tcpspy 1.7d-4 / etc / tcpspy.rules

This file is indexed.

/etc/tcpspy.rules is in tcpspy 1.7d-4.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# tcpspy.rules for tcpspy Debian GNU/Linux package
# Written by Pablo Lorenzzoni <spectra@linuxbr.com.br>
# 
# Lines containing a # will be ignored. Blank lines too.
#
# Rule Syntax - this is a copy of tcpspy.rules(5)
#       A rule may be  specified  with  the  following  comparison
#       operators:
#
#       user uid
#              True  if the local user initiating or accepting the
#              connection has the effective user id uid.
#
#       user "username"
#              Same as above, but using a username  instead  of  a
#              user id.
#
#       lport port
#              True  if  the  local end of the connection has port
#              number port.
#
#       lport [low] - [high]
#              True if the local end of the connection has a  port
#              number  greater  than or equal to low and less than
#              or equal to high.  If the form low- is  used,  high
#              is assumed to be 65535.  If the form -high is used,
#              low is assumed to be 0. It is an error to omit both
#              low and high.
#
#       lport "service"
#              Same  as  above,  but  using  a  service  name from
#              /etc/services instead of a port number.
#
#       rport  Same as lport but compares the port number  of  the
#              remote end of the connection.
#
#       laddr n.n.n.n[/m.m.m.m]
#              Interpreted  as  a  "net/mask"  expression; true if
#              "net" is equal to the  bitwise  AND  of  the  local
#              address of the connection and "mask". If no mask is
#              specified,  a  default  mask  with  all  bits   set
#              (255.255.255.255) is used.
#
#       raddr  Same as laddr but compares the remote address.
#
#       exe "pattern"
#              True  if the full filename (including directory) of
#              the executable that created/accepted the connection
#              matches  pattern, a glob(7)-style wildcard pattern.
#
#              The pattern "" (an empty  string)  matches  connec-
#              tions  created/accepted  by  processes  whose  exe-
#              cutable filename is unknown.
#
#              If the -p option is not specified, a  warning  mes-
#              sage  will  be printed, and the result of this com-
#              parison will always be true.
#
# By default this file is empty. This means tcpspy will log everything
#

APT Browse - Built by Thomas Orozco.