iptables-xml(1)


NAME

   iptables-xml --- Convert iptables-save format to XML

SYNOPSIS

   iptables-xml [-c] [-v]

DESCRIPTION

   iptables-xml  is  used  to  convert the output of iptables-save into an
   easily  manipulatable  XML  format  to  STDOUT.   Use   I/O-redirection
   provided by your shell to write to a file.

   -c, --combine
          combine  consecutive  rules  with the same matches but different
          targets. iptables does  not  currently  support  more  than  one
          target  per  match,  so  this  simulates  that by collecting the
          targets from consecutive iptables rules into one action tag, but
          only  when  the  rule matches are identical. Terminating actions
          like RETURN, DROP,  ACCEPT  and  QUEUE  are  not  combined  with
          subsequent targets.

   -v, --verbose
          Output  xml comments containing the iptables line from which the
          XML is derived

   iptables-xml does a mechanistic conversion to  a  very  expressive  xml
   format;  the  only semantic considerations are for -g and -j targets in
   order to discriminate between <call> <goto> and <nane-of-target> as  it
   helps  xml processing scripts if they can tell the difference between a
   target like SNAT and another chain.

   Some sample output is:

   <iptables-rules>
     <table name="mangle">
       <chain name="PREROUTING" policy="ACCEPT" packet-count="63436" byte-
   count="7137573">
         <rule>
          <conditions>
           <match>
             <p>tcp</p>
           </match>
           <tcp>
             <sport>8443</sport>
           </tcp>
          </conditions>
          <actions>
           <call>
             <check_ip/>
           </call>
           <ACCEPT/>
          </actions>
         </rule>
       </chain>
     </table> </iptables-rules>

   Conversion  from  XML  to  iptables-save  format  may be done using the
   iptables.xslt  script  and  xsltproc,  or  a   custom   program   using
   libxsltproc or similar; in this fashion:

   xsltproc iptables.xslt my-iptables.xml | iptables-restore

BUGS

   None known as of iptables-1.3.7 release

AUTHOR

   Sam Liddicott <azez@ufomechanic.net>

SEE ALSO

   iptables-save(8), iptables-restore(8), iptables(8)

More Linux Commands

manpages/XtSetWMColormapWindows.3.html
XtSetWMColormapWindows(3) - Set the value of the WM_COLORMAP
XtSetWMColormapWindows returns immediately if widget is not realized or if count is zero. Otherwise, XtSetWMColormapWindows constructs an ordered list of window

manpages/gnutls_pcert_import_openpgp_raw.3.html
gnutls_pcert_import_openpgp_raw(3) - API function (ManPage)
gnutls_pcert_import_openpgp_raw.3 - This convenience function will import the given certificate to a gnutls_pcert_st structure. The structure must be deinitiali

manpages/XGetScreenSaver.3.html
XGetScreenSaver(3) - manipulate the screen saver (Man Page)
Timeout and interval are specified in seconds. A timeout of 0 disables the screen saver (but an activated screen saver is not deactivated), and a timeout of -1

manpages/keytool-java-1.7.0-openjdk.1.html
keytool-java-1.7.0-openjdk(1) (Commands - Linux man page)...
keytool-java-1.7.0-openjdk.1 - keytool is a key and certificate management utility. It allows users to administer their own public/private key pairs and associa

manpages/klogd.8.html
klogd(8) - Kernel Log Daemon (Admin - Linux man page).......
klogd is a system daemon which intercepts and logs Linux kernel messages. OPTIONS -c n Sets the default log level of console messages to n. -d Enable debugging

manpages/termname.3ncurses.html
termname(3ncurses) - curses environment query routines......
The baudrate routine returns the output speed of the terminal. The number returned is in bits per second, for example 9600, and is an integer. The erasechar rou

manpages/pcre32_compile.3.html
pcre32_compile(3) Perl-compatible regular expressions.......
This function compiles a regular expression into an internal form. It is the same as pcre[16|32]_compile2(), except for the absence of the errorcodeptr argument

manpages/swaplabel.8.html
swaplabel(8) - print or change the label or UUID of a swap a
swaplabel will display or change the label or UUID of a swap partition located on device (or regular file). If the optional arguments -L and -U are not given, s

manpages/idmap_ldap.8.html
idmap_ldap(8) - Samba's idmap_ldap Backend for Winbind......
The idmap_ldap plugin provides a means for Winbind to store and retrieve SID/uid/gid mapping tables in an LDAP directory service. In contrast to read only backe

manpages/XtProcessEvent.3.html
XtProcessEvent(3) - query and process events and input......
XtNextEvent has been replaced by XtAppNextEvent. XtPeekEvent has been replaced by XtAppPeekEvent. XtPending has been replaced by XtAppPending. XtProcessEvent ha

manpages/aclocal-1.11.1.html
aclocal-1.11(1) - manual page for aclocal 1.11.1 (Man Page)
Generate aclocal.m4 by scanning configure.ac or configure.in OPTIONS --acdir=DIR directory holding config files (for debugging) --diff[=COMMAND] run COMMAND [di

manpages/chooser.1.html
chooser(1) - X Display Manager with support for XDMCP, host
Xdm manages a collection of X displays, which may be on the local host or remote servers. The design of xdm was guided by the needs of X terminals as well as Th




We can't live, work or learn in freedom unless the software we use is free.




"Free learning resources, like free software, is a matter of freedom, not price. It's about bringing the principles of free software to general knowledge and educational materials. Knowledge should be usable and accessible to all without restrictions and should not be treated as property." Free Learning Resources



"As our society grows more dependent on computers, the software we run is of critical importance to securing the future of a free society. Free software is about having control over the technology we use in our homes, schools and businesses, where computers work for our individual and communal benefit" Learn About Free Software