U32 filter selectors
For more information see Linux 2.4 Advanced Routing HOWTO section on U32.
| Protocol selector | Field selector | Parameters 1 | Description |
|---|---|---|---|
| match ip | |||
| src | prefix/32 | packet source address | |
| dst | prefix/32 | packet destination address | |
| tos | tos u8 | packet TOS field | |
| dsfield | tos u8 | packet TOS field (synonym) | |
| precedence | tos u8 | packet TOS field (synonym) | |
| ihl | ihl u8 | packet header length | |
| protocol | prot u8 | encapsulated (higher layer) protocol number | |
| nofrag | packet is not fragmented | ||
| firstfrag | packet contains first fragment | ||
| df | Don't Fragment flag is set | ||
| mf | More Fragments flag is set | ||
| sport | port u16 | higher layer protocol source port | |
| dport | port u16 | higher layer protocol destination port | |
| icmp_type | type u8 | ICMP message type | |
| icmp_code | code u8 | ICMP message code | |
| match ip62 | |||
| src | prefix/128 | packet source IPv6 address | |
| dst | prefix/128 | packet destination IPv6 address | |
| flowlabel | flow u32 | IPv6 packet flow label | |
| match udp, tcp | |||
| src | src u16 | source port | |
| dst | dst u16 | destination port | |
| match icmp | |||
| type | type u8 | ICMP message type | |
| code | code u8 | ICMP message code |
1 Parameters are specified as decimal numbers, hexadecimal numbers or IPv4/IPv6 addresses, where required. If the selector accepts two parameters, the first one specifies the pattern and the another mask of given length in bits. Length of the pattern should be same as mask length.
2The other parameters are identical as in IPv4: priority, protocol, dport, sport, icmp_type icmp_code
Parameters
- prefix/32
- IPv4 address specified as aaa.bbb.ccc.ddd/nn, where nn is prefix length in bits. Shortcuts are also recognized, such as 127/8 (equal to 127.0.0.0/8).
- prefix/128
- IPv6 address specified as aaaa:bbbb:...:zzzz/nn, in standard notation for 128-bit IPv6 addresses (e.g. 3ffe:8010:3::1:0:0/96).
- u8
- 8-bit unsigned integer, hexadecimal or decimal (e.g. 0xfe).
- u16
- 16-bit unsigned integer, hexadecimal or decimal (e.g. 0xbeef).
- u32
- 32-bit unsigned integer, hexadecimal or decimal (e.g. 0xdeadbeef).