:py:mod:`dissect.target.plugins.os.unix.linux.iptables` ======================================================= .. py:module:: dissect.target.plugins.os.unix.linux.iptables Module Contents --------------- Classes ~~~~~~~ .. autoapisummary:: dissect.target.plugins.os.unix.linux.iptables.IptablesSavePlugin Attributes ~~~~~~~~~~ .. autoapisummary:: dissect.target.plugins.os.unix.linux.iptables.PATTERN_IPTABLES_SAVE_GENERATED dissect.target.plugins.os.unix.linux.iptables.PATTERN_IPTABLES_SAVE_POLICY dissect.target.plugins.os.unix.linux.iptables.PATTERN_IPTABLES_SAVE_RULE dissect.target.plugins.os.unix.linux.iptables.IptablesSaveRecord .. py:data:: PATTERN_IPTABLES_SAVE_GENERATED .. py:data:: PATTERN_IPTABLES_SAVE_POLICY .. py:data:: PATTERN_IPTABLES_SAVE_RULE .. py:data:: IptablesSaveRecord .. py:class:: IptablesSavePlugin(target: dissect.target.target.Target) Bases: :py:obj:`dissect.target.plugin.Plugin` Parser for iptables-save, ip6tables-save and ufw rules. As iptables rules are not stored on disk by default, users that want persistent rules need to store them somewhere and reload them on boot. iptables provides tools to save and reload rules (iptables-save and iptables-restore). These tools do not have a default path to look for rules, however there are multiple commonly used paths. .. rubric:: References - https://git.netfilter.org/iptables/ - https://manpages.ubuntu.com/manpages/jammy/en/man8/ufw-framework.8.html .. py:attribute:: COMMON_SAVE_PATHS :value: ('/etc/iptables/rules.v4', '/etc/sysconfig/iptables', '/etc/iptables.rules',... .. py:attribute:: LOG_TIME_FORMAT :value: '%a %b %d %H:%M:%S %Y' .. py:method:: check_compatible() -> None Perform a compatibility check with the target. This function should return ``None`` if the plugin is compatible with the current target (``self.target``). For example, check if a certain file exists. Otherwise it should raise an ``UnsupportedPluginError``. :raises UnsupportedPluginError: If the plugin could not be loaded. .. py:method:: iptables() -> Iterator[IptablesSaveRecord] Return iptables and ufw rules saved using iptables-save.