diff options
author | Rusty Russell <rusty@linuxcare.com.au> | 2000-10-11 06:01:13 +0000 |
---|---|---|
committer | Rusty Russell <rusty@rustcorp.com.au> | 2000-10-11 06:01:13 +0000 |
commit | 86573e54a7288edebfc28af89af6897ff90743e1 (patch) | |
tree | c0b9cced03857bb897a9845681bbd0534670d5c2 /iptables.8 | |
parent | 31563359c92dc44b1e55ee86b8fcc182e6c8a3a2 (diff) |
Reorganized: added EXTRA EXTENSIONS section.
Added Harald's doc on ttl and TTL
Diffstat (limited to 'iptables.8')
-rw-r--r-- | iptables.8 | 47 |
1 files changed, 35 insertions, 12 deletions
@@ -166,7 +166,7 @@ will attempt to delete every non-builtin chain in the table. .B "-P, --policy" Set the policy for the chain to the given target. See the section .B TARGETS -for the legal targets. Only non-userdefined chains can have policies, +for the legal targets. Only non-user-defined chains can have policies, and neither built-in nor user-defined chains can be policy targets. .TP .B "-E, --rename-chain" @@ -676,17 +676,34 @@ if the rule also specifies .B "-p tcp" or .BR "-p udp" ). -.SH DIAGNOSTICS -Various error messages are printed to standard error. The exit code -is 0 for correct functioning. Errors which appear to be caused by -invalid or abused command line parameters cause an exit code of 2, and -other errors cause an exit code of 1. +.SH EXTRA EXTENSIONS +The following extensions are not included by default in the standard +distribution. +.SS ttl +This module matches the time to live field in the IP header. +.TP +.BI "--ttl " "ttl" +Matches the given TTL value. +.SS TTL +This target is used to modify the time to live field in the IP header. +It is only valid in the +.B mangle +table. +.TP +.BI "--ttl-set " "ttl" +Set the TTL to the given value. +.TP +.BI "--ttl-dec " "ttl" +Decrement the TTL by the given value. +.TP +.BI "--ttl-inc " "ttl" +Increment the TTL by the given value. .SS ULOG -Turn on userspace logging of matching packets. When this -option is set for a rule, the Linux kernel will multicast this -packet through a +This target provides userspace logging of matching packets. When this +target is set for a rule, the Linux kernel will multicast this packet +through a .IR netlink -socket. One or more userspace processes may then subscribe to variuos +socket. One or more userspace processes may then subscribe to various multicast groups and receive the packets. .TP .BI "--ulog-nlgroup" "<nlgroup>" @@ -697,8 +714,13 @@ Prefix log messages with the specified prefix; up to 32 characters long, and useful fro distinguishing messages in the logs. .TP .BI "--ulog-cprange" "<size>" -Number of bytes to be copied to userspace. A value of 0 does always copy +Number of bytes to be copied to userspace. A value of 0 always copies the entire packet, regardless of its size. +.SH DIAGNOSTICS +Various error messages are printed to standard error. The exit code +is 0 for correct functioning. Errors which appear to be caused by +invalid or abused command line parameters cause an exit code of 2, and +other errors cause an exit code of 1. .SH BUGS Check is not implemented (yet). .SH COMPATIBILITY WITH IPCHAINS @@ -752,8 +774,9 @@ James Morris wrote the TOS target, and tos match. .PP Jozsef Kadlecsik wrote the REJECT target. .PP -Harald Welte wrote the ULOG target and libulog. +Harald Welte wrote the ULOG target, TTL match+target and libipulog. .PP The Netfilter Core Team is: Marc Boucher, James Morris and Rusty Russell. .\" .. and did I mention that we are incredibly cool people? .\" .. sexy, too .. +.\" .. witty, charming, powerful .. |