![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / authpf
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.56 / (download) - annotate - [select for diffs], Fri Feb 18 23:17:16 2022 UTC (2 years, 3 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
HEAD
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)
Avoid gendered language in man pages when not referring to a specific person. Rewrite or use singular they. ok thfr@ sthen@ daniel@ ian@ job@ kmos@ jcs@ ratchov@ phessler@ and others I'm likely missing on an earlier version. feedback tj@, feedback and ok jmc@
Revision 1.55 / (download) - annotate - [select for diffs], Sun Apr 5 10:11:07 2020 UTC (4 years, 1 month ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.54: +2 -3 lines
Diff to previous 1.54 (colored)
"Protocol" keyword no longer used; from martin vahlensieck
Revision 1.54 / (download) - annotate - [select for diffs], Sun Nov 1 21:26:48 2015 UTC (8 years, 7 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.53: +3 -3 lines
Diff to previous 1.53 (colored)
replace "can not" with "cannot";
Revision 1.53 / (download) - annotate - [select for diffs], Tue Jan 15 23:03:37 2013 UTC (11 years, 4 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7,
OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.52: +10 -4 lines
Diff to previous 1.52 (colored)
Per group support for authpf rules files in /etc/authpf/groups. largely by Frank Timmers <frankt@smurfnet.eu> with fixups by me and jmc@.
Revision 1.52 / (download) - annotate - [select for diffs], Wed Jan 27 21:36:58 2010 UTC (14 years, 4 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.51: +3 -3 lines
Diff to previous 1.51 (colored)
tweak previous: there was a word missing, but i've just changed the wording to match that of a similar piece of text already in this page;
Revision 1.51 / (download) - annotate - [select for diffs], Wed Jan 27 15:36:17 2010 UTC (14 years, 4 months ago) by todd
Branch: MAIN
Changes since 1.50: +9 -5 lines
Diff to previous 1.50 (colored)
search for authpf.message in $USER dirs also from Rafal Bisingier ravbc at man dot pozman dot pl, ok beck@
Revision 1.50 / (download) - annotate - [select for diffs], Mon Oct 26 22:06:13 2009 UTC (14 years, 7 months ago) by sthen
Branch: MAIN
Changes since 1.49: +3 -3 lines
Diff to previous 1.49 (colored)
"rdr" -> "match in...rdr-to" in example.
Revision 1.49 / (download) - annotate - [select for diffs], Tue Sep 8 07:34:48 2009 UTC (14 years, 8 months ago) by sthen
Branch: MAIN
Changes since 1.48: +14 -15 lines
Diff to previous 1.48 (colored)
Replace remaining occurrence of old PF syntax with "match...nat-to", and just talk about "rules" rather than "filter and translation rules". Spotted by/ok jmc@
Revision 1.48 / (download) - annotate - [select for diffs], Tue Sep 8 06:59:18 2009 UTC (14 years, 8 months ago) by sthen
Branch: MAIN
Changes since 1.47: +6 -13 lines
Diff to previous 1.47 (colored)
Remove some nat-anchor, binat-anchor, rdr-anchor. Noticed by jmc@. ok henning@
Revision 1.47 / (download) - annotate - [select for diffs], Tue Jan 6 03:11:50 2009 UTC (15 years, 4 months ago) by mcbride
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.46: +7 -3 lines
Diff to previous 1.46 (colored)
Support group and login class in authpf.allow (%<group>, @<class>) ok beck
Revision 1.46 / (download) - annotate - [select for diffs], Tue Mar 18 23:03:14 2008 UTC (16 years, 2 months ago) by merdely
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.45: +3 -3 lines
Diff to previous 1.45 (colored)
Fix mention of authpf_users table (s/authpf users/authpf_users/). ok jmc@, mcbride@
Revision 1.45 / (download) - annotate - [select for diffs], Thu Feb 14 01:49:17 2008 UTC (16 years, 3 months ago) by mcbride
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.44: +72 -25 lines
Diff to previous 1.44 (colored)
Add authpf-noip, which allows multiple users to connect from a single IP; forces users to write sane rulesets for this by not providing $user_ip or updating the authpf table. testing and prodding by mtu, manpage heavily worked over by jmc ok beck dhartmei henning
Revision 1.44 / (download) - annotate - [select for diffs], Thu May 31 19:20:22 2007 UTC (17 years ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)
convert to new .Dd format;
