Math operations: Difference between revisions
Jump to navigation
Jump to search
(add hashing section) |
(→Number generator: add one more example) |
||
| Line 20: | Line 20: | ||
} | } | ||
</source> | </source> | ||
The statement '''numgen inc mod 2 offset 100''' will generate numbers in a series like 100, 101, 100, 101... | |||
= Hashing = | = Hashing = | ||
Latest revision as of 13:05, 5 January 2017
nftables includes some interesting math operations generators which can be used to perform advanced operations like Load balancing.
Number generator
The number generator statement has these options:
- type: inc/random.
- modulus: maximun number
- offset: from what value you want to start from
Some examples, distributing marks to packets:
table ip t {
chain c {
mark set numgen inc mod 4 offset 3
mark set numgen random mod 50 offset 20
mark set numgen inc mod 100
}
}The statement numgen inc mod 2 offset 100 will generate numbers in a series like 100, 101, 100, 101...
Hashing
nftables support hashing of any arbitrary key combination:
table ip t {
chain c {
mark set jhash ip saddr mod 2
mark set jhash ip saddr . tcp dport mod 2
mark set jhash ip saddr . tcp dport . iiftype mod 2
}
}