Scroll to navigation

FOOMUURI(8) User Manual FOOMUURI(8)

NAME

foomuuri - multizone bidirectional nftables firewall

SYNOPSIS

foomuuri [OPTION] [COMMAND]

DESCRIPTION

Foomuuri is a firewall generator for nftables based on the concept of zones. It is suitable for all systems from personal machines to corporate firewalls, and supports advanced features such as a rich rule language, IPv4/IPv6 rule splitting, dynamic DNS lookups, a D-Bus API and FirewallD emulation for NetworkManager’s zone support.

OPTIONS

display this help and exit
output version information and exit
verbose output
be quiet
force some operations, don’t check anything
don’t force operations, check more
set config option to value

COMMANDS

load configuration files, generate new ruleset and load it to kernel
remove ruleset from kernel
same as start, followed by resolve and iplist refresh
show current status: running, zone-interface mapping
load configuration files and verify syntax
load “block all traffic” ruleset
list active ruleset currently loaded to kernel
list active ruleset for zone-zone currently loaded to kernel
list all known macros
list all macros with specified name or value
list all named counters
list named counter with specified name
list entries in all configured iplists and resolves
list entries in named iplist/resolve
add or refresh IP address to iplist
delete IP address from iplist
delete all IP addresses from iplist
refresh iplist @name entries now
change interface to zone
remove interface from all zones

FILES

Foomuuri reads configuration files from /etc/foomuuri/*.conf. See full documentation for configuration syntax.

AUTHORS

Kim B. Heino, b@bbbs.net, Foobar Oy

BUG REPORTS

Submit bug reports https://github.com/FoobarOy/foomuuri/issues

SEE ALSO

Full documentation https://github.com/FoobarOy/foomuuri/wiki

January 28, 2025 Foomuuri 0.27