diff options
author | Henrik Nordstrom <hno@marasystems.com> | 2004-01-22 15:04:24 +0000 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2004-01-22 15:04:24 +0000 |
commit | c2794131b445ebccba184066af6d3fb2f38d1f38 (patch) | |
tree | a24f57a9be5a8364b53dfa102705d270f36b440a /extensions/libipt_physdev.man | |
parent | 0113fe75ff05e09e6f3d251534d9ae32e9aa717c (diff) |
split manpages into per-extension manpage snippet (Henrik Nordstrom)
add lots of missing manpage snippets (Harald Welte)
Diffstat (limited to 'extensions/libipt_physdev.man')
-rw-r--r-- | extensions/libipt_physdev.man | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/extensions/libipt_physdev.man b/extensions/libipt_physdev.man new file mode 100644 index 00000000..846ec7c1 --- /dev/null +++ b/extensions/libipt_physdev.man @@ -0,0 +1,42 @@ +This module matches on the bridge port input and output devices enslaved +to a bridge device. This module is a part of the infrastructure that enables +a transparent bridging IP firewall and is only useful for kernel versions +above version 2.5.44. +.TP +.B --physdev-in name +Name of a bridge port via which a packet is received (only for +packets entering the +.BR INPUT , +.B FORWARD +and +.B PREROUTING +chains). If the interface name ends in a "+", then any +interface which begins with this name will match. If the packet didn't arrive +through a bridge device, this packet won't match this option, unless '!' is used. +.TP +.B --physdev-out name +Name of a bridge port via which a packet is going to be sent (for packets +entering the +.BR FORWARD , +.B OUTPUT +and +.B POSTROUTING +chains). If the interface name ends in a "+", then any +interface which begins with this name will match. Note that in the +.BR nat " and " mangle +.B OUTPUT +chains one cannot match on the bridge output port, however one can in the +.B "filter OUTPUT" +chain. If the packet won't leave by a bridge device or it is yet unknown what +the output device will be, then the packet won't match this option, unless +'!' is used. +.TP +.B --physdev-is-in +Matches if the packet has entered through a bridge interface. +.TP +.B --physdev-is-out +Matches if the packet will leave through a bridge interface. +.TP +.B --physdev-is-bridged +Matches if the packet is being bridged and therefore is not being routed. +This is only useful in the FORWARD and POSTROUTING chains. |