summaryrefslogtreecommitdiffstats
path: root/extensions/libipt_DNAT.man
diff options
context:
space:
mode:
Diffstat (limited to 'extensions/libipt_DNAT.man')
-rw-r--r--extensions/libipt_DNAT.man27
1 files changed, 27 insertions, 0 deletions
diff --git a/extensions/libipt_DNAT.man b/extensions/libipt_DNAT.man
new file mode 100644
index 00000000..7579e14e
--- /dev/null
+++ b/extensions/libipt_DNAT.man
@@ -0,0 +1,27 @@
+This target is only valid in the
+.B nat
+table, in the
+.B PREROUTING
+and
+.B OUTPUT
+chains, and user-defined chains which are only called from those
+chains. It specifies that the destination address of the packet
+should be modified (and all future packets in this connection will
+also be mangled), and rules should cease being examined. It takes one
+type of option:
+.TP
+.BR "--to-destination " "\fIipaddr\fP[-\fIipaddr\fP][:\fIport\fP-\fIport\fP]"
+which can specify a single new destination IP address, an inclusive
+range of IP addresses, and optionally, a port range (which is only
+valid if the rule also specifies
+.B "-p tcp"
+or
+.BR "-p udp" ).
+If no port range is specified, then the destination port will never be
+modified.
+.RS
+.PP
+You can add several --to-destination options. If you specify more
+than one destination address, either via an address range or multiple
+--to-destination options, a simple round-robin (one after another in
+cycle) load balancing takes place between these adresses.