Revision 1.43 / (download) - annotate - [select for diffs], Sat Feb 24 17:21:04 2007 UTC (17 years, 3 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.42: +12 -22 lines
Diff to previous 1.42 (colored)
license + copyright
Revision 1.42 / (download) - annotate - [select for diffs], Mon Oct 23 07:05:49 2006 UTC (17 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.41: +6 -8 lines
Diff to previous 1.41 (colored)
no need to use "keep state" and "flags S/SA" in pf rules, now that it is the default; ok henning mcbride camield (ftp-proxy bits) deraadt
Revision 1.41 / (download) - annotate - [select for diffs], Sat Jan 7 16:42:16 2006 UTC (18 years, 4 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0,
OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.40: +5 -2 lines
Diff to previous 1.40 (colored)
expand the section on ssh tunnelling machanisms; from michael knudsen
Revision 1.40 / (download) - annotate - [select for diffs], Fri Sep 23 14:36:46 2005 UTC (18 years, 8 months ago) by jmc
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)
default port for ftp-proxy is 8021; from johnb (pr #4520); ok deraadt@ ian@
Revision 1.39 / (download) - annotate - [select for diffs], Thu May 12 08:17:21 2005 UTC (19 years ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.38: +2 -1 lines
Diff to previous 1.38 (colored)
Xr securelevel 7 from tamas tevesz;
Revision 1.38 / (download) - annotate - [select for diffs], Tue Jan 4 09:57:04 2005 UTC (19 years, 5 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.37: +6 -12 lines
Diff to previous 1.37 (colored)
simplified FILTER AND TRANSLATION RULES; from michael knudsen;
Revision 1.37 / (download) - annotate - [select for diffs], Wed Sep 15 23:24:13 2004 UTC (19 years, 8 months ago) by jmc
Branch: MAIN
Changes since 1.36: +8 -2 lines
Diff to previous 1.36 (colored)
AllowTcpForwarding should be disabled for authpf users; plus a typo; from michael knudsen; ok beck@
Revision 1.36 / (download) - annotate - [select for diffs], Sun Aug 15 10:40:50 2004 UTC (19 years, 9 months ago) by canacar
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.35: +16 -11 lines
Diff to previous 1.35 (colored)
document the use of "authpf/*" as anchor name for pf to process sub rulesets added by authpf. ok dhartmei@, oh yes! henning@
Revision 1.35 / (download) - annotate - [select for diffs], Mon Jun 7 18:41:26 2004 UTC (19 years, 11 months ago) by jmc
Branch: MAIN
Changes since 1.34: +4 -4 lines
Diff to previous 1.34 (colored)
consistently refer to the authpf_users table; noticed by die tuere; ok beck@
Revision 1.34 / (download) - annotate - [select for diffs], Wed Apr 28 07:46:38 2004 UTC (20 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.33: +5 -5 lines
Diff to previous 1.33 (colored)
kill whitespace and make example consistent w/ rest of page;
Revision 1.33 / (download) - annotate - [select for diffs], Wed Apr 28 06:55:57 2004 UTC (20 years, 1 month ago) by cedric
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
speed up -> sped up, from tedu@, ok beck@
Revision 1.32 / (download) - annotate - [select for diffs], Wed Apr 28 05:06:12 2004 UTC (20 years, 1 month ago) by cedric
Branch: MAIN
Changes since 1.31: +36 -1 lines
Diff to previous 1.31 (colored)
Put authpf user's IP addresses in the <authpf_users> table. ok deraadt@ dhartmei@ markus@ mcbride@
Revision 1.31 / (download) - annotate - [select for diffs], Wed Dec 10 04:10:37 2003 UTC (20 years, 5 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.30: +53 -21 lines
Diff to previous 1.30 (colored)
- fix a few exit cases that would exit with no log - add username to added ruleset names when possible - add much needed example to man page showing how to use NAT with tagging to track NATed authpfed connections. ok henning@ dhartmei@, man page cleanup by jmc@
Revision 1.30 / (download) - annotate - [select for diffs], Sun Aug 17 23:24:47 2003 UTC (20 years, 9 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE,
OPENBSD_3_4
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
damn lies
Revision 1.29 / (download) - annotate - [select for diffs], Mon Aug 4 09:45:45 2003 UTC (20 years, 10 months ago) by jmc
Branch: MAIN
Changes since 1.28: +5 -4 lines
Diff to previous 1.28 (colored)
ClientAliveInterval requires Protocol 2; noted by Marc Revial on misc@; ok markus@
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jun 23 13:41:41 2003 UTC (20 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.27: +1 -4 lines
