summaryrefslogtreecommitdiffstats
path: root/extensions/libxt_rpfilter.c
diff options
context:
space:
mode:
authorLiping Zhang <zlpnobody@gmail.com>2016-12-25 20:27:51 +0800
committerPablo Neira Ayuso <pablo@netfilter.org>2017-01-16 14:12:22 +0100
commitaa98227ce600cf52dbcf41e26002db1f5395a871 (patch)
tree4a091e8380a20c30eaf3947f583807baf9cd213e /extensions/libxt_rpfilter.c
parentb013e3e80e96fdf3ab77d827943bfacdfca38618 (diff)
extensions: libxt_connbytes: Add translation to nft
For example: # iptables-translate -A OUTPUT -m connbytes --connbytes 200 \ --connbytes-dir original --connbytes-mode packets nft add rule ip filter OUTPUT ct original packets ge 200 counter # iptables-translate -A OUTPUT -m connbytes ! --connbytes 200 \ --connbytes-dir reply --connbytes-mode packets nft add rule ip filter OUTPUT ct reply packets lt 200 counter # iptables-translate -A OUTPUT -m connbytes --connbytes 200:600 \ --connbytes-dir both --connbytes-mode bytes nft add rule ip filter OUTPUT ct bytes 200-600 counter # iptables-translate -A OUTPUT -m connbytes ! --connbytes 200:600 \ --connbytes-dir both --connbytes-mode bytes nft add rule ip filter OUTPUT ct bytes != 200-600 counter # iptables-translate -A OUTPUT -m connbytes --connbytes 200:200 \ --connbytes-dir both --connbytes-mode avgpkt nft add rule ip filter OUTPUT ct avgpkt 200 counter Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions/libxt_rpfilter.c')
0 files changed, 0 insertions, 0 deletions