From c80b41793685bdd7693438e34af75613eefb7dbd Mon Sep 17 00:00:00 2001
From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter
 Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org"
 </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org>
Date: Sun, 10 Apr 2005 20:34:00 +0000
Subject: add REJECT with icmp-frag-needed (Florian Lohoff)

---
 extensions/libipt_REJECT.man | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'extensions/libipt_REJECT.man')

diff --git a/extensions/libipt_REJECT.man b/extensions/libipt_REJECT.man
index 174bf7b..ac43d4e 100644
--- a/extensions/libipt_REJECT.man
+++ b/extensions/libipt_REJECT.man
@@ -21,6 +21,7 @@ The type given can be
 .B " icmp-net-prohibited"
 .B " icmp-host-prohibited or"
 .B " icmp-admin-prohibited (*)"
+.B " icmp-frag-needed"
 .fi
 which return the appropriate ICMP error message (\fBport-unreachable\fP is
 the default).  The option
@@ -31,4 +32,7 @@ TCP RST packet to be sent back.  This is mainly useful for blocking
 (113/tcp) probes which frequently occur when sending mail to broken mail
 hosts (which won't accept your mail otherwise).
 .TP
+.BI "--pmtu " "size"
+The next-hop MTU the icmp-frag-needed is sent back with.
+.TP
 (*) Using icmp-admin-prohibited with kernels that do not support it will result in a plain DROP instead of REJECT
-- 
cgit v1.2.3