From 4a1923cdb13b0eed54b6ee0387ad0460c0cb78b9 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Thu, 14 Jan 2016 04:56:32 +0100 Subject: doc: update ct expression Signed-off-by: Florian Westphal Acked-by: Pablo Neira Ayuso --- doc/nft.xml | 45 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 36 insertions(+), 9 deletions(-) (limited to 'doc/nft.xml') diff --git a/doc/nft.xml b/doc/nft.xml index dbc9cd5e..7cc99882 100644 --- a/doc/nft.xml +++ b/doc/nft.xml @@ -1930,6 +1930,13 @@ filter output oif eth0 Conntrack expressions refer to meta data of the connection tracking entry associated with a packet. + + There are three types of conntrack expressions. Some conntrack expressions require the flow + direction before the conntrack key, others must be used directly because they are + direction agnostic. The packets and bytes keywords can be used + with or without a direction. If the direction is omitted, the sum of the original and the reply + direction is returned. + ct @@ -1941,12 +1948,22 @@ filter output oif eth0 expiration helper label - l3proto - saddr - daddr - protocol - proto-src - proto-dst + bytes + packets + + + original + reply + + l3proto + protocol + saddr + daddr + proto-src + proto-dst + bytes + packets + @@ -2003,7 +2020,7 @@ filter output oif eth0 l3proto Layer 3 protocol of the connection - nf_proto FIXME + nf_proto saddr @@ -2023,12 +2040,22 @@ filter output oif eth0 proto-src Layer 4 protocol source for the given direction - FIXME + integer (16 bit) proto-dst Layer 4 protocol destination for the given direction - FIXME + integer (16 bit) + + + packets + packet count seen in the given direction or sum of original and reply + integer (64 bit) + + + bytes + bytecount seen, see description for packets keyword + integer (64 bit) -- cgit v1.2.3