From e24815d8a1b2755182fe983582a56fcc47153804 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Thu, 14 Feb 2008 03:02:55 +0100 Subject: Combine ipt and ip6t manpages Combine ipt and ip6t manpages --- extensions/libipt_tcp.man | 45 --------------------------------------------- 1 file changed, 45 deletions(-) delete mode 100644 extensions/libipt_tcp.man (limited to 'extensions/libipt_tcp.man') diff --git a/extensions/libipt_tcp.man b/extensions/libipt_tcp.man deleted file mode 100644 index cfafc9e0..00000000 --- a/extensions/libipt_tcp.man +++ /dev/null @@ -1,45 +0,0 @@ -These extensions can be used if `--protocol tcp' is specified. It -provides the following options: -.TP -.BR "--source-port " "[!] \fIport\fP[:\fIport\fP]" -Source port or port range specification. This can either be a service -name or a port number. An inclusive range can also be specified, -using the format -.IR port : port . -If the first port is omitted, "0" is assumed; if the last is omitted, -"65535" is assumed. -If the second port greater then the first they will be swapped. -The flag -.B --sport -is a convenient alias for this option. -.TP -.BR "--destination-port " "[!] \fIport\fP[:\fIport\fP]" -Destination port or port range specification. The flag -.B --dport -is a convenient alias for this option. -.TP -.BR "--tcp-flags " "[!] \fImask\fP \fIcomp\fP" -Match when the TCP flags are as specified. The first argument is the -flags which we should examine, written as a comma-separated list, and -the second argument is a comma-separated list of flags which must be -set. Flags are: -.BR "SYN ACK FIN RST URG PSH ALL NONE" . -Hence the command -.nf - iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -.fi -will only match packets with the SYN flag set, and the ACK, FIN and -RST flags unset. -.TP -.B "[!] --syn" -Only match TCP packets with the SYN bit set and the ACK,RST and FIN bits -cleared. Such packets are used to request TCP connection initiation; -for example, blocking such packets coming in an interface will prevent -incoming TCP connections, but outgoing TCP connections will be -unaffected. -It is equivalent to \fB--tcp-flags SYN,RST,ACK,FIN SYN\fP. -If the "!" flag precedes the "--syn", the sense of the -option is inverted. -.TP -.BR "--tcp-option " "[!] \fInumber\fP" -Match if TCP option set. -- cgit v1.2.3