StateMatch

Example:

>>> from linuxnet.iptables import StateMatch
>>> m = StateMatch()
>>> m.state().equals('NEW') is m
True
>>> m.to_iptables_args()
['-m', 'state', '--state', 'NEW']

class StateMatch

Match against the connection tracking state

This match is accessed via the state module, but it is not clear how its functionality is different from the conntrack module’s –ctstate option.

static get_match_name() → str

Returns the iptables(8) match extension name

get_criteria() → Iterable[Criterion]

Returns the state match criteria (only one).

state() → StateCriterion

Match against the connection tracking state

---

StateCriterion

class StateCriterion(match: Match)

Compare with the connection tracking state

The comparison value is a string.

any() → Match

Match any value.

This method is used when creating a Criterion in order to search an existing chain for rules that try to match against certain packet properties (e.g. input interface) without being particular about the specific property value (e.g. eth0).

compare(is_equal: bool, *args, **kwargs) → Match

Alternative method used for comparisons. It invokes equals() (or not_equals()) with args and kwargs if is_equal is True (or False).

equals(value) → Match

Compare with the specified value

get_iptables_option() → str

Returns the iptables(8) option

get_value() → Any

Returns the criterion value

is_positive() → bool

Returns the ‘polarity’ of the criterion: True for equals() or False for not_equals()

Raises IptablesError if the criterion is not set

is_set() → bool

Returns True if the criterion has been set

not_equals(*args, **kwargs) → Match

Express inequality comparison against the argument values.

The arguments of this method are the same as those of the equals() method.

This method invokes the equals() method and then reverses the polarity.

Returns this Match object.