From d2263d22746df101cb63c0293e0646fada46263a Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@netfilter.org>
Date: Thu, 14 Nov 2019 14:29:03 +0100
Subject: Document explicitly that protocol is not stored in bitmap:port

---
 lib/ipset_bitmap_port.c | 8 ++++----
 src/ipset.8             | 5 +++--
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/lib/ipset_bitmap_port.c b/lib/ipset_bitmap_port.c
index 72224a7..33f8e6c 100644
--- a/lib/ipset_bitmap_port.c
+++ b/lib/ipset_bitmap_port.c
@@ -69,7 +69,7 @@ static struct ipset_type ipset_bitmap_port0 = {
 	},
 	.usage = "where PORT, FROM and TO are port numbers or port names from /etc/services.\n"
 		 "      PROTO is only needed if a service name is used and it does not exist\n"
-		 "      as a TCP service; it isn't used otherwise with the bitmap.",
+		 "      as a TCP service; just the resolved service numer is stored in the set.",
 	.description = "Initial revision",
 };
 
@@ -136,7 +136,7 @@ static struct ipset_type ipset_bitmap_port1 = {
 	},
 	.usage = "where PORT, FROM and TO are port numbers or port names from /etc/services.\n"
 		 "      PROTO is only needed if a service name is used and it does not exist\n"
-		 "      as a TCP service; it isn't used otherwise with the bitmap.",
+		 "      as a TCP service; just the resolved service numer is stored in the set.",
 	.description = "counters support",
 };
 
@@ -205,7 +205,7 @@ static struct ipset_type ipset_bitmap_port2 = {
 	},
 	.usage = "where PORT, FROM and TO are port numbers or port names from /etc/services.\n"
 		 "      PROTO is only needed if a service name is used and it does not exist\n"
-		 "      as a TCP service; it isn't used otherwise with the bitmap.",
+		 "      as a TCP service; just the resolved service numer is stored in the set.",
 	.description = "comment support",
 };
 
@@ -278,7 +278,7 @@ static struct ipset_type ipset_bitmap_port3 = {
 	},
 	.usage = "where PORT, FROM and TO are port numbers or port names from /etc/services.\n"
 		 "      PROTO is only needed if a service name is used and it does not exist\n"
-		 "      as a TCP service; it isn't used otherwise with the bitmap.",
+		 "      as a TCP service; just the resolved service numer is stored in the set.",
 	.description = "skbinfo support",
 };
 
diff --git a/src/ipset.8 b/src/ipset.8
index f1a1368..7787d79 100644
--- a/src/ipset.8
+++ b/src/ipset.8
@@ -496,8 +496,9 @@ Create the set from the specified inclusive port range.
 The \fBset\fR match and \fBSET\fR target netfilter kernel modules interpret
 the stored numbers as TCP or UDP port numbers.
 .PP
-\fBproto\fR only needs to be specified if a service name is used,
-and that name does not exist as a TCP service.
+\fBproto\fR only needs to be specified if a service name is used
+and that name does not exist as a TCP service. The protocol is never stored
+in the set, just the port number of the service.
 .PP
 Examples:
 .IP 
-- 
cgit v1.2.3