summaryrefslogtreecommitdiffstats
path: root/iptables.8.in
diff options
context:
space:
mode:
authorHarald Welte <laforge@gnumonks.org>2005-07-28 15:24:02 +0000
committerHarald Welte <laforge@gnumonks.org>2005-07-28 15:24:02 +0000
commit7bdfca450990ca68ccfc4c54acb14d3ea0fa8582 (patch)
tree5203fc0c11ffc98e4c880dbea8fd502e99dc5710 /iptables.8.in
parent36d870c76621b94d51816d09eb8fd05e0fb0a0ab (diff)
update manpage to reflect QUEUE / nfnetlink_queue / NFQUEUE changes
Diffstat (limited to 'iptables.8.in')
-rw-r--r--iptables.8.in23
1 files changed, 18 insertions, 5 deletions
diff --git a/iptables.8.in b/iptables.8.in
index 0d17bd56..118c50ca 100644
--- a/iptables.8.in
+++ b/iptables.8.in
@@ -71,7 +71,19 @@ means to let the packet through.
.I DROP
means to drop the packet on the floor.
.I QUEUE
-means to pass the packet to userspace (if supported by the kernel).
+means to pass the packet to userspace. (How the packet can be received
+by a userspace process differs by the particular queue handler. 2.4.x
+and 2.6.x kernels up to 2.6.13 include the
+.B
+ip_queue
+queue handler. Kernels 2.6.14 and later additionally include the
+.B
+nfnetlink_queue
+queue handler. Packets with a target of QUEUE will be sent to queue number '0'
+in this case. Please also see the
+.B
+NFQUEUE
+target as described later in this man page.)
.I RETURN
means stop traversing this chain and resume at the next rule in the
previous (calling) chain. If the end of a built-in chain is reached
@@ -440,7 +452,8 @@ There are several other changes in iptables.
.BR iptables-restore (8),
.BR ip6tables (8),
.BR ip6tables-save (8),
-.BR ip6tables-restore (8).
+.BR ip6tables-restore (8),
+.BR libipq (3).
.P
The packet-filtering-HOWTO details iptables usage for
packet filtering, the NAT-HOWTO details NAT,
@@ -451,7 +464,7 @@ and the netfilter-hacking-HOWTO details the netfilter internals.
See
.BR "http://www.netfilter.org/" .
.SH AUTHORS
-Rusty Russell wrote iptables, in early consultation with Michael
+Rusty Russell originally wrote iptables, in early consultation with Michael
Neuling.
.PP
Marc Boucher made Rusty abandon ipnatctl by lobbying for a generic packet
@@ -462,12 +475,12 @@ James Morris wrote the TOS target, and tos match.
.PP
Jozsef Kadlecsik wrote the REJECT target.
.PP
-Harald Welte wrote the ULOG target, TTL, DSCP, ECN matches and targets.
+Harald Welte wrote the ULOG and NFQUEUE target, the new libiptc, as well as the TTL, DSCP, ECN matches and targets.
.PP
The Netfilter Core Team is: Marc Boucher, Martin Josefsson, Jozsef Kadlecsik,
Patrick McHardy, James Morris, Harald Welte and Rusty Russell.
.PP
-Man page written by Herve Eychenne <rv@wallfire.org>.
+Man page originally written by Herve Eychenne <rv@wallfire.org>.
.\" .. and did I mention that we are incredibly cool people?
.\" .. sexy, too ..
.\" .. witty, charming, powerful ..