1 |
pva 10/04/29 09:25:51 |
2 |
|
3 |
Added: xtables_addons.desc |
4 |
Log: |
5 |
Add XTABLES_ADDONS description (discussed in -dev on 18.01.2010). |
6 |
|
7 |
Revision Changes Path |
8 |
1.1 profiles/desc/xtables_addons.desc |
9 |
|
10 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/profiles/desc/xtables_addons.desc?rev=1.1&view=markup |
11 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/profiles/desc/xtables_addons.desc?rev=1.1&content-type=text/plain |
12 |
|
13 |
Index: xtables_addons.desc |
14 |
=================================================================== |
15 |
# Copyright 1999-2010 Gentoo Foundation |
16 |
# Distributed under the terms of the GNU General Public License v2 |
17 |
# $Header: /var/cvsroot/gentoo-x86/profiles/desc/xtables_addons.desc,v 1.1 2010/04/29 09:25:51 pva Exp $ |
18 |
|
19 |
# This file contains descriptions of XTABLES_ADDONS USE-EXPANDED variables. |
20 |
# Keep it sorted. |
21 |
|
22 |
account - ACCOUNT target is a high performance accounting system for large local networks |
23 |
chaos - CHAOS target causes confusion on the other end by doing odd things with incoming packets |
24 |
condition - matches if a specific condition variable is (un)set |
25 |
delude - DELUDE target will reply to a SYN packet with SYN-ACK, and to all other packets with an RST |
26 |
dhcpmac - DHCPMAC target/match in conjunction with ebtables can be used to completely change all MAC addresses from and to a VMware-based virtual machine |
27 |
echo - ECHO target sends back all packets it received |
28 |
fuzzy - matches a rate limit based on a fuzzy logic controller (FLC) |
29 |
geoip - match a packet by its source or destination country |
30 |
iface - match allows to check interface states |
31 |
ipmark - IPMARK target allows mark a received packet basing on its IP address |
32 |
ipp2p - matches certain packets in P2P flows |
33 |
ipset - enables build of ipset related modules |
34 |
ipv4options - match against a set of IPv4 header options |
35 |
length2 - matches the length of a packet against a specific value or range of values |
36 |
logmark - LOGMARK target will log packet and connection marks to syslog |
37 |
lscan - match detects simple low-level scan attemps based upon the packet's contents |
38 |
quota2 - match implements a named counter which can be increased or decreased on a per-match basis |
39 |
pknock - match implements so-called "port knocking", a stealthy system for network authentication |
40 |
psd - match attempts to detect TCP and UDP port scans (derived from Solar Designer's scanlogd) |
41 |
rawnat - The RAWSNAT and RAWDNAT targets provide stateless network address translation |
42 |
steal - STEAL target is like DROP, but does not throw an error when used in the OUTPUT chain |
43 |
sysrq - SYSRQ target allows to remotely trigger sysrq on the local machine over the network |
44 |
tarpit - TARPIT target captures and holds incoming TCP connections using no local per-connection resources |
45 |
tee - TEE target will clone a packet and redirect this clone to another machine on the local network segment |