NAME

Fwctl::Services::all - Fwctl module to handle any IP traffic.

SYNOPSIS

    accept   all -src INTERNAL_NET -dst INTERNET -masq
    deny    all -src BAD_GUYS_NET       --account
    account all -src PERIM_NET -dst INTERNET

DESCRIPTION

The all module is used to match any IP traffic. It can be used for accounting all traffic between nets or to create bazooka sized hole in our filters.

Needless to say that

    accept   all

is not a really secure use of this module.

CAVEATS

The way Fwctl organizes its rules, the all rules will always be processed after more specific rules. That is to say that if you use

    accept   all -src INTERNAL_NET
    block   ftp

This will result (perhaps unintuitively) in ftp being blocked also for the INTERNAL_NET. This is becaus Fwctl optimizes its rules according to protocol. So it processes rules for ICMP, TCP, UDP, OTHER and than ALL. (Other is if you specify another protocol, but not any). This optimization has only effects on rules matching without a protocol specified.

To fix the previous problem use :

    accept all -src INTERNAL_NET
    accept ftp -src INTERNAL_NET # Optimization work around
    block ftp

AUTHOR

This program is free software; you can redistribute it and/or modify it under the terms as perl itself.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

CAVEATS

AUTHOR

SEE ALSO

Module Install Instructions