Data types

From nftables wiki
Revision as of 00:43, 5 February 2021 by Fmyhr (talk | contribs) (Initial incomplete list, mostly copied from man page.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Data types used in Netfilter

The following data types are used in nft selectors:

Netfilter Data Types
Data Type Description nft Selector Notes
iface_index Interface index (32 bit integer). meta Can be specified numerically or as name of an existing interface.

Use ifname instead for interfaces whose name and/or index can change (i.e. those that appear / disappear dynamically).

ifname Interface name (16 byte string). meta Does not have to exist.

Slower than iface_index but good for interfaces that can dynamically appear / disappear.

iface_type Interface type (16 bit integer). meta
uid User ID (32 bit integer). meta Can be specified numerically or as user name.
gid Group ID (32 bit integer). meta Can be specified numerically or as group name.
realm Routing Realm (32 bit integer). meta Can be specified numerically or as symbolic name defined in /etc/iproute2/rt_realms.
devgroup_type Device group (32 bit number). meta Can be specified numerically or as symbolic name defined in /etc/iproute2/group.
pkt_type Packet type:
  • host - addressed to local host
  • broadcast - to all
  • multicast - to group
  • other - addressed to another host
meta
ifkind Interface kind (16 byte string). meta List of ifkinds is in man 8 ip-link TYPES section.
time Either an integer or a date in ISO format. For example: "2019-06-06 17:00". Hour and seconds are optional and can be omitted if desired. If omitted, midnight will be assumed. The following three would be equivalent: "2019-06-06", "2019-06-06 00:00" and "2019-06-06 00:00:00". When an integer is given, it is assumed to be a UNIX timestamp. meta
day Either a day of week ("Monday", "Tuesday", etc.), or an integer between 0 and 6. Strings are matched case-insensitively, and a full match is not expected (e.g. "Mon" would match "Monday"). When an integer is given, 0 is Sunday and 6 is Saturday. meta
hour A string representing an hour in 24-hour format. Seconds can optionally be specified. For example, 17:00 and 17:00:00 would be equivalent. meta
Retrieved from "http://wiki.nftables.org/wiki-nftables/index.php?title=Data_types&oldid=618"