Listing 1: Help output of ipfwadm

ipfwadm 2.3.0, 1996/07/30

Usage: /sbin/ipfwadm -A [direction] command [options] (accounting)
/sbin/ipfwadm -F command [options] (forwarding firewall)
/sbin/ipfwadm -I command [options] (input firewall)
/sbin/ipfwadm -O command [options] (output firewall)
/sbin/ipfwadm -M [-s | -l] [options] (masquerading entries)
/sbin/ipfwadm -h (print this help information))

Commands:
-i [policy]    insert rule (no policy for accounting rules)
-a [policy]    append rule (no policy for accounting rules)
-d [policy]    delete rule (no policy for accounting rules)
-l        list all rules of this category
-z        reset packet/byte counters of all rules of this category
-f        remove all rules of this category
-p policy    change default policy (accept/deny/reject)
-s tcp tcpfin udp
set masuerading timeout values
-c        check acceptance of IP packet

Options:
-P        protocol (either tcp, udp, icmp, or all)
-S address[/mask] [port ...]
source specification
-D address[/mask] [port ...]
destination specification
-V address    network interface address
-W name    network interface name
-b        bidirectional match
-e        extended output mode
-k        match TCP packets only when ACK set
-m        masquerade packets as coming from local host
-n        numeric output of addresses and ports
-o        turn on kernel logging for matching packets
-r [port]    redirect packets to local port (transparent proxying)
-t and xor    and/xor masks for TOS field
-v        verbose mode
-x        expand numbers (display exact values)
-y        match TCP packets only when SYN set and ACK cleared