diff options
Diffstat (limited to 'extensions/libxt_CT.man')
-rw-r--r-- | extensions/libxt_CT.man | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/extensions/libxt_CT.man b/extensions/libxt_CT.man index a93eb149..e992120a 100644 --- a/extensions/libxt_CT.man +++ b/extensions/libxt_CT.man @@ -20,9 +20,21 @@ the ctmark, not nfmark), \fBnatseqinfo\fP, \fBsecmark\fP (ctsecmark). Only generate the specified expectation events for this connection. Possible event types are: \fBnew\fP. .TP -\fB\-\-zone\fP \fIid\fP +\fB\-\-zone-orig\fP {\fIid\fP|\fBmark\fP} +For traffic coming from ORIGINAL direction, assign this packet to zone +\fIid\fP and only have lookups done in that zone. If \fBmark\fP is used +instead of \fIid\fP, the zone is derived from the packet nfmark. +.TP +\fB\-\-zone-reply\fP {\fIid\fP|\fBmark\fP} +For traffic coming from REPLY direction, assign this packet to zone +\fIid\fP and only have lookups done in that zone. If \fBmark\fP is used +instead of \fIid\fP, the zone is derived from the packet nfmark. +.TP +\fB\-\-zone\fP {\fIid\fP|\fBmark\fP} Assign this packet to zone \fIid\fP and only have lookups done in that zone. -By default, packets have zone 0. +If \fBmark\fP is used instead of \fIid\fP, the zone is derived from the +packet nfmark. By default, packets have zone 0. This option applies to both +directions. .TP \fB\-\-timeout\fP \fIname\fP Use the timeout policy identified by \fIname\fP for the connection. This is |