User manual
20: Configuring firewall
_______________________________________________________________________________________________________
root@VA_router:/# /etc/init.d/firewall start
The firewall can be permanently disabled by enter:
root@VA_router:/# /etc/init.d/firewall disable
Note: disable does not flush the rules, so you might be required to issue a stop
before.
To enable the firewall again enter:
root@VA_router:/# /etc/init.d/firewall enable
20.12 Debug generated rule set
It is possible to observe the iptables commands generated by the firewall
programme. This is useful to track down iptables errors during firewall restarts
or to verify the outcome of certain UCI rules.
To see the rules as they are executed, run the fw command with the FW_TRACE
environment variable set to 1 (one):
root@VA_router:/# FW_TRACE=1 fw reload
To direct the output to a file for later inspection, enter:
root@VA_router:/# FW_TRACE=1 fw reload 2>/tmp/iptables.lo
_______________________________________________________________________________________________________
© Virtual Access 2015
GW1000 Series User Manual
Issue: 2.4 Page 141 of 255