[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]

Commands Reference, Volume 2


expfilt Command

Purpose

Exports filter rules to an export file.

Syntax

expfilt [ -p ] [ -q ] [ -r ] [ -v 4 | 6 ] -f directory [ -l filt_id_list ]

Description

Use the expfilt command to export filter rules into export text files, which can be used by the impfilt command. This is useful if you want to define similar rules on multiple machines.

Flags


-f directory Specifies the directory to create the exported text files. The directory will be created if it does not exist.
-l filt_id_list Lists the IDs of the filter rules you want to export. The filter rule IDs can be separated by "," or "-". If this flag is not used, all the filter rules defined in the filter rule table for the applicable IP versions will be exported.
-p Allows predefined rules.
-q Specifies quiet mode. Suppresses output to stdout.
-r Specifies raw mode. Exports filter rules as is and does not reverse direction on rules. Use this flag when filter rules are exported and imported as is; for example, to save a configuration or replicate a configuration to another machine.

With the -r flag, the direction of the traffic will be preserved. For instance if there is a rule on host 10.0.0.1 to permit inbound traffic from 10.0.0.2, expfilt with the -r flag will write the same filter rule.

Omitting the -r flag will cause the direction to be switched from inbound to outbound in the export file.

-v IP version of the filter rules you want to export. The value of 4 specifies IP version 4 and the value of 6 specifies IP version 6. When this flag is not used, both IP version 4 and IP version 6 rules are exported.

Related Information

The impfilt command.


[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]