You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

146 lines
3.4 KiB

From 77ff3d215f2a28a9ffc9fe1943c7f2b12d5e4f69 Mon Sep 17 00:00:00 2001
From: Phil Sutter <psutter@redhat.com>
Date: Tue, 5 Jun 2018 14:49:54 +0200
Subject: [PATCH 2/2] utils: Add a man page for nfnl_osf
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1487331
Upstream Status: iptables commit af468b6e7f35d
commit af468b6e7f35db09af10ae4ec65cc7803180a4b4
Author: Phil Sutter <phil@nwl.cc>
Date: Wed Sep 20 18:54:09 2017 +0200
utils: Add a man page for nfnl_osf
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Phil Sutter <psutter@redhat.com>
---
configure.ac | 3 +-
utils/.gitignore | 1 +
utils/Makefile.am | 4 +++
utils/nfnl_osf.8.in | 67 +++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 74 insertions(+), 1 deletion(-)
create mode 100644 utils/nfnl_osf.8.in
diff --git a/configure.ac b/configure.ac
index af710cf5481c0..9046633ce5a4d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -173,7 +173,8 @@ AC_CONFIG_FILES([Makefile extensions/GNUmakefile include/Makefile
libiptc/Makefile libiptc/libiptc.pc
libiptc/libip4tc.pc libiptc/libip6tc.pc
libxtables/Makefile utils/Makefile
- include/xtables-version.h include/iptables/internal.h])
+ include/xtables-version.h include/iptables/internal.h
+ utils/nfnl_osf.8])
AC_OUTPUT
diff --git a/utils/.gitignore b/utils/.gitignore
index 216d1e4a621ed..7c6afbf4e6a52 100644
--- a/utils/.gitignore
+++ b/utils/.gitignore
@@ -1,2 +1,3 @@
/nfnl_osf
+/nfnl_osf.8
/nfbpf_compile
diff --git a/utils/Makefile.am b/utils/Makefile.am
index c4192a9e73688..80029e303ff3b 100644
--- a/utils/Makefile.am
+++ b/utils/Makefile.am
@@ -6,8 +6,10 @@ AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include \
sbin_PROGRAMS =
pkgdata_DATA =
+man_MANS =
if HAVE_LIBNFNETLINK
+man_MANS += nfnl_osf.8
sbin_PROGRAMS += nfnl_osf
pkgdata_DATA += pf.os
@@ -23,3 +25,5 @@ if ENABLE_SYNCONF
sbin_PROGRAMS += nfsynproxy
nfsynproxy_LDADD = -lpcap
endif
+
+CLEANFILES = nfnl_osf.8
diff --git a/utils/nfnl_osf.8.in b/utils/nfnl_osf.8.in
new file mode 100644
index 0000000000000..140b5c3f99a42
--- /dev/null
+++ b/utils/nfnl_osf.8.in
@@ -0,0 +1,67 @@
+.TH NFNL_OSF 8 "" "@PACKAGE_STRING@" "@PACKAGE_STRING@"
+
+.SH NAME
+nfnl_osf \- OS fingerprint loader utility
+.SH SYNOPSIS
+
+.ad l
+.in +8
+.ti -8
+.B nfnl_osf
+.BI -f " fingerprints"
+[
+.B -d
+]
+
+.SH DESCRIPTION
+The
+.B nfnl_osf
+utility allows to load a set of operating system signatures into the kernel for
+later matching against using iptables'
+.B osf
+match.
+
+.SH OPTIONS
+
+.TP
+.BI -f " fingerprints"
+Read signatures from file
+.IR fingerprints .
+
+.TP
+.B -d
+Instead of adding the signatures from
+.I fingerprints
+into the kernel, remove them.
+
+.SH EXIT STATUS
+Exit status is 0 if command succeeded, otherwise a negative return code
+indicates the type of error which happened:
+
+.TP
+.B -1
+Illegal arguments passed, fingerprints file not readable or failure in netlink
+communication.
+
+.TP
+.B -ENOENT
+Fingerprints file not specified.
+
+.TP
+.B -EINVAL
+Netlink handle initialization failed or fingerprints file format invalid.
+
+.SH FILES
+
+An up to date set of operating system signatures can be downloaded from
+http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os .
+
+.SH SEE ALSO
+
+The description of
+.B osf
+match in
+.BR iptables-extensions (8)
+contains further information about the topic as well as example
+.B nfnl_osf
+invocations.
--
2.17.0