09-13-2010 06:29 AM - edited 03-11-2019 11:39 AM
Hi Folks,
does anyone knows about how can I convert a script from IPTABLES to Cisco ASA?
thanks a lot
09-13-2010 08:07 AM
Unfortunately, there is no way of automatically migrating the iptabes. So you would need to do it manually or write a script to do it. A rule like
route add -net 192.168.10.0 netmask 255.255.255.0 gw XXX.XXX.XXX.XXX dev eth1
would be translated to
route 192.168.10.0 255.255.255.0 XXX.XXX.XXX.XXX
on the firewall.
I hope it helps.
PK
09-13-2010 08:41 AM
Ok Kampana,
thanks for your attention.
I guess that I'll be work to do!!!
My Iptables configuration have for about 9000 lines.
I could to do a script to translate DNAT configuration but there are many differents forms from Access-list and it's difficult
to make a script for all.
8-) hehehe it's too hard!!!
thanks a lot friend!!
09-13-2010 08:47 AM
Yeah, I understand.
With 9K of rules, I believe you will need a script, even though it will take some time to do it. and then you might also share it in the community for other that might need it in the future
Please rate helpful posts.
Rgs,
PK
09-13-2010 10:11 AM
Kampana,
you are right, I'll take some take to do it, if i discover any way or script to optimize that task I'll be share with everybody.
thank a lot
see you
09-13-2010 07:09 PM
Folks,
does anyone help me about a sintaxe used by IPTABLES?
What's this command means?
A FORWARD -i vlan227 -j CTG-to-WAN
-A FORWARD -i eth2 -j CTG-to-WAN
-A FORWARD -d 12.10.1.0/255.255.255.0 -i eth1 -j MTBrazil-to-SN
-A FORWARD -j PCBrazil
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide