mirror of
https://github.com/valitydev/salt.git
synced 2024-11-08 09:23:56 +00:00
Merge pull request #24889 from thusoy/patch-2
Add all iptables jump args from manpage
This commit is contained in:
commit
d3b26fdae1
@ -268,53 +268,130 @@ def build_rule(table='filter', chain=None, command=None, position='', full=None,
|
||||
# Jumps should appear last, except for any arguments that are passed to
|
||||
# jumps, which of course need to follow.
|
||||
after_jump = []
|
||||
# List of options fetched from http://www.iptables.info/en/iptables-targets-and-jumps.html
|
||||
# All jump arguments as extracted from man iptables-extensions, man iptables,
|
||||
# man xtables-addons and http://www.iptables.info/en/iptables-targets-and-jumps.html
|
||||
after_jump_arguments = (
|
||||
'j', # j and jump needs to be first
|
||||
'jump',
|
||||
|
||||
# IPTABLES
|
||||
'add-set',
|
||||
'and-mark',
|
||||
'and-tos',
|
||||
'checksum-fill',
|
||||
'clamp-mss-to-pmtu',
|
||||
'ecn-tcp-remove', # no arg
|
||||
'mask', # only used with either save-mark or restore-mark
|
||||
'nodst',
|
||||
'queue-num',
|
||||
'reject-with',
|
||||
'restore', # no arg
|
||||
'restore-mark', # no arg
|
||||
#'save', # no arg, problematic name: How do we avoid collision with this?
|
||||
'save-mark', # no arg
|
||||
'selctx',
|
||||
'set-dscp',
|
||||
'set-dscp-class',
|
||||
'set-mss',
|
||||
'set-tos',
|
||||
'ttl-dec',
|
||||
'ttl-inc',
|
||||
'ttl-set',
|
||||
'ulog-cprange',
|
||||
'ulog-nlgroup',
|
||||
'ulog-prefix',
|
||||
'ulog-qthreshold',
|
||||
'clustermac',
|
||||
'hash-init,'
|
||||
'ctevents',
|
||||
'ctmask',
|
||||
'del-set',
|
||||
'ecn-tcp-remove',
|
||||
'exist',
|
||||
'expevents',
|
||||
'gateway',
|
||||
'hash-init',
|
||||
'hashmode',
|
||||
'helper',
|
||||
'label',
|
||||
'local-node',
|
||||
'log-ip-options',
|
||||
'log-level',
|
||||
'log-prefix',
|
||||
'log-tcp-options',
|
||||
'log-tcp-sequence',
|
||||
'new', # no arg
|
||||
'log-uid',
|
||||
'mask',
|
||||
'new',
|
||||
'nfmask',
|
||||
'nflog-group',
|
||||
'nflog-prefix',
|
||||
'nflog-range',
|
||||
'nflog-threshold',
|
||||
'nodst',
|
||||
'notrack',
|
||||
'on-ip',
|
||||
'on-port',
|
||||
'or-mark',
|
||||
'or-tos',
|
||||
'persistent',
|
||||
'queue-balance',
|
||||
'queue-bypass',
|
||||
'queue-num',
|
||||
'random',
|
||||
'rateest-ewmalog',
|
||||
'rateest-interval',
|
||||
'rateest-name',
|
||||
'reject-with',
|
||||
'restore',
|
||||
'restore-mark',
|
||||
#'save', # no arg, problematic name: How do we avoid collision with this?
|
||||
'save-mark',
|
||||
'selctx',
|
||||
'set-class',
|
||||
'set-dscp',
|
||||
'set-dscp-class',
|
||||
'set-mark',
|
||||
'set-mss',
|
||||
'set-tos',
|
||||
'set-xmark',
|
||||
'strip-options',
|
||||
'timeout',
|
||||
'to',
|
||||
'to-destination',
|
||||
'to-port',
|
||||
'to-ports',
|
||||
'to-source',
|
||||
'total-nodes,'
|
||||
'total-nodes',
|
||||
'tproxy-mark',
|
||||
'ttl-dec',
|
||||
'ttl-inc',
|
||||
'ttl-set',
|
||||
'type',
|
||||
'ulog-cprange',
|
||||
'ulog-nlgroup',
|
||||
'ulog-prefix',
|
||||
'ulog-qthreshold',
|
||||
'xor-mark',
|
||||
'xor-tos',
|
||||
'zone',
|
||||
|
||||
# IPTABLES-EXTENSIONS
|
||||
'dst-pfx',
|
||||
'hl-dec',
|
||||
'hl-inc',
|
||||
'hl-set',
|
||||
'hmark-dport-mask',
|
||||
'hmark-dst-prefix',
|
||||
'hmark-mod',
|
||||
'hmark-offset',
|
||||
'hmark-proto-mask',
|
||||
'hmark-rnd',
|
||||
'hmark-spi-mask',
|
||||
'hmark-sport-mask',
|
||||
'hmark-src-prefix',
|
||||
'hmark-tuple',
|
||||
'led-always-blink',
|
||||
'led-delay',
|
||||
'led-trigger-id',
|
||||
'queue-cpu-fanout',
|
||||
'src-pfx',
|
||||
|
||||
# WEB
|
||||
'to-port',
|
||||
|
||||
# XTABLES
|
||||
'addr',
|
||||
'and-mask',
|
||||
'delude',
|
||||
'honeypot',
|
||||
'or-mask',
|
||||
'prefix',
|
||||
'reset',
|
||||
'reuse',
|
||||
'set-mac',
|
||||
'shift',
|
||||
'static',
|
||||
'tarpit',
|
||||
'tname',
|
||||
'ttl',
|
||||
)
|
||||
for after_jump_argument in after_jump_arguments:
|
||||
if after_jump_argument in kwargs:
|
||||
|
Loading…
Reference in New Issue
Block a user