PackagesDNETMAP target allows dynamic two-way 1:1 mapping of IPv4 subnets
| Use Flag | Description |
|---|---|
| xtables_addons_account | ACCOUNT target is a high performance accounting system for large local networks |
| xtables_addons_asn | match a packet by its source or destination Autonomous System Number |
| xtables_addons_chaos | CHAOS target causes confusion on the other end by doing odd things with incoming packets |
| xtables_addons_condition | matches if a specific condition variable is (un)set |
| xtables_addons_delude | DELUDE target will reply to a SYN packet with SYN-ACK, and to all other packets with an RST |
| xtables_addons_dhcpmac | DHCPMAC target/match in conjunction with ebtables can be used to completely change all MAC addresses from and to a VMware-based virtual machine |
| xtables_addons_dnetmap | DNETMAP target allows dynamic two-way 1:1 mapping of IPv4 subnets |
| xtables_addons_echo | ECHO target sends back all packets it received |
| xtables_addons_fuzzy | matches a rate limit based on a fuzzy logic controller (FLC) |
| xtables_addons_geoip | match a packet by its source or destination country |
| xtables_addons_gradm | match packets based on grsecurity RBAC status |
| xtables_addons_iface | match allows to check interface states |
| xtables_addons_ipmark | IPMARK target allows mark a received packet basing on its IP address |
| xtables_addons_ipp2p | matches certain packets in P2P flows |
| xtables_addons_ipv4options | match against a set of IPv4 header options |
| xtables_addons_length2 | matches the length of a packet against a specific value or range of values |
| xtables_addons_logmark | LOGMARK target will log packet and connection marks to syslog |
| xtables_addons_lscan | match detects simple low-level scan attemps based upon the packet's contents |
| xtables_addons_pknock | match implements so-called "port knocking", a stealthy system for network authentication |
| xtables_addons_proto | modifies the protocol number in IP packet header |
| xtables_addons_psd | match attempts to detect TCP and UDP port scans (derived from Solar Designer's scanlogd) |
| xtables_addons_quota2 | match implements a named counter which can be increased or decreased on a per-match basis |
| xtables_addons_sysrq | SYSRQ target allows to remotely trigger sysrq on the local machine over the network |
| xtables_addons_tarpit | TARPIT target captures and holds incoming TCP connections using no local per-connection resources |