From 25a0de69ea6874c992b703125c6354b006eb6ed1 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Sun, 21 Jul 2019 12:43:05 +0200 Subject: doc: fib: explain example in more detail As noted by Felix Dreissig, fib documentation is quite terse, so explain the 'saddr . iif' example with a few more words. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1220 Signed-off-by: Florian Westphal Acked-by: Pablo Neira Ayuso --- doc/primary-expression.txt | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'doc/primary-expression.txt') diff --git a/doc/primary-expression.txt b/doc/primary-expression.txt index 34bcf2d3..fc17a02c 100644 --- a/doc/primary-expression.txt +++ b/doc/primary-expression.txt @@ -280,6 +280,12 @@ If no route was found for the source address/input interface combination, the ou In case the input interface is specified as part of the input key, the output interface index is always the same as the input interface index or zero. If only 'saddr oif' is given, then oif can be any interface index or zero. +In this example, 'saddr . iif' lookups up routing information based on the source address and the input interface. +oif picks the output interface index from the routing information. +If no route was found for the source address/input interface combination, the output interface index is zero. +In case the input interface is specified as part of the input key, the output interface index is always the same as the input interface index or zero. +If only 'saddr oif' is given, then oif can be any interface index or zero. + # drop packets to address not configured on ininterface filter prerouting fib daddr . iif type != { local, broadcast, multicast } drop -- cgit v1.2.3