Diff to previous 1.27 (colored)
authpf can handle binat nowadays; from Joel Knight ok daniel
Revision 1.27 / (download) - annotate - [select for diffs], Thu Jun 12 12:59:49 2003 UTC (20 years, 11 months ago) by jmc
Branch: MAIN
Changes since 1.26: +7 -9 lines
Diff to previous 1.26 (colored)
- section reorder - macro fixes - kill whitespace at EOL - new sentence, new line
Revision 1.26 / (download) - annotate - [select for diffs], Thu Mar 20 01:29:17 2003 UTC (21 years, 2 months ago) by david
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE,
OPENBSD_3_3
Changes since 1.25: +18 -18 lines
Diff to previous 1.25 (colored)
replace some .Pp inside .Bd -literal block with empty line new sentence, new line fix login.conf indentation ok jmc@
Revision 1.25 / (download) - annotate - [select for diffs], Tue Mar 18 08:44:09 2003 UTC (21 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)
ip address -> IP address; rtadvd.conf(5): positve -> positive; ok miod@
Revision 1.24 / (download) - annotate - [select for diffs], Tue Mar 11 09:24:57 2003 UTC (21 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.23: +53 -75 lines
Diff to previous 1.23 (colored)
removed .Ic's which were giving postscript trouble; ok deraadt@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Mar 10 15:37:29 2003 UTC (21 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.22: +3 -3 lines
Diff to previous 1.22 (colored)
these pages all had bad section numbers in the .Xr's; lots of help and ok millert@
Revision 1.22 / (download) - annotate - [select for diffs], Thu Mar 6 04:07:38 2003 UTC (21 years, 3 months ago) by david
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
date should be written formally: .Dd Month day, year ok henning@ jmc@
Revision 1.21 / (download) - annotate - [select for diffs], Tue Jan 28 10:40:20 2003 UTC (21 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.20: +96 -73 lines
Diff to previous 1.20 (colored)
typos; added white boldface to examples ok deraadt@
Revision 1.20 / (download) - annotate - [select for diffs], Sun Dec 29 22:23:37 2002 UTC (21 years, 5 months ago) by dhartmei
Branch: MAIN
Changes since 1.19: +4 -1 lines
Diff to previous 1.19 (colored)
Mention $user_id, like $user_ip.
Revision 1.19 / (download) - annotate - [select for diffs], Sun Dec 22 14:19:30 2002 UTC (21 years, 5 months ago) by dhartmei
Branch: MAIN
Changes since 1.18: +36 -18 lines
Diff to previous 1.18 (colored)
Instead of inserting and removing rules at the top/bottom of the main ruleset, make authpf manage its rules inside anchors.
Revision 1.18 / (download) - annotate - [select for diffs], Fri Oct 25 18:34:53 2002 UTC (21 years, 7 months ago) by camield
Branch: MAIN
Changes since 1.17: +30 -34 lines
Diff to previous 1.17 (colored)
- spelling/grammar - nat rules are no longer in a seperate file, combine nat example - /32 on all addresses is clutter, since it's the default
Revision 1.17 / (download) - annotate - [select for diffs], Sat Jul 27 07:27:04 2002 UTC (21 years, 10 months ago) by nordin
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE,
OPENBSD_3_2
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)
Typo; spotted by cdjones@novusordo.net.
Revision 1.16 / (download) - annotate - [select for diffs], Mon Jun 24 09:59:54 2002 UTC (21 years, 11 months ago) by dhartmei
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)
Fix more example rules
Revision 1.15 / (download) - annotate - [select for diffs], Mon Jun 24 07:59:48 2002 UTC (21 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.14: +3 -3 lines
Diff to previous 1.14 (colored)
When the man page contains such obvious stupid TRIVIAL bugs as this which I am fixing, it makes me wonder why the hell is the shown example not something that someone has actually TRIED? Is it not possible people are yammering so much about it on the mailing lists about problems because the people who wrote this don't even check if the man page is CORRECT? But No! Instead of fixing it, the they get email replies on the damned mailing list, and 8 hours later, someone ELSE pipes up with another problem! Why don't you lame asses take responsibility for the problem at hand, CHECK IF THE MAN PAGE IS RIGHT, and instead of replying to the people who post, instead JUST FIX THE DOCUMENTATION PROBLEMS? Or should I remove authpf before you get the idea?
