path: root/extensions
diff options
authorJan Engelhardt <>2010-03-11 00:49:48 +0100
committerJan Engelhardt <>2010-03-11 00:49:48 +0100
commit89b6c32f88be47e83c3f6e7f8fee812088cb8c22 (patch)
tree5158e69de89b5c8749791abfa2450f81a51ccd4f /extensions
parent3324ac52c80a6213b4bafa007f7b566a2f7ba071 (diff)
libxt_CT: add a manpage
Signed-off-by: Jan Engelhardt <>
Diffstat (limited to 'extensions')
2 files changed, 26 insertions, 1 deletions
diff --git a/extensions/libxt_CT.c b/extensions/libxt_CT.c
index 79fa8d04..0b40fc61 100644
--- a/extensions/libxt_CT.c
+++ b/extensions/libxt_CT.c
@@ -13,7 +13,7 @@ static void ct_help(void)
"CT target options:\n"
" --notrack Don't track connection\n"
" --helper name Use conntrack helper 'name' for connection\n"
-" --ctevents event[,event...] Generate specified conntrack vents for connection\n"
+" --ctevents event[,event...] Generate specified conntrack events for connection\n"
" --expevents event[,event...] Generate specified expectation events for connection\n"
" --zone ID Assign/Lookup connection in zone ID\n"
diff --git a/extensions/ b/extensions/
new file mode 100644
index 00000000..ff258b79
--- /dev/null
+++ b/extensions/
@@ -0,0 +1,25 @@
+The CT target allows to set parameters for a packet or its associated
+connection. The target attaches a "template" connection tracking entry to
+the packet, which is then used by the conntrack core when initializing
+a new ct entry. This target is thus only valid in the "raw" table.
+Disables connection tracking for this packet.
+\fB\-\-helper\fP \fIname\fP
+Use the helper identified by \fIname\fP for the connection. This is more
+flexible than loading the conntrack helper modules with preset ports.
+\fB\-\-ctevents\fP \fIevent\fP[\fB,\fP...]
+Only generate the specified conntrack events for this connection. Possible
+event types are: \fBnew\fP, \fBrelated\fP, \fBdestroy\fP, \fBreply\fP,
+\fBassured\fP, \fBprotoinfo\fP, \fBhelper\fP, \fBmark\fP (this refers to
+the ctmark, not nfmark), \fBnatseqinfo\fP, \fBsecmark\fP (ctsecmark).
+\fB\-\-expevents\fP \fIevent\fP[\fB,\fP...]
+Only generate the specified expectation events for this connection.
+Possible event types are: \fBnew\fP.
+\fB\-\-zone\fP \fIid\fP
+Assign this packet to zone \fIid\fP and only have lookups done in that zone.
+By default, packets have zone 0.