NFBPF_COMPILE(8)                iptables 1.8.10               NFBPF_COMPILE(8)



NAME
       nfbpf_compile - generate bytecode for use with xt_bpf

SYNOPSIS
       nfbpf_compile [ LLTYPE ] PROGRAM

       LLTYPE := { EN10MB | RAW | SLIP |  ...  }


DESCRIPTION
       The nfbpf_compile utility aids in generating BPF byte code suitable for
       passing to the iptables bpf match.


OPTIONS
       LLTYPE Link-layer header type to operate on. This is a name as defined
              in <pcap/dlt.h> but with the leading DLT_ prefix stripped. For
              use with iptables, RAW should be the right choice (it's also the
              default if not specified).


       PROGRAM
              The BPF expression to compile, see pcap-filter(7) for a
              description of the language.


EXIT STATUS
       The program returns 0 on success, 1 otherwise.


EXAMPLE
       Match incoming TCP packets with size bigger than 100 bytes:

               bpf=$(nfbpf_compile 'tcp and greater 100')
               iptables -A INPUT -m bpf --bytecode "$bpf" -j ACCEPT

       The description of bpf match in iptables-extensions(8) lists a few more
       examples.


SEE ALSO
       iptables-extensions(8), pcap-filter(7)

iptables 1.8.10                                               NFBPF_COMPILE(8)