Manualshelf

Setup guide

ManualsBrandsD-Link ManualsComputer equipmentDWL-500 - 11Mb Wireless LAN PCI Network Card
211212213214215216217218219220
the packet matches the rule, one of the:
accept - accept the packet. No action, i.e., the packet is passed through without undertaking any
action, except for mangle, and no more rules are processed in the relevant list/chain
drop - silently drop the packet (without sending the ICMP reject message)
jump - jump to the chain specified by the value of the jump-target argument
passthrough - ignore this rule, except for mangle, go on to the next one. Acts the same way as
a disabled rule, except for ability to count and mangle packets
reject - reject the packet and send an ICMP reject message
return - return to the previous chain, from where the jump took place
disabled (yes | no; default: no) - specifies whether the rule is disabled or not
in-interface (name; default: all) - interface the packet has entered the router through.
all - may include the local loopback interface for packets originated from the router
out-interface (name; default: name) - interface the packet is leaving the router from
all - may include the local loopback interface for packets with destination to the router
src-port (integer: 0..65535) - source port number or range (0-65535)
0 - all ports 1-65535
comment (text; default: "") - a descriptive comment for the rule
dst-address (IP address/mask:port; default: 0.0.0.0/0:0-65535) - destination IP address
jump-target (name) - name of the target chain, if the action=jump is used
tcp-options (any | syn-only | non-syn-only; default: any) - TCP options
connection (text; default: "") - connection mark to match. Only connections (including related)
marked in the MANGLE would be matched
dst-netmask (IP address) - destination netmask in decimal form x.x.x.x
limit-burst (integer; default: 0) - allowed burst regarding the limit-count/limit-time
protocol (ah | egp | ggp | icmp | ipencap | ospf | rspf | udp | xtp | all | encap | gre | idpr-cmtp | ipip |
pup | st | vmtp | ddp | esp | hmp | igmp | iso-tp4 | rdp | tcp | xns-idp; default: all) - protocol setting
all - cannot be used, if you want to specify ports
connection-state (any | established | invalid | new | related; default: any) - connection state
dst-port (integer: 0..65535) - destination port number or range
0 - all ports 1-65535
limit-count (integer; default: 0) - how many times to use the rule during the limit-time period
src-address (IP address/mask:port; default: 0.0.0.0/0:0-65535) - source IP address
content (text; default: "") - the text packets should contain in order to match the rule
flow (text) - flow mark to match. Only packets marked in the MANGLE would be matched
limit-time (time; default: 0) - time interval, used in limit-count
0 - forever
src-mac-address (MAC address; default: 00:00:00:00:00:00) - host's MAC address the packet has
been received from
icmp-options (integer; default: any:any) - matches ICMP Type:Code fields
log (yes | no; default: no) - specifies to log the action or not
src-netmask (IP address) - source netmask in decimal form x.x.x.x
p2p (any | all-p2p | bit-torrent | direct-connect | fasttrack | soulseek | blubster | edonkey | gnutella;
default: any) - match Peer-to-Peer (P2P) connections:
all-p2p - match all known P2P traffic
any - match any packet (i.e., do not check this property)
tos (<integer> | dont-change | low-cost | low-delay | max-reliability | max-throughput | normal | any