Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
APPJAIL-EXPOSE(1)	    General Commands Manual	     APPJAIL-EXPOSE(1)

NAME
       appjail-expose -- Port forwarding from host port	to jail	port

SYNOPSIS
       appjail expose get [-eHIipt] -n nro jail	[keyword ...]
       appjail expose list [-eHIipt] [-n nro] jail [keyword ...]
       appjail expose off jail
       appjail expose on jail
       appjail expose remove [all|nro nro] jail
       appjail	expose	set  -k	 network  -p hport[:jport] [[-E|-e]] [[-t|-u]]
	       [-i interface]  [-l  [-|options]]  [-N  name]  [-n  [auto|nro]]
	       [-o interface] jail
       appjail expose status jail

DESCRIPTION
       The  appjail  expose  utility  configures, lists, enables, and disables
       rules to	perform	port forwarding	from a host port to a jail port.

       The options are as follows:

       get [-eHIipt] -n	nro jail [keyword ...]
	    Get	information about current rules	, that is,  the	 keyword  that
	    represent the information to be obtained. Multiple keywords	can be
	    specified,	which  are  displayed as a table-like interface	in the
	    order in which they	are specified.	If no  keyword	is  specified,
	    the	  defaults   are  nro,	enabled,  name,	 ports,	 protocol  and
	    network_name.

	    See	"KEYWORDS" for a list of available keywords.

	    -e	Not required when using	-p .  The \t character is used to  de-
		limit  columns,	 so as not to show strange values, this	option
		shows <TAB> instead of \t in the case that  a  value  contains
		the latter.

	    -H	Shows the name of the columns.

	    -I	Include	 empty	values.	 By default, a minus sign is displayed
		when a value is	empty.

	    -i	Don't complain when nro	doesn't	exist.

	    -p	Columnate the list.

	    -t	Tabulate columns and values.

	    -n nro
		Identifier.

       list [-eHIipt] [-n nro] jail [keyword ...]
	    Similar to get but shows each keyword for  each  rule  in  a  nice
	    table.

	    -e,	-H, -I,	-p, -t
		All  of	these options perform the opposite task	of the options
		described in get.

	    -i	Perform	the same task as described in get .

	    -n nro
		Only show information for nro.

       off jail
	    Flush the rules currently in use.

       on jail
	    Load enabled rules configured by set .

       remove [all|nro nro] jail
	    Remove a given rule.

	    all
		Remove all rules.

	    nro	nro
		Remove the rule	specified by nro .
	    ] jail

       set -k network -p hport[:jport] [[-E|-e]] [-t|-u]  [-i  interface]  [-l
	    [-|options]] [-N name] [-n [auto|nro]] [-o interface]
	    Configure a	new or existing	rule.

	    -k network
		Get  the  jail's  IPv4 address from network , required for the
		rule.

		If you are configuring a rule that already has this value,  it
		becomes	optional, so you can ignore it if you wish.

	    -p hport[:jport]
		Forward	the hport port to the jport port.

		hport  is the host or external port and	jport if the port cur-
		rently listening to the	application within the	jail.  If  not
		set, hport is used.

		Both  hport and	jport can be specified using symbolic names as
		described in services(5).

		If you are configuring a rule that already has this value,  it
		becomes	optional, so you can ignore it if you wish.

	    [-E|-e]
		Enable (-E) or disable (-e) this rule.

	    -t|-u
		Use TCP	(-t) or	UDP (-u) .  By default is TCP

	    -i interface
		Interface to obtain the	external IPv4 address. If not set, the
		interface specified by the EXT_IF parameter is used.

	    -l [-|options]
		Firewall-specific  logging options. Use	a minus	sign to	enable
		logging, but without options.
		]

	    -N name
		Service	description.

	    -n [auto|nro]
		Identifier. An identifier is composed of  a  positive  number.
		Use auto (default) to get the lowest identifier	value.

	    -o interface
		Apply  rules  to  packets  coming in on, or going out through,
		this interface.	If not set, the	 interface  specified  by  the
		ON_IF parameter	is used.

       status jail
	    Shows  the	rule that is currently in use or an error if it	is not
	    yet	applied.

KEYWORDS
       enabled
	   Shows 1 if the rule is enabled, 0 if	it is not.

       name
	   Service description.

       network_name
	   Network used	to obtain the jail's IPv4 address.

       nro
	   Identifier.

       ports
	   Exposed ports.

       protocol
	   Protocol, i.e. TCP or UDP in	lowercase.

       rule
	   The rule that will be applied.

EXIT STATUS
       The appjail expose utility exits	0 on success, and >0 if	an  error  oc-
       curs.

SEE ALSO
       appjail-quick(1)	sysexits(3)

AUTHORS
       Jess Daniel Colmenares Oviedo <DtxdF@disroot.org>

FreeBSD	Ports 14.quarterly	 April 6, 2024		     APPJAIL-EXPOSE(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=appjail-expose&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help