diff options
author | Asbjørn Sloth Tønnesen <ast@fiberby.dk> | 2016-02-01 13:30:06 +0000 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-02-16 19:09:28 +0100 |
commit | 3f6a2e90936bbaac3a66e9bfb2a21e22c3504045 (patch) | |
tree | 88831915d6cfb486c83ce22879e332033de95bf1 /conntrack.8 | |
parent | 8357b9ac072c29317bcf08b2e4d9e9f9e54dc012 (diff) |
conntrack: add support for CIDR notation
Add support for using CIDR notation in --{orig,tuple}-{src,dst} arguments,
instead of free-form formatting netmask in --mask-{src,dst}.
Example:
conntrack -L -s 2001:db8::/56
Instead of:
conntrack -L -s 2001:db8:: --mask-src ffff:ffff:ffff:ff00::
Signed-off-by: Asbjørn Sloth Tønnesen <ast@fiberby.dk>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'conntrack.8')
-rw-r--r-- | conntrack.8 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/conntrack.8 b/conntrack.8 index 5bba1b1..f2c1ca5 100644 --- a/conntrack.8 +++ b/conntrack.8 @@ -117,9 +117,11 @@ This option can only be used in conjunction with "\-E, \-\-event". .TP .BI "-s, --orig-src " IP_ADDRESS Match only entries whose source address in the original direction equals the one specified as argument. +Implies "--mask-src" when CIDR notation is used. .TP .BI "-d, --orig-dst " IP_ADDRESS Match only entries whose destination address in the original direction equals the one specified as argument. +Implies "--mask-dst" when CIDR notation is used. .TP .BI "-r, --reply-src " IP_ADDRESS Match only entries whose source address in the reply direction equals the one specified as argument. @@ -186,9 +188,11 @@ See iptables CT target for more information. .TP .BI "--tuple-src " IP_ADDRESS Specify the tuple source address of an expectation. +Implies "--mask-src" when CIDR notation is used. .TP .BI "--tuple-dst " IP_ADDRESS Specify the tuple destination address of an expectation. +Implies "--mask-dst" when CIDR notation is used. .TP .BI "--mask-src " IP_ADDRESS Specify the source address mask. |