#include #include Option to disable firewall rule IP fragment match Second and further fragments of fragmented packets Head fragments or unfragmented packets Inbound IPsec packets Inbound IPsec packets Inbound non-IPsec packets Rate limit using a token bucket filter Maximum number of packets to allow in excess of rate u32:0-4294967295 Maximum number of packets to allow in excess of rate Maximum average matching rate u32:0-4294967295 Maximum average matching rate Option to log packets matching rule enable disable enable Enable log disable Disable log (enable|disable) Protocol to match (protocol name, number, or "all") all All IP protocols tcp_udp Both TCP and UDP 0-255 IP protocol number !<protocol> IP protocol number all Parameters for matching recently seen sources Source addresses seen more than N times u32:1-255 Source addresses seen more than N times Source addresses seen in the last N seconds u32:0-4294967295 Source addresses seen in the last N seconds Packet modifications Packet Differentiated Services Codepoint (DSCP) u32:0-63 DSCP number Packet marking u32:1-2147483647 Packet marking Routing table to forward packet with u32:1-200 Table number main Main table (main) main protocols static table TCP Maximum Segment Size u32:500-1460 Explicitly set TCP MSS value Source parameters #include #include Source MAC address <MAC address> MAC address to match !<MAC address> Match everything except the specified MAC address #include Session state Established state enable disable enable Enable disable Disable (enable|disable) Invalid state enable disable enable Enable disable Disable (enable|disable) New state enable disable enable Enable disable Disable (enable|disable) Related state enable disable enable Enable disable Disable (enable|disable) #include Time to match rule Monthdays to match rule on Date to start matching rule Time of day to start matching rule Date to stop matching rule Time of day to stop matching rule Interpret times for startdate, stopdate, starttime and stoptime to be UTC Weekdays to match rule on ICMP type and code information ICMP code (0-255) u32:0-255 ICMP code (0-255) ICMP type (0-255) u32:0-255 ICMP type (0-255) #include