diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2008-01-29 13:37:21 +0000 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2008-01-29 13:37:21 +0000 |
| commit | a8ad34cf11540d147b8aded6826a1452841d2aa7 (patch) | |
| tree | 463c2bf3e811e918d07ba50120700ad8d971ea83 /extensions/libxt_conntrack.man | |
| parent | ff068719055ae2327d94c79048381c09d3b744c4 (diff) | |
[IPTABLES]: libxt_conntrack revision 1
Add support for xt_conntrack match revision 1.
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Diffstat (limited to 'extensions/libxt_conntrack.man')
| -rw-r--r-- | extensions/libxt_conntrack.man | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/extensions/libxt_conntrack.man b/extensions/libxt_conntrack.man index b852bca9..17c6dd20 100644 --- a/extensions/libxt_conntrack.man +++ b/extensions/libxt_conntrack.man @@ -9,16 +9,22 @@ Possible states are listed below. Layer-4 protocol to match (by number or name) .TP [\fB!\fR] \fB--ctorigsrc\fR \fIaddress\fR[\fB/\fR\fImask\fR] -Match against original source address .TP [\fB!\fR] \fB--ctorigdst\fR \fIaddress\fR[\fB/\fR\fImask\fR] -Match against original destination address .TP [\fB!\fR] \fB--ctreplsrc\fR \fIaddress\fR[\fB/\fR\fImask\fR] -Match against reply source address .TP [\fB!\fR] \fB--ctrepldst\fR \fIaddress\fR[\fB/\fR\fImask\fR] -Match against reply destination address +Match against original/reply source/destination address +.TP +[\fB!\fR] \fB--ctorigsrcport\fR \fIport\fR +.TP +[\fB!\fR] \fB--ctorigdstport\fR \fIport\fR +.TP +[\fB!\fR] \fB--ctreplsrcport\fR \fIport\fR +.TP +[\fB!\fR] \fB--ctrepldstport\fR \fIport\fR +Match against original/reply source/destination port (TCP/UDP/etc.) or GRE key. .TP [\fB!\fR] \fB--ctstatus\fR \fIstatelist\fR \fIstatuslist\fR is a comma separated list of the connection statuses to match. @@ -27,6 +33,10 @@ Possible statuses are listed below. [\fB!\fR] \fB--ctexpire\fR \fItime\fR[\fB:\fR\fItime\fR] Match remaining lifetime in seconds against given value or range of values (inclusive) +.TP +\fB--ctdir\fR {\fBORIGINAL\fR|\fBREPLY\fR} +Match packets that are flowing in the specified direction. If this flag is not +specified at all, matches packets in both directions. .PP States for \fB--ctstate\fR: .TP |