Called on an incoming ip packet addressed to some other computer
netfilter.ip.forward
family
IP address family
nf_accept
Constant used to signify an 'accept' verdict
nf_stolen
Constant used to signify a 'stolen' verdict
length
The length of the packet buffer contents, in bytes
pf
Protocol family -- either “ipv4” or “ipv6”
psh
TCP PSH flag (if protocol is TCP; ipv4 only)
ipproto_tcp
Constant used to signify that the packet protocol is TCP
syn
TCP SYN flag (if protocol is TCP; ipv4 only)
outdev_name
Name of network device packet will be routed to (if known)
indev_name
Name of network device packet was received on (if known)
ipproto_udp
Constant used to signify that the packet protocol is UDP
dport
TCP or UDP destination port (ipv4 only)
iphdr
Address of IP header
fin
TCP FIN flag (if protocol is TCP; ipv4 only)
nf_drop
Constant used to signify a 'drop' verdict
urg
TCP URG flag (if protocol is TCP; ipv4 only)
nf_queue
Constant used to signify a 'queue' verdict
saddr
A string representing the source IP address
daddr
A string representing the destination IP address
rst
TCP RST flag (if protocol is TCP; ipv4 only)
outdev
Address of net_device representing output device, 0 if unknown
sport
TCP or UDP source port (ipv4 only)
protocol
Packet protocol from driver (ipv4 only)
ack
TCP ACK flag (if protocol is TCP; ipv4 only)
nf_stop
Constant used to signify a 'stop' verdict
nf_repeat
Constant used to signify a 'repeat' verdict
indev
Address of net_device representing input device, 0 if unknown