IPTABLES-XML(1) iptables 1.8.11 IPTABLES-XML(1)
NAME
iptables-xml — Convert iptables-save format to XML
SYNOPSIS
iptables-xml [-c] [-v]
DESCRIPTION
iptables-xml is used to convert the output of iptables-save into an eas-
ily manipulatable XML format to STDOUT. Use I/O-redirection provided by
your shell to write to a file.
-c, --combine
combine consecutive rules with the same matches but different
targets. iptables does not currently support more than one target
per match, so this simulates that by collecting the targets from
consecutive iptables rules into one action tag, but only when the
rule matches are identical. Terminating actions like RETURN,
DROP, ACCEPT and QUEUE are not combined with subsequent targets.
-v, --verbose
Output xml comments containing the iptables line from which the
XML is derived
iptables-xml does a mechanistic conversion to a very expressive xml for-
mat; the only semantic considerations are for -g and -j targets in order
to discriminate between <call> <goto> and <nane-of-target> as it helps
xml processing scripts if they can tell the difference between a target
like SNAT and another chain.
Some sample output is:
<iptables-rules>
<table name="mangle">
<chain name="PREROUTING" policy="ACCEPT" packet-count="63436" byte-
count="7137573">
<rule>
<conditions>
<match>
<p>tcp</p>
</match>
<tcp>
<sport>8443</sport>
</tcp>
</conditions>
<actions>
<call>
<check_ip/>
</call>
<ACCEPT/>
</actions>
</rule>
</chain>
</table> </iptables-rules>
Conversion from XML to iptables-save format may be done using the ipta-
bles.xslt script and xsltproc, or a custom program using libxsltproc or
similar; in this fashion:
xsltproc iptables.xslt my-iptables.xml | iptables-restore
BUGS
None known as of iptables-1.3.7 release
AUTHOR
Sam Liddicott <azez@ufomechanic.net>
SEE ALSO
iptables-save(8), iptables-restore(8), iptables(8)
iptables 1.8.11 IPTABLES-XML(1)
Generated by dwww version 1.16 on Tue Dec 16 07:38:55 CET 2025.