Poster of Linux kernelThe best gift for a Linux geek
VUURMUUR_SCRIPT

VUURMUUR_SCRIPT

Section: User Commands (8) Updated: October 2006
Local index Up
 

NAME

Vuurmuur_script - scriptable commandline tool for administration of the Vuurmuur IPTables frontend.  

SYNOPSIS

vuurmuur_script [-cvdhCDRMLPognzisrAOVS] [-d debug-level] [-o host] [-g group] [-n network] [-z zone] [-s service] [-i interface] [-r ruleset] [-V variable-name] [-S value]

 

OPTIONS

-d [1 - 3]
enables debugging, 1 low, 3 high
-h, --help
gives this help
-v, --verbose
verbose mode.
 

Commands:

--block <name>
block host/group or ipaddress.
--unblock <name>
unblock host/group or ipaddress.
--list-blocked
list the hosts/group and ipaddresses that are blocked.
--reload
make Vuurmuur reload it's config.
-C, --create
create object.
-D, --delete
delete object.
-R, --rename
rename object.
-M, --modify
modify object.
-L, --list
list objects.
-P, --print
print data of object.
 

Object:

-o, --host <name>
host.
-g, --group <name>
group.
-n, --network <name>
network.
-z, --zone <name>
zone.
-s, --service <name>
service.
-i, --interface <name>
interface.
-r, --rule <name>
rule.
-V, --variable <variable>
variable to modify/print.
-S, --set <value>
value to set on modify, or new name when renaming.
-A, --append
append the variable on modify
-O, --overwrite
overwrite the variable on modify
--rule-numbers
print rule numbers
--apply
try to apply the changes directly to Vuurmuur
--no-apply
don't try to apply the changes to Vuurmuur
 

EXAMPLES

Gives a list of all groups:
vuurmuur_script --list --group any

Gives a list of all groups in network localnet.lan:
vuurmuur_script --list --group localnet.lan
 
Print content of host server.localnet.lan:
vuurmuur_script --print --host server.localnet.lan
 
Create an empty host:
vuurmuur_script --create --host pc1.localnet.lan
 
Set the host to active:
vuurmuur_script --modify --host pc1.localnet.lan --variable ACTIVE --set Yes
 
Set the ipaddress of the new host:
vuurmuur_script --modify --host pc1.localnet.lan --variable IPADDRESS --set 192.168.1.15
 
Append a rule to the rules list:
vuurmuur_script -M -r rules -V RULE -S "accept service ftp from pc1.localnet.lan to firewall" -A
 
Add the ipaddress 1.2.3.4 to the blocklist:
vuurmuur_script --block 1.2.3.4
 
Remove an ipaddress from the blocklist:
vuurmuur_script --unblock 1.2.3.4
 

COPYRIGHT

Copyright © 2002-2006 by Victor Julien <victor@vuurmuur.org>  

SEE ALSO

The full documentation for Vuurmuur_conf is maintained as a wiki at http://wiki.vuurmuur.org/

vuurmuur(8), vuurmuur_log(8), vuurmuur_conf(8)


 

Index

NAME
SYNOPSIS
OPTIONS
Commands:
Object:
EXAMPLES
COPYRIGHT
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 22:02:37 GMT, April 16, 2011