natefw

Rules


Supported rules in nfw

= Introduction =

This page will introduce to using nfw and how to build rule sets.

= Rule generation by parameter =

nfw supports the ability for you to specify the rule as a parameter like iptables.

nfw rule description

= Rule generation by file =

Optionally, you can specify a file and nfw will parse the file and output the results to stdout.

nfw file

= Building rules =

As of the writing of this document nfw supports these rules:

ip <modifier>

ip ranges <modifier>

port <modifier>

With optionally:

comment <string>

A "modifier" can be source or destination (misspelled in version 1.1-1).

To start a rule you must specify chain and action in this order:

<action> <chain>

Where action can be:
deny
accept
drop

Where chain can be:
input
output
forward

Examples:

nfw deny input 127.0.0.1 source
nfw deny input 127.0.0.1 destination
nfw accept input 192.168.1.1-192.168.1.100 source
nfw accept input 192.168.100.1 source comment "gateway1"
nfw accept input 22 source comment "ssh"
nfw accept input 22 destitation comment "ssh"

Created: 11 years 6 months ago
by Natalie Adams

Updated: 11 years 6 months ago
by Natalie Adams

Labels:
Other:Featured

Page rendered in 0.04750s using 25 queries.