Changes between Initial Version and Version 1 of VuurmuurScript


Ignore:
Timestamp:
09/13/07 00:27:55 (14 years ago)
Author:
Victor Julien
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • VuurmuurScript

    v1 v1  
     1= Vuurmuur Scripting =
     2
     3Using the vuurmuur_script command you can modify settings from the commandline. Here you find a description of the options.
     4
     5Examples:
     6
     7Gives a list of all groups:
     8{{{
     9vuurmuur_script --list --group any
     10}}}
     11
     12Gives a list of all groups in network localnet.lan
     13{{{
     14vuurmuur_script --list --group localnet.lan
     15}}}
     16
     17Print content of host server.localnet.lan:
     18{{{
     19vuurmuur_script --print --host server.localnet.lan
     20}}}
     21
     22Create an empty host:
     23{{{
     24vuurmuur_script --create --host pc1.localnet.lan
     25}}}
     26
     27Set the host to active:
     28{{{
     29vuurmuur_script --modify --host pc1.localnet.lan --variable ACTIVE --set Yes
     30}}}
     31
     32Set the ipaddress of the new host:
     33{{{
     34vuurmuur_script --modify --host pc1.localnet.lan --variable IPADDRESS --set 192.168.1.15
     35}}}
     36
     37Append a rule to the rules list:
     38{{{
     39vuurmuur_script -M -r rules -V RULE -S "accept service ftp from pc1.localnet.lan to firewall" -A
     40}}}
     41
     42Add the ipaddress 1.2.3.4 to the blocklist:
     43{{{
     44vuurmuur_script --block 1.2.3.4
     45}}}
     46
     47Remove an ipaddress from the blocklist:
     48{{{
     49vuurmuur_script --unblock 1.2.3.4
     50}}}
     51
     52
     53Returncodes:
     54||0||ok||
     55||1||commandline option error||
     56||2||command failed||
     57||3||object supplied with -n does not exist||
     58||4||object supplied with -n already exists||
     59||5||could not allocate memory (no more free memory?)||
     60||6||found some inconsistencies in the data (this should never happen, of course)||
     61||254||internal program error||
     62
     63
     64Commandline options:
     65||-c||vuurmuur config file location||optional||
     66||-v||verbose||optional||
     67||-d||1-3 debug level||optional||
     68||-h||print short help||
     69
     70Command options:
     71||-C||--create||create a new object.||
     72||-D||--delete||delete an object.||
     73||-R||--rename||rename an object. The new name must be supplied with --set||
     74||-M||--modify||modify a variable supplied with --var in an object. Use --set for the new value.||
     75||-L||--list||list objects.||
     76||-P||--print||print the content of an object. Use --var to print only one variable.||
     77||||--block||add a host to the blocklist.||
     78||||--unblock||remove a host from the blocklist.||
     79||||--list-blocked||show current blocklist||
     80
     81Object types:
     82||-o <name>||--host <name>||host.||
     83||-g <name>||--group <name>||group.||
     84||-n <name>||--network <name>||network.||
     85||-z <name>||--zone <name>||zone.||
     86||-s <name>||--service <name>||service.||
     87||-i <name>||--interface <name>||interface.||
     88||-r <name>||--rule <name>||rule.||
     89
     90
     91Other options:
     92||-A||--append||append instead of overwrite when using the modify command.||
     93||-O||--overwrite||overwrite when using the modify command (enabled by default)||
     94||-V <variable name>||--variable <variable name>||name of the variable to modify or print. Use the print command on an object to get a list of valid variables.||
     95||-S <value>||--set <value>||value to set on modify, or new name in case of rename.||
     96||||--apply||applies the change directly to the running vuurmuur daemons.||
     97||||--noapply||does not apply the change directly to the running vuurmuur daemons when by default it would (--block and --unblock).||