summaryrefslogtreecommitdiffstats
path: root/tests/expr-meta
blob: 360caa7d45754e101c4672c1c9961422b03c5395 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#! nft -f

add table ip filter
add chain ip filter output { type filter hook output priority 0 ; }

# meta: skb len
add rule ip filter output meta length 1000 counter

# meta: skb protocol
add rule ip filter output meta protocol 0x0800 counter

# meta: skb mark
add rule ip filter output meta mark 0 counter

# meta: skb iif
add rule ip filter output meta iif lo counter

# meta: skb iifname
add rule ip filter output meta iifname "eth0" counter

# meta: skb oif
add rule ip filter output meta oif lo counter

# meta: skb oifname
add rule ip filter output meta oifname "eth0" counter

# meta: skb sk uid
add rule ip filter output meta skuid 1000 counter

# meta: skb sk gid
add rule ip filter output meta skgid 1000 counter

# meta: nftrace
add rule ip filter output meta nftrace 1 counter

# meta: rtclassid (see /etc/iproute2/rt_realms)
add rule ip filter output meta rtclassid cosmos counter

# meta: secmark
add rule ip filter output meta secmark 0 counter