.PHONY: install clean
-default: install
+default: bin/nfblocker nfblocker.5 nfblocker.8
README.html: README.adoc
asciidoctor -bhtml $<
+nfblocker.5 nfblocker.8: %: %.adoc
+ asciidoctor -bmanpage $<
+
bin/nfblocker: $(wildcard src/*.c)
# requires libnetfilter-queue-dev
gcc -g -Wall -o $@ $^ -lnetfilter_queue
--- /dev/null
+= nfblocker(5)
+
+== NAME
+nfblocker - block list file format
+
+== SYNOPSIS
+
+/etc/nfblocker/acl/blocklist.acl
+
+ln -s ../acl/blocklist.acl /etc/nfblocker/blocked/
+
+== DESCRIPTION
+
+nfblocker uses one or more block list files which contain declaratios
+of the domains to block, one domain per line that starts with any
+number of whitespace characters followed by a period (".") before the
+domain to block. The blocking applies to the domain an all its sub
+domains.
+
+.Example of block list
+----
+Anything not starting with . is a comment
+leading whitespace is ignored
+ .bad.domain.com -- domain name up to whitespace is blocked
+blank lines are fine too
+
+.another.domain.to.block
+End of block list example.
+----
+
+== SEE ALSO
+
+nfblocker(8)
+
+== AUTHOR
+
+Ralph Ronnquist <rrq@rrq.au>
--- /dev/null
+= nfblocker(8)
+
+== NAME
+
+nfblocker - Firewall agent blocking selected HTTP and HTTPS
+connections
+
+== SYNOPSIS
+
+nfblocker __blocklistfile__+
+
+== DESCRIPTION
+
+The nfblocker utility is a blacklist based network traffic filter for
+iptables via libnetfilter-queue. It applies to HTTP and SSL traffic
+for recognizing and dropping packets that are directed to blacklisted
+domain names.
+
+== SEE ALSO
+
+nfblocker(5)
+
+== AUTHOR
+
+Ralph Ronnquist <rrq@rrq.au>
projects / rrq / nfblocker.git / commitdiff