diff options
authorHarald Welte <>2001-07-05 06:26:37 +0000
committerHarald Welte <>2001-07-05 06:26:37 +0000
commit87d4be4a567e1d7a6c8827513f431df036334cc8 (patch)
parented44b83a39a244738e1a63df2a457d400a7e2d91 (diff)
todo update, manpage spelling fix
2 files changed, 8 insertions, 2 deletions
diff --git a/TODO b/TODO
index 8b141f3c..f00173a3 100644
--- a/TODO
+++ b/TODO
@@ -4,10 +4,11 @@ Currently maintained by Harald Welte <>
Please inform me, if you want to work on any of the TODO items, so I
can update this list and thus prevent two people doing the same work.
-CVS ID: $Id: TODO,v 1.37 2001/05/25 12:24:20 jamesm Exp $
+CVS ID: $Id: TODO,v 1.38 2001/05/26 20:31:59 laforge Exp $
- solution for nostate / notrack (we don't want to track specific conn's)
+- iptables-save/restore problems with log-level
- multiple related connections [HW]
- ip_conntrack rmmod loop (sometimes, Yan's patch?)
- conntrack helper not called for first packet (udp!)
@@ -27,8 +28,10 @@ X reject-with on REJECT target doesn't work [HW]
- IPv6 REJECT target doesn't have extension plugin ?!?
- colon inside prefix doesn't work
- pending minor ip_queue updates [JM]
+- --mac-source not working in FORWARD (manpage bug?)
NICE to have:
+- interface names in ipv6 can contain _ and -
- multicast connection tracking
- sysctl support for ftp-multi, irc-conntrack/nat, ftp-fxp
- integrate HOPLIMIT for ipv6 in patch-o-matic [HW]
diff --git a/iptables.8 b/iptables.8
index 94dbe179..08cb8a7f 100644
--- a/iptables.8
+++ b/iptables.8
@@ -86,16 +86,19 @@ loading, an attempt will be made to load the appropriate module for
that table if it is not already there.
The tables are as follows:
.BR "filter"
This is the default table. It contains the built-in chains INPUT (for
packets coming into the box itself), FORWARD (for packets being routed
through the box), and OUTPUT (for locally-generated packets).
.BR "nat"
This table is consulted when a packet that creates a new
connection is encountered. It consists of three built-ins: PREROUTING
(for altering packets as soon as they come in), OUTPUT (for altering
locally-generated packets before routing), and POSTROUTING (for
altering packets as they are about to go out).
.BR "mangle"
This table is used for specialized packet alteration. It has two
built-in chains: PREROUTING (for altering incoming packets before
@@ -456,7 +459,7 @@ target below).
.BI "--mark " "value[/mask]"
Matches packets with the given unsigned mark value (if a mask is
-specified, this is logically ANDed with the mark before the
+specified, this is logically ANDed with the mask before the
.SS owner
This module attempts to match various characteristics of the packet