split manpages into per-extension manpage snippet (Henrik Nordstrom)

add lots of missing manpage snippets (Harald Welte)

1 files changed, 26 insertions, 0 deletions

diff --git a/extensions/libipt_owner.man b/extensions/libipt_owner.man
new file mode 100644
index 00000000..1394aca6
--- /dev/null
+++ b/extensions/libipt_owner.man
@@ -0,0 +1,26 @@
+This module attempts to match various characteristics of the packet
+creator, for locally-generated packets.  It is only valid in the
+.B OUTPUT
+chain, and even this some packets (such as ICMP ping responses) may
+have no owner, and hence never match.
+.TP
+.BI "--uid-owner " "userid"
+Matches if the packet was created by a process with the given
+effective user id.
+.TP
+.BI "--gid-owner " "groupid"
+Matches if the packet was created by a process with the given
+effective group id.
+.TP
+.BI "--pid-owner " "processid"
+Matches if the packet was created by a process with the given
+process id.
+.TP
+.BI "--sid-owner " "sessionid"
+Matches if the packet was created by a process in the given session
+group.
+.TP
+.BI "--cmd-owner " "name"
+Matches if the packet was created by a process with the given command name.
+(this option is present only if iptables was compiled under a kernel
+supporting this feature)