match allows to check interface states

Other “xtables_addons” USE_EXPAND flag values

Use Flag Description
xtables_addons_account ACCOUNT target is a high performance accounting system for large local networks
xtables_addons_dhcpmac DHCPMAC target/match in conjunction with ebtables can be used to completely change all MAC addresses from and to a VMware-based virtual machine
xtables_addons_proto modifies the protocol number in IP packet header
xtables_addons_chaos CHAOS target causes confusion on the other end by doing odd things with incoming packets
xtables_addons_condition matches if a specific condition variable is (un)set
xtables_addons_delude DELUDE target will reply to a SYN packet with SYN-ACK, and to all other packets with an RST
xtables_addons_dnetmap DNETMAP target allows dynamic two-way 1:1 mapping of IPv4 subnets
xtables_addons_echo ECHO target sends back all packets it received
xtables_addons_fuzzy matches a rate limit based on a fuzzy logic controller (FLC)
xtables_addons_geoip match a packet by its source or destination country
xtables_addons_gradm match packets based on grsecurity RBAC status
xtables_addons_iface match allows to check interface states
xtables_addons_ipmark IPMARK target allows mark a received packet basing on its IP address
xtables_addons_ipp2p matches certain packets in P2P flows
xtables_addons_ipv4options match against a set of IPv4 header options
xtables_addons_length2 matches the length of a packet against a specific value or range of values
xtables_addons_logmark LOGMARK target will log packet and connection marks to syslog
xtables_addons_lscan match detects simple low-level scan attemps based upon the packet's contents
xtables_addons_quota2 match implements a named counter which can be increased or decreased on a per-match basis
xtables_addons_pknock match implements so-called "port knocking", a stealthy system for network authentication
xtables_addons_psd match attempts to detect TCP and UDP port scans (derived from Solar Designer's scanlogd)
xtables_addons_sysrq SYSRQ target allows to remotely trigger sysrq on the local machine over the network
xtables_addons_tarpit TARPIT target captures and holds incoming TCP connections using no local per-connection resources

All packages providing a “xtables_addons_iface” USE flag (1)