diff options
author | Shivani Bhardwaj <shivanib134@gmail.com> | 2015-12-29 23:54:25 +0530 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-02-16 19:30:24 +0100 |
commit | 95a7a9df945790f92237e4d2e91f3d372d6a2ad5 (patch) | |
tree | 35d4ce594520c576f1ec000f7523c253fa69afeb /extensions/libipt_CLUSTERIP.man | |
parent | d4721236c2e8808958ada3d7b2548f4c473908a0 (diff) |
extensions: libxt_length: Add translation to nft
Add translation for module length to nftables.
Examples:
$ sudo iptables-translate -A INPUT -p icmp -m length --length 86:0xffff -j DROP
nft add rule ip filter INPUT ip protocol icmp meta length 86-65535 counter drop
$ sudo iptables-translate -A INPUT -p udp -m length --length :400
nft add rule ip filter INPUT ip protocol udp meta length 0-400 counter
$ sudo iptables-translate -A INPUT -p udp -m length --length 40
nft add rule ip filter INPUT ip protocol udp meta length 40 counter
$ sudo iptables-translate -A INPUT -p udp -m length ! --length 40
nft add rule ip filter INPUT ip protocol udp meta length != 40 counter
Signed-off-by: Shivani Bhardwaj <shivanib134@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libipt_CLUSTERIP.man')
0 files changed, 0 insertions, 0 deletions