Red Hat Enterprise Linux 5 Administration Unleashed

500CHAPTER 24Configuring a FirewallSet TTL value.--ttl-dec Decrease TTL value by defined amount.--ttl-inc Increase TTL by default amount.ULOGUser-space logging for packets that match the rule. Packet is multicast through anetlink socket so userspace processes can subscribe to it and receive the packets.--ulog-nlgroup Packet is sent to the chosen netlink group, defined by a number from 1 to 32.Defaults to 1.--ulog-prefix Define a prefix up to 32 characters for the log messages to set them apart fromother messages.--ulog-cprange Number of bytes to copy to user-space. If set to 0, the whole packet is copied.Defaults to 0.--ulog-qthreshold How many packets to queue inside the kernel before transmitting them as onemulti-part netlink message. Defaults to 1.XOREncrypt TCP and UDP traffic using XOR encryption.--key Set a key.--block-size Set block size.Starting and Stopping the IPTables ServiceThe IPTables service can be started and stopped using the iptables service. The script tomanage the service has many other options. As root, the following can be usedwith the service iptables command:. start: Start service with the rules defined in /etc/sysconfig/iptables.. stop: Flush firewall rules, delete chains, unload kernel modules, and set policy toaccept all packets again.. restart: Stop the service, then start it again.