madscientist
/
SNFMDaemon
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
1 Commit
2 Branches
Struktur: d73de20c85
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „d73de20c85“
${ noResults }
SNFMDaemon/Distribution_20101124/SNFClient_readme.txt

SNFClient_readme.txt 6.3KB
Originalformat Blame Verlauf

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182 
  1. SNFClient Readme

  2. 

  3. Command line client for SNF. This utility formats and processes SNF_XCI

  4. requests through the SNF Engine working on the local machine. In general

  5. this utility can be used as a replacement for the earlier SNF command

  6. line scanner. It is also useful for other uses such as debugging and

  7. communicating with GBUdb.

  8. 

  9. Note: Unlike prior versions of SNF, this command line utility does not

  10. need to be "branded" (renamed for the SNF license id).

  11. 

  12. _________

  13. Help Mode

  14. 

  15. SNFClient.exe

  16. 

  17.   When called with no command line parameters the utility produces

  18.   help and version information.

  19. 

  20. __________

  21. Debug Mode

  22. 

  23. SNFDebugClient.exe

  24. 

  25.   When "debug" or "Debug" appears in the path to the program name

  26.   or if the program's name is altered to include the word "debug" or

  27.   "Debug" then the program will produce additional information about

  28.   it's operation to aid in debugging problems. This includes the

  29.   entire raw SNF_XCI request and response.

  30. 

  31. __________________

  32. Message Scan Modes

  33. 

  34.   These modes are used to scan email message files (the data part of

  35.   smtp). This utility can be used as a drop-in replacement for previous

  36.   verions of SNF (Message Sniffer) for scanning messages. However, this

  37.   new version does not need to be "branded" (renamed for the license id)

  38.   and will ignore the authentication string if it is provided. Also,

  39.   since the newer version of SNF uses a client-server model and not a

  40.   peer-server model, there is no need for a "persistent" mode.

  41. 

  42.   If "persistent" is passed to this utility on the command line as it

  43.   would be used in prior versions of SNF then it will be treated like

  44.   a file name and the scan will normally fail since a file named

  45.   "persistent" is not likely to exist.

  46. 

  47. SNFClient.exe <FileNameToScan>

  48. 

  49.   Scan Mode: Scans <FileNameToScan> and returns a result code.

  50. 

  51. SNFClient.exe <authenticationxx> <FileNameToScan>

  52. 

  53.   Compatibility Mode: Ignores <authenticationxx> then scans the

  54.   <FileNameToScan> and returns a result code. This mode provides

  55.   drop-in compatibility with previous versions of SNF.

  56. 

  57. SNFClient.exe -xhdr <FileNameToScan>

  58. 

  59.   XHeader Mode: Scans <FileNameToScan> and returns the result. Also

  60.   outputs the contents of the X-Headers created by the SNF engine. If

  61.   the SNF engine is configured to inject these headers then they will

  62.   also have been injected into the <FileNameToScan>.

  63. 

  64.   The SNF Engine can be configured to provide the X-Headers only to

  65.   the API without injecting them. In this case the XHeader Mode will

  66.   display the X-Headers that would be injected, but they will not

  67.   have been injected into the <FileNameToScan>.

  68. 

  69.   If the SNF Engine is configured not to produce X-Headers (none) then

  70.   the XHeader Mode will not produce X-Headers because they will not

  71.   have been generated by the engine.

  72. 

  73.   (note: -xhdr and -source options can be combined)

  74. 

  75. 

  76. SNFClient.exe -source=<IP4Address> <FileNameToScan>

  77. 

  78.   Source-IP Mode: Scans <FileNameToScan> and returns the result. The

  79.   provided source IP is injected into the scan as the first Received

  80.   header so that the scanning engine will presume the IP is the source

  81.   of the message. This allows you to pre-define the source IP for the

  82.   message when there is no other received header or when the received

  83.   headers may be incorrect or may not present the actual source of

  84.   the message.

  85. 

  86.   (note: -xhdr and -source options can be combined)

  87. 

  88. _____________________________

  89. SNFServer Status Report Modes

  90. 

  91. SNFClient.exe -status.second

  92. SNFClient.exe -status.minute

  93. SNFClient.exe -status.hour

  94. 

  95.   This mode returns the latest posted status report as indicated.

  96.   Normally these status reports are also posted to files in the

  97.   SNFServer workspace.

  98. 

  99.   In this mode the SNFClient will return a result code (error level)

  100.   of 0 when the request is successful and 99 (or some nonzero value)

  101.   when the request is not successful. This allows the SNFClient to

  102.   be used to verify that the SNFServer is running.

  103. 

  104.   Note: In most other modes the SNFClient returns a fail-safe 0

  105.   result code to avoid tagging messages as spam when there are errors.

  106. 

  107. ________________________

  108. XCI Server Command Modes 

  109. 

  110. These features will expand as needed in later versions.

  111. 

  112. SNFClient.exe -shutdown

  113. 

  114.   If the SNF Engine is running in an application that accepts SNF_XCI

  115.   server commands then this mode will send that command. The shutdown

  116.   command may have no effect if the application does not use the SNF_XCI

  117.   server commnand interface or does not recognize the command.

  118. 

  119. ___________

  120. GBUdb Modes

  121. 

  122.   These modes are used to communicate with the GBUdb system on the

  123.   local node. It is possible to test (read out) an IP record or make

  124.   any of a number of changes to IP data in the GBUdb.

  125. 

  126. SNFClient.exe -test <IP4Address>

  127. 

  128.   Returns the current GBUdb statistics for the <IP4Address>

  129. 

  130.   SNFClient also returns a result code that matches the GBUdb range

  131.   for the tested IP. These ranges are defined in the SNFServer

  132.   configuration file. By default they are:

  133. 

  134.   20 - Truncate

  135.   63 - Black

  136.   40 - Caution

  137.    0 - Normal

  138. 

  139. SNFClient.exe -set <IP4Address> <flag> <bad> <good>

  140. 

  141.   Creates or updates the data for <IP4Address> as provided. The

  142.   <IP4Address> must be provided as well as at least one of

  143.   <flag>, <bad>, and <good>. If <flag>, <bad>, or <good> are

  144.   to be left unchanged then they should be entered as a dash "-".

  145. 

  146.   Examples:

  147. 

  148.   Set all data for an IP. The flag will be "ugly", the bad count

  149.   will be 0 and the good count will be 1000.

  150. 

  151.   SNFClient.exe -set 12.34.56.78 Ugly 0 1000

  152. 

  153.   Set the flag to "ignore" and do not change the counts.

  154. 

  155.   SNFClient.exe -set 12.34.56.78 ignore - -

  156. 

  157.   Set the good count to 400 and do not change anything else.

  158. 

  159.   SNFClient.exe -set 12.34.56.78 - - 400

  160. 

  161. SNFClient.exe -good <IP4Address>

  162. 

  163.   Creates or updates statistics for the <IP4Address>. Increases the

  164.   good count by one. (Record a good event)

  165. 

  166. SNFClient.exe -bad <IP4Address>

  167. 

  168.   Creates or updates statistics for the <IP4Address>. Increases the

  169.   bad count by one. (Record a bad event)

  170. 

  171. SNFClient.exe -drop <IP4Address>

  172. 

  173.   Removes all local data for the <IP4Address>. Anything the local

  174.   system "knows" about the IP is forgotten. Next time the IP is

  175.   encountered it will be treated as new.

  176. 

  177. ____________________

  178. For More Information

  179. 

  180. See www.armresearch.com

  181. Copyright (C) 2007-2008 Arm Research Labs, LLC.

  182.