diff options
author | Patrick McHardy <kaber@trash.net> | 2011-01-20 11:45:12 +0100 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2011-01-20 11:45:12 +0100 |
commit | c8f28cc8b84133f20421470e9a61a5a0c78b9c4a (patch) | |
tree | 33dad1ba8b9f99520a772c85406024b6843fd215 /extensions/libxt_conntrack.man | |
parent | 6924b4987d88fbe383bec4da4cf331cc466c245e (diff) |
extensions: libxt_conntrack: add support for specifying port ranges
Add support for revision 3 of the conntrack match, which allows to
specify port ranges for origsrc/origdst/replsrc/repldst.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'extensions/libxt_conntrack.man')
-rw-r--r-- | extensions/libxt_conntrack.man | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/extensions/libxt_conntrack.man b/extensions/libxt_conntrack.man index d37ed171..c397f742 100644 --- a/extensions/libxt_conntrack.man +++ b/extensions/libxt_conntrack.man @@ -17,14 +17,15 @@ Layer-4 protocol to match (by number or name) [\fB!\fP] \fB\-\-ctrepldst\fP \fIaddress\fP[\fB/\fP\fImask\fP] Match against original/reply source/destination address .TP -[\fB!\fP] \fB\-\-ctorigsrcport\fP \fIport\fP +[\fB!\fP] \fB\-\-ctorigsrcport\fP \fIport\fP[\fB:\fP\fIport\fP] .TP -[\fB!\fP] \fB\-\-ctorigdstport\fP \fIport\fP +[\fB!\fP] \fB\-\-ctorigdstport\fP \fIport\fP[\fB:\fP\fIport\fP] .TP -[\fB!\fP] \fB\-\-ctreplsrcport\fP \fIport\fP +[\fB!\fP] \fB\-\-ctreplsrcport\fP \fIport\fP[\fB:\fP\fIport\fP] .TP -[\fB!\fP] \fB\-\-ctrepldstport\fP \fIport\fP +[\fB!\fP] \fB\-\-ctrepldstport\fP \fIport\fP[\fB:\fP\fIport\fP] Match against original/reply source/destination port (TCP/UDP/etc.) or GRE key. +Matching against port ranges is only supported in kernel versions above 2.6.38. .TP [\fB!\fP] \fB\-\-ctstatus\fP \fIstatelist\fP \fIstatuslist\fP is a comma separated list of the connection statuses to match. |