Can fwbuilder compile Linux firewall to a single file containing *filter and *mangle? I don't want a script to run - I want comparable to what would be seen in /etc/sysconfig/iptables (RedHat).
Would prefer a solution that can be run from command line.
you can switch to the "iptables-restore" format in the "Script" tab of the firewall object settings dialog. The file /etc/sysconfig/iptables is in that format. Generated script will still have all of the supporting shell code though,but actual iptables rules will be in the format understood by iptables-restore.
I prefer the iptables-restore format, without having to run iptables-restore either on the fwbuilder device nor on the target Linux host.
Can the compiler be configured to produce the iptables rules directly?
the checkbox in the "Script" tab of the firewall settings dialog switches to the iptables-restore format in the generated script. You do not need to run iptables-restore yourself, iptables rules in the generated script will be in that format already.
Not quite. The script has the rules in echo statements. But one could set the IPTABLES_RESTORE variable to "tee file" in the prolog method, run the script, and obtain the rules in "file". Thanks for making such a flexible tool!