pfconfd
Prev Kernun UTM Reference (8) Next

Name

pfconfd — Packet filter configuration refreshing daemon

Synopsis

pfconfd [-hv] [-d dbglev] -f cfgfile

Description

The packet-filter configuration can contain both IP addresses and host names. The latter must be resolved and converted to addresses, however, this resolution result is time limited and has to be refreshed periodically. For this purpose, the pfconfd daemon is used.

The daemon is included in the list of Kernun components only if some names really occur in the packet filter configuration. The component configuration is merged from the packet filter configuration (creating table sections) and data from the pfconfd section of kernun.cml. However, for the formal reason, the pfconfd application is defined as repeatable, with the name PFCONFD.

The daemon behaves like the Asynchronous Configuration Resolver process of regular Kernun proxies. It reads its configuration, tries to resolve all names and schedule itself to wake up at the time of the closest domain name TTL timeout. After the start, it prepares contents of tables that are included as a part of the running packet filter configuration. Later, when some name resolution changes, the tables are re-created again.

Options

-h

Print usage information.

-v

Display version information and exit.

-d dbglev

Set debuging level to a specific number. Permitted values are 3 through to 9, 3 being the least and 9 the most verbose. See logging(7) for details. This setting is relevant only till configuration reading is finished.

-f cfgfile

Read cfgfile for configuration information.

See Also

proxy(5), pfconfd.cfg(5), configuration(7), host-matching(7), logging(7), resolving(7)

Authors

This man page is a part of Kernun Firewall.
Copyright © 2000–2015 Trusted Network Solutions, a. s.
All rights reserved.

Prev Up Next
kat Home pop3-proxy