You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30 lines
1.0 KiB
30 lines
1.0 KiB
iptables-translate -A INPUT -m ecn --ecn-ip-ect 0
|
|
nft add rule ip filter INPUT ip ecn not-ect counter
|
|
|
|
iptables-translate -A INPUT -m ecn --ecn-ip-ect 1
|
|
nft add rule ip filter INPUT ip ecn ect1 counter
|
|
|
|
iptables-translate -A INPUT -m ecn --ecn-ip-ect 2
|
|
nft add rule ip filter INPUT ip ecn ect0 counter
|
|
|
|
iptables-translate -A INPUT -m ecn --ecn-ip-ect 3
|
|
nft add rule ip filter INPUT ip ecn ce counter
|
|
|
|
iptables-translate -A INPUT -m ecn ! --ecn-ip-ect 0
|
|
nft add rule ip filter INPUT ip ecn != not-ect counter
|
|
|
|
iptables-translate -A INPUT -m ecn ! --ecn-ip-ect 1
|
|
nft add rule ip filter INPUT ip ecn != ect1 counter
|
|
|
|
iptables-translate -A INPUT -m ecn ! --ecn-ip-ect 2
|
|
nft add rule ip filter INPUT ip ecn != ect0 counter
|
|
|
|
iptables-translate -A INPUT -m ecn ! --ecn-ip-ect 3
|
|
nft add rule ip filter INPUT ip ecn != ce counter
|
|
|
|
iptables-translate -A INPUT -m ecn ! --ecn-tcp-ece
|
|
nft add rule ip filter INPUT tcp flags != ecn counter
|
|
|
|
iptables-translate -A INPUT -m ecn --ecn-tcp-cwr
|
|
nft add rule ip filter INPUT tcp flags cwr counter
|