Element <output>
Defines the Output. It has a start tag <output> and an end tag </output>.
It can be used in <out><out> replace default port like P0,P1,..etc.
And output id=1 -> O1, refer to Example
Attribute
id
Specifies a unique id for an element
Interger
*
type
output type
String
mix
name
Specifies a name for an element
String
mtu
Maximum Transmission Unit
Interger
0(unlimited)
stl
Second To Live
Interger
0(unlimited)
minbps
Minimum bandwidth reserved
Interger
0(unlimited)
v3.7
maxbps
Maximum bandwidth reserved
Interger
0(unlimited)
v3.7
arp_dstip_mac
arp request for dstip mac
yes/no
no
Example
<run>
<output id="1">
<port>P0</port>
<stripping>vlan</stripping>
</output>
<chain>
<in>P1</in>
<out>O1</out>
</chain>
</run>Elements in Output
<port>
Defines output port(must have). It has a start tag <port> and an end tag </port>.
<gateway>
Defines gateway It has a start tag <gateway> and an end tag </gateway>. The ouptut will send arp request to gateway for mac address, than use this mac to replace destination mac address on packet.
<Q>
Defines vlan tagging. It has a start tag <Q> and an end tag </Q>.
<QinQ>
Defines vlan layer 2 tagging. It has a start tag <QinQ> and an end tag </QinQ>.
<stripping>
Defines stripping. It has a start tag <stripping> and an end tag </stripping>.
support type
payload
vlan
mpls
gre
vxlan
gre-erspan
gtp
grism
mpls-in-udp
mpls-in-gre
<modify_srcip>
Defines modify source ip address It has a start tag <modify_srcip> and an end tag </modify_srcip>.
nat
NAT support, don't forget to set args->nat to true
yes/no
no
<modify_dstip>
Defines modify destination ip address It has a start tag <modify_dstip> and an end tag </modify_dstip>.
<modify_srcmac>
Defines modify source mac address It has a start tag <modify_srcmac> and an end tag </modify_srcmac>.
<modify_src_default_mac/>
Defines modify source mac address use port default mac address (ver. 3.8)
<modify_dstmac>
Defines modify destination mac address It has a start tag <modify_dstmac> and an end tag </modify_dstmac>.
<modify_swapmac>
Defines swap source mac address and destination mac address (v4.9)
<modify_tcp_syn_mss>
Modify TCP syn or syn+ack option mss field (v5.1)
<tagging>
Defines tagging. It has a start tag <tagging> and an end tag </tagging>.
support type
timestamp
gtp
gtp2
l2gre (ver 4.8)
vxlan (ver 5.1)
grism
<maxlen>
Defines packet max length. It has a start tag <maxlen> and an end tag </maxlen>.
Save to Pcap file
<dir>
Defines output dir in Hard disk. Save packet to pcap files. It has a start tag <dir> and an end tag </dir>.
timeout
timeout to next pcap file
seconds
0 (No timeout)
max_split_size
max pcap size
integer(bytes)
104857600 (100M)
category
category for pcap files by month, day, hour or minute
string
none
NVGRE encapsulation
<nvgre_dip>
Defines output to gre tunnel dest ip. It has a start tag <nvgre_dip> and an end tag </nvgre_dip>.
<nvgre_sip>
Defines output to gre tunnel source ip. It has a start tag <nvgre_sip> and an end tag </nvgre_sip>.
<nvgre_dmac>
Defines output to gre tunnel dest mac. It has a start tag <nvgre_dmac> and an end tag </nvgre_dmac>.
<nvgre_type>
Defines output to gre tunnel type eth or ip, default is eth . It has a sart tag <nvgre_type> and an end tag </nvgre_type>.
Example if interface sip set already
Example
VXLAN encapsulation
<vxlan_sip>
Defines output to vxlan source ip. It has a start tag <vxlan_sip> and an end tag </vxlan_sip>
<vxlan_dip>
Defines output to vxlan destination ip. It has a start tag <vxlan_dip> and an end tag </vxlan_dip>
<vxlan_sport>
Defines output to vxlan source port. It has a start tag <vxlan_sport> and an end tag </vxlan_sport>
<vxlan_dport>
Defines output to vxlan destination port. It has a start tag <vxlan_dport> and an end tag </vxlan_dport>
<vxlan_vni>
Defines output to vxlan vni. It has a start tag <vxlan_vni> and an end tag </vxlan_vni>
<arp_reply_target_mac>
Defines output reply arp target mac address. It has a start tag <arp_reply_target_mac> and an end tag </arp_reply_target_mac>.
Example for for inline (P6 <-> P7) reply target mac 02:00:00:00:00:00 when arp request ip 192.168.1.10
<arp_reply_default_mac/>
Defines output reply arp default port mac address. (v3.8)
<dns_response_ipv4>
Defines output response IPv4 address when dns query domain (not support EDNS yet). It has a start tag <dns_response_ipv4> and an end tag </dns_response_ipv4>.
dns_response_ipv4 Attribute
noswapmac
do'nt swap mac address
yes or no
no
Example for inline (P6 <-> P7) response ip 192.168.1.201 when dns query google.com
<dns_response_ipv6>
Defines output response IPv6 address when dns query domain (not support EDNS yet). It has a start tag <dns_response_ipv6> and an end tag </dns_response_ipv6>.
dns_response_ipv6 Attribute
noswapmac
do'nt swap mac address
yes or no
no
Example for inline (P6 <-> P7) response ipv4 122.116.229.84 or ipv6 ::ffff:7a74:e554 when dns query block list
<icmp_reply_fragment_need/>
Defines output reply ICMP fragmentation needed packet (v3.10)
mtu
MTU of next hop
UINT16
*
type : httprequesthijack
Defines output http request hijack (and redirect to safeweb).
redirect2safeweb Attribute
noswapmac
do'nt swap mac address
yes or no
no
redirectPort
redirect to Port
port (ex.P7)
Example for inline (P6 <-> P7) redirect http request url www.com/ to https://safeweb.secure365.hinet.net/
type : udpencap
Defines output pcap header+packet throught UDP encapsulation.
Example
Last updated