diff options
Diffstat (limited to 'static/freebsd/man4/ipfirewall.4 3.html')
| -rw-r--r-- | static/freebsd/man4/ipfirewall.4 3.html | 112 |
1 files changed, 0 insertions, 112 deletions
diff --git a/static/freebsd/man4/ipfirewall.4 3.html b/static/freebsd/man4/ipfirewall.4 3.html deleted file mode 100644 index ebaf6272..00000000 --- a/static/freebsd/man4/ipfirewall.4 3.html +++ /dev/null @@ -1,112 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">IPFW(4)</td> - <td class="head-vol">Device Drivers Manual</td> - <td class="head-rtitle">IPFW(4)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">ipfw</code> — <span class="Nd">IP packet - filter and traffic accounting</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp">To compile the driver into the kernel, place the following option - in the kernel configuration file:</p> -<div class="Bd Pp Bd-indent"><code class="Cd">options IPFIREWALL</code></div> -<p class="Pp">Other related kernel options which may also be useful are:</p> -<div class="Bd Pp Bd-indent"><code class="Cd">options - IPFIREWALL_DEFAULT_TO_ACCEPT</code> -<br/> -<code class="Cd">options IPDIVERT</code> -<br/> -<code class="Cd">options IPFIREWALL_NAT</code> -<br/> -<code class="Cd">options IPFIREWALL_NAT64</code> -<br/> -<code class="Cd">options IPFIREWALL_NPTV6</code> -<br/> -<code class="Cd">options IPFIREWALL_PMOD</code> -<br/> -<code class="Cd">options IPFIREWALL_VERBOSE</code> -<br/> -<code class="Cd">options IPFIREWALL_VERBOSE_LIMIT=100</code> -<br/> -<code class="Cd">options LIBALIAS</code></div> -<p class="Pp">To load the driver as a module at boot time, add the following - line into the <a class="Xr">loader.conf(5)</a> file:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>ipfw_load="YES"</pre> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <code class="Nm">ipfw</code> system facility allows filtering, - redirecting, and other operations on IP packets travelling through network - interfaces.</p> -<p class="Pp">The default behavior of <code class="Nm">ipfw</code> is to block - all incoming and outgoing traffic. This behavior can be modified, to allow - all traffic through the <code class="Nm">ipfw</code> firewall by default, by - enabling the <code class="Dv">IPFIREWALL_DEFAULT_TO_ACCEPT</code> kernel - option. This option may be useful when configuring - <code class="Nm">ipfw</code> for the first time. If the default - <code class="Nm">ipfw</code> behavior is to allow everything, it is easier - to cope with firewall-tuning mistakes which may accidentally block all - traffic.</p> -<p class="Pp">When using <a class="Xr">natd(8)</a> in conjunction with - <code class="Nm">ipfw</code> as NAT facility, the kernel option - <code class="Dv">IPDIVERT</code> enables diverting packets to - <a class="Xr">natd(8)</a> for translation.</p> -<p class="Pp">When using the in-kernel NAT facility of - <code class="Nm">ipfw</code>, the kernel option - <code class="Dv">IPFIREWALL_NAT</code> enables basic - <a class="Xr">libalias(3)</a> functionality in the kernel.</p> -<p class="Pp">When using any of the IPv4 to IPv6 transition mechanisms in - <code class="Nm">ipfw</code>, the kernel option - <code class="Dv">IPFIREWALL_NAT64</code> enables all of these NAT64 methods - in the kernel.</p> -<p class="Pp">When using the IPv6 network prefix translation facility of - <code class="Nm">ipfw</code>, the kernel option - <code class="Dv">IPFIREWALL_NPTV6</code> enables this functionality in the - kernel.</p> -<p class="Pp">When using the packet modification facility of - <code class="Nm">ipfw</code>, the kernel option - <code class="Dv">IPFIREWALL_PMOD</code> enables this functionality in the - kernel.</p> -<p class="Pp">To enable logging of packets passing through - <code class="Nm">ipfw</code>, enable the - <code class="Dv">IPFIREWALL_VERBOSE</code> kernel option. The - <code class="Dv">IPFIREWALL_VERBOSE_LIMIT</code> option will prevent - <a class="Xr">syslogd(8)</a> from flooding system logs or causing local - Denial of Service. This option may be set to the number of packets which - will be logged on a per-entry basis before the entry is rate-limited.</p> -<p class="Pp">When using the in-kernel NAT facility of - <code class="Nm">ipfw</code>, the kernel option - <code class="Dv">LIBALIAS</code> enables full <a class="Xr">libalias(3)</a> - functionality in the kernel. Full functionality refers to included support - for ftp, bbt, skinny, irc, pptp and smedia packets, which are missing in the - basic <a class="Xr">libalias(3)</a> functionality accomplished with the - <code class="Dv">IPFIREWALL_NAT</code> kernel option.</p> -<p class="Pp">The user interface for <code class="Nm">ipfw</code> is implemented - by the <a class="Xr">ipfw(8)</a> utility, so please refer to the - <a class="Xr">ipfw(8)</a> man page for a complete description of the - <code class="Nm">ipfw</code> capabilities and how to use it.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">setsockopt(2)</a>, <a class="Xr">libalias(3)</a>, - <a class="Xr">divert(4)</a>, <a class="Xr">ip(4)</a>, - <a class="Xr">ip6(4)</a>, <a class="Xr">ipfw(8)</a>, - <a class="Xr">natd(8)</a>, <a class="Xr">sysctl(8)</a>, - <a class="Xr">syslogd(8)</a>, <a class="Xr">pfil(9)</a></p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">August 19, 2020</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> |