Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

IPTABLES Custom list (-L)

Posted on 2007-04-04
5
Medium Priority
?
279 Views
Last Modified: 2011-04-14
Hi, I was wondering if there is way to customize the output of the IPTABLES -L to certain format. So for example it list the results in the format of  SIP/SMash, DIP/DMask, Protocol, Action.

If maybe someone can tell me how tokenize the IPTABLES -L output that would help too.

Thanks,

Zenrov
0
Comment
Question by:haszan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 27

Accepted Solution

by:
Nopius earned 1500 total points
ID: 18854771
There is very usefull script 'iptables-save' that prints everything in a common format. Also it's output may be used ny 'iptables-restore' to restore firewall configuration.
0
 
LVL 27

Expert Comment

by:Nopius
ID: 18854781
Oops, that's not a script, that's a binary, but it is standard and comes with any Linux :-)
0
 
LVL 1

Author Comment

by:haszan
ID: 18862979
Thank Nopius, that still doesn't really answer my question...My question is really how to customize format of the printed rulesets, I want the rules to be printed out in a certain format, and not the common format.
0
 
LVL 27

Expert Comment

by:Nopius
ID: 18863164
Yes, I didn't answer your question, but I suppose you will use iptables-save instead of iptables -L. It's output can be easily parsed. Did you test it?

Suppose my output of iptables-save:
...
:OUTPUT ACCEPT [16267792:2558906548]
-A INPUT -s 1.1.1.0/255.255.255.0 -d 2.2.2.2 -p tcp -m tcp --sport 25 -j ACCEPT
...

What is after -s is your SIP/SMASK
What is after -d is a DIP/DMASK, if no mask, then /32
-p tcp -m tcp  --sport is a Protocol SMTP (You can match --sport --dport numeric value with /etc/services to get a string)
-j ACCEPT means ACTION.

Parsing of iptables -L output also can be done, but more difficult since, parameters are positional and not well structured, other parameters (such as -i or -o) are skipped:
target     prot opt source               destination
ACCEPT     tcp  --  1.1.1.0/24           2.2.2.2             tcp spt:smtp

You can assume that field 1 is an Action, field 4 is a SIP/SMASK, field 5  is DIP/DMASK and everything after spt: or dpt: is your Protocol (but when both, you don't know which one).
Rules for each chain goes after "Chain XXX" and one line skipped until empty line.
What else do you like to know about how to parse this output?
0
 
LVL 1

Author Comment

by:haszan
ID: 18881429
Thank you for the info.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question