summaryrefslogtreecommitdiffstats
path: root/ip6tables.8.in
Commit message (Collapse)AuthorAgeFilesLines
* iptables: documentation for iptables and ip6tables "security" tablesMark Montague2011-04-041-0/+11
| | | | | | | | Add documentation for the iptables and ip6tables "security" tables. Based on http://lwn.net/Articles/267140/ and kernel source. Signed-off-by: Mark Montague <mark@catseye.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
* iptables: add -C to check for existing rulesStefan Tomanek2011-03-081-2/+8
| | | | | | | | | | | | | | | | | It is often useful to check whether a specific rule is already present in a chain without actually modifying the iptables config. Services like fail2ban usually employ techniques like grepping through the output of "iptables -L" which is quite error prone. This patch adds a new operation -C to the iptables command which mostly works like -D; it can detect and indicate the existence of the specified rule by modifying the exit code. The new operation TC_CHECK_ENTRY uses the same code as the -D operation, whose functions got a dry-run parameter appended. Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* doc: add VERSION section to manpagesJan Engelhardt2011-03-011-0/+3
| | | | | | | | This shall make it easier to identify outdated HTML renditions on the interwebs, since many of them do not display the .TH header like man(1) does. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* doc: name resolution clarificationJan Engelhardt2009-11-181-4/+6
| | | | | | | Sometimes there are users who wonder about when name resolutions/DNS queries are done, so let's add that for completeness. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* iptables: manpage updates for augmented -Z syntaxJan Engelhardt2009-08-201-3/+4
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* manpages: more fixes to minuses, hyphens, dashesJan Engelhardt2009-08-201-3/+3
| | | | | | | | | | | | | | | | Debian still carries patches patches to the iptables nroff code touching ASCII minuses, so I thought, what's it this time. Eventually, this patch tries to straighten things once more, per http://en.wikipedia.org/wiki/Wikipedia:Manual_of_Style#Hyphens and http://en.wikipedia.org/wiki/Wikipedia:Manual_of_Style#Dashes . Titles will get the em dash; all typed commands or parameters with a hyphen get a minus (so that man(1) hyperlinking and copy-pasting does work), but other mentions get the hyphen. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* iptables: accept multiple IP address specifications for -s, -dMichael Granzow2009-06-261-0/+3
| | | | | | | | | | | | | | libiptc already supports adding and deleting multiple rules with different addresses, so it only needs to be wired up to the options. # ip6tables -I INPUT -s 2001:db8::d,2001:db8::e -j DROP References: http://marc.info/?l=netfilter-devel&m=123929790719202&w=2 Adjustments made: syntax, removal of unneeded variables, manpage adjustment, soversion bump. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* doc: resynchronize manpage with in-code helpJan Engelhardt2009-02-211-3/+3
| | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* doc: escape minus sign in manpage (2)Jan Engelhardt2009-01-141-62/+63
| | | | Addendum to previous patch.
* doc: escape minus sign in manpagesJan Engelhardt2009-01-121-10/+16
| | | | | | | groff formats '-' as a hyphen, and '\-' is needed for a minus. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* doc: resynchronize markup in iptables,ip6tables.8.inJan Engelhardt2009-01-081-12/+11
| | | | | | | | Change .br to .PP in the intro section and use consistent paragraphing in later ones. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: put iptables version into manpageJan Engelhardt2009-01-081-1/+1
| | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: remove mentions of NAT in ip6tables manpageJan Engelhardt2008-09-081-18/+3
| | | | | | | ip6tables does not support NAT at this time. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* manpages: name and markup fixesJan Engelhardt2008-07-301-14/+14
| | | | | Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* manpages: various updatesJan Engelhardt2008-07-031-200/+119
| | | | | | | | | - synchronized iptables--ip6tbales manpages - -S option, list of chain names, protocol names - markup updates Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
* ip6tables: add --goto supportThomas Jacob2008-06-231-1/+9
| | | | Signed-off-by: Patrick McHardy <kaber@trash.net>
* iptables --list-rules commandHenrik Nordstrom2008-05-131-0/+5
| | | | | | | | | | | | | | | | | | Adds iptables --list-rules (-S) command, acting as a combination of iptables --list and iptables-save. The primary motivation behind this patch is to get iptables-save like output capabilities in iptables-restore, allowing "iptables-restore -n" to be used as a consistent API to iptables for all kind of operations, not only blind updates.. As a bonus iptables also gets the capability of printing the rules as-is. This completely replaces the earlier patch which added the --rules option. Henrik Nordstrom <henrik@henriknordstrom.net>
* manpages: grammar and spellingJan Engelhardt2008-04-131-1/+1
|
* Update coreteam members in manpagesYasuyuki KOZAKAI2007-02-151-1/+2
|
* Update coreteam members in manpages.Patrick McHardy2007-01-281-2/+2
|
* major manpage update (Yasuyuki Kozakai)Yasuyuki KOZAKAI2006-01-301-4/+21
|
* update manpage to reflect QUEUE / nfnetlink_queue / NFQUEUE changesHarald Welte2005-07-281-3/+16
|
* split manpages into per-extension manpage snippet (Henrik Nordstrom)Henrik Nordstrom2004-01-221-0/+461
add lots of missing manpage snippets (Harald Welte)