Provided by: ipkungfu_0.6.1-6ubuntu1_amd64 bug


       ipkungfu - An iptables-based firewall for Linux


       ipkungfu [ -c ] [ -t ] [ -d ] [ -h ] [ -v ] [ --quiet ] [ --panic ] [ --no-caching


       ipkungfu  is an iptables-based Linux firewall. The primary design goals are security, ease
       of use, and performance, in that  order.  It  takes  advantage  of  advanced  features  of
       iptables,  tcpwrappers,  and  the  Linux  kernel.  It also simplifies the configuration of
       internet connection sharing, advanced routing, and other networking needs.


       -c  (or  --check)
                   Check whether ipkungfu is loaded, and report any command line options  it  may
                   have been loaded with.

       -t  (or  --test)
                   Runs  a configuration test, and displays the results.  Note that this does not
                   test or display all configuration options.  This gives you an  opportunity  to
                   verify  that  major configuration options are correct before putting them into

       -d  (or  --disable)
                   Disables the firewall.  It is important to know exactly what this option does.
                   All  traffic  is  allowed  in and out, and in the case of a gateway, all NATed
                   traffic is forwarded (the option retains  your  connection  sharing  options).
                   Custom rules are not implemented, and deny_hosts.conf is ignored.

       -f  (or  --flush)
                   Disables  the  firewall  COMPLETELY.   All  rules  are flushed, all chains are
                   removed.  Any port forwarding or internet connection  sharing  will  cease  to

       -h  (or  --help)
                   Displays brief usage information and exits.

       -v  (or  --version)
                   Displays version information and exits.

       --quiet     Runs ipkungfu with no standard output

       --panic     Drops  ALL  traffic  in  all directions on all network interfaces.  You should
                   probably never use this option.  The  --panic  option  is  available  for  the
                   highly  unusual  situation  where  you know that an attack is underway but you
                   know of no other way to stop it.

       --failsafe  If ipkungfu fails, --failsafe will cause all firewall policies  to  revert  to
                   ACCEPT.   This  is useful when working with ipkungfu remotely, to prevent loss
                   of remote access due to firewall failure.

                   Disables rules caching feature.





                                           January 2003                               ipkungfu(8)