-.TH EBTABLES 8 "22 November 2004"
+.TH EBTABLES 8 "05 December 2004"
.\"
.\" Man page written by Bart De Schuymer <bdschuym@pandora.be>
.\" It is based on the iptables man page.
be consulted to determine the payload protocol. This is a two byte
(hexadecimal) argument. Only 802.3 frames with DSAP/SSAP 0xaa are
checked for type.
+.SS among
+Match a MAC address or MAC/IP address pair versus a list of MAC addresses
+and MAC/IP address pairs.
+A list entry has the following format: xx:xx:xx:xx:xx:xx[=ip.ip.ip.ip][,]. Multiple
+list entries are separated by a comma, specifying an IP address corresponding to
+the MAC address is optional. Multiple MAC/IP address pairs with the same MAC address
+but different IP address (and vice versa) can be specified. If the MAC address doesn't
+match any entry from the list, the frame doesn't match the rule (unless '!' was used).
+.TP
+.BR "--among-dst " "[!] \fIlist\fP"
+Compare the MAC destination to the given list. If the Ethernet frame has type
+.BR IPv4 " or " ARP ,
+then comparison with MAC/IP destination address pairs from the
+list is possible.
+.TP
+.BR "--among-src " "[!] \fIlist\fP"
+Compare the MAC source to the given list. If the Ethernet frame has type
+.BR IPv4 " or " ARP ,
+then comparison with MAC/IP source address pairs from the list
+is possible.
.SS arp
Specify arp fields. The protocol must be specified as
.BR ARP " or " RARP .
A rule using this extension will match until this limit is reached.
It can be used with the
.B --log
-watcher
-to give limited logging, for example. Its use is the same as the limit
-match of iptables.
+watcher to give limited logging, for example. Its use is the same
+as the limit match of iptables.
.TP
.BR "--limit " "[\fIvalue\fP]"
Maximum average matching rate: specified as a number, with an optional
projects / platform / upstream / ebtables.git / commitdiff