From: Michael Rash Date: Mon, 11 Jun 2012 03:07:37 +0000 (-0400) Subject: applied patch from Franck to fix man page paths to reflect new installation directory... X-Git-Tag: fwsnort-1.6.3-pre1~4 X-Git-Url: http://www.cipherdyne.com/cgi-bin/gitweb.cgi?p=fwsnort.git;a=commitdiff_plain;h=b0f806220e3cdaf02a05a049e21fa1f695d2db65 applied patch from Franck to fix man page paths to reflect new installation directory structure --- diff --git a/fwsnort.8 b/fwsnort.8 index ae8c857..2704307 100644 --- a/fwsnort.8 +++ b/fwsnort.8 @@ -32,17 +32,17 @@ snort_inline instance). As of .B fwsnort-1.5 all iptables rules built by fwsnort are written out to the -.I /etc/fwsnort/fwsnort.save +.I /var/lib/fwsnort/fwsnort.save file in iptables-save format. This allows a long fwsnort policy (which may contain thousands of iptables rules translated from a large Snort signature set) to be quickly instantiated via the "iptables-restore" command. A wrapper script -.I /etc/fwsnort/fwsnort.sh +.I /var/lib/fwsnort/fwsnort.sh is also written out to make this easy. Hence, the typical work flow for fwsnort is to: 1) run fwsnort, 2) note the Snort rules that fwsnort was able to successfully translate (the number of such rules is printed to stdout), and then 3) execute the -.I /etc/fwsnort/fwsnort.sh +.I /var/lib/fwsnort/fwsnort.sh wrapper script to instantiate the policy in the running kernel. .B fwsnort @@ -167,7 +167,7 @@ fwsnort policy appropriately triggers on matching traffic. .TP .BR \-\^\-ipt-script\ \ Specify the path to the iptables script generated by fwsnort. The -default location is /etc/fwsnort/fwsnort.sh. +default location is /var/lib/fwsnort/fwsnort.sh. .TP .BR \-\^\-ipt-check-capabilities Check iptables capabilities and exit. @@ -177,7 +177,7 @@ Run .B fwsnort with the same command line arguments as the previous execution. This is a convenient way of rebuilding the -.I /etc/fwsnort/fwsnort.sh +.I /var/lib/fwsnort/fwsnort.sh script without having to remember what the last command line args were. .TP .BR \-\^\-NFQUEUE @@ -389,7 +389,7 @@ The fwsnort configuration file. The path to this file can be changed on the command line with \-\-config. .RE -.B /etc/fwnort/fwsnort.sh +.B /var/lib/fwnort/fwsnort.sh .RS The iptables script generated by fwsnort. The path can be manually specified on the command line with the \-\-ipt-script option.