diff options
| author | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org </C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org> | 2007-07-16 10:07:30 +0000 |
|---|---|---|
| committer | /C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org </C=JP/ST=JP/CN=Yasuyuki Kozakai/emailAddress=yasuyuki@netfilter.org> | 2007-07-16 10:07:30 +0000 |
| commit | 793fdce6a02c5dd801c5226fc692e66d92a073e7 (patch) | |
| tree | 83f0e2d068bfb0542ba43f8ada05a037ef99ec86 | |
| parent | aede6eb85ba5b8ffb61ea7cdef9799c10539e483 (diff) | |
Adds missing FIN to mask part generated by '--syn' of libip6t_tcp
| -rw-r--r-- | extensions/libip6t_tcp.c | 2 | ||||
| -rw-r--r-- | extensions/libip6t_tcp.man | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/extensions/libip6t_tcp.c b/extensions/libip6t_tcp.c index 734387c..c2a84e1 100644 --- a/extensions/libip6t_tcp.c +++ b/extensions/libip6t_tcp.c @@ -181,7 +181,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, exit_error(PARAMETER_PROBLEM, "Only one of `--syn' or `--tcp-flags' " " allowed"); - parse_tcp_flags(tcpinfo, "SYN,RST,ACK", "SYN", invert); + parse_tcp_flags(tcpinfo, "SYN,RST,ACK,FIN", "SYN", invert); *flags |= TCP_FLAGS; break; diff --git a/extensions/libip6t_tcp.man b/extensions/libip6t_tcp.man index e94566c..31cc493 100644 --- a/extensions/libip6t_tcp.man +++ b/extensions/libip6t_tcp.man @@ -37,7 +37,7 @@ cleared. Such packets are used to request TCP connection initiation; for example, blocking such packets coming in an interface will prevent incoming TCP connections, but outgoing TCP connections will be unaffected. -It is equivalent to \fB--tcp-flags SYN,RST,ACK SYN\fP. +It is equivalent to \fB--tcp-flags SYN,RST,ACK,FIN SYN\fP. If the "!" flag precedes the "--syn", the sense of the option is inverted. .TP |