diff options
-rw-r--r-- | extensions/libxt_devgroup.man | 2 | ||||
-rw-r--r-- | iptables/xtables-monitor.8.in | 6 |
2 files changed, 4 insertions, 4 deletions
diff --git a/extensions/libxt_devgroup.man b/extensions/libxt_devgroup.man index 4a66c9fe..480ee351 100644 --- a/extensions/libxt_devgroup.man +++ b/extensions/libxt_devgroup.man @@ -1,4 +1,4 @@ -Match device group of a packets incoming/outgoing interface. +Match device group of a packet's incoming/outgoing interface. .TP [\fB!\fP] \fB\-\-src\-group\fP \fIname\fP Match device group of incoming device diff --git a/iptables/xtables-monitor.8.in b/iptables/xtables-monitor.8.in index b647a79e..a7f22c0d 100644 --- a/iptables/xtables-monitor.8.in +++ b/iptables/xtables-monitor.8.in @@ -51,9 +51,9 @@ The second line dumps information about the packet. Incoming interface and packet headers such as source and destination addresses are shown. The third line shows that the packet completed traversal of the raw table -PREROUTING chain, and is returning, followed by use the chain policy to make accept/drop +PREROUTING chain, and is returning, followed by use of the chain policy to make accept/drop decision (the example shows accept being applied). -The fifth line shows that the packet leaves the filter INPUT chain, i.e., no rules in the filter tables +The fifth line shows that the packet leaves the filter INPUT chain, i.e., no rules in the filter table's INPUT chain matched the packet. It then got DROPPED by the policy of the INPUT table, as shown by line six. The last line shows another packet arriving \-\- the packet id is different. @@ -81,7 +81,7 @@ by three base hooks INPUT, FORWARD and OUTPUT. The iptables-nftables tools all chains automatically when needed, so this is expected when a table was not yet initialized or when it is re-created from scratch by iptables-nftables-restore. Line five shows a new user-defined chain (TCP) being added, followed by addition a few rules. the last line shows that a new ruleset generation has -become active, i.e., the rule set changes are now active. This also lists the process id and the programs name. +become active, i.e., the rule set changes are now active. This also lists the process id and the program name. .SH LIMITATIONS .B xtables-monitor only works with rules added using iptables-nftables, rules added using |