diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/primary-expression.txt | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/doc/primary-expression.txt b/doc/primary-expression.txt index 50093b49..88ea7edf 100644 --- a/doc/primary-expression.txt +++ b/doc/primary-expression.txt @@ -143,6 +143,7 @@ or non-zero bound listening socket (possibly with a non-local address). |transparent| Value of the IP_TRANSPARENT socket option in the found socket. It can be 0 or 1.| boolean (1 bit) +|mark| Value of the socket mark (SOL_SOCKET, SO_MARK). | mark |================== .Using socket expression @@ -154,6 +155,22 @@ table inet x { socket transparent 1 mark set 0x00000001 accept } } + +# Trace packets that corresponds to a socket with a mark value of 15 +table inet x { + chain y { + type filter hook prerouting priority -150; policy accept; + socket mark 0x0000000f nftrace set 1 + } +} + +# Set packet mark to socket mark +table inet x { + chain y { + type filter hook prerouting priority -150; policy accept; + tcp dport 8080 mark set socket mark + } +} ---------------------- FIB EXPRESSIONS |