path: root/extensions
diff options
authorPhil Sutter <>2019-02-21 15:38:47 +0100
committerFlorian Westphal <>2019-02-22 17:00:44 +0100
commitdffb5ec2a8c7f91351e2a1029a757cb1f41f2d02 (patch)
tree216c12d7cff580f4e94a7974ca6cf93826be22c2 /extensions
parentb738ca36777851e8f08c20a1e6c5c6492e934b38 (diff)
extensions: AUDIT: Document ineffective --type option
Signed-off-by: Phil Sutter <> Signed-off-by: Florian Westphal <>
Diffstat (limited to 'extensions')
1 files changed, 4 insertions, 2 deletions
diff --git a/extensions/ b/extensions/
index cd796967..4f5562e8 100644
--- a/extensions/
+++ b/extensions/
@@ -3,12 +3,14 @@ It can be used to record accepted, dropped, and rejected packets. See
auditd(8) for additional details.
\fB\-\-type\fP {\fBaccept\fP|\fBdrop\fP|\fBreject\fP}
-Set type of audit record.
+Set type of audit record. Starting with linux-4.12, this option has no effect
+on generated audit messages anymore. It is still accepted by iptables for
+compatibility reasons, but ignored.
iptables \-N AUDIT_DROP
-iptables \-A AUDIT_DROP \-j AUDIT \-\-type drop
+iptables \-A AUDIT_DROP \-j AUDIT
iptables \-A AUDIT_DROP \-j DROP