Skip to content

Instantly share code, notes, and snippets.

@CRTX

CRTX/switch commands.md

Last active December 19, 2017 17:37
Show Gist options
  • Save CRTX/fb999fe2970b4cfe702664363a1202c1 to your computer and use it in GitHub Desktop.
Save CRTX/fb999fe2970b4cfe702664363a1202c1 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
switch commands.md

Commands

-i','--in-interface','The incoming interface name
-o','--out-interface','The outgoing interface name (same as the -i option) at this point
-j', '--jump','The action assocaiated with the rule ACCEPT or DROP',choices=['DROP','ACCEPT','ACCEPT-TRAP','TRAP']
-I','-A','The INPUT or OUTPUT chain which maps to the INGRESS or EGRESS tables',choices=['INPUT','OUTPUT']
-p', '--protocol','The IP protocol type (TCP/UDP/ICMP)
-d', '--destination','Specify the destination IPv4/IPv6 address'
--dport','Specify the destination port number'
--sport','Specify the source port number'
-s', '--source','Specify the source IPv4/IPv6 address'
--mac-source','The source MAC address'
--mac-destination','The destination MAC address'

Example

  1. (blocks unknown) -A INPUT -p ssh -m mac --mac-source 00:00:00:00:00:001 --dport 80 -j DROP
  2. (blocks bad requests) -A INPUT -p ssh -m mac --mac-source 00:00:00:00:00:001 --dport 80 -j DROP
  3. (accepts http requests on port 80) -A INPUT -p tcp --dport 80 -j ACCEPT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment