Package fwsnort

Translates Snort rules into equivalent iptables rules

http://www.cipherdyne.org/fwsnort/

fwsnort translates Snort rules into equivalent iptables rules and generates
a Bourne shell script that implements the resulting iptables commands.

In addition, fwsnort (optionally) uses the IPTables::Parse module to parse the
iptables ruleset on the machine to determine which Snort rules are applicable
to the specific iptables policy.

fwsnort is able to translate approximately 60% of all rules from the
Snort-2.3.3 IDS into equivalent iptables rules.

System Administration (Section 8)
fwsnort
fwsnort translates SNORT rules into iptables rules on Linux systems and generates a corresponding iptables policy in iptables-save format. This ruleset allows...