Skip to content
visualize your iptables firewall
Haskell Makefile Nix
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore
LICENSE
Makefile
README.markdown
Setup.hs
TODO
default.nix
dev.nix
gressgraph.cabal
gressgraph.lhs
test-iptables-output

README.markdown

gressgraph - Visualize Your Firewall

Visualize your firewall by graphing its rules. (See the example graph if this doesn't make sense yet.)

Requirements

If compiling from source:

  • GHC (>= 6.8.2)
  • lhs2TeX (>= 1.11)
  • GNU Make

For Ubuntu Server 16.04 run the following to install prerequisites

$ sudo apt install iptables graphviz make lhs2tex ghc libghc-parsec3-dev

Usage

$ iptables -L -vx | gressgraph > iptables.twopi
$ twopi -Tsvg iptables.twopi > iptables.svg

See the source for more detailed documentation, including a description of how the program was written.

Note: There are no commandline options. Also, I've only tested the program on my own simple iptables ruleset. It's likely that it will fail to parse your rules.

Building

$ make
$ make test

If you didn't receive gressgraph.pdf:

$ make doc

Troubleshooting

The program hangs after outputting "// Interfaces".

gressgraph is waiting for input. Make sure you've sent it something on its stdin (it does not take a file as a commandline argument).

Building

I build gressgraph with Nix to try to ensure reproducible builds:

nix-build dev.nix

default.nix is for inclusion in a top-level file (such as all-packages.nix). dev.nix builds gressgraph with a fixed version of nixpkgs, providing stability at the cost of inflating the nix store.

You can’t perform that action at this time.