path: root/extensions/
diff options
authorMart Frauenlob <>2013-04-10 06:45:08 +0000
committerFlorian Westphal <>2013-06-07 00:35:51 +0200
commit48356408ccf03ec2fdba0ceae3d9b5eae5e5e959 (patch)
tree779bcece885db41fc01ad2ed4a6bda264b4e3218 /extensions/
parentfe42fac939288cf72cc751dc6b517714e0720e62 (diff)
extensions: libxt_MASQUERADE: rename IPv4 manpage and tell about IPv6 support
also update list of protocols valid for port mapping. Signed-off-by: Mart Frauenlob <> Signed-off-by: Florian Westphal <>
Diffstat (limited to 'extensions/')
1 files changed, 28 insertions, 0 deletions
diff --git a/extensions/ b/extensions/
new file mode 100644
index 00000000..c9e39501
--- /dev/null
+++ b/extensions/
@@ -0,0 +1,28 @@
+This target is only valid in the
+.B nat
+table, in the
+chain. It should only be used with dynamically assigned IP (dialup)
+connections: if you have a static IP address, you should use the SNAT
+target. Masquerading is equivalent to specifying a mapping to the IP
+address of the interface the packet is going out, but also has the
+effect that connections are
+.I forgotten
+when the interface goes down. This is the correct behavior when the
+next dialup is unlikely to have the same interface address (and hence
+any established connections are lost anyway).
+\fB\-\-to\-ports\fP \fIport\fP[\fB\-\fP\fIport\fP]
+This specifies a range of source ports to use, overriding the default
+source port-selection heuristics (see above). This is only valid
+if the rule also specifies one of the following protocols:
+\fBtcp\fP, \fBudp\fP, \fBdccp\fP or \fBsctp\fP.
+Randomize source port mapping
+If option
+is used then port mapping will be randomized (kernel >= 2.6.21).
+IPv6 support available since Linux kernels >= 3.7.