oracular (8) netscript-ipfilter.8.gz

Provided by: netscript-ipfilter_5.5.5+nmu3_all bug

NAME

       netscript - netscript network configuration command

SYNOPSIS

       netscript start|stop|reload|restart
       netscript ipfilter load|clear|fairq|flush|reload|save
       netscript ipfilter usebackup [ backup-number ]
       netscript ipfilter exec <function-name1>|<function-name2> [chain p1 p2 ...]
       netscript ip6filter load|clear|fairq|flush|reload|save
       netscript ip6filter usebackup [ backup-number ]
       netscript ip6filter exec <function-name1>|<function-name2> [chain p1 p2 ...]

DESCRIPTION

       This   manual   page   documents   briefly   the  netscript  command  from  the  netscript
       router/firewall network configuration package.

       This command is  used  to  configure/reconfigure  the  iptables  filter  setup,  that  are
       configured in netscript's configuration files.

IPTABLES CONFIGURATION

       Configuration saving is done by iptables-save(8) and iptables-restore(8).

OPTIONS

       start  Set  up  networking  configruation  by loading ipcahins filters, setting up bridge,
              configuring interfaces and running any configured lower layer protocol  daemons  or
              commands. For use from a startup script.

       stop   Shut everything down. For use from a startup script.

       reload Refresh the setup of netscript from the configuration files in /etc/netscript

       restart|force-reload
              Stop everything and then start everything again. For use from a startup script.

       ipfilter load|reload
              Load/reload  the  IPv4  iptables filters and reconfigure the firewalling, from that
              saved in /etc/netscript/iptables (via  iptables-restore(8)  ),  and  the  QoS  fair
              queuing setup.

       ipfilter save
              Save  the  IPv4  iptables  configuration  to  /etc/netscript/iptables via iptables-
              save(8) , after backing it up to /etc/netscript/iptables.1 and cycling the previous
              backup files down through the configuration history.

       ipfilter usebackup [ backup-number ]
              Restore    setup    from    the    IPv4    iptables   backup   configuration   from
              /etc/netscript/iptables.n ( default 1 ) via iptables-restore(8).

       ipfilter clear|flush
              Remove iptables and any  firewall  setup,  and  if  IPV4_FWDING_KERNEL  is  set  to
              FILTER_ON  (see  network.conf(5)  ),  disables  all  IPv4  packet forwarding on the
              router.  Very useful for debugging protocol problems on a firewall  by  enabling  a
              reasonably safe check to be made with the filtering down.

       ipfilter forward|fwd
              Turns  on  the IPv4 kernel forwarding switch manually.  This is irrespective of the
              setting of IPV4_FWDING_KERNEL (see network.conf(5) ). Use with caution as  it  will
              allow traffic through the box.

       ipfilter noforward|nofwd
              Turns  off the IPv4 kernel forwarding switch manually.  This is irrespective of the
              setting of IPV4_FWDING_KERNEL (see network.conf(5) ). Use with caution as  it  will
              cut off reachability.

       ipfilter fairq
              Reload  the  IPv4 fairq chain that marks the packets for the QoS interface transmit
              queues.

       ip6filter load|reload
              Load/reload the IPv6 iptables filters and reconfigure the  firewalling,  from  that
              saved in /etc/netscript/ip6tables
               (via ip6tables-restore(8) ), and the QoS fair queuing setup.

       ip6filter save
              Save  the  IPv6  iptables  configuration  to /etc/netscript/iptables via ip6tables-
              save(8) , after  backing  it  up  to  /etc/netscript/ip6tables.1  and  cycling  the
              previous backup files down through the configuration history.

       ip6filter usebackup [ backup-number ]
              Restore    setup    from    the    IPv6    iptables   backup   configuration   from
              /etc/netscript/ip6tables.n ( default 1 ) via ip6tables-restore(8).

       ip6filter clear|flush
              Remove IPv6 iptables setup, and if IPV6_FWDING_KERNEL  is  set  to  FILTER_ON  (see
              network.conf(5)  ), disables all IPv6 packet forwarding on the router.  Very useful
              for debugging protocol problems on a firewall by enabling a reasonably  safe  check
              to be made with the filtering down.

       ip6filter forward|fwd
              Turns  on  the IPv6 kernel forwarding switch manually.  This is irrespective of the
              setting of IPV6_FWDING_KERNEL (see network.conf(5) ). Use with caution as  it  will
              allow traffic through the box.

       ip6filter noforward|nofwd
              Turns  off the IPv6 kernel forwarding switch manually.  This is irrespective of the
              setting of IPV6_FWDING_KERNEL (see network.conf(5) ). Use with caution as  it  will
              affect reachability.

       ip6filter fairq
              Reload  the  IPv6 fairq chain that marks the packets for the QoS interface transmit
              queues.

FILES

       /etc/netscript/ipfilter.conf, /etc/netscript/network.conf,
       /etc/netscript/iptables, /etc/netscript/ip6tables,

SEE ALSO

       ipfilter.conf(5),  network.conf(5),  ip(8),   tc(8),   iptables(8),   iptables-restore(8),
       iptables-save(8), ip6tables(8), ip6tables-restore(8), ip6tables-save(8), brcfg(8).

AUTHOR

       This  manual  page  was  written  by Matthew Grant <matt@mattgrant.net.nz>, for the Debian
       GNU/Linux system (but may be used by others).

BUGS

       I wrote this manpage when I was half asleep...

                                         January 24, 2014                            NETSCRIPT(8)