ホーム エクスプローラ contacts
サインイン
LDA010
/
bug_ebuild
Watch 0
Star 0
Fork 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: 96cec4cf63
ブランチ タグ
bug_ebuild
/
gentoo
/
profiles
/
desc
/
xtables_addons.desc

xtables_addons.desc 2.3 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233 
  1. # Copyright 1999-2013 Gentoo Foundation
    2. 

  2. # Distributed under the terms of the GNU General Public License v2
    3. 

  3. 

  4. # This file contains descriptions of XTABLES_ADDONS USE-EXPANDED variables.
    5. 

  5. # Keep it sorted.
    6. 

  6. 

  7. account - ACCOUNT target is a high performance accounting system for large local networks
    8. 

  8. chaos - CHAOS target causes confusion on the other end by doing odd things with incoming packets
    9. 

  9. checksum - CHECKSUM target computes and fills in the checksum in a packet that lacks a checksum
    10. 

  10. condition - matches if a specific condition variable is (un)set
    11. 

  11. delude - DELUDE target will reply to a SYN packet with SYN-ACK, and to all other packets with an RST
    12. 

  12. dhcpmac - DHCPMAC target/match in conjunction with ebtables can be used to completely change all MAC addresses from and to a VMware-based virtual machine
    13. 

  13. dnetmap - DNETMAP target allows dynamic two-way 1:1 mapping of IPv4 subnets
    14. 

  14. echo - ECHO target sends back all packets it received
    15. 

  15. fuzzy - matches a rate limit based on a fuzzy logic controller (FLC)
    16. 

  16. geoip - match a packet by its source or destination country
    17. 

  17. gradm - match packets based on grsecurity RBAC status
    18. 

  18. iface - match allows to check interface states
    19. 

  19. ipmark - IPMARK target allows mark a received packet basing on its IP address
    20. 

  20. ipp2p - matches certain packets in P2P flows
    21. 

  21. ipv4options - match against a set of IPv4 header options
    22. 

  22. length2 - matches the length of a packet against a specific value or range of values
    23. 

  23. logmark - LOGMARK target will log packet and connection marks to syslog
    24. 

  24. lscan - match detects simple low-level scan attemps based upon the packet's contents
    25. 

  25. quota2 - match implements a named counter which can be increased or decreased on a per-match basis
    26. 

  26. pknock - match implements so-called "port knocking", a stealthy system for network authentication
    27. 

  27. psd - match attempts to detect TCP and UDP port scans (derived from Solar Designer's scanlogd)
    28. 

  28. rawnat - The RAWSNAT and RAWDNAT targets provide stateless network address translation
    29. 

  29. steal - STEAL target is like DROP, but does not throw an error when used in the OUTPUT chain
    30. 

  30. sysrq - SYSRQ target allows to remotely trigger sysrq on the local machine over the network
    31. 

  31. tarpit - TARPIT target captures and holds incoming TCP connections using no local per-connection resources
    32. 

  32. tee - TEE target will clone a packet and redirect this clone to another machine on the local network segment
    33. 

  33.