This is the command fwb_ipt that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
fwb_ipt - Policy compiler for iptables
SYNOPSIS
fwb_ipt -fdata_file.xml [-4] [-6] [-V] [-dwdir] [-i] [-ooutput.fw]
[-Ofw1_id,fw1_output.fw[,fw2_id,fw2_output.fw]] [-v] [-xc] [-xnN] [-xpN] [-xt] object_name
DESCRIPTION
fwb_ipt is a firewall policy compiler component of Firewall Builder (see fwbuilder(1)).
Compiler reads objects definitions and firewall description from the data file specified
with "-f" option and generates resultant iptables script. The script is written to the
file with the name the same as the name of the firewall object, plus extension ".fw".
The data file and the name of the firewall objects must be specified on the command line.
Other command line parameters are optional.
OPTIONS
-4 Generate iptables script for IPv4 part of the policy. If any rules of the firewall
refer to IPv6 addresses, compiler will skip these rules. Options "-4" and "-6" are
exclusive. If neither option is used, compiler tries to generate both parts of the
script, although generation of the IPv6 part is controlled by the option "Enable
IPv6 support" in the "IPv6" tab of the firewall object advanced settings dialog.
This option is off by default.
-6 Generate iptables script for IPv6 part of the policy. If any rules of the firewall
refer to IPv6 addresses, compiler will skip these rules.
-f FILE
Specify the name of the data file to be processed.
-o output.fw
Specify output file name
-O fw1_id,fw1_output.fw[,fw2_id,fw2_output.fw]
The argument is a comma separated list of firewall object IDs and corresponding
output file names. This option is used by fwbuilder GUI while compiling firewall
clusters.
-d wdir
Specify working directory. Compiler creates file with iptables script in this
directory. If this parameter is missing, then iptables script will be placed in
the current working directory.
-v Be verbose: compiler prints diagnostic messages when it works.
-V Print version number and quit.
-i When this option is present, the last argument on the command line is supposed to
be firewall object ID rather than its name
-xc When output file name is determined automatically (i.e. flags -o or -O are not
present), the file name is composed of the cluster name and member firewall name
rather than just member firewall name. This is used mostly for testing when the
same member firewall object can be a part of different clusters with different
configurations.
-xt This flag makes compiler treat all fatal errors as warnings and continue processing
rules. Generated configuration script most likely will be incorrect but will
include error message as a comment; this flag is used for testing and debugging.
-xp N Debugging flag: this causes compiler to print detailed description of the policy
rule number "N" as it precesses it, step by step.
-xn N Debugging flag: this causes compiler to print detailed description of the NAT rule
number "N" as it precesses it, step by step.
URL
Firewall Builder home page is located at the following URL: http://www.fwbuilder.org/
Use fwb_ipt online using onworks.net services
