Znyx Networks bh5700 Manuale Utente

--drop

Drops the packet

--accept

 Accepts the packet

--set-prio <val>Set the 802.1p priority to <val>

--use-prio <val>Use queue priority <val>

--copy-cpu Send the packet to the CPU.  This will force the full 

installed chains traversal in software

      --set-eport <val>

Redirect the packet to port <val>

                   --set-mport <val> Mirror the packet to port 
<val>

--set-tos <val> Set the IP-Precedence bits in the TOS field of 

the IP header to <val>

--set-dscp <val>Set the 6-bit DSCP  in the TOS field of the IP 
header to <val>.

Options with any of these ZACTION parameters:

--counter <val> Increment classifier hit counter <val>

--arp    Not an action,  match only ARP packets.  

-i option can be used to specify ingress port or VLAN, 

-d specifies target IP address, 

-p specifies arp operation as request (1) or response (2).  

For arp response, the -o field can be used to specify the egress port.

Send all tcp packets arriving on zhp5 out port 2:

iptables -a FORWARD -i zhp5 -p tcp -j ZACTION --set-eport 2

Send all tcp packets arriving on zhp5 to the CPU (software).

iptables -a FORWARD -i zhp5 -p tcp -j ZACTION --copy-cpu

Set the 802.1p priority to 3 on all tcp packets arriving on zhp5.

iptables -a FORWARD -i zhp5 -p tcp -j ZACTION --set-prio 3

These are described in the Linux packet filtering HOWTO at:

Ethernet Switch Blade User's Guide

release  3.2.2j

page 64