From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [nft PATCH] doc: Document 'dccp type' match
Date: Wed, 2 Dec 2020 21:56:16 +0100 [thread overview]
Message-ID: <20201202205616.24399-1-phil@nwl.cc> (raw)
Add a description of dccp_pkttype and extend DCCP header expression
synopsis by the 'type' argument.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
doc/data-types.txt | 44 ++++++++++++++++++++++++++++++++++++++
doc/payload-expression.txt | 5 ++++-
2 files changed, 48 insertions(+), 1 deletion(-)
diff --git a/doc/data-types.txt b/doc/data-types.txt
index a42a55fae9534..0f049c044e9fc 100644
--- a/doc/data-types.txt
+++ b/doc/data-types.txt
@@ -492,3 +492,47 @@ For each of the types above, keywords are available for convenience:
|==================
Possible keywords for conntrack label type (ct_label) are read at runtime from /etc/connlabel.conf.
+
+DCCP PKTTYPE TYPE
+~~~~~~~~~~~~~~~~
+[options="header"]
+|==================
+|Name | Keyword | Size | Base type
+|DCCP packet type |
+dccp_pkttype |
+4 bit |
+integer
+|===================
+
+The DCCP packet type abstracts the different legal values of the respective
+four bit field in the DCCP header, as stated by RFC4340. Note that possible
+values 10-15 are considered reserved and therefore not allowed to be used. In
+iptables' *dccp* match, these values are aliased 'INVALID'. With nftables, one
+may simply match on the numeric value range, i.e. *10-15*.
+
+.keywords may be used when specifying the DCCP packet type
+[options="header"]
+|==================
+|Keyword |Value
+|request|
+0
+|response|
+1
+|data|
+2
+|ack|
+3
+|dataack|
+4
+|closereq|
+5
+|close|
+6
+|reset|
+7
+|sync|
+8
+|syncack|
+9
+|=================
+
diff --git a/doc/payload-expression.txt b/doc/payload-expression.txt
index ffd1b671637a9..a593e2e7b947d 100644
--- a/doc/payload-expression.txt
+++ b/doc/payload-expression.txt
@@ -392,7 +392,7 @@ integer (32 bit)
DCCP HEADER EXPRESSION
~~~~~~~~~~~~~~~~~~~~~~
[verse]
-*dccp* {*sport* | *dport*}
+*dccp* {*sport* | *dport* | *type*}
.DCCP header expression
[options="header"]
@@ -404,6 +404,9 @@ inet_service
|dport|
Destination port|
inet_service
+|type|
+Packet type|
+dccp_pkttype
|========================
AUTHENTICATION HEADER EXPRESSION
--
2.28.0
reply other threads:[~2020-12-02 20:58 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201202205616.24399-1-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).