Converter iptables-save para shell script

Comandos,Scripts | domingo 1 julho 2012 15:40 |

Script em perl que converte a saída do comando iptables-save para o formato de shell-script.

Sintaxe de uso:

iptables-save | mkscript.pl > firewall.sh

Script mkscript.pl
#!/usr/bin/perl
use strict;

if (@ARGV && $ARGV[0] =~ /^-/) {
	print 'converts an iptables-save file to a shell script',
	"\nUse: $0 [filename]\n";
	exit 0;
}

open I, shift || '-' or die $!;

my($table,$ipt);

print "#!/bin/sh
#iptables script, generated from iptables-save file
IPT='/sbin/iptables'
";

while (<I>) {
	if (/^\s*(#|$)/) {
		print;
		next;
	}
	if (/^\*(.*)/) {
		$table = $1;
		$ipt = $table eq 'filter' ? '$IPT' : '$IPT -t '.$table;
		print "$ipt -F\n";
		print "$ipt -X\n";
		next;
	} elsif (/^COMMIT/) {
		$table = 0;
		next;
	}
	die unless $table;
	if (/^:(\S+) +([^- ]\S*)/) {
		print "$ipt -P $1 $2\n";
		next;
	} elsif (/^:(\S+)/) {
		print "$ipt -N $1\n";
		next;
	}
	s/^\[[0-9:]+\]\s*//;
	die unless /^-A/;
	print "$ipt $_";
}

fonte

Nenhum comentário

Nenhum comentário ainda

RSS feed para comentários neste tópico.

Sorry, the comment form is closed at this time.