From db1414ece88a798ac3f8878875ec3393a917871f Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Tue, 25 Dec 2012 13:11:27 +0000 Subject: doc: mention -m in the manpage Signed-off-by: Jan Engelhardt Signed-off-by: Pablo Neira Ayuso --- iptables/iptables.8.in | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'iptables/iptables.8.in') diff --git a/iptables/iptables.8.in b/iptables/iptables.8.in index d6b409d0..8d657647 100644 --- a/iptables/iptables.8.in +++ b/iptables/iptables.8.in @@ -277,6 +277,13 @@ See the description of the \fB\-s\fP (source) flag for a detailed description of the syntax. The flag \fB\-\-dst\fP is an alias for this option. .TP +\fB\-m\fP, \fB\-\-match\fP \fImatch\fP +Specifies a match to use, that is, an extension module that tests for a +specific property. The set of matches make up the condition under which a +target is invoked. Matches are evaluated first to last as specified on the +command line and work in short-circuit fashion, i.e. if one extension yields +false, evaluation will stop. +.TP \fB\-j\fP, \fB\-\-jump\fP \fItarget\fP This specifies the target of the rule; i.e., what to do if the packet matches it. The target can be a user-defined chain (other than the -- cgit v1.2.3