Revision 1.14 / (download) - annotate - [select for diffs], Mon Jun 24 07:43:10 2002 UTC (21 years, 11 months ago) by dhartmei
Branch: MAIN
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)
"quick log" -> "log quick" in example rules, from Rudolfo Munguia
Revision 1.13 / (download) - annotate - [select for diffs], Sun Jun 16 19:35:07 2002 UTC (21 years, 11 months ago) by miod
Branch: MAIN
Changes since 1.12: +1 -2 lines
Diff to previous 1.12 (colored)
Remove nat.conf(5) reference.
Revision 1.12 / (download) - annotate - [select for diffs], Tue Jun 11 18:57:15 2002 UTC (21 years, 11 months ago) by kjell
Branch: MAIN
Changes since 1.11: +15 -24 lines
Diff to previous 1.11 (colored)
Update man page to reality, grammar, and style fixes. from ckuethe@ualberta.ca ok beck@
Revision 1.11 / (download) - annotate - [select for diffs], Tue May 21 07:13:37 2002 UTC (22 years ago) by deraadt
Branch: MAIN
Changes since 1.10: +3 -3 lines
Diff to previous 1.10 (colored)
clean
Revision 1.10 / (download) - annotate - [select for diffs], Mon Apr 15 05:55:48 2002 UTC (22 years, 1 month ago) by pvalchev
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
fix a typo; from andrew@neep.com.au
Revision 1.9 / (download) - annotate - [select for diffs], Sat Apr 6 17:34:14 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE,
OPENBSD_3_1
Changes since 1.8: +3 -14 lines
Diff to previous 1.8 (colored)
root checks are removed now that we moved the per-user dir, docs need to reflect this
Revision 1.8 / (download) - annotate - [select for diffs], Fri Apr 5 20:35:52 2002 UTC (22 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.7: +11 -11 lines
Diff to previous 1.7 (colored)
move location of per-user config files; beck ok
Revision 1.7 / (download) - annotate - [select for diffs], Fri Apr 5 03:06:52 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.6: +26 -8 lines
Diff to previous 1.6 (colored)
ensure that rules files are owned and writable only by root, along their entire path, change docs accordingly. This ensures that people don't accidentally use the $HOME config files to override real settings unless root meant to do it.
Revision 1.6 / (download) - annotate - [select for diffs], Tue Apr 2 17:29:47 2002 UTC (22 years, 2 months ago) by mpech
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
We don't like 'OPTIONS' anymore. .Sh OPTIONS -> .Sh CONFIGURATION millert@ ok
Revision 1.5 / (download) - annotate - [select for diffs], Tue Apr 2 17:19:24 2002 UTC (22 years, 2 months ago) by mpech
Branch: MAIN
Changes since 1.4: +107 -87 lines
Diff to previous 1.4 (colored)
My part of the help: o) don't use .Pp before/after .Sh; o) Start new sentence on a new line; o) Remove extra space in the end of the sentence; o) Fix .Pa usage; o) Fix .Bd usage; o) Use .Pp after .Ed, not blank line before .Ed; millert@ ok
Revision 1.4 / (download) - annotate - [select for diffs], Mon Apr 1 18:54:32 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.3: +8 -8 lines
Diff to previous 1.3 (colored)
-Tattling is bad, users should be allowed to run anything on the system without it generating logs -exit with 0 and 1 instead of EX_FOO -make read_config (with the test and exit) the first thing that happens in main, no openlog or memset first.
Revision 1.3 / (download) - annotate - [select for diffs], Mon Apr 1 18:36:27 2002 UTC (22 years, 2 months ago) by mickey
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
remove a redundant word remove
Revision 1.2 / (download) - annotate - [select for diffs], Mon Apr 1 18:26:04 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.1: +17 -9 lines
Diff to previous 1.1 (colored)
-Make the /etc/authpf/authpf.conf config file required. -Change authpf to install setuid by default, and exit with a tattling syslog message if a user runs it without a config file present. -Change man page to reflect this.
Revision 1.1 / (download) - annotate - [select for diffs], Mon Apr 1 17:43:42 2002 UTC (22 years, 2 months ago) by beck
Branch: MAIN
authpf - authenticating gateway shell for use with ssh(1) to make authenticating gateway type firewalls. caveats - needs to be setuid to opertate (but does not install that way) consult the man page for configuration issues.