# udp dport 53 masquerade
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": null
}
]
# udp dport 53 masquerade random
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": "random"
}
}
]
# udp dport 53 masquerade random,persistent
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": [
"random",
"persistent"
]
}
}
]
# udp dport 53 masquerade random,persistent,fully-random
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": [
"random",
"fully-random",
"persistent"
]
}
}
]
# udp dport 53 masquerade random,fully-random
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": [
"random",
"fully-random"
]
}
}
]
# udp dport 53 masquerade random,fully-random,persistent
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": [
"random",
"fully-random",
"persistent"
]
}
}
]
# udp dport 53 masquerade persistent
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": "persistent"
}
}
]
# udp dport 53 masquerade persistent,random
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": [
"persistent",
"random"
]
}
}
]
# udp dport 53 masquerade persistent,random,fully-random
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": [
"persistent",
"random",
"fully-random"
]
}
}
]
# udp dport 53 masquerade persistent,fully-random
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": [
"persistent",
"fully-random"
]
}
}
]
# udp dport 53 masquerade persistent,fully-random,random
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"masquerade": {
"flags": [
"persistent",
"fully-random",
"random"
]
}
}
]
# meta l4proto 6 masquerade to :1024
[
{
"match": {
"left": {
"meta": { "key": "l4proto" }
},
"op": "==",
"right": 6
}
},
{
"masquerade": {
"port": 1024
}
}
]
# meta l4proto 6 masquerade to :1024-2048
[
{
"match": {
"left": {
"meta": { "key": "l4proto" }
},
"op": "==",
"right": 6
}
},
{
"masquerade": {
"port": {
"range": [ 1024, 2048 ]
}
}
}
]
# tcp dport { 1,2,3,4,5,6,7,8,101,202,303,1001,2002,3003} masquerade
[
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "tcp"
}
},
"op": "==",
"right": {
"set": [
1,
2,
3,
4,
5,
6,
7,
8,
101,
202,
303,
1001,
2002,
3003
]
}
}
},
{
"masquerade": null
}
]
# ip6 daddr fe00::1-fe00::200 udp dport 53 counter masquerade
[
{
"match": {
"left": {
"payload": {
"field": "daddr",
"protocol": "ip6"
}
},
"op": "==",
"right": {
"range": [ "fe00::1", "fe00::200" ]
}
}
},
{
"match": {
"left": {
"payload": {
"field": "dport",
"protocol": "udp"
}
},
"op": "==",
"right": 53
}
},
{
"counter": null
},
{
"masquerade": null
}
]
# iifname "eth0" ct state established,new tcp dport vmap {22 : drop, 222 : drop } masquerade
[
{
"match": {
"left": {
"meta": { "key": "iifname" }
},
"op": "==",
"right": "eth0"
}
},
{
"match": {
"left": {
"ct": {
"key": "state"
}
},
"op": "in",
"right": [
"established",
"new"
]
}
},
{
"vmap": {
"key": {
"payload": {
"field": "dport",
"protocol": "tcp"
}
},
"data": {
"set": [
[
22,
{
"drop": null
}
],
[
222,
{
"drop": null
}
]
]
}
}
},
{
"masquerade": null
}
]