iptables : iptables-save/restore syntax highlighter
| script karma
Downloaded by 1992
Comments, bugs, improvements
script versions (upload new version)
|This vim syntax script highlights files used by Harald Welte's iptables-save
and iptables-restore utilities. Both utilities are part of the iptables
* Distinguishes commands, options, modules, targets and chains.
* Distinguishes numeric IP addresses from net masks.
* Highlights tokens that occur only in hand-edited files; for example,
"--append" and "destination-unreachable".
* Special handling for module names; for example, the tcp module is
colored differently from the tcp protocol.
Customize the behavior of this script by setting values for the following
options in your .vimrc file. (Type ":h vimrc" in vim for more information
on the .vimrc file.)
This variable, if set to a non-zero value, distinguishes numeric
delimiters, including the dots in IP addresses, the slash that separates
an IP address from a netmask, and the colon that separates the ends of a
port range. If not set, this option defaults to off.
* Some special argument tokens are highlighted whether or not they are
used with the correct option. For example, "destination-unreachable"
gets special highlighting whether or not is used as an argument to the
--icmp-type option. In practice, this is rarely a problem.
If you discover an iptables file that this script highlights incorrectly,
please email the author (address at the top of the script) with the
* Problem iptables file WITH ANY SENSITIVE INFORMATION REMOVED
* The release version of this script (see top of the script)
* If possible, a patch to fix the problem
Part of this script is autogenerated from the output of the iptables man
page. The source code for generating the script is available from the
author on request (see email address at the top of the script). The
script should build from source on most Linux systems with iptables
The build system that generates this script strips special CVS tokens
(like "Id:") so that CVS no longer recognizes them. This allows users to
place the script in their own version control system without losing
information. The author encourages other vim script developers to adopt a
similar approach in their own scripts.
| Put this file in your user runtime syntax directory, usually ~/.vim/syntax
in *NIX or C:\Program Files\vim\vimfiles\syntax in Windows. Type ":h
syn-files" from within vim for more information.
The iptables-save and iptables-restore applications do not specify a
naming standard for the files they use. However, iptables-save places a
comment in the first line of its output. Other applications, such as
Fedora Core's system-config-securitylevel use the iptables-save/restore
format, but with a different leading comment. We can use these leading
comments to identify the filetype by placing the following code in the
scripts.vim file in your user runtime directory:
if getline(1) =~ "^# Generated by iptables-save" ||
\ getline(1) =~ "^# Firewall configuration written by"
Setting the commentstring on line 4 allows Meikel Brandmeyer's
EnhancedCommentify script (vimscript #23) to work with iptables files.
(Advanced users may want to set the commentstring option in an ftplugin
file or in autocommands defined in .vimrc.)
Click on the package to download.
ip used for rating: 18.104.22.168