From 5891b45e0eee0307a29ed5103fe6d596f6a37ebd Mon Sep 17 00:00:00 2001 From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org" Date: Sat, 3 Dec 2005 22:33:53 +0000 Subject: o Add support to filter events. ie: -p tcp --orig-port-dst 80 in conjuction with -E to get all the requests to HTTP servers o Update manpage o Missing static function declaration in the protocol handlers o Use protocol flags defined in libnetfilter_conntrack o Kill leftover #include "conntrack.h" in the ICMP helper o Bumped version to 0.991 --- conntrack.8 | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) (limited to 'conntrack.8') diff --git a/conntrack.8 b/conntrack.8 index 8c9d963..8dbecb5 100644 --- a/conntrack.8 +++ b/conntrack.8 @@ -74,17 +74,11 @@ Flush the whole given table Atomically zero counters after reading them. This option is only valid in combination with the "-L, --dump" command options. .TP -.BI "-e, --event-mask " "[ALL|NEW|RELATED|DESTROY|REFRESH|STATUS|PROTOINFO|HELPER|HELPINFO|NATINFO][,...]" +.BI "-e, --event-mask " "[ALL|NEW|UPDATES|DESTROY][,...]" Set the bitmask of events that are to be generated by the in-kernel ctnetlink event code. Using this parameter, you can reduce the event messages generated by the kernel to those types to those that you are actually interested in. . -Please note that this is a system-wide setting, so make sure to not disable some events that other ctnetlink-using processes might need! -This option can only be used in conjunction with "-E, --event". -.TP -.BI "-g, --group-mask " "[ALL|TCP|UDP|ICMP][,...]" -Set the group bitmask to those netlink groups (resembling layer 4 protocols) -that you're actually interested in. This option can only be used in conjunction with "-E, --event". .SS FILTER PARAMETERS .TP @@ -106,11 +100,13 @@ Specify layer four (TCP, UDP, ...) protocol. .BI "-t, --timeout " "TIMEOUT" Specify the timeout. .TP -.BI "-u, --status " "[EXPECTED|ASSURED|SEEN_REPLY|CONFIRMED|SNAT|DNAT|SEQ_ADJUST|UNSET][,...]" +.BI "-u, --status " "[ASSURED|SEEN_REPLY|UNSET|SRC_NAT|DST_NAT][,...]" Specify the conntrack status. .TP .BI "-i, --id " "ID" -Specify the conntrack ID. +Specify the conntrack ID. +. +This option can only be used in conjunction with "-L, --dump" to display the conntrack IDs. .TP .BI "--tuple-src " IP_ADDRESS Specify the tuple source address of an expectation. -- cgit v1.2.3