GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
IPFMETA(1) User Contributed Perl Documentation IPFMETA(1)

ipfmeta - use objects in IPfilter files

ipfmeta [objfile]

ipfmeta is used to simplify the maintenance of your IPfilter ruleset. It does this through the use of 'objects'. A matching object gets replaced by its values at runtime. This is similar to what a macro processor like m4 does.

ipfmeta is specifically geared towards IPfilter. It is line oriented: if an object has multiple values, the line with the object is duplicated and substituted for each value. It is also recursive: an object may have another object as a value.

Metarules to be processed are read from stdin, output rules go to stdout.

Definition of the objects and their values is done in a separate file; the filename defaults to ipf.objs. An object is delimited by square brackets. A value is delimited by whitespace, except when it is enclosed by double-quotes. Comments start with '#' and end with a newline. Empty lines and extraneous whitespace are allowed. A value belongs to the object that precedes it.

ipfmeta has a command mode. Metarules starting with '%' are passed to the command processor. The commands are listed below.

It is recommended that you use all caps or another distinguishing feature for object names. You can use ipfmeta for NAT rules also, for instance to keep them in sync with filter rules. Combine ipfmeta with a Makefile to save typing.

dump
Include a list of all objects with their values in the output as comments. This can be used to verify if the objectfile is parsed correctly.
group n
Append 'group n' to subsequent output rules. Use 'group 0' to stop appending groups to the output. This is also the default.
verbose level
Include expanded metarules in output as comments. The default is 0, do not add any comments. Higher verbosity levels cause deeper levels of expanded metarules to be included.

ipfmeta ipf.objs <ipf.metarules >ipf.rules

cat ipf.metarules | ipfmeta | ipf -I -Fa -vf -

Camiel Dobbelaar <cd@sentia.nl>
2022-04-09 perl v5.32.1
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.