diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2011-12-18 03:10:56 +0100 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2011-12-18 03:10:57 +0100 |
commit | 32a4b7dcaf252348732362cd6d853bf0005b2bdd (patch) | |
tree | a0cb75f98e4a09b75a8d51095f4a39769d778c74 /extensions/libxt_addrtype.man | |
parent | b8c42eca0f224a00bf55b60ded81af14a1e07da1 (diff) | |
parent | 79ddbf202a06e6f018e087a328c2ca91e65a8463 (diff) |
Merge branch 'stable'
Diffstat (limited to 'extensions/libxt_addrtype.man')
-rw-r--r-- | extensions/libxt_addrtype.man | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/extensions/libxt_addrtype.man b/extensions/libxt_addrtype.man new file mode 100644 index 00000000..16fd9dfd --- /dev/null +++ b/extensions/libxt_addrtype.man @@ -0,0 +1,69 @@ +This module matches packets based on their +.B address type. +Address types are used within the kernel networking stack and categorize +addresses into various groups. The exact definition of that group depends on the specific layer three protocol. +.PP +The following address types are possible: +.TP +.BI "UNSPEC" +an unspecified address (i.e. 0.0.0.0) +.TP +.BI "UNICAST" +an unicast address +.TP +.BI "LOCAL" +a local address +.TP +.BI "BROADCAST" +a broadcast address +.TP +.BI "ANYCAST" +an anycast packet +.TP +.BI "MULTICAST" +a multicast address +.TP +.BI "BLACKHOLE" +a blackhole address +.TP +.BI "UNREACHABLE" +an unreachable address +.TP +.BI "PROHIBIT" +a prohibited address +.TP +.BI "THROW" +FIXME +.TP +.BI "NAT" +FIXME +.TP +.BI "XRESOLVE" +.TP +[\fB!\fP] \fB\-\-src\-type\fP \fItype\fP +Matches if the source address is of given type +.TP +[\fB!\fP] \fB\-\-dst\-type\fP \fItype\fP +Matches if the destination address is of given type +.TP +.BI "\-\-limit\-iface\-in" +The address type checking can be limited to the interface the packet is coming +in. This option is only valid in the +.BR PREROUTING , +.B INPUT +and +.B FORWARD +chains. It cannot be specified with the +\fB\-\-limit\-iface\-out\fP +option. +.TP +\fB\-\-limit\-iface\-out\fP +The address type checking can be limited to the interface the packet is going +out. This option is only valid in the +.BR POSTROUTING , +.B OUTPUT +and +.B FORWARD +chains. It cannot be specified with the +\fB\-\-limit\-iface\-in\fP +option. |