What is piptables

A Python-based DSL for iptables, the interface to Linux network filtering utilities. Basically, it allows you to configure iptables using Python and a lot of predefined utilities. For example, setting the policy on the input chain looks like this :


A lot of other actions can be done like that.

It also allows to read rules from a directory containing multiple files, so that separating the configuration logically can easily be done, and also to allow easy configuration sharing on multiple machines which may share a large bit of configuration.

Goals of this project

  • piptables syntax should be as readable as possible. It is based on Python, so constructions such as iteration loops are free, and it exports a nice interface to iptables which is more readable (but more verbose) than the commonly used CLI.
  • It should export most of the interface exported by iptables. Most rules are currently unsupported but extending piptables to support them should be as easy as possible.
  • It must be free to use and redistribute. piptables is distributed under a BSD 2-clause license.


See example/ in the source distribution of piptables.


See the AUTHORS file for the list of authors and contributors to this project.