ipfwadm
-A command parameters [options]
ipfwadm
-I command parameters [options]
ipfwadm
-O command parameters [options]
ipfwadm
-F command parameters [options]
ipfwadm
-M [ -l | -s ] [options]
This command is used to set up and maintain IP firewall (both input -I and output -O) and accounting (-A option).
Example: To display your current rule set, use
ipfwadm -l
-A [direction] | IP accounting rules. Direction specifies which direction of packet travel the accounting refers to (in, out, or both). |
-I | IP input firewall rules. |
-O | IP output firewall rules. |
-F | IP forwarding firewall rules. |
-M | IP masquerading administration. Use with -l and -s options. |
-a [policy] | Append rules to the end of the list of rules. |
-i [policy] | Insert one or more rules at the beginning of the list of rules. |
-d [policy] | Delete one or more entries from the selected list of rules. |
-l | Display all the rules in the selected list. |
-z | Reset counter to zero. |
-f | Flush the selected list of rules. |
-p policy | Change the default policy for the selected type of firewall. |
-s tcp tcpfin udp | Change the timeout values used for masquerading. This command always takes three parameters, representing the timeout values (in seconds) for TCP sessions, TCP sessions after receiving a FIN packet, and UDP packets, respectively. |
-c | Check whether this IP packet would be accepted, denied, or rejected by the selected type of firewall. |
-h | Help. Use with the append, insert, delete, or check options. |
-P protocol | The protocol of the rule or of the packet to check (tcp, udp, icmp, all). |
-S address[/mask] [port ...] | Display the source specification (optional). |
-D address[/mask] [port ...] | Display the destination specification (optional). |
-V address | Display the address of an interface via which a packet is received or sent. |
-W name | Name of the interface via which a packet is received or sent. |
-b | Run in bidirectional mode. |
-e | Run in extended output. |
-k | Match only TCP packets with the ACK bit set (this option will be ignored for packets of other protocols). |
-m | Masquerade packets accepted for forwarding. |
-n | Display the numeric output. IP addresses and port numbers will be printed in numeric format |
-o | Turn on kernel logging of matching packets. |
-r [port] | Redirect packets to a local socket. |
-t andmask xormask | Masks used for modifying the TOS field in the IP header. |
-v | Run in verbose output. |
-x | Display the expand numbers. |
-y | Match only TCP packets with the SYN bit set and the ACK bit cleared (this option will be ignored for packets of other protocols). |
pgpe
-r <recipient> [-s [-u <myid>]] [-aftz] [-o <outfile>] file
pgpe
-c [-aftz] [-o outfile] file
Encrypt and sign files using public key cryptography, or encrypt files using conventional cryptography.
Example: To encrypt the file "noonesbusiness.txt" using public key cryptography for mailing (-a option and -t options) to recipient testguy@yahoo.com, use
pgpe -r testguy@yahoo.com -at noonesbusiness.txt
-a, --armor | Output a text-only version of the encrypted text, thereby rendering the resultant file safe for mailing. |
-c | Conventional encrypting mode (encrypt via IDEA). |
-f | Run in stream mode. Accept input on stdin and place output on stdout. |
-o outfile | Send output to the specified outfile. |
-s | Tells pgpe to sign the document as well as encrypting it. |
-t | Text mode. Useful when moving files from one operating system to another. |
-u | Sets the ID of the key used for signing. Use with -s option. |
-z | Batch mode. |
pgpk
[-a keyfile . | -c [userid]] | -d <userid> | -e <userid> | -g | -l[l] userid] | --revoke[s] <userid> | -r[u|s] <userid> | -s <userid>[-u <yourid>] |-x <userid>] [-o <outfile>] [-z]
This program is used to manage public and private keys for PGP. Note that this program is stream based, rather than file based.
Example: To generate a key, use
pgpk -g
-a [keyfile] | Add the contents of the specified keyfile to the keyring. If no file is specified, input is taken from stdin. |
-c [userid] | Check the signatures of all keys on the public keyring or the key associated with the specified userid. |
-d <userid> | Toggle the disablement of <userid>'s key on your public keyring. |
-e <userid> | Edit the specified <userid>'s key. |
-g | Generate a public/private key pair. |
-l[l] [userid] | List information about a key. |
-o outfile | Send output to the specified file. |
--revoke <userid> | Permanently revoke the specified key. |
--revokes <userid> | Permanently revoke your signature on the specified key. |
-r <userid> | Remove the key associated with the specified userid from your keyring. |
-ru <userid> | Remove the specified userid from your public and private keyrings. |
-rs <userid> | Remove the specified signature from your public keyring. |
-s <userid> [-u <yourid>] | Sign the specified <userid>'s key with the default signing key. |
-x <userid> | Extract the specified key in ASCII-armored format. |
-z | Run in batch mode. |
pgpk -g | Generate a key. |
pgps
[-u <userid>] [-abftv] [-z|-zs] [-o <outfile>] file
Sign files using public key cryptography.
Example: To sign and encrypt the file outmail for mailing (-a option) using secretguy@domain.com's key, use
pgps -usecretguy@domain.com -a outmail
-a, --armor | Turn on ASCII armoring. |
-b | Create a detached signature file rather than combining the signature with the message in the same file. |
-f | Stream mode. Accept input from stdin and place results on stdout. |
-o outfile | Send output to the specified file. |
-t | Text mode. Used to convert input messages to a platform independent form. Useful when transferring messages between operating systems. |
-u | Set the ID of the key used for signing. |
-z | Run in batch mode. |
pgpv
[-dfKmqv] [-z|-zs] [-o <outfile>] file
Decrypt and verify messages encrypted and/or signed with PGP.
Example: To decrypt the mail someone just sent you that was encrypted with your public key, use
pgpv mail.txt
-d | Leave signature intact; just verify. |
-f | Run in stream mode. Accepts input from stdin and place output on stdout. |
-o outfile | Send output to the specified file. |
-K | Do not process any keys found in the message. (The default is to add any keys found to your keyring.) |
-m | Display message output with PGP's internal pager or the pager specified in your pgp.cfg file. |
-z | Batch mode. |