Commands

ipfwadm

-A command parameters [options]

ipfwadm

-I command parameters [options]

ipfwadm

-O command parameters [options]

ipfwadm

-F command parameters [options]

ipfwadm

-M [ -l | -s ] [options]

This command is used to set up and maintain IP firewall (both input -I and output -O) and accounting (-A option).

Example: To display your current rule set, use

ipfwadm -l

`-A [direction]`	IP accounting rules. Direction specifies which direction of packet travel the accounting refers to (in, out, or both).
`-I`	IP input firewall rules.
`-O`	IP output firewall rules.
`-F`	IP forwarding firewall rules.
`-M`	IP masquerading administration. Use with -l and -s options.
`-a [policy]`	Append rules to the end of the list of rules.
`-i [policy]`	Insert one or more rules at the beginning of the list of rules.
`-d [policy]`	Delete one or more entries from the selected list of rules.
`-l`	Display all the rules in the selected list.
`-z`	Reset counter to zero.
`-f`	Flush the selected list of rules.
`-p policy`	Change the default policy for the selected type of firewall.
`-s tcp tcpfin udp`	Change the timeout values used for masquerading. This command always takes three parameters, representing the timeout values (in seconds) for TCP sessions, TCP sessions after receiving a FIN packet, and UDP packets, respectively.
`-c`	Check whether this IP packet would be accepted, denied, or rejected by the selected type of firewall.
`-h`	Help. Use with the append, insert, delete, or check options.
`-P protocol`	The protocol of the rule or of the packet to check (tcp, udp, icmp, all).
`-S address[/mask] [port ...]`	Display the source specification (optional).
`-D address[/mask] [port ...]`	Display the destination specification (optional).
`-V address`	Display the address of an interface via which a packet is received or sent.
`-W name`	Name of the interface via which a packet is received or sent.
`-b`	Run in bidirectional mode.
`-e`	Run in extended output.
`-k`	Match only TCP packets with the ACK bit set (this option will be ignored for packets of other protocols).
`-m`	Masquerade packets accepted for forwarding.
`-n`	Display the numeric output. IP addresses and port numbers will be printed in numeric format
`-o`	Turn on kernel logging of matching packets.
`-r [port]`	Redirect packets to a local socket.
`-t andmask xormask`	Masks used for modifying the TOS field in the IP header.
`-v`	Run in verbose output.
`-x`	Display the expand numbers.
`-y`	Match only TCP packets with the SYN bit set and the ACK bit cleared (this option will be ignored for packets of other protocols).

pgpe

-r <recipient> [-s [-u <myid>]] [-aftz] [-o <outfile>] file

pgpe

-c [-aftz] [-o outfile] file

Encrypt and sign files using public key cryptography, or encrypt files using conventional cryptography.

Example: To encrypt the file "noonesbusiness.txt" using public key cryptography for mailing (-a option and -t options) to recipient testguy@yahoo.com, use

pgpe -r testguy@yahoo.com -at noonesbusiness.txt

`-a, --armor`	Output a text-only version of the encrypted text, thereby rendering the resultant file safe for mailing.
`-c`	Conventional encrypting mode (encrypt via IDEA).
`-f`	Run in stream mode. Accept input on stdin and place output on stdout.
`-o outfile`	Send output to the specified outfile.
`-s`	Tells pgpe to sign the document as well as encrypting it.
`-t`	Text mode. Useful when moving files from one operating system to another.
`-u`	Sets the ID of the key used for signing. Use with -s option.
`-z`	Batch mode.

pgpk

This program is used to manage public and private keys for PGP. Note that this program is stream based, rather than file based.

Example: To generate a key, use

pgpk -g

`-a [keyfile]`	Add the contents of the specified keyfile to the keyring. If no file is specified, input is taken from stdin.
`-c [userid]`	Check the signatures of all keys on the public keyring or the key associated with the specified userid.
`-d <userid>`	Toggle the disablement of <userid>'s key on your public keyring.
`-e <userid>`	Edit the specified <userid>'s key.
`-g`	Generate a public/private key pair.
`-l[l] [userid]`	List information about a key.
`-o outfile`	Send output to the specified file.
`--revoke <userid>`	Permanently revoke the specified key.
`--revokes <userid>`	Permanently revoke your signature on the specified key.
`-r <userid>`	Remove the key associated with the specified userid from your keyring.
`-ru <userid>`	Remove the specified userid from your public and private keyrings.
`-rs <userid>`	Remove the specified signature from your public keyring.
`-s <userid> [-u <yourid>]`	Sign the specified <userid>'s key with the default signing key.
`-x <userid>`	Extract the specified key in ASCII-armored format.
`-z`	Run in batch mode.
`pgpk -g`	Generate a key.

pgps

[-u <userid>] [-abftv] [-z|-zs] [-o <outfile>] file

Sign files using public key cryptography.

Example: To sign and encrypt the file outmail for mailing (-a option) using secretguy@domain.com's key, use

pgps -usecretguy@domain.com -a outmail

`-a, --armor`	Turn on ASCII armoring.
`-b`	Create a detached signature file rather than combining the signature with the message in the same file.
`-f`	Stream mode. Accept input from stdin and place results on stdout.
`-o outfile`	Send output to the specified file.
`-t`	Text mode. Used to convert input messages to a platform independent form. Useful when transferring messages between operating systems.
`-u`	Set the ID of the key used for signing.
`-z`	Run in batch mode.

pgpv

[-dfKmqv] [-z|-zs] [-o <outfile>] file

Decrypt and verify messages encrypted and/or signed with PGP.

Example: To decrypt the mail someone just sent you that was encrypted with your public key, use

pgpv mail.txt

`-d`	Leave signature intact; just verify.
`-f`	Run in stream mode. Accepts input from stdin and place output on stdout.
`-o outfile`	Send output to the specified file.
`-K`	Do not process any keys found in the message. (The default is to add any keys found to your keyring.)
`-m`	Display message output with PGP's internal pager or the pager specified in your pgp.cfg file.
`-z`	Batch mode.