Книга: Iptables Tutorial 1.2.2

Symbols

Symbols

$INET_IP, Configuration options

$LAN_IFACE, FORWARD chain

$LAN_IP, OUTPUT chain

$LOCALHOST_IP, OUTPUT chain

$STATIC_IP, OUTPUT chain

--ahspi, AH/ESP match

--chunk-types, SCTP matches

--clamp-mss-to-pmtu, TCPMSS target

--clustermac, CLUSTERIP target

--cmd-owner, Owner match

--comment, Comment match

--ctexpire, Conntrack match

--ctorigdst, Conntrack match

--ctorigsrc, Conntrack match

--ctproto, Conntrack match

--ctrepldst, Conntrack match

--ctreplsrc, Conntrack match

--ctstate, Conntrack match

--ctstatus, Conntrack match

--destination, Generic matches

--destination-port, TCP matches, UDP matches, SCTP matches, Multiport match

--dscp, Dscp match

--dscp-class, Dscp match

--dst-range, IP range match

--dst-type, Addrtype match

--ecn, Ecn match

--ecn-ip-ect, Ecn match

--ecn-tcp-ece, Ecn match

--ecn-tcp-remove, ECN target

--espspi, AH/ESP match

--fragment, Generic matches

--gid-owner, Owner match

--hash-init, CLUSTERIP target

--hashlimit, Hashlimit match

--hashlimit-burst, Hashlimit match

--hashlimit-htable-expire, Hashlimit match

--hashlimit-htable-expire match, Hashlimit match

--hashlimit-htable-gcinterval, Hashlimit match

--hashlimit-htable-max, Hashlimit match

--hashlimit-htable-size, Hashlimit match

--hashlimit-mode, Hashlimit match

--hashlimit-name, Hashlimit match

--hashmode, CLUSTERIP target

--helper, Helper match

--hitcount, Recent match

--icmp-type, ICMP matches

--in-interface, Generic matches

--length, Length match

--limit, Limit match

--limit-burst, Limit match

--local-node, CLUSTERIP target

--log-ip-options, LOG target options

--log-level, LOG target options

--log-prefix, LOG target options

--log-tcp-options, LOG target options

--log-tcp-sequence, LOG target options

--mac-source, Mac match

--mark, Connmark match, Mark match

--mask, CONNMARK target

--match, Implicit matches

--mss, Tcpmss match

--name, Recent match

--new, CLUSTERIP target

--nodst, SAME target

--out-interface, Generic matches

--pid-owner, Owner match

--pkt-type, Packet type match

--pkt-type match, Packet type match

--port, Multiport match

--protocol, Generic matches

--queue-num, NFQUEUE target

--rcheck, Recent match

--rdest, Recent match

--realm, Realm match

--reject-with, REJECT target

--remove, Recent match

--restore, CONNSECMARK target

--restore-mark, CONNMARK target

--rsource, Recent match

--rttl, Recent match

--save, CONNSECMARK target

--save-mark, CONNMARK target

--seconds, Recent match

--selctx, SECMARK target

--set, Recent match

--set-class, CLASSIFY target

--set-dscp, DSCP target

--set-dscp-class, DSCP target

--set-mark, CONNMARK target, MARK target

--set-mss, TCPMSS target

--set-tos, TOS target

--sid-owner, Owner match

--source, Generic matches

--source-port, TCP matches, UDP matches, SCTP matches, Multiport match

--src-range, IP range match

--src-type, Addrtype match

--state, State match

--syn, TCP matches

--tcp-flags, TCP matches

--tcp-option, TCP matches

--to, NETMAP target, SAME target

--to-destination, DNAT target

--to-destination target, DNAT target

--to-ports, MASQUERADE target, REDIRECT target

--to-source, SNAT target

--tos, Tos match

--total-nodes, CLUSTERIP target

--ttl-dec, TTL target

--ttl-eq, Ttl match

--ttl-gt, Ttl match

--ttl-inc, TTL target

--ttl-lt, Ttl match

--ttl-set, TTL target

--uid-owner, Owner match

--ulog-cprange, ULOG target

--ulog-nlgroup, ULOG target

--ulog-prefix, ULOG target

--ulog-qthreshold, ULOG target

--update, Recent match

[ASSURED], TCP connections

[UNREPLIED], TCP connections