.ca/~robbat2/dynfw-1.0.1.tar.gz</uri>.</p> 36<uri>http://www.gentoo.org/doc/en/articles/files/dynfw-1.0.1.tar.bz2</uri>.
37</p>
34 38
39<note>
35<note>The dynfw Dynamic Firewall Tools are Copyright 2001-2003 Gentoo 40The dynfw Dynamic Firewall Tools are Copyright 2001-2003 Gentoo
36Technologies, Inc. and distributed under the GNU General Public License. You 41Technologies, Inc. and distributed under the GNU General Public License. You
37are encouraged to send any bug fixes or improvements to these tools to <mail 42are encouraged to send any bug fixes or improvements to these tools to <mail
38link="drobbins@gentoo.org">Daniel Robbins</mail> so that they can be rolled 43link="drobbins@gentoo.org">Daniel Robbins</mail> so that they can be rolled
39into the official release.</note> 44into the official release.
45</note>
40 46
47<p>
41<p>The following scripts are included in <path>dynfw-1.0.1.tar.gz</path>: 48The following scripts are included in <path>dynfw-1.0.1.tar.bz2</path>:
42</p> 49</p>
43 50
44<table> 51<table>
45<tr><th>Script</th><th>Description</th></tr> 52<tr>
46<tr><ti><path>install.sh</path></ti><ti>the install script -- run this first</ti></tr> 53 <th>Script</th>
54 <th>Description</th>
55</tr>
56<tr>
57 <ti><path>install.sh</path></ti>
58 <ti>the install script -- run this first</ti>
59</tr>
60<tr>
61 <ti><path>dynfw.sh</path></ti>
47<tr><ti><path>dynfw.sh</path></ti><ti>the dynfw global support script -- used by all dynfw tools</ti></tr> 62 <ti>the dynfw global support script -- used by all dynfw tools</ti>
48<tr><ti><path>ipdrop</path></ti><ti>discard packets coming from a specific IP</ti></tr> 63</tr>
64<tr>
65 <ti><path>ipdrop</path></ti>
66 <ti>discard packets coming from a specific IP</ti>
67</tr>
68<tr>
69 <ti><path>ipblock</path></ti>
49<tr><ti><path>ipblock</path></ti><ti>discard as above, but send an TCP reset if applicable</ti></tr> 70 <ti>discard as above, but send an TCP reset if applicable</ti>
50<tr><ti><path>tcplimit</path></ti><ti>ratelimit new connections to a local TCP port</ti></tr> 71</tr>
51<tr><ti><path>host-tcplimit</path></ti><ti>ratelimit new connections from a specific host</ti></tr> 72<tr>
73 <ti><path>tcplimit</path></ti>
74 <ti>ratelimit new connections to a local TCP port</ti>
75</tr>
76<tr>
77 <ti><path>host-tcplimit</path></ti>
78 <ti>ratelimit new connections from a specific host</ti>
79</tr>
80<tr>
81 <ti><path>user-outblock</path></ti>
52<tr><ti><path>user-outblock</path></ti><ti>prevents a specific UID (user) from establishing outbound connections</ti></tr> 82 <ti>prevents a specific UID (user) from establishing outbound connections</ti></tr>
53</table> 83</table>
54 84
55</body> 85</body>
56</section> 86</section>
57<section> 87<section>
58<title>Changelog</title> 88<title>Changelog</title>
59<body> 89<body>
60 90
91<p>
61<p><e>1.0.1</e>: sh-compatibility fixes; <c>==</c> changed to <c>=</c> (oops!)</p> 92<e>1.0.1</e>: sh-compatibility fixes; <c>==</c> changed to <c>=</c> (oops!)
93</p>
94
95<p>
62<p><e>1.0</e>: Initial release.</p> 96<e>1.0</e>: Initial release.
97</p>
63 98
64</body> 99</body>
65</section> 100</section>
66</chapter> 101</chapter>
67</guide> 102</guide>

Legend:
Removed from v.1.4  
changed lines
  Added in v.1.5

  ViewVC Help
Powered by ViewVC 1.1.20