diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-10-25 17:14:26 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-10-25 17:14:26 +0200 |
commit | 9d284c1c67188dfa8a4c7a6e36eb9a10bd9c15e2 (patch) | |
tree | 21c1bdb785a2b5779c772cc8fafbc043e16babbb /extensions/libip6t_MASQUERADE.man | |
parent | 3e6fa55d5e28c93f417afeae7a7d4f349ddffcf4 (diff) | |
parent | 8d8896a3833292d091ee5a028f3461083bb956bd (diff) |
Merge branch 'next' branch that contains new features scheduled for
Linux kernel 3.7
Diffstat (limited to 'extensions/libip6t_MASQUERADE.man')
-rw-r--r-- | extensions/libip6t_MASQUERADE.man | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/extensions/libip6t_MASQUERADE.man b/extensions/libip6t_MASQUERADE.man new file mode 100644 index 00000000..c63d826b --- /dev/null +++ b/extensions/libip6t_MASQUERADE.man @@ -0,0 +1,30 @@ +This target is only valid in the +.B nat +table, in the +.B POSTROUTING +chain. It should only be used with dynamically assigned IPv6 (dialup) +connections: if you have a static IP address, you should use the SNAT +target. Masquerading is equivalent to specifying a mapping to the IP +address of the interface the packet is going out, but also has the +effect that connections are +.I forgotten +when the interface goes down. This is the correct behavior when the +next dialup is unlikely to have the same interface address (and hence +any established connections are lost anyway). +.TP +\fB\-\-to\-ports\fP \fIport\fP[\fB\-\fP\fIport\fP] +This specifies a range of source ports to use, overriding the default +.B SNAT +source port-selection heuristics (see above). This is only valid +if the rule also specifies +\fB\-p tcp\fP +or +\fB\-p udp\fP. +.TP +\fB\-\-random\fP +Randomize source port mapping +If option +\fB\-\-random\fP +is used then port mapping will be randomized. +.RS +.PP |