Hello, Netfilter List! I have a question regarding the notation of filter rules. I am quite familiar with the syntax of the iptables command. Apparently most people who write firewall scripts are familiar with it as well since a lot of scripts configuring Netfilter rules consist of a shell script and config scripts. Most people that run a packet filter don't want to delve into the depths of the iptables syntax in order to change a few rules. Is anyone on this list aware of projects that try to define a kind of meta-syntax for filtering rules which can be processed and stored easier than shell script fragments? Maybe someone has tried to write a parser in order to import OpenBSD pf or Cisco PIX rules. I'd like to hear about anyone who has thoughts on this. I am aware that there are several rule editors out there (such as FWbuilder). I am more interested in a low-level approach having simple rules that can be parsed easily and possibly distributed among multiple firewall systems. Best wishes, René. -- )\._.,--....,'``. Let GNU/Linux work for you while you take a nap. /, _.. \ _\ (`._ ,. R. Pfeiffer <lynx at luchs.at> + http://web.luchs.at/ `._.-(,_..'--(,_..'`-.;.' - System administration + Consulting + Teaching - Got mail delivery problems? http://web.luchs.at/information/blockedmail.php
Attachment:
pgpz2KtiQ24d9.pgp
Description: PGP signature
