6wall can be controlled via the command 6wall.
# 6wall
Usage: 6wall [debug] [nolock] [-c <directory>] <command>
where <command> is one of:
show [<chain>|log|mangle]
start
stop
reset
restart
status
clear
refresh
hits
version
check
drop <address> ...
allow <address> ...
After the configuration steps in the previous chapter, you can (re)start 6wall with the command 6wall start or 6wall restart
Stopping the firewall with the command 6wall stop
results in denying all traffic through your system, except the traffic
via the interfaces defined in /etc/6wall/routestopped6.
The use and effects of this file are identical to the
routestopped file of Shorewall, which is described
here.
To disable 6wall completely and to allow all traffic, give the command 6wall clear
Using the 6wall show ... and 6wall status commands, you can get information on the current status of the ip6tables configuration and the last 6wall entries in your logfile
6wall hits gives a summary of all 6wall entries in your logfile.
The 6wall configuration can be validated with 6wall check
6wall uses two forms of blacklisting: static and dynamic
blacklisting. Static blacklisting uses the configuration file
/etc/6wall/blacklist. Dynamic blacklisting is
controlled via the 6wall drop <ip address>
and 6wall allow <ip address>
commands.
For more information on blacklisting check the Shorewall documentation