Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

generate iptables rules, not a script

2010-07-16
2013-03-05
  • Can fwbuilder compile Linux firewall to a single file containing *filter and *mangle? I don't want a script to run - I want comparable to what would be seen in /etc/sysconfig/iptables (RedHat).

    Would prefer a solution that can be run from command line.

    Thanks!
    -Mike Slifcak

     
  • Vadim Kurland
    Vadim Kurland
    2010-07-16

    you can switch to the "iptables-restore" format in the "Script" tab of the firewall object settings dialog. The file /etc/sysconfig/iptables is in that format. Generated script will still have all of the supporting shell code though,but actual iptables rules will be in the format understood by iptables-restore.

     
  • I prefer the iptables-restore format, without having to run iptables-restore either on the fwbuilder device nor on the target Linux host.

    Can the compiler be configured to produce the iptables rules directly?

     
  • Vadim Kurland
    Vadim Kurland
    2010-07-16

    the checkbox in the "Script" tab of the firewall settings dialog switches to the iptables-restore format in the generated script. You do not need to run iptables-restore yourself, iptables rules in the generated script will be in that format already.

     
  • Not quite.  The script has the rules in echo statements.  But one could set the IPTABLES_RESTORE variable to "tee file" in the prolog method, run the script, and obtain the rules in "file".  Thanks for making such a flexible tool!