route the internet datagram based on information supplied by the source
• no-record-route - match packets with no record route option. This option is used to route the
internet datagram based on information supplied by the source
• no-router-alert - match packets with no router alter option
• no-source-routing - match packets with no source routing option
• no-timestamp - match packets with no timestamp option
• record-route - match packets with record route option
• router-alert - match packets with router alter option
• strict-source-routing - match packets with strict source routing option
• timestamp - match packets with timestamp
jump-target ( forward | input | output | name ) - name of the target chain to jump to, if the
action=jump is used
limit ( integer | time | integer ) - restricts packet match rate to a given limit. Usefull to reduce the
amount of log messages
• Count - maximum average packet rate, measured in packets per second (pps), unless followed
by Time option
• Time - specifies the time interval over which the packet rate is measured
• Burst - number of packets to match in a burst
log-prefix ( text ) - all messages written to logs will contain the prefix specified herein. Used in
conjunction with action=log
nth ( integer | integer : 0 ..15 | integer ) - match a particular Nth packet received by the rule. One of
16 available counters can be used to count packets
• Every - match every Every+1th packet. For example, if Every=1 then the rule matches every
2nd packet
• Counter - specifies which counter to use. A counter increments each time the rule containing
nth match matches
• Packet - match on the given packet number. The value by obvious reasons must be between 0
and Every. If this option is used for a given counter, then there must be at least Every+1 rules
with this option, covering all values between 0 and Every inclusively.
out-interface ( name ) - interface the packet will leave the router through
p2p ( all-p2p | bit-torrent | blubster | direct-connect | edonkey | fasttrack | gnutella | soulseek | warez
| winmx ) - matches packets from various peer-to-peer (P2P) protocols
packet-mark ( text ) - matches packets marked via mangle facility with particular packet mark
packet-size ( integer : 0 ..65535 | integer : 0 ..65535 ) - matches packet of the specified size or size
range in bytes
• Min - specifies lower boundary of the size range or a standalone value
• Max - specifies upper boundary of the size range
phys-in-interface ( name ) - matches the bridge port physical input device added to a bridge
device. It is only useful if the packet has arrived through the bridge
phys-out-interface ( name ) - matches the bridge port physical output device added to a bridge
device. It is only useful if the packet will leave the router through the bridge
protocol ( ddp | egp | encap | ggp | gre | hmp | icmp | idrp-cmtp | igmp | ipencap | ipip | ipsec-ah |
Page 443 of 695
Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
To Next Page
Loading...
General