From 74bd60b23135fa58a6d8423ec2e9f97e08a6b832 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 22 Aug 2013 13:11:45 +0200 Subject: build: add software version to manpage first line at configure stage This patch adds the software version to the first line of the following manpages: iptables-save.8 iptables-restore.8 iptables-apply.8 iptables-xml.1 Signed-off-by: Pablo Neira Ayuso --- iptables/iptables-xml.1.in | 87 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 iptables/iptables-xml.1.in (limited to 'iptables/iptables-xml.1.in') diff --git a/iptables/iptables-xml.1.in b/iptables/iptables-xml.1.in new file mode 100644 index 00000000..7b7878f8 --- /dev/null +++ b/iptables/iptables-xml.1.in @@ -0,0 +1,87 @@ +.TH IPTABLES-XML 1 "" "@PACKAGE_STRING@" "@PACKAGE_STRING@" +.\" +.\" Man page written by Sam Liddicott +.\" It is based on the iptables-save man page. +.\" +.\" This program is free software; you can redistribute it and/or modify +.\" it under the terms of the GNU General Public License as published by +.\" the Free Software Foundation; either version 2 of the License, or +.\" (at your option) any later version. +.\" +.\" This program is distributed in the hope that it will be useful, +.\" but WITHOUT ANY WARRANTY; without even the implied warranty of +.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.\" GNU General Public License for more details. +.\" +.\" You should have received a copy of the GNU General Public License +.\" along with this program; if not, write to the Free Software +.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +.\" +.\" +.SH NAME +iptables-xml \(em Convert iptables-save format to XML +.SH SYNOPSIS +\fBiptables\-xml\fP [\fB\-c\fP] [\fB\-v\fP] +.SH DESCRIPTION +.PP +.B iptables-xml +is used to convert the output of iptables-save into an easily manipulatable +XML format to STDOUT. Use I/O-redirection provided by your shell to write to +a file. +.TP +\fB\-c\fR, \fB\-\-combine\fR +combine consecutive rules with the same matches but different targets. iptables +does not currently support more than one target per match, so this simulates +that by collecting the targets from consecutive iptables rules into one action +tag, but only when the rule matches are identical. Terminating actions like +RETURN, DROP, ACCEPT and QUEUE are not combined with subsequent targets. +.TP +\fB\-v\fR, \fB\-\-verbose\fR +Output xml comments containing the iptables line from which the XML is derived + +.PP +iptables-xml does a mechanistic conversion to a very expressive xml +format; the only semantic considerations are for \-g and \-j targets in +order to discriminate between and as it +helps xml processing scripts if they can tell the difference between a +target like SNAT and another chain. + +Some sample output is: + + + + + + + +

tcp

+ + + 8443 + + + + + + + + + + +
+ + +.PP +Conversion from XML to iptables-save format may be done using the +iptables.xslt script and xsltproc, or a custom program using +libxsltproc or similar; in this fashion: + +xsltproc iptables.xslt my-iptables.xml | iptables-restore + +.SH BUGS +None known as of iptables-1.3.7 release +.SH AUTHOR +Sam Liddicott +.SH SEE ALSO +\fBiptables\-save\fP(8), \fBiptables\-restore\fP(8), \fBiptables\fP(8) -- cgit v1.2.3