App-Iptables2Dot
view release on metacpan or search on metacpan
v0.2.4 Wed Apr 26 07:55:29 CEST 2017
- fixed GitHub issue #1
- added regression test
- changed option 'icmp-type=i' to 'icmp-type=s' in
@App::Iptables2Dot::optdefs
v0.2.3 2017-03-15
- fixed bug #120616
- added regression test
- added some more options to @App::Iptables2Dot::optdefs:
comment=s, ctstate=s, gid-owner=s, notrack
- t/script-iptables2dot.t: Skip if missing Probe::Perl
0.2.2 Fr 30. Jan 20:27:22 CET 2015
- added some more options to @App::Iptables2Dot::optdefs
- changed POD of bin/iptables2dot to (hopefully) make clearer
that the program is best suited to get an overview over a set
of iptables rules and only sometimes can be used directly for
a detailed analysis
0.2.1 Mi 28. Nov 21:39:19 CET 2012
lib/App/Iptables2Dot.pm view on Meta::CPAN
my @optdefs = qw(
checksum-fill
clamp-mss-to-pmtu
comment=s
ctstate=s
destination|d=s
destination-ports|dports=s
dport=s
dst-type=s
gid-owner=s
goto|g=s
helper=s
in-interface|i=s
icmp-type=s
jump|j=s
limit=s
limit-burst=s
log-prefix=s
m=s
mac-source=s
t/bug-120616.t view on Meta::CPAN
$i2d = new App::Iptables2Dot();
$i2d->read_iptables_file('t/iptables-save/bug-120616.txt');
$dg = $i2d->dot_graph( {showrules => 1, }, 'filter' );
like($dg, qr/--comment "user chain for output"/ms, 'got comment');
like($dg, qr/--ctstate DNAT/ms, 'got ctstate');
$dg = $i2d->dot_graph( {showrules => 1, }, 'nat' );
like($dg, qr/--gid-owner 800/ms, 'got gid-owner');
$dg = $i2d->dot_graph( {showrules => 1, }, 'raw' );
like($dg, qr/--notrack/ms, 'got notrack');
done_testing();
t/iptables-save/bug-120616.txt view on Meta::CPAN
:prerouting_wan_rule - [0:0]
:zone_client_postrouting - [0:0]
:zone_client_prerouting - [0:0]
:zone_lan_postrouting - [0:0]
:zone_lan_prerouting - [0:0]
:zone_local_node_postrouting - [0:0]
:zone_local_node_prerouting - [0:0]
:zone_wan_postrouting - [0:0]
:zone_wan_prerouting - [0:0]
-A PREROUTING -j delegate_prerouting
-A OUTPUT -d 127.0.0.1/32 -o lo -p udp -m owner --gid-owner 800 -m udp --dport 53 -j DNAT --to-destination :54
-A POSTROUTING -j delegate_postrouting
-A delegate_postrouting -m comment --comment "user chain for postrouting" -j postrouting_rule
-A delegate_postrouting -o br-wan -j zone_wan_postrouting
-A delegate_postrouting -o br-client -j zone_client_postrouting
-A delegate_postrouting -o local-node -j zone_local_node_postrouting
-A delegate_prerouting -m comment --comment "user chain for prerouting" -j prerouting_rule
-A delegate_prerouting -i br-wan -j zone_wan_prerouting
-A delegate_prerouting -i br-client -j zone_client_prerouting
-A delegate_prerouting -i local-node -j zone_local_node_prerouting
-A zone_client_postrouting -m comment --comment "user chain for postrouting" -j postrouting_client_rule
t/iptables-save/iptables-extension-owner.txt view on Meta::CPAN
# Generated by iptables-save v1.4.21 on Tue Mar 14 21:33:23 2017
*filter
:OUTPUT ACCEPT [0:0]
-A OUTPUT -m owner --gid-owner 123 --suppl-groups -j ACCEPT
-A OUTPUT -m owner --uid-owner 456 -j ACCEPT
-A OUTPUT -m owner --socket-exists -j ACCEPT
( run in 1.214 second using v1.01-cache-2.11-cpan-ceb78f64989 )