nuauth(1)

NAME

nuauth - NUFW authentication server

SYNOPSIS

nuauth [ -h ] [ -V  ]  [  -v[v...]  ]  [  -l  (local,  for
clients)  port ] [ -C (local, for clients) address ] [ -L (local,
for nufw) address ] [ -d (nufw) address(es) ] [  -p  (nufw)  port
(deprecated) ] [ -t timeout ] [ -D ]

DESCRIPTION

This manual page documents the nuauth command.

Nuauth is the authentication server of the NUFW package.
Whenever a client sends a packet(1) to start a connection through
the gateway, the client program (nutcpc), installed on the
client's station, sends an authentication packet(2) to nuauth.
The gateway's firewall queues the packet(1) and sends informa
tions about it directly to the nuauth server. Nuauth's job is to
analyse both packets(1) and (2), and check user owns the right to
initialize the connection (s)he has tried to. If Nuauth finds so,
Nuauth sends authorization to Nufw to accept the packet(1)
through, and the connection gets initialized. If not, the connec
tion is Dropped.
Nuauth can use a backend LDAP server for user and groups
definitions, as well as Access Lists associated with those
groups. Interface to Users/Groups database can also be performed
through PAM/NSS. An option is also to store the user database in
DBM files. It should be noted that dynamic modifications of the
users base can currently only be performed if an LDAP database is
used.
Original packaging and informations and help can be found
from http://www.nufw.org/

OPTIONS

-h Issues usage details and exits.

-V Issues version and exits.

-v Increases verbosity level. Multiple switches are
accepted and each of them increases the verbosity level by one.
Default verbosity level is 2, max is 10.
-l port
Specifies TCP port to listen on for clients. De
fault value : 4130
-L address
Address to listen on for NuFW packets. Default :
127.0.0.1
-C address
Address to listen on for clients packets. Default :
0.0.0.0
-d address
Network address of the nufw (gateway) servers. Only
NuFW servers at those addresses will be allowed to talk to nu
auth.
-p port
This option is DEPRECATED and was in use only in v1
of the protocol, which was proof of concept, non-encrypted.
Specifies UDP port to send data to when addressing
the nufw (gateway) server. Nufw server must be setup to listen on
that port. Default value : 4128
-t seconds
Specifies timeout to forget packets not identified,
and identification packets matching nothing. Default value : 15
s.
-D Run as a daemon.

SEE ALSO

nufw(1)

AUTHOR

Nuauth was designed and coded by Eric Leblond, aka Regit
(<eric@regit.org>) , and Vincent Deffontaines, aka gryzor (<vin
cent@gryzor.com>). Original idea in 2001, while working on NSM
Ldap support.
This manual page was written by Vincent Deffontaines
Permission is granted to copy, distribute and/or modify
this document under the terms of the GNU Free Documentation Li
cense, Version 2 as published by the Free Software Foundation;
with no Invariant Sections, no Front-Cover Texts and no Back-Cov
er Texts.

17 octobre 2005

NUAUTH(1)

Copyright © 2010-2025 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout