IPFW

Section: (8)
Updated: 10 Jan 1995
Index Return to Main Contents
 

NAME

ipfw - show / manipulate the ip firewall and accounting tables  

SYNOPSIS

ipfw [ n ] expression  

DESCRIPTION

ipfw manipulates the kernel's IP firewall and accouting table. This allows a Linux system to screen itself or other hosts by protocols and port numbers. An additional extension 'masuerading' provides the ability to operate fairly generic proxy address mapping.  

OPTIONS

-n Turn off name lookup. All addresses will be printed in numeric format.  

EXAMPLES

ipfw flush firewall
Removes all existing firewall entries.
ipfw addblocking accept tcp from 192.0.2.0/24 to host.my.net 6000
ipfw addblocking deny tcp from 0/0 to host.my.net 6000 Deny all access from the world to tcp port 6000 (X Windows) on the host host.my.net unless they are from the class C network 192.0.2.x.

 

FILES

/proc/net/ip_block
/proc/net/ip_forward  

SEE ALSO

ifconfig(8) route(8)  

HISTORY

ipfw was originally written for BSDI/386 by Daniel Boulet and ported to Linux by Bob Beck. Numerous other people then cleaned up the program.  

BUGS

The firewall cannot yet do device specific filtering, nor tcp connect filtering or active rejection of packets (ICMP unreachable). The code is in a state of development and will evolve further.
The manual page is a joke. Someone literate please write a better one.


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLES
FILES
SEE ALSO
HISTORY
BUGS

This document was created by man2html, using the manual pages.
Time: 00:43:32 GMT, May 19, 2025