nf_queue
Constant used to signify a 'queue' verdict
length
The length of the packet buffer contents, in bytes
nf_repeat
Constant used to signify a 'repeat' verdict
psh
TCP PSH flag (if protocol is TCP; ipv4 only)
nf_accept
Constant used to signify an 'accept' verdict
urg
TCP URG flag (if protocol is TCP; ipv4 only)
family
IP address family
nf_drop
Constant used to signify a 'drop' verdict
fin
TCP FIN flag (if protocol is TCP; ipv4 only)
dport
TCP or UDP destination port (ipv4 only)
indev_name
Name of network device packet was received on (if
known)
ipproto_tcp
Constant used to signify that the packet protocol is
TCP
outdev_name
Name of network device packet will be routed to (if
known)
syn
TCP SYN flag (if protocol is TCP; ipv4 only)
sport
TCP or UDP source port (ipv4 only)
data_hex
A hexadecimal string representing the packet buffer
contents
nf_stolen
Constant used to signify a 'stolen' verdict
pf
Protocol family -- either “ipv4” or
“ipv6”
outdev
Address of net_device representing output device, 0 if
unknown
daddr
A string representing the destination IP address
ack
TCP ACK flag (if protocol is TCP; ipv4 only)
ipproto_udp
Constant used to signify that the packet protocol is
UDP
data_str
A string representing the packet buffer contents
indev
Address of net_device representing input device, 0 if
unknown
iphdr
Address of IP header
saddr
A string representing the source IP address
protocol
Packet protocol from driver (ipv4 only)
nf_stop
Constant used to signify a 'stop' verdict
rst
TCP RST flag (if protocol is TCP; ipv4 only)