PacketMatch

class PacketMatch[source]

This class provides matching against the following attributes of a packet:

  • input interface

  • output interface

  • source address

  • destination address

  • fragment bit

dest_address() DestAddressCriterion[source]

Match against the destination address

fragment() FragmentCriterion[source]

Match if packet has (or has not) the fragment bit set

input_interface() InputInterfaceCriterion[source]

Match against the input interface

output_interface() OutputInterfaceCriterion[source]

Match against the output interface

protocol() ProtocolCriterion[source]

Match against the protocol

source_address() SourceAddressCriterion[source]

Match against the source address

to_iptables_args() List[str][source]

Generate an iptables(8) arguments list for the set criteria

InputInterfaceCriterion

class InputInterfaceCriterion(match: Match)[source]

Compare with the input interface; used by PacketMatch.

The comparison value is a string.

OutputInterfaceCriterion

class OutputInterfaceCriterion(match: Match)[source]

Compare with the output interface; used by PacketMatch.

The comparison value is a string.

SourceAddressCriterion

class SourceAddressCriterion(match: Match)[source]

Compare with the source address; used by PacketMatch.

The comparison value is an IPv4Network.

DestAddressCriterion

class DestAddressCriterion(match: Match)[source]

Compare with the destination address; used by PacketMatch.

The comparison value is an IPv4Network.

FragmentCriterion

class FragmentCriterion(match: Match)[source]

Check if a packet is a fragment. The parent Criterion methods equals(), not_equals() can be used with no arguments to indicate matching when the fragment bit is set or is not set. This criterion is used by PacketMatch.