IPFW
Section: (8)
Updated: 10 Jan 1995
Index
Return to Main Contents
NAME
ipfw - show / manipulate the ip firewall and accounting tables
SYNOPSIS
ipfw [ n ] expression
DESCRIPTION
ipfw
manipulates the kernel's IP firewall and accouting table. This allows a
Linux system to screen itself or other hosts by protocols and port numbers.
An additional extension 'masuerading' provides the ability to operate fairly
generic proxy address mapping.
OPTIONS
-n
Turn off name lookup. All addresses will be printed in numeric format.
EXAMPLES
- ipfw flush firewall
-
Removes all existing firewall entries.
- ipfw addblocking accept tcp from 192.0.2.0/24 to host.my.net 6000
-
ipfw addblocking deny tcp from 0/0 to host.my.net 6000
Deny all access from the world to tcp port 6000 (X Windows) on the
host host.my.net unless they are from the class C network 192.0.2.x.
FILES
/proc/net/ip_block
/proc/net/ip_forward
SEE ALSO
ifconfig(8) route(8)
HISTORY
ipfw was originally written for BSDI/386 by Daniel Boulet and ported
to Linux by Bob Beck. Numerous other people then cleaned up the program.
BUGS
The firewall cannot yet do device specific filtering, nor tcp connect
filtering or active rejection of packets (ICMP unreachable). The code
is in a state of development and will evolve further.
- The manual page is a joke. Someone literate please write a better one.
-
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- OPTIONS
-
- EXAMPLES
-
- FILES
-
- SEE ALSO
-
- HISTORY
-
- BUGS
-
This document was created by
man2html,
using the manual pages.
Time: 00:43:32 GMT, May 19, 2025