documentation:configuration:config_files:config_network
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
documentation:configuration:config_files:config_network [2015/05/18 10:37] admin |
documentation:configuration:config_files:config_network [2018/05/24 09:05] (current) |
||
|---|---|---|---|
| Line 219: | Line 219: | ||
| </code> | </code> | ||
| + | The options below are defined for //IP rule// (''rule'' and ''rule6'') sections: | ||
| + | |||
| + | ^ Name ^ Type ^ Required ^ Default ^ Description ^ | ||
| + | | ''in'' | string | no | //(none)// | Specifies the incoming //logical interface name// | | ||
| + | | ''out'' | string | no | //(none)// | Specifies the outgoing //logical interface name// | | ||
| + | | ''src'' | ip subnet | no | //(none)// | Specifies the source subnet to match (CIDR notation) | | ||
| + | | ''dest'' | ip subnet | no | //(none)// | Specifies the destination subnet to match (CIDR notation) | | ||
| + | | ''tos'' | integer | no | //(none)// | Specifies the TOS value to match in IP headers | | ||
| + | | ''mark'' | mark/mask | no | //(none)// | Specifies the //fwmark// and optionally its mask to match, e.g. ''0xFF'' to match mark 255 or ''0x0/0x1'' to match any even mark value | | ||
| + | | ''invert'' | boolean | no | ''0'' | If set to ''1'', the meaning of the match options is inverted | | ||
| + | | ''priority'' | integer | no | //(incrementing)// | Controls the order of the IP rules, by default the priority is auto-assigned so that they are processed in the same order they're declared in the config file | | ||
| + | | ''lookup'' | routing table | at least one of | //(none)// | The rule target is a table lookup, the ID can be either a numeric table index ranging from ''0'' to ''65535'' or a symbolic alias declared in ''/etc/iproute2/rt_tables''. The special aliases ''local'' (''255''), ''main'' (''254'') and ''default'' (''253'') are recognized as well | | ||
| + | | ''goto'' | rule index | ::: | ::: | The rule target is a jump to another rule specified by its ''priority'' value | | ||
| + | | ''action'' | string | ::: | ::: | The rule target is one of the routing actions outlined in the table below | | ||
| + | |||
| + | === Routing Actions === | ||
| + | |||
| + | ^ Action ^ Description ^ | ||
| + | | ''prohibit'' | When reaching the rule, respond with //ICMP prohibited// messages and abort route lookup | | ||
| + | | ''unreachable'' | When reaching the rule, respond with //ICMP unreachable// messages and abort route lookup | | ||
| + | | ''blackhole'' | When reaching the rule, drop packet and abort route lookup | | ||
| + | | ''throw'' | Stop lookup in the current routing table even if a default route exists | | ||
documentation/configuration/config_files/config_network.1431945452.txt.gz ยท Last modified: 2018/05/24 09:05 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
