Provided by: mason_1.0.0-13_all 
NAME
mason - interactively create a firewall
SYNOPSIS
mason < logfile > rulefile
DESCRIPTION
This manual page briefly documents the mason command.
mason interactively generates a set of firewall rules for a Linux-based firewall. This is done by
turning on full IP logging, watching the logs for connections, and generating rules describing the
connections seen. mason is familiar with most of the quirks of various connection types (such as ftp and
IRC), and can output rules for 2.0.x ipfwadm, 2.2.x ipchains, and Cisco packet filters.
mason operates by reading in log file information from standard input and writing firewall rules to
standard output. This allows mason to work offline or on a separate system. Real-time firewall
generation can be achieved with a command like tail(1).
Most users will want to run mason with a user-friendly interface such as mason-gui-text(1).
ENVIRONMENT
mason is configured using the following environment variables.
ECHOCOMMAND
Sets the type of firewall rules that mason should output to standard out. Allowed values include
"ipfwadm" and "ipchains". By default, mason outputs whatever kind of rules are supported by the
currently running Linux kernel.
DOCOMMAND
Sets the type of firewall rules that mason should run immediately when a rule is generated.
Allowed values include "ipfwadm" and "ipchains". By default, mason outputs whatever kind of rules
are supported by the currently running Linux kernel.
HEARTBEAT
If set to "yes", mason will output a "+" or "-" to standard error whenever a rule generated by
mason has been triggered.
DYNIP Set this to the list of interfaces that have dynamically assigned addresses, separated by spaces.
SEE ALSO
mason-gui-text(1)
AUTHOR
This manual page was written by Jeff Licquia <jeff@luci.org>, for the Debian GNU/Linux system (but may be
used by others).
MASON(1)