path: root/extensions/
diff options
author/C=EU/ST=EU/CN=Patrick McHardy/ </C=EU/ST=EU/CN=Patrick McHardy/>2007-05-29 11:24:45 +0000
committer/C=EU/ST=EU/CN=Patrick McHardy/ </C=EU/ST=EU/CN=Patrick McHardy/>2007-05-29 11:24:45 +0000
commitbe77eb5f2746a1cd78773c3b6d24ce158de70613 (patch)
treecc732fc4d5c139f113444a72e4eef88e2a8367ef /extensions/
parent1102c208591f40667a0062db40d0db3c620a37f7 (diff)
Add --random option to DNAT and REDIRECT targets and fix the manpage mess this option left behind.
Diffstat (limited to 'extensions/')
1 files changed, 6 insertions, 8 deletions
diff --git a/extensions/ b/extensions/
index 01dea51..ea3c8de 100644
--- a/extensions/
+++ b/extensions/
@@ -14,19 +14,17 @@ any established connections are lost anyway). It takes one option:
.BR "--to-ports " "\fIport\fP[-\fIport\fP]"
This specifies a range of source ports to use, overriding the default
-.BR "--random"
-Randomize source port mapping
source port-selection heuristics (see above). This is only valid
if the rule also specifies
.B "-p tcp"
.BR "-p udp" .
+.BR "--random"
+Randomize source port mapping
If option
.B "--random"
-is used then port mapping will be forcely randomized to avoid
-attacks based on port prediction (kernel >= 2.6.21).
+is used then port mapping will be randomized (kernel >= 2.6.21).