Ricardo, Why don't you try "Firewall Builder".
http://www.fwbuilder.org/ It handles iptables, pf, and others. Should be able to import your iptables ruleset ( created by doing something like "/sbin/iptables-save > turdwall.txt" ) and then convert it to a pf.conf. You will still want to manually parse it to make sure its good. This is a good tool, but I think you will find that both pf and iptables differ so depending on your special additions, your mileage may vary. I do not like GUI tools, and personally I would print it out and then hand write the pf.conf from scratch. -chron john chronister john dot chronister at gmail dot com fingerprint: 1F16 9016 945A AFEE 0E33 E475 3BAE E5BE E8DE 8851 On Mon, May 4, 2009 at 7:58 PM, Jason Dixon <[email protected]> wrote: > On Mon, May 04, 2009 at 02:17:33PM -0300, Ricardo Augusto de Souza wrote: >> Hi, >> >> I have a firewall running on a Fedora Core 4 (STentz) with iptables. The Guy >> Who installed it left our company some months ago. >> I spent some years far from iptables, now i have to migrate this firewall to >> PF. >> THere are some 'special' features on this firewall, B i need some documentation >> or help about implementing this features at new firewall ( PF ). > > The documentation is available online: > > http://www.openbsd.org/faq/pf/index.html > http://www.openbsd.org/cgi-bin/man.cgi?query=pf.conf > > I made a quick review of your ruleset. B I gave up after a few PgDn's. B I > belive it's in your best interests to contact someone that provides > commercial support. > > http://www.openbsd.org/support.html > > On a good day, someone might step up and help you with this. B But I > wouldn't expect it. > > Thanks, > > -- > Jason Dixon > DixonGroup Consulting > http://www.dixongroup.net/
