From aef04384e130baf0b3d345330692b4c775631ebb Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Fri, 6 Mar 2015 13:09:51 +0100
Subject: man: using physdev match in OUTPUT is not supported anymore

kernels 2.6.20 and later reject -m physdev in OUTPUT with
"using --physdev-out in the OUTPUT, FORWARD and POSTROUTING chains for
 non-bridged traffic is not supported anymore" error in dmesg.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 extensions/libxt_physdev.man | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

diff --git a/extensions/libxt_physdev.man b/extensions/libxt_physdev.man
index 53beb2e5..06b778af 100644
--- a/extensions/libxt_physdev.man
+++ b/extensions/libxt_physdev.man
@@ -15,21 +15,13 @@ interface which begins with this name will match. If the packet didn't arrive
 through a bridge device, this packet won't match this option, unless '!' is used.
 .TP
 [\fB!\fP] \fB\-\-physdev\-out\fP \fIname\fP
-Name of a bridge port via which a packet is going to be sent (for packets
+Name of a bridge port via which a packet is going to be sent (for bridged packets
 entering the
-.BR FORWARD ,
-.B OUTPUT
+.BR FORWARD
 and
 .B POSTROUTING
 chains).  If the interface name ends in a "+", then any
-interface which begins with this name will match. Note that in the
-.BR nat " and " mangle
-.B OUTPUT
-chains one cannot match on the bridge output port, however one can in the
-.B "filter OUTPUT"
-chain. If the packet won't leave by a bridge device or if it is yet unknown what
-the output device will be, then the packet won't match this option,
-unless '!' is used.
+interface which begins with this name will match.
 .TP
 [\fB!\fP] \fB\-\-physdev\-is\-in\fP
 Matches if the packet has entered through a bridge interface.
-- 
cgit v1.2.3