From d637ead63658d741501974c381889b3857073308 Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Fri, 21 Sep 2012 20:42:15 +0200
Subject: New set match revision with --return-nomatch flag support

---
 extensions/libxt_set.man | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'extensions/libxt_set.man')

diff --git a/extensions/libxt_set.man b/extensions/libxt_set.man
index 1ad90859..ac60f148 100644
--- a/extensions/libxt_set.man
+++ b/extensions/libxt_set.man
@@ -14,6 +14,12 @@ address and destination port pair can be found in the specified set. If
 the set type of the specified set is single dimension (for example ipmap),
 then the command will match packets for which the source address can be
 found in the specified set. 
+.TP
+\fB\-\-return\-\-nomatch\fP
+If the \fB\-\-return\-\-nomatch\fP option is specified and the set type
+supports the \fBnomatch\fP flag, then the matching is reversed: a match
+with an element flagged with \fBnomatch\fP returns \fBtrue\fP, while a
+match with a plain element returns \fBfalse\fP.
 .PP
 The option \fB\-\-match\-set\fP can be replaced by \fB\-\-set\fP if that does 
 not clash with an option of other extensions.
-- 
cgit v1.2.3