ipset-translate(8) - phpMan

Command: man perldoc info search(apropos)  


IPSET-TRANSLATE(8)                   System Manager's Manual                   IPSET-TRANSLATE(8)

NAME
       ipset-translate -- translation tool to migrate from ipset to nftables

DESCRIPTION
       This tool allows system administrators to translate a given IP sets file to nftables(8).

       The only available command is:

       o ipset-translate restores < file.ipt

USAGE
       The ipset-translate tool reads an IP sets file in the syntax produced by ipset(8) save. No
       set modifications occur, this tool is a text converter.

EXAMPLES
       Basic operation examples.

       Single command translation, assuming the original file:

       create test1 hash:ip,port family inet counters timeout 300 hashsize 1024 maxelem 65536 bucketsize 12 initval 0xb5c4be5d
       add test1 1.1.1.1,udp:20
       add test1 1.1.1.1,21
       create test2 hash:ip,port family inet hashsize 1024 maxelem 65536 bucketsize 12 initval 0xb5c4be5d

       which results in the following translation:

       root@machine:~# ipset-translate restore < file.ipt
       add set inet global test1 { type ipv4_addr . inet_proto . inet_service; counter; timeout 300s; size 65536; }
       add element inet global test1 { 1.1.1.1 . udp . 20 }
       add element inet global test1 { 1.1.1.1 . tcp . 21 }
       add set inet global test2 { type ipv4_addr . inet_proto . inet_service; size 65536; }

LIMITATIONS
       A few IP sets options may be not supported because they are not yet implemented  in  nfta-
       bles(8).

       Contrary  to  nftables(8),  IP sets are not attached to a specific table.  The translation
       utility assumes that sets are created in a table whose name is global and family is  inet.
       You  might want to update the resulting translation to use a different table name and fam-
       ily for your sets.

       To get up-to-date information about this, please head to https://wiki.nftables.org/.

SEE ALSO
       nft(8), ipset(8)

AUTHORS
       The nftables framework has been written  by  the  Netfilter  Project  (https://www.netfil-
       ter.org).

       This manual page was written by Pablo Neira Ayuso <pablo AT netfilter.org>.

       This documentation is free/libre under the terms of the GPLv2+.

       This tool was funded through the NGI0 PET Fund, a fund established by NLnet with financial
       support from the European Commission's Next Generation Internet programme, under the aegis
       of DG Communications Networks, Content and Technology under grant agreement No 825310.

                                           May 31, 2021                        IPSET-TRANSLATE(8)

Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2025-01-21 07:40 @13.59.24.183 CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Valid XHTML 1.0!Valid CSS!