[ Previous | Next | Contents | Glossary | Home | Search ]
AIX Version 4.3 Commands Reference, Volume 3

mkfilt Command

Purpose

Activates or deactivates the filter rules.

Syntax

mkfilt -v 4|6 [-d] [-u] [-z P|D] [-g start | stop] [-i]

Description

Use the mkfilt command to activate or deactivate the filter rules. This command can also be used to control the filter logging function.

The mkfilt command activates or deactivates the filter rules.

Flags

-v IP version of the rules you want to activate. The value of 4 specifies IP version 4 and the value of 6 specifies IP version 6. The default (when this flag is not used) is to activate both IP version 4 and IP version 6. All the filter rules defined in the filter rule table for the IP version(s) will be activated or deactivated.
-v IP version for which you want to activate the filter rules. Value 4 specifies IP Version 4. Value 6 specifies IP Version 6. Default is for both IP Version 4 and IP Version 6. All the filter rules defined in the filter rule table for the IP version(s) will be activated or deactivated.
-d Deactivates the active filter rules. This flag cannot be used with the -u flag.
-d Deactivates the active filter rules if this flag is specified. It is mutually exclusive with -u flag.
-u Activates the filter rules in the filter rule table. This flag cannot be used with the -d flag.
-u Activates all the filter rules in the filter rule table. It is mutually exclusive with -d flag.
-z Sets the action of the default filter rule to Permit (P) or Deny (D). The default filter rule is the last rule in the filter rule table that will apply to traffic that does not apply to any other filter rules in the table. Setting the action of this rule to Permit will allow all traffic that does not apply to any other filter rules. Setting this action to Deny will not allow traffic that does not apply to any other filter rules.
-z Set up default filter rule to Permit (P) or Deny (D). The default filter rule is the last rule in the filter rule table which permits or denies all the IP packets to which no other rules in the filter rule table applies.
-g This flag is used to either start (start) or stop (stop) the log functionality of the filter rule module.
-g This flag can start (start) or stop (stop) the log functionality of the filter rule module.
-i Initialization flag. This flag only applies when the -u flag is also used. If the -i flag is used, all the filter rules with an "active" status will be activated. If not used, all the filter rules in the filter rule table will be activated.

[ Previous | Next | Contents | Glossary | Home | Search ]