diff options
| author | Bart De Schuymer <bdschuym@pandora.be> | 2004-12-05 14:46:55 +0000 |
|---|---|---|
| committer | Bart De Schuymer <bdschuym@pandora.be> | 2004-12-05 14:46:55 +0000 |
| commit | 3655692502132d58e40082d68c516b4d06ef6959 (patch) | |
| tree | 3fffac77f3c798cf1f0f7705ed2ed309dae2e523 /userspace/ebtables2 | |
| parent | b92c241bff788de62a36c007bf14148c5fa8840c (diff) | |
re-add among match, got lost in action
Diffstat (limited to 'userspace/ebtables2')
| -rw-r--r-- | userspace/ebtables2/ebtables.8 | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/userspace/ebtables2/ebtables.8 b/userspace/ebtables2/ebtables.8 index df04a41..73642e7 100644 --- a/userspace/ebtables2/ebtables.8 +++ b/userspace/ebtables2/ebtables.8 @@ -1,4 +1,4 @@ -.TH EBTABLES 8 "22 November 2004" +.TH EBTABLES 8 "05 December 2004" .\" .\" Man page written by Bart De Schuymer <bdschuym@pandora.be> .\" It is based on the iptables man page. @@ -506,6 +506,26 @@ If the 802.3 DSAP and SSAP values are 0xaa then the SNAP type field must be consulted to determine the payload protocol. This is a two byte (hexadecimal) argument. Only 802.3 frames with DSAP/SSAP 0xaa are checked for type. +.SS among +Match a MAC address or MAC/IP address pair versus a list of MAC addresses +and MAC/IP address pairs. +A list entry has the following format: xx:xx:xx:xx:xx:xx[=ip.ip.ip.ip][,]. Multiple +list entries are separated by a comma, specifying an IP address corresponding to +the MAC address is optional. Multiple MAC/IP address pairs with the same MAC address +but different IP address (and vice versa) can be specified. If the MAC address doesn't +match any entry from the list, the frame doesn't match the rule (unless '!' was used). +.TP +.BR "--among-dst " "[!] \fIlist\fP" +Compare the MAC destination to the given list. If the Ethernet frame has type +.BR IPv4 " or " ARP , +then comparison with MAC/IP destination address pairs from the +list is possible. +.TP +.BR "--among-src " "[!] \fIlist\fP" +Compare the MAC source to the given list. If the Ethernet frame has type +.BR IPv4 " or " ARP , +then comparison with MAC/IP source address pairs from the list +is possible. .SS arp Specify arp fields. The protocol must be specified as .BR ARP " or " RARP . @@ -576,9 +596,8 @@ This module matches at a limited rate using a token bucket filter. A rule using this extension will match until this limit is reached. It can be used with the .B --log -watcher -to give limited logging, for example. Its use is the same as the limit -match of iptables. +watcher to give limited logging, for example. Its use is the same +as the limit match of iptables. .TP .BR "--limit " "[\fIvalue\fP]" Maximum average matching rate: specified as a number, with an optional |