| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 |
- .. program:: qvm-firewall
- =======================================================
- :program:`qvm-firewall` -- Qubes firewall configuration
- =======================================================
- Synopsis
- ========
- :command:`qvm-firewall` [-n] <*vm-name*> [*action*] [*rule spec*]
- Rule specification can be one of:
- 1. *address*\ |\ *hostname*\ [/*netmask*] tcp|udp *port*\ [-*port*]
- 2. *address*\ |\ *hostname*\ [/*netmask*] tcp|udp *service_name*
- 3. *address*\ |\ *hostname*\ [/*netmask*] any
- Options
- =======
- .. option:: --help, -h
- Show this help message and exit
- .. option:: --list, -l
- List firewall settings (default action)
- .. option:: --add, -a
- Add rule
- .. option:: --del, -d
- Remove rule (given by number or by rule spec)
- .. option:: --policy=SET_POLICY, -P SET_POLICY
- Set firewall policy (allow/deny)
- .. option:: --icmp=SET_ICMP, -i SET_ICMP
- Set ICMP access (allow/deny)
- .. option:: --dns=SET_DNS, -D SET_DNS
- Set DNS access (allow/deny)
- .. option:: --yum-proxy=SET_YUM_PROXY, -Y SET_YUM_PROXY
- Set access to Qubes yum proxy (allow/deny).
- .. note::
- if set to "deny", access will be rejected even if policy set to "allow"
- .. option:: --numeric, -n
- Display port numbers instead of services (makes sense only with :option:`--list`)
- Authors
- =======
- | Joanna Rutkowska <joanna at invisiblethingslab dot com>
- | Rafal Wojtczuk <rafal at invisiblethingslab dot com>
- | Marek Marczykowski <marmarek at invisiblethingslab dot com>
|
