Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#6 Reverse Eng of existing rules.

open
nobody
None
5
2001-05-16
2001-05-16
Anonymous
No

It would propell this utility if there can be a reverse
engineering function. Take existing ipcahins rules,
convert to meta rules, then proceed as needed!

Discussion

  • Vadim Kurland
    Vadim Kurland
    2001-05-27

    Logged In: YES
    user_id=6825

    I agree that this would have been very nice feature or tool to have, but I am rather sceptical as of how feasible this is. There is huge difference between low level iptables commands and our high level, abstract definition of "rules". Iphains is veen worse as it is stateless and requires tons of additional rules to allow "reply" packets.

    I'll keep this feature request open for a while, but I do not think I'll ever get to implement it. May be someone else would?

    Vadim

     
  • Logged In: YES
    user_id=42316

    This very usefull feature, for example when your upgrade
    from raw iptables to fwbuilder it is very usefull to take
    existing translation rules at least, before 2 weeks I had
    migrated simple firewall with a lot of individual access and
    translation rules manually and of course I had missed many
    of them or made errors. I think it may be part of discover
    function with optional import of rules which were found.

     
  • Iouri Bespalov
    Iouri Bespalov
    2003-11-26

    Logged In: YES
    user_id=746168

    Hi!
    I need to import existing rools from the PIX. I would make
    this myself, what do I need is Docs about API and XML-Format
    You use.

    Greetings Iouri Bespalov

    P.S.: my E-Mail is I.bespalov@isv-gmbh.de