From ae4b0b3aa70c67f2eff303a3e75834e45c3794a7 Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@inl.fr>
Date: Sat, 24 Feb 2007 15:11:33 +0000
Subject: iptables: add random option to SNAT (Eric Leblond)

---
 extensions/libipt_SAME.man | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'extensions/libipt_SAME.man')

diff --git a/extensions/libipt_SAME.man b/extensions/libipt_SAME.man
index 817c2001..4e88d48d 100644
--- a/extensions/libipt_SAME.man
+++ b/extensions/libipt_SAME.man
@@ -9,3 +9,7 @@ multiple ranges.
 .B "--nodst"
 Don't use the destination-ip in the calculations when selecting the
 new source-ip
+.TP
+.B "--random"
+Port mapping will be forcely randomized to avoid attacks based on 
+port prediction (kernel >= 2.6.21).
-- 
cgit v1.2.3