I invented a way to quickly anotate what is inside a firewall rule, since you can’t see what is inside a rule, that sometimes has many options turnd on and values changed. I tried to formlize it into something more structured but I believe that even that is not for he purpose I invented it. Perhaps others already have tought of something similar, but I’ll leave here as proof with a date and time, to tell when I made it publicly available.
The notation is simple, try to annotate everything with as few characters as possible, I tend to resume everything to 3 to 4 letters, let’s see some of the actions:
drop becomes drop
accept becomes acpt
add is still add
passtrough becomes past
jump becomes jmp or jump, we don’t have to be so strict
reject becomes rjct
return becomes rtrn
and so on …
The intent is to have space for all the options used inside a rule an create a short description of it, so in a glimpse, you can see them all.
We separate actions with a space, and all subsequent rules with a forward dash, example:
add conn/!est/in/eth1/to/lst/bandit
The line above translates as :
add this NOT stablished connection coming in from eth1 to the list bandit
Let’s see some more examples:
drop smac/01:80:c2:00:00:00/in/eth1
drop conn/!est/src/0.0.0.0/in/all
acpt 80,443/tcp/est/in/eth1
and so on …
My wish was that the router was able to do it by itself and then we could be benefit from a shorter description of the rules and have crispy view of all the rules in our routers.
