diff options
author | laforge <laforge> | 2004-01-22 15:04:24 +0000 |
---|---|---|
committer | laforge <laforge> | 2004-01-22 15:04:24 +0000 |
commit | e98c6ca0cd66184de43eb4c8cc34114fb72c88f6 (patch) | |
tree | a24f57a9be5a8364b53dfa102705d270f36b440a /extensions/libipt_MASQUERADE.man | |
parent | 9bbaedb7f5bd564ff7f54ae87e2d344bd044ef2e (diff) |
split manpages into per-extension manpage snippet (Henrik Nordstrom)
add lots of missing manpage snippets (Harald Welte)
Diffstat (limited to 'extensions/libipt_MASQUERADE.man')
-rw-r--r-- | extensions/libipt_MASQUERADE.man | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/extensions/libipt_MASQUERADE.man b/extensions/libipt_MASQUERADE.man new file mode 100644 index 0000000..e82063c --- /dev/null +++ b/extensions/libipt_MASQUERADE.man @@ -0,0 +1,22 @@ +This target is only valid in the +.B nat +table, in the +.B POSTROUTING +chain. It should only be used with dynamically assigned IP (dialup) +connections: if you have a static IP address, you should use the SNAT +target. Masquerading is equivalent to specifying a mapping to the IP +address of the interface the packet is going out, but also has the +effect that connections are +.I forgotten +when the interface goes down. This is the correct behavior when the +next dialup is unlikely to have the same interface address (and hence +any established connections are lost anyway). It takes one option: +.TP +.BR "--to-ports " "\fIport\fP[-\fIport\fP]" +This specifies a range of source ports to use, overriding the default +.B SNAT +source port-selection heuristics (see above). This is only valid +if the rule also specifies +.B "-p tcp" +or +.BR "-p udp" . |