Re: [wallfire-users] how to use the files generated by wfconvert netfilter output filter ?

[Herve E. <rv...@wa...>]

On Mon, Mar 21, 2005 at 04:20:44PM +0100, Eric Lacroix wrote:

 Hi Eric,

> I'm trying to use wfconvert 0.4.1 to configure a netfilter simple
> firewall. I don't know what to do with the scripts generated. They seem
> to be 'sh' scripts, but there's still some stuff missing.

Yes.

> I know iptables a very little, what may explains what I don't
> understand.

Did you read the README?
Here's a copy-paste of the interesting parts:
--------------------------------------------------------------------

For the moment, you can play with the example given under
doc/example.wf,
which is quite self-explainable, I think.
$ wfconvert -i wallfire -o netfilter example.wf
translates the rules into a netfilter/iptables script, by producing a
wallfire profile directory (probably in an insecure way, for the
moment :-().
See netfilter output below.

[...]

Netfilter output
----------------

WallFire provides a powerful infrastructure for netfilter rules.  You
can store several configurations on your machine, each one being for a
given firewalling ruleset in a given place, which is useful for
laptops, for example. Such a configuration is called a "profile".

$ wfconvert -i wallfire -o netfilter example.wf
produces a temporary directory containing scripts using iptables or
iptables-save commands. This directory is a "profile".
You can then apply the rules of this profile with the command named
wallfire.
If the above wfconvert execution produced files in the directory
/tmp/dir,
you can (hopefully) activate the firewalling with:
# WF_CONFDIR=3D/tmp/dir wallfire start

--------------------------------------------------------------------

Is should be sufficient for a start, isn't?  If not, what can I do to mak=
e
it more clear?
Anyway, I know that documentation is far from complete at that stage...
sorry about that.

 Herve

--=20
 _
(=B0=3D  Herv=E9 Eychenne
//)
v_/_ WallFire project:  http://www.wallfire.org/