diff options
Diffstat (limited to 'upstream/debian-bookworm/man8/iptables-apply.8')
| -rw-r--r-- | upstream/debian-bookworm/man8/iptables-apply.8 | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/upstream/debian-bookworm/man8/iptables-apply.8 b/upstream/debian-bookworm/man8/iptables-apply.8 new file mode 100644 index 00000000..8247510e --- /dev/null +++ b/upstream/debian-bookworm/man8/iptables-apply.8 @@ -0,0 +1,60 @@ +.\" Title: iptables-apply +.\" Author: Martin F. Krafft, GW +.\" Date: May 10, 2010 +.\" +.TH IPTABLES\-APPLY 8 "" "iptables 1.8.9" "iptables 1.8.9" +.\" disable hyphenation +.nh +.SH NAME +iptables-apply \- a safer way to update iptables remotely +.SH SYNOPSIS +\fBiptables\-apply\fP [\-\fBhV\fP] [\fB-t\fP \fItimeout\fP] [\fB-w\fP \fIsavefile\fP] {[\fIrulesfile]|-c [runcmd]}\fP +.SH "DESCRIPTION" +.PP +iptables\-apply will try to apply a new rulesfile (as output by +iptables-save, read by iptables-restore) or run a command to configure +iptables and then prompt the user whether the changes are okay. If the +new iptables rules cut the existing connection, the user will not be +able to answer affirmatively. In this case, the script rolls back to +the previous working iptables rules after the timeout expires. +.PP +Successfully applied rules can also be written to savefile and later used +to roll back to this state. This can be used to implement a store last good +configuration mechanism when experimenting with an iptables setup script: +iptables-apply \-w /etc/network/iptables.up.rules \-c /etc/network/iptables.up.run +.PP +When called as ip6tables\-apply, the script will use +ip6tables\-save/\-restore and IPv6 default values instead. Default +value for rulesfile is '/etc/network/iptables.up.rules'. +.SH OPTIONS +.TP +\fB\-t\fP \fIseconds\fR, \fB\-\-timeout\fP \fIseconds\fR +Sets the timeout in seconds after which the script will roll back +to the previous ruleset (default: 10). +.TP +\fB\-w\fP \fIsavefile\fR, \fB\-\-write\fP \fIsavefile\fR +Specify the savefile where successfully applied rules will be written to +(default if empty string is given: /etc/network/iptables.up.rules). +.TP +\fB\-c\fP \fIruncmd\fR, \fB\-\-command\fP \fIruncmd\fR +Run command runcmd to configure iptables instead of applying a rulesfile +(default: /etc/network/iptables.up.run). +.TP +\fB\-h\fP, \fB\-\-help\fP +Display usage information. +.TP +\fB\-V\fP, \fB\-\-version\fP +Display version information. +.SH "SEE ALSO" +.PP +\fBiptables-restore\fP(8), \fBiptables-save\fP(8), \fBiptables\fR(8). +.SH LEGALESE +.PP +Original iptables-apply - Copyright 2006 Martin F. Krafft <madduck@madduck.net>. +Version 1.1 - Copyright 2010 GW <gw.2010@tnode.com or http://gw.tnode.com/>. +.PP +This manual page was written by Martin F. Krafft <madduck@madduck.net> and +extended by GW <gw.2010@tnode.com or http://gw.tnode.com/>. +.PP +Permission is granted to copy, distribute and/or modify this document +under the terms of the Artistic License 2.0. |