Ipt­a­bles pa­ram­e­ter op­tions

OpenSource For You - - ADMIN -

[!] -p, --pro­to­col pro­to­col: This is the con­nec­tion pro­to­col used. The spec­i­fied pro­to­col can be one of tcp, udp, ud­plite, icmp, esp, ah, sctp or the spe­cial key­word ‘all’. Or it can be a nu­meric value, rep­re­sent­ing one of these pro­to­cols or a dif­fer­ent one. A pro­to­col name from / etc/pro­to­cols is also al­lowed. A ‘!’ ar­gu­ment be­fore the pro­to­col in­verts the test.

[!] -s, --source ad­dress[/mask][,...]: This is the ad­dress[/ mask] source spec­i­fi­ca­tion. Ad­dress can be ei­ther a net­work name, a host­name, a net­work IP ad­dress (with /mask), or a plain IP ad­dress. A ‘!’ ar­gu­ment be­fore the ad­dress spec­i­fi­ca­tion in­verts the sense of the ad­dress.

[!] -d, --des­ti­na­tion ad­dress[/mask][,...]: This is the ad­dress[/mask] des­ti­na­tion spec­i­fi­ca­tion.

-j, --jump tar­get: This jumps to the spec­i­fied tar­get when a packet matches a par­tic­u­lar rule.

[!] -i, --in-in­ter­face name: This is the name of an in­ter­face via which a packet has been re­ceived (only for pack­ets en­ter­ing the IN­PUT, FOR­WARD and PREROUTING chains). When the ‘!’ ar­gu­ment is used be­fore the in­ter­face name, the sense is in­verted. If the in­ter­face name ends in a ‘+’, then any in­ter­face which be­gins with this name will match. If this op­tion is omit­ted, any in­ter­face name will match.

[!] -o, --out-in­ter­face name: This is the name of an in­ter­face via which a packet is go­ing to be sent (for pack­ets en­ter­ing the FOR­WARD, OUT­PUT and POSTROUTING chains). When the ‘!’ ar­gu­ment is used be­fore the in­ter­face name, the sense is in­verted. If the in­ter­face name ends in a ‘+’, then any in­ter­face which be­gins with this name will match. If this op­tion is omit­ted, any in­ter­face name will match.

[!] -f, --frag­ment: This rule ap­plies only to frag­mented pack­ets.

You can use the ex­cla­ma­tion point char­ac­ter (!) op­tion be­fore this pa­ram­e­ter to spec­ify that only un­frag­mented pack­ets are matched.

-c, --set-coun­ters pack­ets bytes: This en­ables the ad­min­is­tra­tor to ini­tialise the packet and byte coun­ters of a rule (dur­ing the IN­SERT, APPEND and RE­PLACE op­er­a­tions).

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.