Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / iptables / d7282413763b0ba85d512c1cd49174b762ff449c / . / extensions / libipt_addrtype.man
blob: 16fd9dfd932a9f396e1b9f2a718c88494b5dd024 [file] [log] [blame]
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]1This module matches packets based on their
2.B address type.
3Address types are used within the kernel networking stack and categorize
4addresses into various groups. The exact definition of that group depends on the specific layer three protocol.
Jan Engelhardtaeafdb82008-08-12 11:42:04 +0200[diff] [blame]5.PP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]6The following address types are possible:
7.TP
8.BI "UNSPEC"
9an unspecified address (i.e. 0.0.0.0)
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]10.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]11.BI "UNICAST"
12an unicast address
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]13.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]14.BI "LOCAL"
15a local address
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]16.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]17.BI "BROADCAST"
18a broadcast address
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]19.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]20.BI "ANYCAST"
21an anycast packet
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]22.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]23.BI "MULTICAST"
24a multicast address
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]25.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]26.BI "BLACKHOLE"
27a blackhole address
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]28.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]29.BI "UNREACHABLE"
30an unreachable address
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]31.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]32.BI "PROHIBIT"
33a prohibited address
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]34.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]35.BI "THROW"
36FIXME
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]37.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]38.BI "NAT"
39FIXME
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]40.TP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]41.BI "XRESOLVE"
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]42.TP
Jan Engelhardtfea74bf2009-01-12 04:53:18 +0100[diff] [blame]43[\fB!\fP] \fB\-\-src\-type\fP \fItype\fP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]44Matches if the source address is of given type
45.TP
Jan Engelhardtfea74bf2009-01-12 04:53:18 +0100[diff] [blame]46[\fB!\fP] \fB\-\-dst\-type\fP \fItype\fP
Henrik Nordstromc2794132004-01-22 15:04:24 +0000[diff] [blame]47Matches if the destination address is of given type
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]48.TP
Jan Engelhardtfea74bf2009-01-12 04:53:18 +0100[diff] [blame]49.BI "\-\-limit\-iface\-in"
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]50The address type checking can be limited to the interface the packet is coming
51in. This option is only valid in the
52.BR PREROUTING ,
53.B INPUT
54and
55.B FORWARD
56chains. It cannot be specified with the
Jan Engelhardtfea74bf2009-01-12 04:53:18 +0100[diff] [blame]57\fB\-\-limit\-iface\-out\fP
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]58option.
59.TP
Jan Engelhardtfea74bf2009-01-12 04:53:18 +0100[diff] [blame]60\fB\-\-limit\-iface\-out\fP
Jan Engelhardt74670b12009-05-13 17:40:05 +0200[diff] [blame]61The address type checking can be limited to the interface the packet is going
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]62out. This option is only valid in the
63.BR POSTROUTING ,
64.B OUTPUT
65and
66.B FORWARD
67chains. It cannot be specified with the
Jan Engelhardtfea74bf2009-01-12 04:53:18 +0100[diff] [blame]68\fB\-\-limit\-iface\-in\fP
Laszlo Attila Toth4dfd25a2008-06-06 14:17:53 +0200[diff] [blame]69option.