/[gentoo]/xml/htdocs/proj/en/dynfw.xml
Gentoo

Contents of /xml/htdocs/proj/en/dynfw.xml

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.6 - (show annotations) (download) (as text)
Wed Aug 23 04:10:45 2006 UTC (7 years, 10 months ago) by vapier
Branch: MAIN
Changes since 1.5: +1 -1 lines
File MIME type: application/xml
Gentoo Technologies -> Gentoo Foundation

1 <?xml version='1.0'?>
2
3
4 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
5
6 <guide type="project" link="dynfw.xml">
7 <title>dynfw Dynamic Firewall Tools, v1.0</title>
8 <author title="Author"><mail link="drobbins@gentoo.org">Daniel Robbins</mail></author>
9 <abstract></abstract>
10 <version>1.0.3</version>
11 <date>2005-09-08</date>
12
13 <chapter>
14 <title>dynfw</title>
15
16 <section>
17 <title>Introduction</title>
18 <body>
19
20 <p>
21 Firewalls all good and fun, but what do you do when you need to make rapid,
22 complex changes to your netfilter-based firewall? Instead of feverishly
23 hacking away at a complex master firewall script, use the dynfw Dynamic
24 Firewall Tools. This collection of robust bash scripts have been designed to
25 work with nearly any existing netfilter-based firewall configuration. By using
26 these scripts, you'll be able to make near-immediate changes to your firewall
27 configuration without risk of misconfiguration, resulting in vastly improved
28 network security and responsiveness. The dynfw firewall scripts were
29 originally featured in <uri
30 link="http://www-106.ibm.com/developerworks/linux/library/l-fw/?n-l-4191">this
31 IBM developerWorks article</uri>.
32 </p>
33
34 <p>
35 You can download the current version of dynfw here:
36 <uri>http://www.gentoo.org/doc/en/articles/files/dynfw-1.0.1.tar.bz2</uri>.
37 </p>
38
39 <note>
40 The dynfw Dynamic Firewall Tools are Copyright 2001-2003 Gentoo
41 Foundation, Inc. and distributed under the GNU General Public License. You
42 are encouraged to send any bug fixes or improvements to these tools to <mail
43 link="drobbins@gentoo.org">Daniel Robbins</mail> so that they can be rolled
44 into the official release.
45 </note>
46
47 <p>
48 The following scripts are included in <path>dynfw-1.0.1.tar.bz2</path>:
49 </p>
50
51 <table>
52 <tr>
53 <th>Script</th>
54 <th>Description</th>
55 </tr>
56 <tr>
57 <ti><path>install.sh</path></ti>
58 <ti>the install script -- run this first</ti>
59 </tr>
60 <tr>
61 <ti><path>dynfw.sh</path></ti>
62 <ti>the dynfw global support script -- used by all dynfw tools</ti>
63 </tr>
64 <tr>
65 <ti><path>ipdrop</path></ti>
66 <ti>discard packets coming from a specific IP</ti>
67 </tr>
68 <tr>
69 <ti><path>ipblock</path></ti>
70 <ti>discard as above, but send an TCP reset if applicable</ti>
71 </tr>
72 <tr>
73 <ti><path>tcplimit</path></ti>
74 <ti>ratelimit new connections to a local TCP port</ti>
75 </tr>
76 <tr>
77 <ti><path>host-tcplimit</path></ti>
78 <ti>ratelimit new connections from a specific host</ti>
79 </tr>
80 <tr>
81 <ti><path>user-outblock</path></ti>
82 <ti>prevents a specific UID (user) from establishing outbound connections</ti></tr>
83 </table>
84
85 </body>
86 </section>
87 <section>
88 <title>Changelog</title>
89 <body>
90
91 <p>
92 <e>1.0.1</e>: sh-compatibility fixes; <c>==</c> changed to <c>=</c> (oops!)
93 </p>
94
95 <p>
96 <e>1.0</e>: Initial release.
97 </p>
98
99 </body>
100 </section>
101 </chapter>
102 </guide>

  ViewVC Help
Powered by ViewVC 1.1.20