blob: 8488f8ceb02961494029e10a628256df3228ba7a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
iptables-translate -A INPUT -m ecn --ecn-ip-ect 0
nft 'add rule ip filter INPUT ip ecn not-ect counter'
iptables-translate -A INPUT -m ecn --ecn-ip-ect 1
nft 'add rule ip filter INPUT ip ecn ect1 counter'
iptables-translate -A INPUT -m ecn --ecn-ip-ect 2
nft 'add rule ip filter INPUT ip ecn ect0 counter'
iptables-translate -A INPUT -m ecn --ecn-ip-ect 3
nft 'add rule ip filter INPUT ip ecn ce counter'
iptables-translate -A INPUT -m ecn ! --ecn-ip-ect 0
nft 'add rule ip filter INPUT ip ecn != not-ect counter'
iptables-translate -A INPUT -m ecn ! --ecn-ip-ect 1
nft 'add rule ip filter INPUT ip ecn != ect1 counter'
iptables-translate -A INPUT -m ecn ! --ecn-ip-ect 2
nft 'add rule ip filter INPUT ip ecn != ect0 counter'
iptables-translate -A INPUT -m ecn ! --ecn-ip-ect 3
nft 'add rule ip filter INPUT ip ecn != ce counter'
iptables-translate -A INPUT -m ecn ! --ecn-tcp-ece
nft 'add rule ip filter INPUT tcp flags != ecn counter'
iptables-translate -A INPUT -m ecn --ecn-tcp-cwr
nft 'add rule ip filter INPUT tcp flags cwr counter'
|
