Beginning with 2.4, gShield adds additional
run-time options to make some tasks easier.

From ./gShield help

gShield run-time options:
-------------------------
flush: flush all rulesets and disable firewall
client x: add ip "x" to clientlist
blacklist x: add ip  "x" to blacklist
highport x: add ip "x" to highport access list
help: this list

Briefly put, you can add ips to the client list, highport list
or blacklist all from the command line without having to re-load
gShield to re-read the ACL for that service.

For example, say I want to allow 1.2.3.4 as a client.  Starting with
gShield 2.4, this is a single step:

/etc/firewall/gShield.rc client 1.2.3.4

gShield will:

- add 1.2.3.4 to the -current- client list for immediate access
- add 1.2.3.4 to /etc/firewall/conf/client_hosts (for next time) and date its
insertion.
	   

There ARE some limitations:

- you have to use an -ip- address; hostnames are no good
- you can only use -single- ip addresses, not ranges or nets