From a6ef99487b05ac5f358cb58d9448e28ac5f38b30 Mon Sep 17 00:00:00 2001
From: Henrik Nordstrom <hno@marasystems.com>
Date: Tue, 3 Feb 2004 08:19:04 +0000
Subject: latest version of CONNMARK (Henrik Nordstrom)

---
 extensions/libipt_CONNMARK.man | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

(limited to 'extensions/libipt_CONNMARK.man')

diff --git a/extensions/libipt_CONNMARK.man b/extensions/libipt_CONNMARK.man
index 64a0222d..8b4de5a0 100644
--- a/extensions/libipt_CONNMARK.man
+++ b/extensions/libipt_CONNMARK.man
@@ -1,13 +1,15 @@
-This target allows you to mark that connection with an arbitrary walue.  This
-value can later be matched via the 
-.B connmark
-match.
+This module sets the netfilter mark value associated with a connection
 .TP
-.BI "--set-mark " "mark"
-Set the conntrack mark,
+.B --set-mark mark[/mask]
+Set connection mark. If a mask is specified then only those bits set in the
+mask is modified.
 .TP
-.BI "--save-mark"
-Save the packet nfmark on the connection mark.
+.B --save-mark [--mask mask]
+Copy the netfilter packet mark value to the connection mark. If a mask
+is specified then only those bits are copied.
 .TP
-.BI "--restore-mark"
-Restore the saved nfmark value from the connection mark.
+.B --restore-mark [--mask mask]
+Copy the connection mark value to the packet. If a mask is specified
+then only those bits are copied. This is only valid in the
+.B mangle
+table.
-- 
cgit v1.2.3