diff options
author | Vytas Dauksa <vytas.dauksa@smoothwall.net> | 2013-12-17 14:01:44 +0000 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2014-01-23 07:12:51 +0100 |
commit | 2dfb973c0dcc6d22113e2370f461f1733035baaf (patch) | |
tree | f07f9273a8b91c7ec45e871baf914608b8972033 /src | |
parent | 14ea38fca9e40df4f172a573c222591b5f3cc241 (diff) |
add markmask for hash:ip,mark data type
Introduce packet mark mask for hash:ip,mark data type. This allows to
set mark bit filter for the ip set.
Change-Id: Id8dd9ca7e64477c4f7b022a1d9c1a5b187f1c96e
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'src')
-rw-r--r-- | src/ipset.8 | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/ipset.8 b/src/ipset.8 index e2b39fd..eeda9e7 100644 --- a/src/ipset.8 +++ b/src/ipset.8 @@ -881,7 +881,7 @@ ipset test foo 192.168.1,80.10.0.0/24 .SS hash:ip,mark The \fBhash:ip,mark\fR set type uses a hash to store IP address and packet mark pairs. .PP -\fICREATE\-OPTIONS\fR := [ \fBfamily\fR { \fBinet\fR | \fBinet6\fR } ] | [ \fBhashsize\fR \fIvalue\fR ] [ \fBmaxelem\fR \fIvalue\fR ] [ \fBtimeout\fR \fIvalue\fR ] [ \fBcounters\fP ] [ \fBcomment\fP ] +\fICREATE\-OPTIONS\fR := [ \fBfamily\fR { \fBinet\fR | \fBinet6\fR } ] | [ \fBmarkmask\fR \fIvalue\fR ] [ \fBhashsize\fR \fIvalue\fR ] [ \fBmaxelem\fR \fIvalue\fR ] [ \fBtimeout\fR \fIvalue\fR ] [ \fBcounters\fP ] [ \fBcomment\fP ] .PP \fIADD\-ENTRY\fR := \fIipaddr\fR,\fImark\fR .PP @@ -897,6 +897,10 @@ Optional \fBcreate\fR options: The protocol family of the IP addresses to be stored in the set. The default is \fBinet\fR, i.e IPv4. .TP +\fBmarkmask\fR \fIvalue\fR +Allows to set bits you are interested in the packet mark. This values is then used to perform bitwise AND operation for every mark added. +markmask can be any value between 1 and 4294967295, by default all 32 bits are set. +.TP \fBhashsize\fR \fIvalue\fR The initial hash size for the set, default is 1024. The hash size must be a power of two, the kernel automatically rounds up non power of two hash sizes to the first |