logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

filtergen - packet filter compiler

Contents

Author

filtergen was originally written by Matthew Kirkwood.  Jamie Wilkinson <jaq@spacepants.org> then  rewrote
       a lot of the internals, added some features, and took on maintenance of the project.

                                                 January 7, 2004                                    FILTERGEN(8)

Bugs

       Not all backends implement all features.

       The packet filter is not optimised.

Description

filtergen compiles a high-level filtering description language into a variety of target formats.

Name

       filtergen - packet filter compiler

See Also

fgadm(8), filter_syntax(5), filter_backends(7)

Synopsis

filtergen  [  -h  |  --help  ] [ -V | --version ] [ -c | --compile ] [ -ttarget | --target=target ] [ -ooutfile | --output=outfile ] infilefiltergen [ -h | --help ] [ -V | --version ] [ -c | --compile ] [ -ttarget  |  --target=target  ]  [  -ooutfile | --output=outfile ] [ -Fpolicy | --flush=policy ]

Usage

filtergen reads the ruleset from the infile specified on the command line (or standard input if infile is
       "-") and outputs to standard output (or outfile) via an optionally specified backend.

       Both short and GNU-style long option options are accepted:

       -c,--compile
              Only try to "compile" the input, and do not generate any output.  This may be useful to check that
              an input file has no syntax errors in it before one attempts to use the result on a live server.

       -ttarget-filter,--target=target-filter
              If specified, target-filter will be used to select an output filter type, otherwise the default of
              iptables  will  be used.  Supported backends are iptables, ip6tables, iptables-restore, ip6tables-restore, ipchains, ipfilter and cisco (for Cisco IOS access-lists).

       -Fpolicy,--flush=policy
              Flush mode.  Generate a set of rules for clearing all rules from the packet  filter.   Useful  for
              firewall  scripts that need to `shutdown' the firewall.  You can supply a policy argument in place
              of the usual filename, to specify whether the flushed filter should default to accept, reject,  or
              drop.   It  defaults to accept, equivalent to having no filter loaded at all.  It is not necessary
              to specify an infile when using flush mode.

       -ooutfile,--output=outfile
              Write output to outfile instead of standard output.

       -h,--help
              Show command help.

       -V,--version
              Show program version.

See Also

Filters
Filters PNG Icons
Man Pages
output Man Pages
Target
Target PNG Icons
Man Pages
Usage: Man Pages
Man Pages
fgadm Man Pages
Man Pages
packet Man Pages
Man Pages
compile Man Pages
Man Pages
flush Man Pages
Versions
Versions PNG Icons
← View System admin Category← Back to Miscellaneous diversions🙏  Credits & Acknowledgments