From 472bc914415baf2cd9aeb44605867365723a2e3d Mon Sep 17 00:00:00 2001
From: Michael Roth <mroth@nessie.de>
Date: Sun, 19 May 2013 13:22:16 +0200
Subject: doc: mention SNAT in INPUT chain since kernel 2.6.36

SNAT in the INPUT chain was added Jun 2010 to the kernel
(commit c68cd6cc21eb329c47ff020ff7412bf58176984e).

Signed-off-by: Michael Roth <mail@mroth.net>
Signed-off-by: Florian Westphal <fw@strlen.de>
---
 extensions/libipt_SNAT.man | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'extensions')

diff --git a/extensions/libipt_SNAT.man b/extensions/libipt_SNAT.man
index 626b5929..093b09c4 100644
--- a/extensions/libipt_SNAT.man
+++ b/extensions/libipt_SNAT.man
@@ -2,7 +2,10 @@ This target is only valid in the
 .B nat
 table, in the
 .B POSTROUTING
-chain.  It specifies that the source address of the packet should be
+and
+.B INPUT
+chains, and user-defined chains which are only called from those
+chains.  It specifies that the source address of the packet should be
 modified (and all future packets in this connection will also be
 mangled), and rules should cease being examined.  It takes one type
 of option:
@@ -35,3 +38,9 @@ is used then port mapping will be randomized (kernel >= 2.6.21).
 Gives a client the same source-/destination-address for each connection.
 This supersedes the SAME target. Support for persistent mappings is available
 from 2.6.29-rc2.
+.PP
+Kernels prior to 2.6.36-rc1 don't have the ability to
+.B SNAT
+in the
+.B INPUT
+chain.
-- 
cgit v1.2.3