|
wfconvert − WallFire tool to import/translate firewalling rules from/to any supported language. |
|
wfconvert [-C|--check] [-c|--config file] [-i|--input-module name] [-o|--output-module name] [-V|--version] [-h|--help] input_file |
|
wfconvert is a tool that converts a ruleset into another, whatever description language is used for input or output. See MODULES section below. |
|
-C | --check |
|
wfconvert will only check the validity of the input file, and perform no output. It will exit with code 0 is the file is ok, 1 otherwise. |
|
-i | --input-module type |
|
Specify the input language type. Wfconvert will use the corresponding module (if available) to parse the given ruleset file. Use type ‘help’ to know which modules are available (currently, ‘wallfire’, and ‘iptables_save’). If no -i option is specified, wfconvert uses wallfire input module as default. |
|
-o | --output-module type |
|
Specify the output language type. Wfconvert will use the corresponding module (if available) to export the input ruleset to the given target. If you omit this option, wfconvert will try to guess the local firewalling tool at runtime, and use the adequate module. Use type ‘help’ to know which modules are available (currently, ‘wallfire’, ‘wallfire_xml’, and ‘netfilter’), and which is the default (guessed) module. |
|
-v | --verbose [level] |
|
Set verbosity level. If level is omitted, default value is 1. |
|
-V | --version |
|
Display current version. |
|
-h | --help |
|
Show help message. |
|
wfconvert uses input and output modules, each one dealing with a specific ruleset description language, such as wallfire native language, or iptables script. This enables to convert a ruleset description into another. You have to specify a module name that will handle the input (option -i) and another (option -o). |
|
INPUT MODULES |
|
wallfire |
|
This module parses a file in wallfire language. |
|
iptables_save |
|
This module parses a file containing the output of the iptables-save(8) command. |
|
OUTPUT MODULES |
|
wallfire |
|
This module outputs a file in wallfire language on stdout. |
|
wallfire_xml |
|
This module outputs a file in wallfire XML language on stdout. |
|
netfilter |
|
This module outputs a temporary directory containing
scripts using iptables(8) or iptables-save(8)
commands. This directory is a WallFire "profile"
(a configuration for a given firewall in a given place). |
|
wfconvert -i wallfire -o netfilter wallfire_rules.wf wfconvert parses wallfire_rules.wf file and writes the corresponding netfilter profile scripts to a temporary directory. |
|
wflogs(8). |
|
This version is still under heavy development so there might be a lot of bugs and missing features. Contributions are welcome, please see http://wallfire.org/. |
|
wfconvert has been written by Herve Eychenne. See http://wallfire.org/. |