I have several thousand lines long firewall generated by some perl
scripts . I am looking for a fast way to reload that firewall with
iptables-restore.
Is there any way to parse my firewall/whatever.sh into
iptables-restore (actually iptables-restore) format ?
I've found that if i have a firewall script that has let's say "full"
syntax (i mean to declare each table - filter,nat and mangle with
"-t" option ) it should be easy to parse it like that :
cat filter.header.txt > iptables-restore.bin
grep "-t filter" firewall.sh >> iptables-restore.bin
cat nat.header.txt >> iptables-restore.bin
grep "-t nat" firewall.sh >> iptables-restore.bin
cat mangle.header.txt >> iptables-restore.bin
grep "-t mangle" firewall.sh >> iptables-restore.bin
content of filter files is like :
--------
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:ICMP - [0:0]
:SKAN - [0:0]
:SUM - [0:0]
:WATCH - [0:0]
--------
and so on
Is it possible ?
Do You have your own solutions ?
regards
--
Wojciech Ziniewicz
Unix SEX :{look;gawk;find;sed;talk;grep;touch;finger;find;fl
ex;unzip;head;tail; mount;workbone;fsck;yes;gasp;fsck;more;yes;yes;eje
ct;umount;makeclean; zip;split;done;exit:xargs!!;)}
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment