jaewrite.blogg.se - Wireshark http host wildcard

strip-ipv4-options - strip IPv4 option fields from IP header, action does not actually remove IPv4 options but rather replaces all option octets with NOP, further matcher with ipv4-options=any will still match the packet.

Set remote target with sniff-target and sniff-target-port parameters (Wireshark recommends port 37008)

sniff-tzsp - send packet to a remote TZSP compatible system (such as Wireshark).

sniff-pc - send a packet to a remote RouterOS CALEA server.

set-priority - set priority specified by the new-priority parameter on the packets sent out through a link that is capable of transporting priority (VLAN or WMM-enabled wireless interface).

route - forces packets to a specific gateway IP by ignoring normal routing decision (prerouting chain only).

return - pass control back to the chain from where the jump took place.

passthrough - if packet is matched by the rule, increase counter and go to next rule (useful for statistics).

This kind of marks is used for policy routing purposes only

mark-routing - place a mark specified by the new-routing-mark parameter on a packet.

mark-packet - place a mark specified by the new-packet-mark parameter on a packet that matches the rule.

mark-connection - place a mark specified by the new-connection-mark parameter on the entire connection that matches the rule.

After packet is matched it is passed to next rule in the list, similar as passthrough log - add a message to the system log containing following data: in-interface, out-interface, src-mac, protocol, src-ip:port->dst-ip:port and length of the packet.jump - jump to the user defined chain specified by the value of jump-target parameter.fasttrack-connection - shows fasttrack counters, useful for statistics.

clear-df - clear 'Do Not Fragment' Flag.change-ttl - change Time to Live field value of the packet to a value specified by the new-ttl parameter.change-mss - change Maximum Segment Size field value of the packet to a value specified by the new-mss parameter.change-dscp - change Differentiated Services Code Point (DSCP) field value specified by the new-dscp parameter.add-src-to-address-list - add source address to Address list specified by address-list parameter.add-dst-to-address-list - add destination address to Address list specified by address-list parameter.Packet is not passed to next firewall rule. The mangle marks exist only within the router, they are not transmitted across the network.Īdditionally, the mangle facility is used to modify some fields in the IP header, like TOS (DSCP) and TTL fields.Īction to take if packet is matched by the rule: They identify a packet based on its mark and process it accordingly. Many other facilities in RouterOS make use of these marks, e.g. Mangle is a kind of 'marker' that marks packets for future processing with special marks.