Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

apf(1) [debian man page]

APF(1)							      General Commands Manual							    APF(1)

NAME

       apf - easy iptables based firewall system

SYNOPSIS

       apf

DESCRIPTION

       This  manual page documents briefly the apf command.  This manual page was written for the Debian distribution because the original program
       does not have a manual page.

       Advanced Policy Firewall (APF) is an iptables (netfilter) based firewall system designed around the essential  needs  of  today's  Internet
       deployed  servers  and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative
       and present the user with an easy to follow process, from top to bottom of the configuration file. The management of APF  on  a	day-to-day
       basis  is  conducted from the command line with the 'apf' command, which includes detailed usage information and all the features one would
       expect from a current and forward thinking firewall solution.

OPTIONS

       apf follow the usual GNU command line syntax, with long options starting with two dashes (`-').	A summary of options is included below.

       -s|--start
	      load all firewall rules

       -r|--restart
	      stop (flush) & reload firewall rules

       -l|--list
	      list all firewall rules

       -t|--status
	      output firewall status log

       -e|--refresh
	      refresh & resolve dns names in trust rules

       -a <HOST CMT|--allow <HOST COMMENT>
	      add host (IP/FQDN) to allow_hosts.rules and immediately load new rule into firewall

       -d <HOST CMT|--deny <HOST COMMENT>
	      add host (IP/FQDN) to deny_hosts.rules and immediately load new rule into firewall

       -u <HOST>|--remove <HOST>
	      remove host from [glob]*_hosts.rules and immediately remove rule from firewall

       -o|--ovars
	      output all configuration options

COPYRIGHT

       Copyright (C) 1999-2007, R-fx Networks <proj@r-fx.org>
       Copyright (C) 2007, Ryan MacDonald <ryan@r-fx.org> This program may be freely redistributed under the terms of the GNU GPL

       This manual page was written by Giuseppe Iuculano <giuseppe@iuculano.it>, for the Debian project (but may be used by others).

								  August 17, 2008							    APF(1)

Check Out this Related Man Page

ARNO-IPTABLES-FIREWALL(8)												 ARNO-IPTABLES-FIREWALL(8)

NAME

       arno-iptables-firewall - Single- & multi-homed firewall script with DSL/ADSL support.

SYNOPSIS

       /etc/init.d/arno-iptables-firewall [start|stop|status|force-reload|restart]

DESCRIPTION

       arno-iptables-firewall  is  an  iptables configuration script with support for both IPv4 & IPv6.  While it is extremely easy to use one can
       nevertheless use it in quite complicated environments.

       All available options are explained in the extensively documented configuration file.

       The external interface of the system needs to be set up properly in the firewalls configuration file (EXT_IF).  The default behavior of the
       firewall is to deny all incoming connections.

       For  additional	requirements not covered by the configuration file custom iptables rules can be placed in /etc/arno-iptables-firewall/cus-
       tom-rules.  This file is automatically parsed by the service script.

       See the README file (eg. in /usr/(local/)share/doc/arno-iptables-firewall) for an example how to manage logging of firewall events  through
       syslogd.

       The arno-fwfilter script can be used to make the firewall logs more readable for humans (see manpage).

       Several plugins for the firewall script are available online. Plugins can be downloaded from http://rocky.eld.leidenuniv.nl/ Please see the
       README file for more information.

FILES

       /etc/init.d/arno-iptables-firewall	       system service script
       /etc/arno-iptables-firewall/firewall.conf       firewall configuration
       /etc/arno-iptables-firewall/conf.d/	       firewall configuration directory
       /etc/arno-iptables-firewall/custom-rules        custom iptables rules
       /etc/arno-iptables-firewall/blocked-hosts       host blacklist
       /etc/arno-iptables-firewall/mac-addresses       mac filter list

       Please note, that the last two files do exist in the initial configuration and their use is disabled  in  /etc/arno-iptables-firewall/fire-
       wall.conf

SEE ALSO

       iptables(8), arno-fwfilter(1), syslog.conf(5)

       The http://rocky.eld.leidenuniv.nl/ web site.

AUTHOR

       arno-iptables-firewall was written by Arno van Amersfoort <arnova@rocky.eld.leidenuniv.nl>.

       This manual page was written by Michael Hanke <michael.hanke@gmail.com>, for the Debian project (but may be used by others).

Michael Hanke							  March 14, 2012					 ARNO-IPTABLES-FIREWALL(8)
Man Page