On Wed, Jun 7, 2023 at 3:47 PM Benny Pedersen <m...@junc.eu> wrote:

> Phil Stracchino skrev den 2023-06-07 17:25:
>
> > Seems like it shouldn't be an overly difficult challenge to write a
> > userspace tool that reads in a shorewall configuration and writes it
> > out, semantically unchanged, in foomuuri's syntax...?  Hand adjustment
> > from there would of course be up to the end user.
>
> or make a iptables parser from "iptables -nvL" piped to a python code
> that translate it all to naftables format
>
> imho its more time consuming to parse shorewall config over to another
> firewall tool
>
> iptables-save | iptables-xml | foomuuri-converter
>

The problem with that (obvious) approach is that it prevents any future
modifications or rule changes. My shorewall config is a series of variables
like:

ACCEPT ext $FW udp 500
ACCEPT ext $PUBLICWEB tcp https
ACCEPT vpn int

all of that would be lost





>
>
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to