Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

fwb_pix(1)		       Firewall Builder			    fwb_pix(1)

NAME
       fwb_ipt - Policy compiler for Cisco IOS ACL

SYNOPSIS
       fwb_iosacl [-vV] [-d wdir] [-4] [-6] [-i] -f data_file.xml object_name

DESCRIPTION
       fwb_iosacl  is  firewall	 policy compiler component of Firewall Builder
       (see fwbuilder(1)). Compiler reads  objects  definitions	 and  firewall
       description from the data file specified with "-f" option and generates
       resultant Cisco IOS ACL configuration file. The configuration is	 writ‐
       ten  to	the  file  with	 the name the same as the name of the firewall
       object, plus extension ".fw". Compiler generates extended access	 lists
       for  Cisco routers running IOS v12.x using "ip access-list <name>" syn‐
       tax. Compiler also  generates  "ip  access-group"  commands  to	assign
       access lists to interfaces. Generated ACL configuration can be uploaded
       to the router manually or using built-in installer in the  fwbuilder(1)
       GUI.

       The data file and the name of the firewall objects must be specified on
       the command line. Other command line parameters are optional.

OPTIONS
       -4     Generate iptables script for IPv4 part of	 the  policy.  If  any
	      rules  of	 the  firewall	refer to IPv6 addresses, compiler will
	      skip these rules.	 Options "-4" and "-6" are exclusive. If  nei‐
	      ther  option  is	used, compiler tries to generate both parts of
	      the script, although generation of the IPv6 part	is  controlled
	      by  the  option  "Enable	IPv6 support" in the "IPv6" tab of the
	      firewall object advanced settings dialog.	 This option is off by
	      default.

       -6     Generate	iptables  script  for  IPv6 part of the policy. If any
	      rules of the firewall refer to  IPv6  addresses,	compiler  will
	      skip these rules.

       -f FILE
	      Specify the name of the data file to be processed.

       -d wdir
	      Specify  working	directory. Compiler creates file with ACL con‐
	      figuration in this directory.  If	 this  parameter  is  missing,
	      then  generated ACL will be placed in the current working direc‐
	      tory.

       -v     Be verbose: compiler prints diagnostic messages when it works.

       -V     Print version number and quit.

       -i     When this option is present, the last argument  on  the  command
	      line is supposed to be firewall object ID rather than its name

URL
       Firewall	  Builder   home   page	 is  located  at  the  following  URL:
       http://www.fwbuilder.org/

BUGS
       Please report bugs using bug tracking system on SourceForge:

       http://sourceforge.net/tracker/?group_id=5314&atid=105314

SEE ALSO
       fwbuilder(1), fwb_pix(1), fwb_ipfw(1), fwb_ipf(1), fwb_ipt(1) fwb_pf(1)

FWB								    fwb_pix(1)

Vote for polarhome