Man Linux: Main Page and Category List

NAME

       arno-iptables-firewall  -  Single-  &  multi-homed firewall script with
       DSL/ADSL support.

SYNOPSIS

       /etc/init.d/arno-iptables-firewall
       [start|stop|status|force-reload|restart]

DESCRIPTION

       arno-iptables-firewall  is  an iptables configuration script.  While it
       is extremely  easy  to  use  one  can  nevertheless  use  it  in  quite
       complicated environments.

       All  available  options  are  explained  in  the extensively documented
       configuration file.

       The external interface of the system needs to be set up properly in the
       firewalls  configuration  file  (EXT_IF).   The default behavior of the
       firewall is to deny all incoming connection attempts.

       For additional requirements  not  covered  by  the  configuration  file
       custom       iptables       rules       can      be      placed      in
       /etc/arno-iptables-firewall/custom-rules.  This file  is  automatically
       parsed by the service script.

       See  the  documentation in /usr/share/doc/arno-iptables-firewall for an
       example how to manage logging of firewall events through syslogd.

       The arno-fwfilter script can be used to make  the  firewall  logs  more
       readable for humans (see manpage).

       There  is  currently only very limited support for IPv6. More precisely
       one can only allow or deny IPv6 traffic completely,  but  filtering  is
       not possible (yet).

       Several  plugins  for  the  firewall  script  are available online. All
       plugins can be downloaded from http://rocky.eld.leidenuniv.nl/iptables-
       firewall/plugins   and   have   to  be  stored  in  /etc/arno-iptables-
       firewall/plugins. Please see the documentation in  /usr/share/doc/arno-
       iptables-firewall to learn about how to enable them.

FILES

       /etc/init.d/arno-iptables-firewall              system service script
       /etc/arno-iptables-firewall/firewall.conf       firewall configuration
       /etc/arno-iptables-firewall/custom-rules        custom iptables rules
       /etc/arno-iptables-firewall/blocked-hosts       host blacklist
       /etc/arno-iptables-firewall/mac-addresses       mac filter list

       Please  note,  that  the  last  two  files  do  exist  in  the  initial
       configuration     and      their      use      is      disabled      in
       /etc/arno-iptables-firewall/firewall.conf

SEE ALSO

       iptables(8), arno-fwfilter(1), syslog.conf(5)

       The http://rocky.eld.leidenuniv.nl/ web site.

AUTHOR

       arno-iptables-firewall    was    written   by   Arno   van   Amersfoort
       <arnova@rocky.eld.leidenuniv.nl>.

       This    manual    page     was     written     by     Michael     Hanke
       <michael.hanke@gmail.com>,  for  the Debian project (but may be used by
       others).