summaryrefslogtreecommitdiffstats
path: root/extensions/libipt_CONNMARK.man
diff options
context:
space:
mode:
Diffstat (limited to 'extensions/libipt_CONNMARK.man')
-rw-r--r--extensions/libipt_CONNMARK.man22
1 files changed, 12 insertions, 10 deletions
diff --git a/extensions/libipt_CONNMARK.man b/extensions/libipt_CONNMARK.man
index 64a0222..8b4de5a 100644
--- a/extensions/libipt_CONNMARK.man
+++ b/extensions/libipt_CONNMARK.man
@@ -1,13 +1,15 @@
-This target allows you to mark that connection with an arbitrary walue. This
-value can later be matched via the
-.B connmark
-match.
+This module sets the netfilter mark value associated with a connection
.TP
-.BI "--set-mark " "mark"
-Set the conntrack mark,
+.B --set-mark mark[/mask]
+Set connection mark. If a mask is specified then only those bits set in the
+mask is modified.
.TP
-.BI "--save-mark"
-Save the packet nfmark on the connection mark.
+.B --save-mark [--mask mask]
+Copy the netfilter packet mark value to the connection mark. If a mask
+is specified then only those bits are copied.
.TP
-.BI "--restore-mark"
-Restore the saved nfmark value from the connection mark.
+.B --restore-mark [--mask mask]
+Copy the connection mark value to the packet. If a mask is specified
+then only those bits are copied. This is only valid in the
+.B mangle
+table.