Provided by: arno-iptables-firewall_2.1.1a-3_all bug

NAME
       arno-iptables-firewall - Single- & multi-homed firewall script with DSL/ADSL support.


SYNOPSIS
       arno-iptables-firewall  start  |  restart  | force-reload | stop | stop-block | status | status-plugins |
       check-conf


DESCRIPTION
       arno-iptables-firewall is an iptables configuration script with support for both IPv4 & IPv6. In general,
       it should not be called directly, but rather should be invoked via /etc/init.d/arno-iptables-firewall  or
       systemctl  COMMAND  arno-iptables-firewall.service,  depending  on  the  init  system in use. While it is
       extremely easy to set up a basic firewall one  can  nevertheless  configure  it  to  meet  quite  complex
       requirements.

       All available options are explained in the extensively documented configuration file.

       As  a  bare  minimum  the  external  interface of the system needs to be set up properly in the firewalls
       configuration (EXT_IF). The default behavior of the firewall is to deny all incoming connections.

       Instead of editing the main configuration file, it is recommended  to  put  configuration  snippets  into
       .conf  files  to be placed in the configuration directory. These are sourced after the main configuration
       file has been read and can be used to override previous (default) configurations.

       For additional requirements not covered by the configuration file  and  not  coverable  by  configuration
       snippets custom iptables rules can be placed in a custom rules file. This file is automatically parsed by
       the service script.

       Logs  are  written to a dedicated log file if rsyslogd is in use. The arno-fwfilter script can be used to
       make the firewall logs more readable for humans (see manpage).

       Several plugins implementing advanced features come with the firewall script. Each of them brings its own
       configuration file to be found in the plugins configuration directory.


FILES
       /etc/arno-iptables-firewall/firewall.conf
              main configuration file

       /etc/arno-iptables-firewall/conf.d/
              firewall configuration directory

       /etc/arno-iptables-firewall/plugins/
              plugins configuration directory

       /etc/arno-iptables-firewall/custom-rules
              custom iptables rules file

       /etc/arno-iptables-firewall/blocked-hosts
              host blacklist. This file does not pre-exist and its use is disabled  in  the  main  configuration
              file by default.

       /var/log/arno-iptables-firewall
              log file maintained by rsyslogd


SEE ALSO
       iptables(8),              arno-fwfilter(1),              /usr/share/doc/arno-iptables-firewall/README.gz,
       https://rocky.eld.leidenuniv.nl/


AUTHORS
       arno-iptables-firewall was written by Arno van  Amersfoort  <arnova@rocky.eld.leidenuniv.nl>  and  Lonnie
       Abelbeck <lonnie@abelbeck.com>.

       This  manual  page was initially written by Michael Hanke <michael.hanke@gmail.com> and has been reworked
       by Sven Geuer <debmaint@g-e-u-e-r.de>, for the Debian project (but may be used by others).

Sven Geuer                                         2020-03-25                          ARNO-IPTABLES-FIREWALL(8)