knoptm(8)

1KNOPTM(8)                   System Manager's Manual                  KNOPTM(8)
2
3
4

NAME

6       knoptm - Daemon in charge to remove firewall rules.
7
8

DESCRIPTION

10       knoptm  is a daemon that removes rule entries from the iptables or ipfw
11       policies to which fwknop has added access rules for  legitimate  fwknop
12       PK/SPA clients.  This daemon runs in all authentication modes supported
13       by fwknopd (both port knocking and SPA),  and  enforces  rule  timeouts
14       that defined by the /etc/fwknop/access.conf file.
15
16

OPTIONS

18       -c, --config <config-file>
19              When    run   as   a   daemon   knoptm   references   the   file
20              /etc/fwknop/fwknop.conf for various run-time configuration vari‐
21              ables.  The  path to this file can be changed through the use of
22              the --config command line option.
23
24       -i, --interface
25              Specify the interface that  fwknopd  sniffs  to  acquire  packet
26              data.  This is used for running interface checks, such as check‐
27              ing whether the interface has been deleted and  recreated  (e.g.
28              ppp  restart  for  a VPN connection).  The fwknopd daemon passes
29              this argument on the knoptm command line.
30
31       --Debug-to-file <file>
32              Allow the user to collect outputs  from  the  knoptm  daemon  by
33              writing debug informations to a specific file.
34
35       --firewall-type <firewall>
36              Manually specify the firewall type from the command line.
37
38       -h, --help
39              Display usage information and exit.
40
41       -V, --Version
42              Display version information and exit.
43
44       --Lib-dir <directory>
45              Path to the perl modules directory (not usually necessary).
46
47       -l,  --locale <locale>
48              Provide a locale setting other than the default "C" locale.
49
50       --no-locale
51              Do  not  set the locale at all so that the default system locale
52              will apply.
53
54       --no-logs
55              Do not generate any log output or  emails  (fwknop_test.pl  uses
56              this).
57
58       --no-voluntary-exits
59              Disregard     ENABLE_VOLUNTARY_EXITS     setting.    This    way
60              fwknopd/knoptm is  not  allowed  to  be  restarted  periodically
61              according to EXIT_INTERVAL.
62
63       -O, --Override-config <file>
64              Override  config variable values that are normally read from the
65              /etc/fwknop/fwknop.conf file  with  values  from  the  specified
66              file.  Multiple  override  config  files can be given as a comma
67              separated list.
68
69

DIAGNOSTICS

71       knoptm can be run in debug mode with the --debug command  line  option.
72       This  will disable daemon mode execution, and print verbose information
73       to the screen on STDERR.
74
75

AUTHOR

81       Michael Rash <mbr@cipherdyne.org>
82
83

DISTRIBUTION

85       knoptm is distributed under the GNU General Public License  (GPL),  and
86       the latest version may be downloaded from http://www.cipherdyne.org/
87
88
89
90Linux                            August, 2009                        KNOPTM(8)

NAME

DESCRIPTION

OPTIONS

DIAGNOSTICS

SEE ALSO

AUTHOR

DISTRIBUTION