Feature Request: Preview of the iptables changes

Question

Feature Request: Preview of the iptables changes

999faryad opened this issue a year ago · 5 comments

It would be really nice if there was a parameter -p --preview, which would not make any changes to the system with --noexec, but would write the changes to the iptables rules to the stdout.

Answer 1 · 2023-11-24T14:20:42.000Z

You mean like --lines --noexec?

Answer 2 · 2023-11-24T14:23:48.000Z

Yes, similar, but unfortunately this only shows the rules that are applied, without the corresponding chains.

I rather mean that the output would be like that of iptables -L

Answer 3 · 2023-11-24T14:27:38.000Z

Not true. It does show chains, but it does not show the rules that are applied (nothing gets applied, which is the point of --noexec).

Answer 4 · 2023-11-24T14:31:42.000Z

My usecase would be that I would like to use an iptables visualise tool to turn the IPTables rules into a graph/diagram without applying them.

Hence the suggestion that there would be an option to format the output like an output from iptables -L.

Answer 5 · 2023-11-24T14:46:03.000Z

No. You better fix your "visualise tool" to accept a standard format and not the "iptables -L" output format, which is a pretty bad choice.