From 6429d1d56c38d2d1fa0a71889726f42e38d1e4d2 Mon Sep 17 00:00:00 2001 From: Hugo Levy-Falk Date: Tue, 7 May 2019 00:05:36 +0200 Subject: [PATCH] Readme --- README.md | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index e45280a..2158301 100644 --- a/README.md +++ b/README.md @@ -3,13 +3,13 @@ This script creates a firewall from Re2o information using nftables. # What it does : - - - Fetch mac-ip table from re2o and filter traffic from the adherent NAT with it; - - Create a NAT table for FedeRez and Adherent, and NAT the admin and prerezotage VLANs properly. + +- Fetch mac-ip table from re2o and filter traffic from the adherent NAT with it; +- Create a NAT table for FedeRez and Adherent, and NAT the admin and prerezotage VLANs properly. # What it does not do (yet) : - - Fetch opened ports on Re2o and filter traffic with these infos. +- Fetch opened ports on Re2o and filter traffic with these infos. # Install : @@ -27,7 +27,26 @@ echo "* * * * * root /usr/bin/python3 main.py macip 2>&1 | /usr/bin/logger -t fi # Usage : -See `./main.py --help`. +``` +Usage: main.py [OPTIONS] COMMAND [ARGS]... + + Re2o firewall manager. + + Used without command, the firewall manager will load the whole firewall + (i.e. the struture, the macip set and the MAC table). By default it erases + the current NAT table and macp set. You can choose to keep the current + values for these with the flags. + +Options: + --keep-nat / --dont-keep-nat Should I keep the current NAT table ? + --keep-macip / --dont-keep-macip + Should I keep the current macip set ? + --help Show this message and exit. + +Commands: + macip Load the macip set. + nat Load the NAT table. +``` # Dependencies :