Command Line Interface
Check the syntax of a ruleset
# aims check aims.rules
The interpreter will attempt to compile the ruleset, displaying any warnings or errors that occur.
Load a ruleset
# aims load aims.rules
This will flush any existing rules and load the rules in ruleset. If you're making changes from a remote connection, makeing firewall changes can be risky as you can accidentally create a scenario where you block your own connection. To mitigate this risk a second method of loading a rulset is available.
# aims safe-load aims.rules
safe-load does the same thing as load except that it will flush the ruleset automatically after 5 seconds without user intervention. This means that if you block your connection somehow and can't prevent the ruleset from flushing, your connection will be unblocked after 5 seconds when the rules are flushed.
Unload a ruleset
# aims unload
Flush any rules in iptables currently and reset chain policies.
Examine the compiled rules
# aims show aims.rules
When troubleshooting issues with a ruleset, it can be useful to see exactly how the interpreter is compiling the rules into iptables commands. Compiled commands are dispalyed on stdout. This feature can also be useful if you simply want to compile the ruleset once and distribute to other machines. Simply save the output to a file and run as a shell script.
# aims show aims.rules > compiled-rules.sh
# sh compiled-rules.sh
Comments