ebtables-translate - Linux


ebtables-translate is a powerful command-line tool used to convert/translate ebtables rules into various formats, enabling flexible network filtering and inspection. It’s particularly useful for interfacing with other security tools, kernel modules, or frameworks that utilize different ebtables syntax.




  • -h, –help: Display usage information and exit.
  • -V, –version: Output version information and exit.
  • -e, –ext: Only apply external (user-defined) ebtables extensions.
  • -s, –stats: Translate the statistics of the rules as well.
  • -c, –compat: Perform backward-compatible translation, preserving unsupported features.
  • -i, –ignore-errors: Continue translation even if errors occur.
  • -f, –force-output: Overwrite the output file if it already exists.


Example 1: Translate ebtables rules into XML format:

ebtables-translate binary xml /path/to/input.ebt /path/to/output.xml

Example 2: Convert XML rules back into ebtables syntax:

ebtables-translate xml binary /path/to/input.xml /path/to/output.ebt

Example 3: Extract statistics from ebtables rules:

ebtables-translate binary json /path/to/input.ebt /path/to/output.json -s

Common Issues

  • Missing dependencies: Ensure you have the "libebtables" library installed.
  • Invalid syntax: Verify that the input and output formats are correct and supported.
  • Permission denied: Make sure you have write permissions for the output file.


ebtables-translate can be integrated with other security tools, such as:

  • iptables for filtering and routing at the IP tables level.
  • nftables for advanced packet filtering and traffic management.
  • netfilterqueue for direct access to network packets.

Related Commands

  • ebtables: The main ebtables command for managing filter tables.
  • iptables: A similar tool for managing firewall rules at the IP layer.
  • nftables: A more modern alternative to iptables and ebtables with enhanced features.