F.3. Firewalling commands

F.3.1. Check access to services

check access <IPAddr> [table=<routetable>]

Reports access control checks for a source address to various internal services. This is separate from any firewalling.

F.3.2. Check firewall logic

check firewall source-ip=<IPAddr> target-ip=<IPAddr>
     protocol=<unsignedByte> [source-port=<unsignedShort>]
     [target-port=<unsignedShort>] [source-route-ip=<IPAddr>]
     [table=<routetable>] [evil=<boolean>] [cug=<unsignedShort>]

Allows a detailed check of rule-sets and rules. This reports the rule-sets and rules that matched and the actions taken.