diff options
author | Ahmed Abdelsalam <amsalam20@gmail.com> | 2018-01-11 18:12:41 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-01-12 01:23:23 +0100 |
commit | 6067208f421554056d0c76d190d4aa55c77790bd (patch) | |
tree | e0525b68c7a157913c83e3bba0062773c8810057 /extensions/libip6t_srh.t | |
parent | 0f387b070ae7630c47bd3daeb395d27a1214d4e9 (diff) |
extensions: add support for 'srh' match
This patch adds a new exetension to iptables to supprt 'srh' match
The implementation considers revision 7 of the SRH draft.
https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-07
Signed-off-by: Ahmed Abdelsalam <amsalam20@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libip6t_srh.t')
-rw-r--r-- | extensions/libip6t_srh.t | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/extensions/libip6t_srh.t b/extensions/libip6t_srh.t new file mode 100644 index 00000000..08897d5c --- /dev/null +++ b/extensions/libip6t_srh.t @@ -0,0 +1,26 @@ +:INPUT,FORWARD,OUTPUT +-m srh --srh-next-hdr 17;=;OK +-m srh --srh-hdr-len-eq 8;=;OK +-m srh --srh-hdr-len-gt 8;=;OK +-m srh --srh-hdr-len-lt 8;=;OK +-m srh --srh-segs-left-eq 1;=;OK +-m srh --srh-segs-left-gt 1;=;OK +-m srh --srh-segs-left-lt 1;=;OK +-m srh --srh-last-entry-eq 4;=;OK +-m srh --srh-last-entry-gt 4;=;OK +-m srh --srh-last-entry-lt 4;=;OK +-m srh --srh-tag 0;=;OK +-m srh ! --srh-next-hdr 17;=;OK +-m srh ! --srh-hdr-len-eq 8;=;OK +-m srh ! --srh-hdr-len-gt 8;=;OK +-m srh ! --srh-hdr-len-lt 8;=;OK +-m srh ! --srh-segs-left-eq 1;=;OK +-m srh ! --srh-segs-left-gt 1;=;OK +-m srh ! --srh-segs-left-lt 1;=;OK +-m srh ! --srh-last-entry-eq 4;=;OK +-m srh ! --srh-last-entry-gt 4;=;OK +-m srh ! --srh-last-entry-lt 4;=;OK +-m srh ! --srh-tag 0;=;OK +-m srh --srh-next-hdr 17 --srh-segs-left-eq 1 --srh-last-entry-eq 4 --srh-tag 0;=;OK +-m srh ! --srh-next-hdr 17 ! --srh-segs-left-eq 0 --srh-tag 0;=;OK +-m srh;=;OK |