* [PATCH 1/1] doc: update ct expression
@ 2016-01-14 3:56 Florian Westphal
2016-01-15 13:11 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: Florian Westphal @ 2016-01-14 3:56 UTC (permalink / raw)
To: netfilter-devel; +Cc: Florian Westphal
Signed-off-by: Florian Westphal <fw@strlen.de>
---
doc/nft.xml | 45 ++++++++++++++++++++++++++++++++++++---------
1 file changed, 36 insertions(+), 9 deletions(-)
diff --git a/doc/nft.xml b/doc/nft.xml
index dbc9cd5..7cc9988 100644
--- a/doc/nft.xml
+++ b/doc/nft.xml
@@ -1931,6 +1931,13 @@ filter output oif eth0
Conntrack expressions refer to meta data of the connection tracking entry associated with a packet.
</para>
<para>
+ There are three types of conntrack expressions. Some conntrack expressions require the flow
+ direction before the conntrack key, others must be used directly because they are
+ direction agnostic. The <command>packets<command> and </command>bytes</command> keywords can be used
+ with or without a direction. If the direction is omitted, the sum of the original and the reply
+ direction is returned.
+ </para>
+ <para>
<cmdsynopsis>
<command>ct</command>
<group choice="req">
@@ -1941,12 +1948,22 @@ filter output oif eth0
<arg>expiration</arg>
<arg>helper</arg>
<arg>label</arg>
- <arg>l3proto</arg>
- <arg>saddr</arg>
- <arg>daddr</arg>
- <arg>protocol</arg>
- <arg>proto-src</arg>
- <arg>proto-dst</arg>
+ <arg>bytes</arg>
+ <arg>packets</arg>
+ </group>
+ <group choice="req">
+ <arg>original</arg>
+ <arg>reply</arg>
+ <group choice="req">
+ <arg>l3proto</arg>
+ <arg>protocol</arg>
+ <arg>saddr</arg>
+ <arg>daddr</arg>
+ <arg>proto-src</arg>
+ <arg>proto-dst</arg>
+ <arg>bytes</arg>
+ <arg>packets</arg>
+ </group>
</group>
</cmdsynopsis>
</para>
@@ -2003,7 +2020,7 @@ filter output oif eth0
<row>
<entry>l3proto</entry>
<entry>Layer 3 protocol of the connection</entry>
- <entry>nf_proto FIXME</entry>
+ <entry>nf_proto</entry>
</row>
<row>
<entry>saddr</entry>
@@ -2023,12 +2040,22 @@ filter output oif eth0
<row>
<entry>proto-src</entry>
<entry>Layer 4 protocol source for the given direction</entry>
- <entry>FIXME</entry>
+ <entry>integer (16 bit)</entry>
</row>
<row>
<entry>proto-dst</entry>
<entry>Layer 4 protocol destination for the given direction</entry>
- <entry>FIXME</entry>
+ <entry>integer (16 bit)</entry>
+ </row>
+ <row>
+ <entry>packets</entry>
+ <entry>packet count seen in the given direction or sum of original and reply</entry>
+ <entry>integer (64 bit)</entry>
+ </row>
+ <row>
+ <entry>bytes</entry>
+ <entry>bytecount seen, see description for <command>packets</command> keyword</entry>
+ <entry>integer (64 bit)</entry>
</row>
</tbody>
</tgroup>
--
2.4.10
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH 1/1] doc: update ct expression
2016-01-14 3:56 [PATCH 1/1] doc: update ct expression Florian Westphal
@ 2016-01-15 13:11 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2016-01-15 13:11 UTC (permalink / raw)
To: Florian Westphal; +Cc: netfilter-devel
On Thu, Jan 14, 2016 at 04:56:57AM +0100, Florian Westphal wrote:
> Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-01-15 13:12 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-01-14 3:56 [PATCH 1/1] doc: update ct expression Florian Westphal
2016-01-15 13:11 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).