diff options
author | Florian Westphal <fw@strlen.de> | 2013-07-15 16:35:08 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2013-07-16 00:54:05 +0200 |
commit | 51340f7b6a1103b12d86ef488f7140406d80401e (patch) | |
tree | 7409fe790b3c57097a50db28bead4aa87ff37a53 /extensions/libxt_connlabel.man | |
parent | a963e217528d2849f32ec6516a1f82450c65f588 (diff) |
extensions: libxt_connlabel: use libnetfilter_conntrack
Pablo suggested to make it depend on lnf-conntrack, and get rid of
the example config file as well.
The problem is that the file must be in a fixed path,
/etc/xtables/connlabel.conf, else userspace needs to "guess-the-right-file"
when translating names to their bit values (and vice versa).
Originally "make install" did put an example file into /etc/xtables/,
but distributors complained about iptables ignoring the sysconfdir.
So rather remove the example file, the man-page explains the format,
and connlabels are inherently system-specific anyway.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'extensions/libxt_connlabel.man')
-rw-r--r-- | extensions/libxt_connlabel.man | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/extensions/libxt_connlabel.man b/extensions/libxt_connlabel.man index 9fd2043d..bdaa51e8 100644 --- a/extensions/libxt_connlabel.man +++ b/extensions/libxt_connlabel.man @@ -17,6 +17,7 @@ the time the connection is created. In this case, the match will fail (or succeed, in case \fB\-\-label\fP option was negated). .PP +This match depends on libnetfilter_conntrack 1.0.4 or later. Label translation is done via the \fB/etc/xtables/connlabel.conf\fP configuration file. .PP Example: |