d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9f1beeaed4
freebsd-dev/sbin/ipf/ipscan/ipscan.5
Cy Schubert 41edb306f0 ipfilter: Move userland bits to sbin 
Through fixes and improvements our ipfilter sources have diverged
enough to warrant move from contrib into sbin/ipf. Now that I'm
planning on implementing MSS clamping as in iptables it makes more
sense to move ipfilter to sbin.

This is the second of three commits of the ipfilter move.

Suggested by glebius on two occaions.

Suggested by and discussed with:	glebius
Reviewed by:				glebius, kp (for #network)
MFC after:				1 month
Differential Revision:		https://reviews.freebsd.org/D33510
2021-12-20 06:16:33 -08:00

53 lines
1.5 KiB
Groff
Raw Blame History

.\" $FreeBSD$
.\"
.TH IPSCAN 5
.SH NAME
ipscan, ipscan.conf \- ipscan file format
.SH DESCRIPTION
.PP
WARNING: This feature is to be considered experimental and may change
significantly until a final implementation is drawn up.
.PP
The format for files accept by ipscan currently follow this rough grammar:
.LP
.nf
line ::= name ":" matchup [ "," matchup ] "=" action .
matchup ::= "(" ")" | "(" literal ")" | "(" literal "," match ")" .
action ::= result | result "else" result .
result ::= "close" | "track" | redirect .
redirect ::= "redirect" ip-address [ "(" "," port-number ")" ] .
match ::= { match-char }
match-char ::= "*" | "?" | "."
.fi
.PP
In this example an ip-address is a dotted-quad IPv4 address and a port-number
is a number betwee 1 and 65535, inclusive. The match string is must be of
same length as the literal string that it is matching (literal). The length
of either string is limited to 16 bytes.
.PP
Currently, the redirect option is not yet been implemented.
.LP
.nf
#
# * = match any character, . = exact match, ? = case insensitive
#
# Scan for anything that looks like HTTP and redirect it to the local
# proxy. One catch - this feature (redirect) is not yet implemented.
#
http : ("GET ", "???." ) = redirect(127.0.0.1)
#
# Track ssh connections (i.e do nothing)
#
ssh : (), ("SSH-") = track
#
# Things which look like smtp to be tracked else closed.
# Client can start with EHLO (ESMTP) or HELO (SMTP).
#
smtp : ("HELO ", "**??."), ("220 ", "....") = track else close
#
.fi
.SH FILES
/etc/ipscan.conf
.SH SEE ALSO
ipscan(8)
Reference in New Issue View Git Blame Copy Permalink