Usage

FIAIF installs a program in /etc/init.d/fiaif, which is used to control the firewall. The program should only be started by the root user. The program accepts the following arguments.

start:

This will save the current firewall rules, and deploys the new firewall as described by the configuration files.

stop:

Remove all firewall rules, and restores previously saved firewall rules. This can only be used if the firewall has been previously started.

force-reload:

This option is the same as start, although it can be invoked without stopping the firewall first.

restart:

This option stops and then restarts the firewall. Refer to starting and stopping FIAIF.

panic:

Shut off all IP traffic - do not accept any packets from anywhere for any reason. This can be used, for example, if uninvited guests are discovered on the system to quickly close the firewall and start analyzing log files.

status:

Lists all rules in the firewall.

test:

Check the rules in the configuration files. All rules are written to the file specified in the TEST_FILE parameter in the global configuration file. This can be useful to see that the syntax of the rules is correct before deploying the firewall. Any errors will be written to stdout. Besides testing, it also runs a sanity check on the networking configuration.

tc-start:

Start only traffic shaping. This option ignores the ENABLE_TC parameter in the global configuration file.

tc-stop:

Stops the traffic shaping. This option ignores the ENABLE_TC parameter in the global configuration file.

tc-status:

Lists packet counters for all traffic classes.