mrash / iptables-parse Goto Github PK
View Code? Open in Web Editor NEWPerl extension for parsing iptables firewall rulesets
Home Page: http://www.cipherdyne.org/
Perl extension for parsing iptables firewall rulesets
Home Page: http://www.cipherdyne.org/
It would be great if the parsed data could be transformed back into a
string in iptables output format so it can be used again with iptables.
Add support for firewalld.
Update the IPTables::Parse module to handle ip6tables policies that handle IPv6 traffic.
Stuart Schneider reported a bug where IPTables::Parse does not handle chain names with dash "-" characters, and he showed that iptables supports many additional chars as well:
iptables -N ' ~!@#$%^&*()+=[]{}|\testing '
iptables -nvL
[...]
Chain ~!@#$%^&*()+=[]{}|\testing (0 references)
pkts bytes target prot opt in out source destination
[...]
Previously, the output of ip6tables
and iptables
differed, e.g.,
>$ sudo /usr/sbin/iptables -w -t filter -n -L INPUT
Chain INPUT (policy DROP)
target prot opt source destination
LOG 0 ::/0 ::/0 LOG flags 2 level 4 prefix "[IPTABLES] "
>$ sudo /usr/sbin/iptables -w -t filter -n -L INPUT
Chain INPUT (policy DROP)
target prot opt source destination
LOG 0 -- 0.0.0.0/0 0.0.0.0/0 LOG flags 2 level 4 prefix "[IPTABLES] "
However, in Debian 12 (bookworm), ip6tables
now prints the --
, just like iptables
does.
This causes checks like psad --fw-analyze
to fail with the standard
You may just need to add a default logging rule to the 'filter' 'INPUT' chain on xenon. For more information, see the file "README" in the psad sources directory or visit:
I'm not sure how widespread this change is, whether it's in other distros, or when it happened (I'm having some trouble navigating through debian's package tracker; this is all new to me), but if it's a sensible change, it would be good for this library to support it, I think.
This issue was reported via CPAN:
Fabien Mazieres submitted a significant patch to IPTables::Parse which needs to be evaluated and applied.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.