Skip to content

Commit 03b3dec

Browse files
superstessuperstes
committed
update cli proto-l4-argument, add basic example to readme
1 parent 15769cb commit 03b3dec

File tree

3 files changed

+48
-3
lines changed

3 files changed

+48
-3
lines changed

README.md

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,51 @@ You can find the documentation at: [ftf.oxl.app](https://ftf.oxl.app)
1515

1616
----
1717

18+
## CLI Example
19+
20+
For more see: [ftf.oxl.app - Usage - Run](https://ftf.oxl.app/usage/3_run.html)
21+
22+
```bash
23+
ftf-cli --firewall-system 'linux_netfilter' \
24+
--file-interfaces 'testdata/plugin_translate_linux_interfaces.json' \
25+
--file-routes 'testdata/plugin_translate_linux_routes.json' \
26+
--file-route-rules 'testdata/plugin_translate_linux_route-rules.json' \
27+
--file-ruleset 'testdata/plugin_translate_netfilter_ruleset.json' \
28+
--src-ip 10.0.0.1 \
29+
--dst-ip 172.17.10.6
30+
31+
> 🛈 ROUTER: Packet inbound-interface: wan
32+
> 🛈 ROUTER: Packet inbound-route: 0.0.0.0/0, gw 10.255.255.254, metric 600, scope remote
33+
> 🛈 FIREWALL: Processing Chain: Table nat ip4 | Chain PREROUTING ip4 nat
34+
> 🛈 FIREWALL: > Chain PREROUTING | Rule 0
35+
> 🛈 FIREWALL: > Chain PREROUTING | Sub-Chain: DOCKER
36+
> 🛈 FIREWALL: > Chain DOCKER | Rule 0
37+
> 🛈 FIREWALL: > Chain DOCKER | Rule 1
38+
> 🛈 ROUTER: Packet outbound-interface: docker0
39+
> 🛈 ROUTER: Packet outbound-route: 172.17.0.0/16, scope link
40+
> 🛈 FIREWALL: Processing Chain: Table filter ip4 | Chain FORWARD ip4 filter
41+
> 🛈 FIREWALL: > Chain FORWARD | Rule 0
42+
> 🛈 FIREWALL: > Chain FORWARD | Sub-Chain: DOCKER-USER
43+
> 🛈 FIREWALL: > Chain DOCKER-USER | Rule 0
44+
> 🛈 FIREWALL: > Chain FORWARD | Rule 1
45+
> 🛈 FIREWALL: > Chain FORWARD | Sub-Chain: DOCKER-FORWARD
46+
> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 0
47+
> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Sub-Chain: DOCKER-CT
48+
> 🛈 FIREWALL: > Chain DOCKER-CT | Rule 0
49+
> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 1
50+
> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Sub-Chain: DOCKER-ISOLATION-STAGE-1
51+
> 🛈 FIREWALL: > Chain DOCKER-ISOLATION-STAGE-1 | Rule 0
52+
> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Rule 2
53+
> 🛈 FIREWALL: > Chain DOCKER-FORWARD | Sub-Chain: DOCKER-BRIDGE
54+
> 🛈 FIREWALL: > Chain DOCKER-BRIDGE | Rule 0
55+
> 🛈 FIREWALL: > Chain DOCKER-BRIDGE | Sub-Chain: DOCKER
56+
> 🛈 FIREWALL: > Chain DOCKER | Rule 0
57+
> 🛈 FIREWALL: > Chain DOCKER | Rule 1
58+
> ✖ FIREWALL: Packet blocked by rule: {'action': 'drop', 'seq': 1, 'raw': Rule: #22 | Matches: [ni_in != ['docker0'], ni_out == ['docker0']]}
59+
```
60+
61+
----
62+
1863
## Roadmap
1964

2065
### 2025

docs/source/usage/3_run.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ This is also a good way to test your setup at first!
4444
> Packet source-IP
4545
> -d DST_IP, --dst-ip DST_IP
4646
> Packet destination-IP
47-
> -4 {tcp,udp,icmp,icmpv6}, --proto-l4 {tcp,udp,icmp,icmpv6}
47+
> -4 {tcp,udp,icmp}, --proto {tcp,udp,icmp}
4848
> Packet Layer-4 protocol
4949
> -p PORT, --port PORT Packet destination-port (if L4-proto is tcp/udp)
5050
> -n, --no-color Disable output colors

src/firewall_test/cli.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,8 +29,8 @@ def main():
2929
required=True,
3030
)
3131
parser.add_argument(
32-
'-4', '--proto-l4', help='Packet Layer-4 protocol',
33-
choices=['tcp', 'udp', 'icmp', 'icmpv6'], default='tcp',
32+
'-4', '--proto', help='Packet Layer-4 protocol',
33+
choices=['tcp', 'udp', 'icmp'], default='tcp',
3434
)
3535
parser.add_argument(
3636
'-p', '--port', help='Packet destination-port (if L4-proto is tcp/udp)',

0 commit comments

Comments
 (0)