libxt_connbytes: document nf_ct_acct behavior

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
author: Jan Engelhardt <jengelh@medozas.de> 2009-03-17 16:37:47 +0100
committer: Jan Engelhardt <jengelh@medozas.de> 2009-03-17 16:37:49 +0100
commit: 71bc61f926ca2d8ec57d9fbd698c2af32c9a9f64 (patch)
tree: f16e7b54381faadd2d49b595988a006f53792151 /extensions
parent: a73a34ad9c9bb30dafbd7b5ca15b902e83c50ee2 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/extensions/libxt_connbytes.man b/extensions/libxt_connbytes.man
index b5608a35..e475cae7 100644
--- a/extensions/libxt_connbytes.man
+++ b/extensions/libxt_connbytes.man
@@ -9,6 +9,12 @@ scheduled using a lower priority band in traffic control.
 .PP
 The transferred bytes per connection can also be viewed through
 `conntrack -L` and accessed via ctnetlink.
+.PP
+NOTE that for connections which have no accounting information, the match will
+always return false. The "net.netfilter.nf_conntrack_acct" sysctl flag controls
+whether \fBnew\fP connections will be byte/packet counted. Existing connection
+flows will not be gaining/losing a/the accounting structure when be sysctl flag
+is flipped.
 .TP
 [\fB!\fP] \fB\-\-connbytes\fP \fIfrom\fP[\fB:\fP\fIto\fP]
 match packets from a connection whose packets/bytes/average packet
author	Jan Engelhardt <jengelh@medozas.de>	2009-03-17 16:37:47 +0100
committer	Jan Engelhardt <jengelh@medozas.de>	2009-03-17 16:37:49 +0100
commit	71bc61f926ca2d8ec57d9fbd698c2af32c9a9f64 (patch)
tree	f16e7b54381faadd2d49b595988a006f53792151 /extensions
parent	a73a34ad9c9bb30dafbd7b5ca15b902e83c50ee2 (diff)