summaryrefslogtreecommitdiffstats
path: root/extensions/libxt_HMARK.man
Commit message (Collapse)AuthorAgeFilesLines
* man: encode minushyphen the way groff/man requires itJan Engelhardt2023-10-271-1/+1
| | | | | | | | | | | | | | Sparked by a recent LWN article[1], sweeps over the iptables manpages for incorrectly encoded dashes was made by Phil Sutter and myself. An ASCII minushyphen in the source manpage translates to a hyphen in output, so one has to use the sequence "\-" to get a minushyphen in the output, as groff_char(7) explains. [1] https://lwn.net/Articles/947941/ (paywalled until about 2023-11-06) Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Phil Sutter <phil@nwl.cc>
* extensions: manpages: cleanup hyphensLaurence J. Lane2019-12-051-1/+1
| | | | | | | | | | | | Cleanup, scape hyphens so they are not interpreted by the manpage generator. Arturo says: This patch is forwarded from the iptables Debian package, where it has been around for many years now. Signed-off-by: Laurence J. Lane <ljlane@debian.org> Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* doc: trim "state" manpage and reference conntrack insteadJan Engelhardt2012-09-301-1/+1
| | | | | | | The module is practically obsolete, so just pinpoint to the replacement in short order. Signed-off-by: Jan Engelhardt <jengelh@inai.de>
* libxt_HMARK: fix ct case examplePablo Neira Ayuso2012-07-161-2/+2
| | | | | | | | | ... -j HMARK --hmark-tuple ct,src,dst --hmark-offset 10000 ... Note `ct' requires also the tuples. Reported-by: Hans Schillstrom <hans@schillstrom.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* extensions: add HMARK targetHans Schillstrom2012-07-141-0/+60
The target allows you to set mark packets based Jenkins' hash calculation: h(t, rnd) = x mark = (x % mod) + offset where: * t is a tuple that is used for the hashing: t = [ src, dst, proto, sport, dport ] Note that you can customize the tuple, thus, removing some component that you don't want to use for the calculation. You can also use spi instead of sport and dport, btw. * rnd is the random seed that is explicitly passed via --hmark-rnd * mod is the modulus, to determine the range of possible marks * offset determines where the mark starts from This target only works for the "raw" and "mangle" tables. This can be used to distribute flows between a cluster of systems and uplinks. Initially based on work from Hans Schillingstrom. Pablo took it over and introduced several improvements. Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>