diff options
author | Phil Sutter <phil@nwl.cc> | 2019-02-21 15:38:47 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2019-02-22 17:00:44 +0100 |
commit | dffb5ec2a8c7f91351e2a1029a757cb1f41f2d02 (patch) | |
tree | 216c12d7cff580f4e94a7974ca6cf93826be22c2 | |
parent | b738ca36777851e8f08c20a1e6c5c6492e934b38 (diff) |
extensions: AUDIT: Document ineffective --type option
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
-rw-r--r-- | extensions/libxt_AUDIT.man | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/extensions/libxt_AUDIT.man b/extensions/libxt_AUDIT.man index cd796967..4f5562e8 100644 --- a/extensions/libxt_AUDIT.man +++ b/extensions/libxt_AUDIT.man @@ -3,12 +3,14 @@ It can be used to record accepted, dropped, and rejected packets. See auditd(8) for additional details. .TP \fB\-\-type\fP {\fBaccept\fP|\fBdrop\fP|\fBreject\fP} -Set type of audit record. +Set type of audit record. Starting with linux-4.12, this option has no effect +on generated audit messages anymore. It is still accepted by iptables for +compatibility reasons, but ignored. .PP Example: .IP iptables \-N AUDIT_DROP .IP -iptables \-A AUDIT_DROP \-j AUDIT \-\-type drop +iptables \-A AUDIT_DROP \-j AUDIT .IP iptables \-A AUDIT_DROP \-j DROP |