Filter Rule Definition

There are 2 freely available utilities that can be used to define and administer the firewall's filter rules.

They are both GUI-based applications that run on the desktop, and provide a good way to keep track of the firewall's configuration.

Go to the Links page to visit the download sites

It is of course possible to manually configure the firewall rules.

To do so, complete the following 3 steps:

  1. Open \MPTN\ETC\SECURITY\FWFILTRS.CNF in an editor.

    For the format of the rules go here

    Rules are entered one per line, with a single space between each field.

  2. When you have finished entering rules and have saved the configuration, open an OS/2 window and type the following command:

    cfgfilt -u

    This will update the filter rules. If any of your rules use logging, you will need to include the -d flag on the above command.

  3. To check that your rules are correct, run cfgfilt with no parameters. The rules should now all be listed and numbered.

blustar image Notice that the last rule in the list is always the firewall's default 'deny all packets' rule.
To find out more about how FWIP.SYS operates go here

Now go to Example Rules