arptables-translate - Linux
Overview
arptables-translate is a command-line tool used to translate arpt rulesets into iptables or nftables rulesets. It is primarily useful when converting legacy arpt rulesets to more modern frameworks.
Syntax
arptables-translate [-t <table>] [<ruleset>]
Options/Flags
- -t
: Specify the output table (iptables:
filter
,nat
,mangle
, or nftables:ipv4
,ipv6
,bridge
). Defaults tofilter
.: Path to the arpt ruleset file, or ‘-‘ to read from standard input. Examples
Convert arpt ruleset to iptables filter table:
arptables-translate -t filter /etc/arpt.rules
Convert arpt ruleset to nftables ipv4 table:
arptables-translate -t ipv4 /etc/arpt.rules
Read arpt ruleset from standard input and translate to iptables mangle table:
arpspoofctl dump -o arpt_rules | arptables-translate -t mangle
Common Issues
- Error converting ruleset: Ensure the arpt ruleset is valid and follows the correct syntax.
- Missing kernel support: Verify that the kernel version supports iptables or nftables as required for the output table.
Integration
Convert arpt ruleset and apply to running firewall:
arpspoofctl dump -o arpt_rules | arptables-translate -t filter | iptables-restore
Filter nftables ipv6 traffic based on arpt ruleset:
arptables-translate -t ipv6 /etc/arpt.rules | nftables -f
Related Commands
- arpspoofctl: Manages arpspoof protection rulesets.
- iptables: Sets up, maintains, and inspects the tables of IP packet filter rules in the Linux kernel.
- nftables: Next-generation firewall framework in the Linux kernel, replacing iptables.