{"id":2681,"date":"2022-12-20T15:17:01","date_gmt":"2022-12-20T18:17:01","guid":{"rendered":"http:\/\/lode.uno\/linux-man\/index.php\/2022\/12\/20\/ipset-translate-man8\/"},"modified":"2022-12-20T15:17:01","modified_gmt":"2022-12-20T18:17:01","slug":"ipset-translate-man8","status":"publish","type":"post","link":"https:\/\/lode.uno\/linux-man\/2022\/12\/20\/ipset-translate-man8\/","title":{"rendered":"IPSET-TRANSLATE (man8)"},"content":{"rendered":"<h1 align=\"center\">IPSET-TRANSLATE<\/h1>\n<p> <a href=\"#NAME\">NAME<\/a><br \/> <a href=\"#DESCRIPTION\">DESCRIPTION<\/a><br \/> <a href=\"#USAGE\">USAGE<\/a><br \/> <a href=\"#EXAMPLES\">EXAMPLES<\/a><br \/> <a href=\"#LIMITATIONS\">LIMITATIONS<\/a><br \/> <a href=\"#SEE ALSO\">SEE ALSO<\/a><br \/> <a href=\"#AUTHORS\">AUTHORS<\/a> <\/p>\n<hr>\n<h2>NAME <a name=\"NAME\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">ipset-translate \u2014 translation tool to migrate from ipset to nftables<\/p>\n<h2>DESCRIPTION <a name=\"DESCRIPTION\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">This tool allows system administrators to translate a given IP sets file to <b>nftables(8)<\/b>.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">The only available command is:<\/p>\n<table width=\"100%\" border=\"0\" rules=\"none\" frame=\"void\" cellspacing=\"0\" cellpadding=\"0\">\n<tr valign=\"top\" align=\"left\">\n<td width=\"11%\"><\/td>\n<td width=\"1%\">\n<p>\u2022<\/p>\n<\/td>\n<td width=\"2%\"><\/td>\n<td width=\"54%\">\n<p>ipset-translate restores < file.ipt<\/p>\n<\/td>\n<td width=\"32%\"> <\/td>\n<\/tr>\n<\/table>\n<h2>USAGE <a name=\"USAGE\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">The <b>ipset-translate<\/b> tool reads an IP sets file in the syntax produced by <b>ipset(8)<\/b> save. No set modifications occur, this tool is a text converter.<\/p>\n<h2>EXAMPLES <a name=\"EXAMPLES\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">Basic operation examples.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">Single command translation, assuming the original file:<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">create test1 hash:ip,port family inet counters timeout 300 hashsize 1024 maxelem 65536 bucketsize 12 initval 0xb5c4be5d <br \/> add test1 1.1.1.1,udp:20 <br \/> add test1 1.1.1.1,21 <br \/> create test2 hash:ip,port family inet hashsize 1024 maxelem 65536 bucketsize 12 initval 0xb5c4be5d<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">which results in the following translation:<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">root@machine:~# ipset-translate restore < file.ipt <br \/> add set inet global test1 { type ipv4_addr . inet_proto . inet_service; counter; timeout 300s; size 65536; } <br \/> add element inet global test1 { 1.1.1.1 . udp . 20 } <br \/> add element inet global test1 { 1.1.1.1 . tcp . 21 } <br \/> add set inet global test2 { type ipv4_addr . inet_proto . inet_service; size 65536; }<\/p>\n<h2>LIMITATIONS <a name=\"LIMITATIONS\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">A few IP sets options may be not supported because they are not yet implemented in <b>nftables(8)<\/b>.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">Contrary to <b>nftables(8)<\/b>, IP sets are not attached to a specific table. The translation utility assumes that sets are created in a table whose name is <b>global<\/b> and family is <b>inet<\/b>. You might want to update the resulting translation to use a different table name and family for your sets.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">To get up-to-date information about this, please head to <b>https:\/\/wiki.nftables.org\/<\/b>.<\/p>\n<h2>SEE ALSO <a name=\"SEE ALSO\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\"><b>nft(8)<\/b>, <b>ipset(8)<\/b><\/p>\n<h2>AUTHORS <a name=\"AUTHORS\"><\/a> <\/h2>\n<p style=\"margin-left:11%; margin-top: 1em\">The nftables framework has been written by the Netfilter Project (https:\/\/www.netfilter.org).<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">This manual page was written by Pablo Neira Ayuso <pablo@netfilter.org>.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">This documentation is free\/libre under the terms of the GPLv2+.<\/p>\n<p style=\"margin-left:11%; margin-top: 1em\">This tool was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission\u2019s Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.<\/p>\n<hr>\n","protected":false},"excerpt":{"rendered":"<p>  ipset-translate \u2014 translation tool to migrate from ipset to nftables <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[5,52,32,4],"class_list":["post-2681","post","type-post","status-publish","format-standard","hentry","category-8-administracion-del-sistema","tag-5","tag-administracion","tag-ipset-translate","tag-man8"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/2681","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=2681"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/2681\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=2681"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=2681"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=2681"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}