filtergen is a tool for generating packet filtering
rules from a fairly high-level description language into
platform specific filter rules, e.g. iptables, ipfilter, and
(partially) Cisco IOS.
Not many large software products are written entirely in assembly language these days; it's not difficult, but it does take longer to implement and bugfix, and is not portable to other systems. It's also harder for others to understand, maintain, and fix.
Similarly, it seems odd that people continue to write packet
filters in the equivalent of assembler -- hence this package:
the intent is that
filtergen will be to iptables and
shell what a C compiler is to assembly.
filtergen is a continuation of the code that began life as http://hairy.beasts.org/filter by Matthew Kirkwood.
filtergen is free software, licensed under the GNU General Public License.
The latest released version of
filtergen can be downloaded