Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

18.12.10.7. TCP/UDP/SCTP

Protocol ID: tcp, udp, sctp
The chain parameter is ignored for this type of traffic and should either be omitted or set to root. .

Table 18.9. TCP/UDP/SCTP protocol types

Attribute NameDatatypeDefinition
srcmacaddrMAC_ADDRMAC address of sender
srcipaddrIP_ADDRSource IP address
srcipmaskIP_MASKMask applied to source IP address
dstipaddrIP_ADDRDestination IP address
dstipmaskIP_MASKMask applied to destination IP address
scriptoIP_ADDRStart of range of source IP address
srcipfromIP_ADDREnd of range of source IP address
dstipfromIP_ADDRStart of range of destination IP address
dstiptoIP_ADDREnd of range of destination IP address
scrportstartUNIT16Start of range of valid source ports; requires protocol
srcportendUINT16End of range of valid source ports; requires protocol
dstportstartUNIT16Start of range of valid destination ports; requires protocol
dstportendUNIT16End of range of valid destination ports; requires protocol
commentSTRING text string up to 256 characters
stateSTRINGcomma separated list of NEW,ESTABLISHED,RELATED,INVALID or NONE
flagsSTRINGTCP-only: format of mask/flags with mask and flags each being a comma separated list of SYN,ACK,URG,PSH,FIN,RST or NONE or ALL
ipsetSTRINGThe name of an IPSet managed outside of libvirt
ipsetflagsIPSETFLAGSflags for the IPSet; requires ipset attribute