diff options
author | Patrick McHardy <kaber@trash.net> | 2007-05-29 11:24:45 +0000 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2007-05-29 11:24:45 +0000 |
commit | ef399a3033aa860ea1653b9c4306c0e78777e981 (patch) | |
tree | cc732fc4d5c139f113444a72e4eef88e2a8367ef /extensions/libipt_MASQUERADE.man | |
parent | 46d9afb160bfd330452442d28318809079a7f84f (diff) |
Add --random option to DNAT and REDIRECT targets and fix the manpage mess this option left behind.
Diffstat (limited to 'extensions/libipt_MASQUERADE.man')
-rw-r--r-- | extensions/libipt_MASQUERADE.man | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/extensions/libipt_MASQUERADE.man b/extensions/libipt_MASQUERADE.man index 01dea51c..ea3c8de0 100644 --- a/extensions/libipt_MASQUERADE.man +++ b/extensions/libipt_MASQUERADE.man @@ -14,19 +14,17 @@ any established connections are lost anyway). It takes one option: .TP .BR "--to-ports " "\fIport\fP[-\fIport\fP]" This specifies a range of source ports to use, overriding the default -.TP -.BR "--random" -Randomize source port mapping -.TP .B SNAT source port-selection heuristics (see above). This is only valid if the rule also specifies .B "-p tcp" or .BR "-p udp" . +.TP +.BR "--random" +Randomize source port mapping If option .B "--random" -is used then port mapping will be forcely randomized to avoid -attacks based on port prediction (kernel >= 2.6.21). - - +is used then port mapping will be randomized (kernel >= 2.6.21). +.RS +.PP |