diff options
author | laforge <laforge> | 2004-01-22 15:04:24 +0000 |
---|---|---|
committer | laforge <laforge> | 2004-01-22 15:04:24 +0000 |
commit | e98c6ca0cd66184de43eb4c8cc34114fb72c88f6 (patch) | |
tree | a24f57a9be5a8364b53dfa102705d270f36b440a /extensions/libip6t_LOG.man | |
parent | 9bbaedb7f5bd564ff7f54ae87e2d344bd044ef2e (diff) |
split manpages into per-extension manpage snippet (Henrik Nordstrom)
add lots of missing manpage snippets (Harald Welte)
Diffstat (limited to 'extensions/libip6t_LOG.man')
-rw-r--r-- | extensions/libip6t_LOG.man | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/extensions/libip6t_LOG.man b/extensions/libip6t_LOG.man new file mode 100644 index 0000000..9eb5a6a --- /dev/null +++ b/extensions/libip6t_LOG.man @@ -0,0 +1,28 @@ +Turn on kernel logging of matching packets. When this option is set +for a rule, the Linux kernel will print some information on all +matching packets (like most IPv6 IPv6-header fields) via the kernel log +(where it can be read with +.I dmesg +or +.IR syslogd (8)). +This is a "non-terminating target", i.e. rule traversal continues at +the next rule. So if you want to LOG the packets you refuse, use two +separate rules with the same matching criteria, first using target LOG +then DROP (or REJECT). +.TP +.BI "--log-level " "level" +Level of logging (numeric or see \fIsyslog.conf\fP(5)). +.TP +.BI "--log-prefix " "prefix" +Prefix log messages with the specified prefix; up to 29 letters long, +and useful for distinguishing messages in the logs. +.TP +.B --log-tcp-sequence +Log TCP sequence numbers. This is a security risk if the log is +readable by users. +.TP +.B --log-tcp-options +Log options from the TCP packet header. +.TP +.B --log-ip-options +Log options from the IPv6 packet header. |